1 files changed, 25 insertions, 22 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
index d48054e4b..35c4244c6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
@@ -49,6 +49,7 @@ import at.gv.egovernment.moa.id.config.ConfigurationException;
 import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.util.Random;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Constants;
 import at.gv.egovernment.moa.util.DOMUtils;
@@ -154,15 +155,14 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion
     String oaURL, 
     String gebDat,
     List extendedSAMLAttributes,
-    AuthenticationSession session, 
-    boolean fromMandate)
+    AuthenticationSession session)
   throws BuildException
   {
     session.setSAMLAttributeGebeORwbpk(true);
     String gebeORwbpk = "";
     String wbpkNSDeclaration = "";
     
-    //BZ.., reading OA parameters
+    //reading OA parameters
     OAAuthParameter oaParam;
    try {
       oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(
@@ -171,7 +171,6 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion
       Logger.error("Error on building AUTH-Block: " + e.getMessage());
          throw new BuildException("builder.00", new Object[] { "AUTH-Block", e.toString()});
    }
-   //..BZ
     
     
     if (target == null) {
@@ -181,12 +180,11 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion
          gebeORwbpk = MessageFormat.format(WBPK_ATTRIBUTE, new Object[] { identityLinkValue, identityLinkType });
          wbpkNSDeclaration = " xmlns:pr=\"" + PD_NS_URI + "\"";
          
-         //BZ.., adding type of wbPK domain identifier        
+         //adding type of wbPK domain identifier        
         ExtendedSAMLAttribute idLinkDomainIdentifierTypeAttribute = 
              new ExtendedSAMLAttributeImpl("IdentityLinkDomainIdentifierType", oaParam.getIdentityLinkDomainIdentifierType(), Constants.MOA_NS_URI, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY);
             
         extendedSAMLAttributes.add(idLinkDomainIdentifierTypeAttribute);
-        //..BZ
          
       } else {
         // We do not have a wbPK, therefore no SAML-Attribute is provided
@@ -194,13 +192,11 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion
       }
     } else {
       // OA is a govermental application
-      //BZ..
       String sectorName = TargetToSectorNameMapper.getSectorNameViaTarget(target);      
       //gebeORwbpk = MessageFormat.format(GESCHAEFTS_BEREICH_ATTRIBUTE, new Object[] { target });
       gebeORwbpk = MessageFormat.format(GESCHAEFTS_BEREICH_ATTRIBUTE, new Object[] { target + " (" + sectorName + ")" });
-      //..BZ
       
-      //BZ.., no business service, adding bPK
+      //no business service, adding bPK
       
       Element bpkSamlValueElement;
       try {
@@ -213,34 +209,41 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion
 //      String s = xmlToString(bpkSamlValueElement);
 //      System.out.println("bpkSamlValueElement: " + s);
       
-      
-      if (!fromMandate) {
-    	  ExtendedSAMLAttribute bpkAttribute = 
-    		  new ExtendedSAMLAttributeImpl("bPK", bpkSamlValueElement, Constants.MOA_NS_URI, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY);
-      
-    	  //System.out.println("extendedSAMLAttributes: " + extendedSAMLAttributes.size());
-      
-    	  extendedSAMLAttributes.add(bpkAttribute);
-      }  
+      ExtendedSAMLAttribute bpkAttribute = 
+    	  new ExtendedSAMLAttributeImpl("bPK", bpkSamlValueElement, Constants.MOA_NS_URI, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY);
+      extendedSAMLAttributes.add(bpkAttribute);
+    	  
+      boolean useMandate = session.getUseMandate();
+      if (useMandate) {
+    	  String mandateReferenceValue = Random.nextRandom();
+    	  // remove leading "-"
+    	  if (mandateReferenceValue.startsWith("-"))
+    		  mandateReferenceValue = mandateReferenceValue.substring(1);
+    		 
+    	  session.setMandateReferenceValue(mandateReferenceValue);
+    		 
+    	  ExtendedSAMLAttribute mandateReferenceValueAttribute = 
+    		  new ExtendedSAMLAttributeImpl("mandateReferenceValue", mandateReferenceValue, Constants.MOA_NS_URI, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK);
+    	            
+    	  extendedSAMLAttributes.add(mandateReferenceValueAttribute);
+      }
     	
       
 
      //gebeORwbpk = gebeORwbpk  + MessageFormat.format(BPK_ATTRIBUTE, new Object[] { identityLinkValue, identityLinkType });
      wbpkNSDeclaration = " xmlns:pr=\"" + PD_NS_URI + "\"";
-     //..BZ     
     }
     
-    //BZ.., adding friendly name of OA    
+    //adding friendly name of OA    
     String oaFriendlyName = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "" : oaParam.getFriendlyName(); 
     
     ExtendedSAMLAttribute oaFriendlyNameAttribute = 
          new ExtendedSAMLAttributeImpl("oaFriendlyName", oaFriendlyName, Constants.MOA_NS_URI, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY);
     
     extendedSAMLAttributes.add(oaFriendlyNameAttribute);
-    //..BZ
     
     String assertion;
-    try {
+    try {    	
       assertion = MessageFormat.format(
         AUTH_BLOCK, new Object[] { 
           wbpkNSDeclaration,