1 files changed, 43 insertions, 6 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index 00528f7a1..1e0089a53 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -38,6 +38,8 @@ import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.data.AuthenticationData;
 import at.gv.egovernment.moa.id.data.IAuthData;
 import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption;
+import at.gv.egovernment.moa.id.protocols.pvp2x.utils.AssertionAttributeExtractor;
 import at.gv.egovernment.moa.id.protocols.saml1.SAML1AuthenticationData;
 import at.gv.egovernment.moa.id.protocols.saml1.SAML1RequestImpl;
 import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
@@ -72,12 +74,6 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 
 		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
 			.getOnlineApplicationParameter(oaID);
-
-		 
-		/* TODO: Support Mandate MODE!
-		 * Insert functionality to translate mandates in case of SSO  
-		 */
-		
 		
 		AuthenticationData authdata = null;
 		if (protocolRequest instanceof SAML1RequestImpl) {
@@ -95,6 +91,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 			
 		if (protocolRequest.getInterfederationResponse() != null) {
 			//get attributes from interfederated IDP
+			buildAuthDataFromInterfederationResponse(authdata, session, oaParam, protocolRequest);
 			
 			
 		} else {
@@ -106,6 +103,40 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 		return authdata;								
 	}
 	
+	/**
+	 * @param authdata
+	 * @param session
+	 * @param oaParam
+	 */
+	private static void buildAuthDataFromInterfederationResponse(
+			AuthenticationData authdata, AuthenticationSession session,
+			OAAuthParameter oaParam, IRequest req) {
+
+		try {
+			AssertionAttributeExtractor extract = 
+					new AssertionAttributeExtractor(req.getInterfederationResponse().getResponse());
+		
+			if (oaParam.isInderfederationIDP()) {
+				//only set minimal response attributes
+				authdata.setQAALevel(extract.getQAALevel());
+				authdata.setBPK(extract.getNameID());			
+			
+			} else {
+				//IDP response to service provider 
+				//    --> collect attributes by using BackChannel communication
+			
+				//TODO: get protocol specific requested attributes
+				
+				
+			
+			}
+			 
+		} catch (AssertionAttributeExtractorExeption e) {
+			Logger.error("Build authData from interfederated PVP2.1 assertion FAILED.", e);
+			
+		}
+	}
+	
 	private static void buildAuthDataFormMOASession(AuthenticationData authData, AuthenticationSession session, 
 			OAAuthParameter oaParam) throws BuildException {
 
@@ -147,6 +178,12 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 
 			authData.setSsoSession(AuthenticationSessionStoreage.isSSOSession(session.getSessionID()));
 			
+			
+			/* TODO: Support SSO Mandate MODE!
+			 * Insert functionality to translate mandates in case of SSO  
+			 */
+
+			
 			MISMandate mandate = session.getMISMandate();
 			authData.setMISMandate(mandate);
 			authData.setUseMandate(session.getUseMandate());