1 files changed, 36 insertions, 19 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java
index 27e19e830..b5d18b451 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java
@@ -4,6 +4,9 @@ import java.io.ByteArrayOutputStream;
 import java.security.MessageDigest;
 
 import at.gv.egovernment.moa.id.BuildException;
+import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Base64Utils;
 
 /**
@@ -16,6 +19,11 @@ import at.gv.egovernment.moa.util.Base64Utils;
 public class SAMLArtifactBuilder {
 
   /**
+   * The generic configuration parameter for an alternative SourceID.
+   */
+  private static final String GENERIC_CONFIG_PARAM_SOURCEID = "AuthenticationServer.SourceID";
+
+  /**
    * Constructor for SAMLArtifactBuilder.
    */
   public SAMLArtifactBuilder() {
@@ -36,25 +44,34 @@ public class SAMLArtifactBuilder {
    * @return the 42-byte SAML artifact, encoded BASE64
    */
   public String build(String authURL, String sessionID) throws BuildException {
-		try {
-			MessageDigest md = MessageDigest.getInstance("SHA-1");
-	  	byte[] sourceID = md.digest(authURL.getBytes());
-	  	byte[] assertionHandle = md.digest(sessionID.getBytes());
-			ByteArrayOutputStream out = new ByteArrayOutputStream(42);
-			out.write(0);
-			out.write(1);
-			out.write(sourceID, 0, 20);
-			out.write(assertionHandle, 0, 20);
-			byte[] samlArtifact = out.toByteArray();
-  		String samlArtifactBase64 = Base64Utils.encode(samlArtifact);
-			return samlArtifactBase64;
-  	}
-		catch (Throwable ex) {
-			throw new BuildException(
-				"builder.00", 
-				new Object[] {"SAML Artifact, MOASessionID=" + sessionID, ex.toString()}, 
-				ex);
-		}
+    try {
+      MessageDigest md = MessageDigest.getInstance("SHA-1");
+      byte[] sourceID;
+      // alternative sourceId
+      String alternativeSourceID = AuthConfigurationProvider.getInstance().getGenericConfigurationParameter(GENERIC_CONFIG_PARAM_SOURCEID);
+      if (!ParepUtils.isEmpty(alternativeSourceID)) {
+        // if generic config parameter "AuthenticationServer.SourceID" is given, use that sourceID instead of authURL;
+        sourceID = md.digest(alternativeSourceID.getBytes());
+        Logger.info("Building SAMArtifact from sourceID \"" + alternativeSourceID + "\" instead of authURL \"" + authURL + "\".");
+      } else {
+        sourceID = md.digest(authURL.getBytes());
+      }
+      byte[] assertionHandle = md.digest(sessionID.getBytes());
+      ByteArrayOutputStream out = new ByteArrayOutputStream(42);
+      out.write(0);
+      out.write(1);
+      out.write(sourceID, 0, 20);
+      out.write(assertionHandle, 0, 20);
+      byte[] samlArtifact = out.toByteArray();
+      String samlArtifactBase64 = Base64Utils.encode(samlArtifact);
+      return samlArtifactBase64;
+    }
+    catch (Throwable ex) {
+      throw new BuildException(
+        "builder.00", 
+        new Object[] {"SAML Artifact, MOASessionID=" + sessionID, ex.toString()}, 
+        ex);
+    }
   }
 
 }