1 files changed, 19 insertions, 109 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
index 64dcb0f41..da464ba68 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
@@ -17,6 +17,8 @@ import org.apache.commons.fileupload.FileUploadException;
 import org.apache.commons.lang.StringEscapeUtils;
 import org.w3c.dom.Element;
 
+import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
+import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
 import at.gv.egovernment.moa.id.auth.AuthenticationServer;
 import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
@@ -26,12 +28,15 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
 import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
 import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.moduls.ModulUtils;
+import at.gv.egovernment.moa.id.moduls.RequestStorage;
 import at.gv.egovernment.moa.id.process.api.ExecutionContext;
 import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
 import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
@@ -114,123 +119,28 @@ public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask {
 
 				AuthenticationSession session = AuthenticationServer.getSession(sessionID);
 
+				IRequest pendingReq = RequestStorage.getPendingRequest(
+						(String) executionContext.get("pendingRequestID"));			
+				MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), 
+						pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
+								
 				//change MOASessionID
 			    sessionID = AuthenticationSessionStoreage.changeSessionID(session);
 				
-				String authenticatedMOASessionId = AuthenticationServer.getInstance().verifyAuthenticationBlock(session, createXMLSignatureResponse);
-				
-				if (authenticatedMOASessionId == null) { 
-					//mandate Mode
+				AuthenticationServer.getInstance().verifyAuthenticationBlock(pendingReq, session, createXMLSignatureResponse);
 				
-					  AuthConfigurationProvider authConf= AuthConfigurationProvider.getInstance();
-						ConnectionParameter connectionParameters = authConf.getOnlineMandatesConnectionParameter();	
-						SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(AuthConfigurationProvider.getInstance(), connectionParameters);
-						
-						// get identitity link as byte[]
-						Element elem = session.getIdentityLink().getSamlAssertion();
-						String s = DOMUtils.serializeNode(elem);
-						
-						//System.out.println("IDL: " + s);
-						
-						byte[] idl = s.getBytes("UTF-8");
-						
-						// redirect url
-						// build redirect(to the GetMISSessionIdSerlvet)
-						
-						//change MOASessionID before MIS request
-						String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session);
-						
-				        redirectURL =
-				              new DataURLBuilder().buildDataURL(
-				                session.getAuthURL(),
-				                GET_MIS_SESSIONID,
-				                newMOASessionID);
-						
-				        String oaURL = session.getOAURLRequested();
-				        OAAuthParameter oaParam = authConf.getOnlineApplicationParameter(oaURL);
-				        List<String> profiles = oaParam.getMandateProfiles();
-
-				        if (profiles == null) {
-				      	  Logger.error("No Mandate/Profile for OA configured.");
-				      	  throw new AuthenticationException("config.21", new Object[] { GET_MIS_SESSIONID});
-				        }
-				        
-				        String oaFriendlyName = oaParam.getFriendlyName();
-				        String mandateReferenceValue = session.getMandateReferenceValue();
-				        byte[] cert = session.getEncodedSignerCertificate();
-				        byte[] authBlock = session.getAuthBlock().getBytes("UTF-8");
-				        
-				        //TODO: check in case of SSO!!!
-				        String targetType = null;  
-				        if(oaParam.getBusinessService()) {
-				        	String id = oaParam.getIdentityLinkDomainIdentifier();
-				        	if (id.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_))
-				        		targetType = id;
-				        	else
-				        		targetType = AuthenticationSession.REGISTERANDORDNR_PREFIX_+session.getDomainIdentifier();
-				        	
-				        } else {
-				        	targetType = AuthenticationSession.TARGET_PREFIX_ + oaParam.getTarget();
-				        }
-				        
-				        MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest(
-				        		connectionParameters.getUrl(), 
-				        		idl, 
-				        		cert, 
-				        		oaFriendlyName, 
-				        		redirectURL, 
-				        		mandateReferenceValue, 
-				        		profiles, 
-				        		targetType,
-				        		authBlock,
-				        		sslFactory);
-				        
-				        if (misSessionID == null) {
-				      	  Logger.error("Fehler bei Anfrage an Vollmachten Service. MIS Session ID ist null.");
-				      	  throw new MISSimpleClientException("Fehler bei Anfrage an Vollmachten Service.");
-				        }
-				        
-				        String redirectMISGUI = misSessionID.getRedirectURL();
-				        session.setMISSessionID(misSessionID.getSessiondId());
-					
-						try {
-							AuthenticationSessionStoreage.storeSession(session);
-						} catch (MOADatabaseException e) {
-							throw new MOAIDException("Session store error", null);
-						}
-				        
-						// TODO[branch]: Mandate; redirect to MIS website; website redirects back to "/GetMISSessionID"
-						
-				        resp.setStatus(302);
-				    	  resp.addHeader("Location", redirectMISGUI);
-				    	  Logger.debug("REDIRECT TO: " + redirectURL);
-				}
-				else {
-					// TODO[branch]: Final step back to /dispatcher
-					redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), 
-							ModulUtils.buildAuthURL(session.getModul(), session.getAction(), pendingRequestID), authenticatedMOASessionId);
-							
-					resp.setContentType("text/html");
-					resp.setStatus(302);
+				//store all changes in session DAO
+				AuthenticationSessionStoreage.storeSession(session);
 				
-					resp.addHeader("Location", redirectURL);		
-					Logger.debug("REDIRECT TO: " + redirectURL);				
-					
-				}
+				//put session to context 
+				executionContext.put(PARAM_SESSIONID, session.getSessionID());
 				
 			}
 	    
 			catch (MOAIDException ex) {
 				throw new TaskExecutionException(ex.getMessage(), ex);
 				
-			} catch (GeneralSecurityException e) {
-				throw new TaskExecutionException(e.getMessage(), e);
-				
-			} catch (PKIException e) {
-				throw new TaskExecutionException(e.getMessage(), e);
-				
-			} catch (TransformerException e) {
-				throw new TaskExecutionException(e.getMessage(), e);
+			
 				
 		    } catch (Exception e) {
 		    	Logger.error("AuthBlockValidation has an interal Error.", e);
@@ -240,7 +150,7 @@ public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask {
 		       
 			
 		    finally {
-		    	ConfigurationDBUtils.closeSession();
+		    	
 		    }