1 files changed, 50 insertions, 13 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
index fbf700365..09e4e957d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
@@ -48,9 +48,13 @@ import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.WrongParametersException;
 import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.config.ConnectionParameter;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.moduls.ModulUtils;
+import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
 import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
 import at.gv.egovernment.moa.id.util.SSLUtils;
 import at.gv.egovernment.moa.id.util.client.mis.simple.MISSessionId;
@@ -133,6 +137,7 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
 		resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
 		resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
 		
+		String pendingRequestID = null;
 		  
     Map parameters;
     try 
@@ -149,6 +154,8 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
 		// escape parameter strings
 		sessionID = StringEscapeUtils.escapeHtml(sessionID);
 
+		pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
+		
 		String redirectURL = null;
 		try {
          // check parameter
@@ -157,11 +164,11 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
          if (!ParamValidatorUtils.isValidXMLDocument(createXMLSignatureResponse))
             throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_XMLRESPONSE, "auth.12");
 
-         
 			AuthenticationSession session = AuthenticationServer.getSession(sessionID);
-			String samlArtifactBase64 = 
-				AuthenticationServer.getInstance().verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
+
+			String samlArtifactBase64 = AuthenticationServer.getInstance().verifyAuthenticationBlock(session, createXMLSignatureResponse);
 			
+
 			
 			if (samlArtifactBase64 == null) { 
 				//mandate Mode
@@ -202,8 +209,23 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
 			        
 			        String oaFriendlyName = oaParam.getFriendlyName();
 			        String mandateReferenceValue = session.getMandateReferenceValue();
-			        X509Certificate cert = session.getSignerCertificate();
-			        MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest(connectionParameters.getUrl(), idl, cert.getEncoded(), oaFriendlyName, redirectURL, mandateReferenceValue, profilesArray, sslFactory);
+			        byte[] cert = session.getEncodedSignerCertificate();
+			        
+			        //TODO: check in case of SSO!!!
+			        String targetType = null;  
+			        if(oaParam.getBusinessService()) {
+			        	String id = oaParam.getIdentityLinkDomainIdentifier();
+			        	if (id.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_))
+			        		targetType = id;
+			        	else
+			        		targetType = AuthenticationSession.REGISTERANDORDNR_PREFIX_+session.getDomainIdentifier();
+			        	
+			        } else {
+			        	targetType = AuthenticationSession.TARGET_PREFIX_ + oaParam.getTarget();
+			        }
+			        
+			        
+			        MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest(connectionParameters.getUrl(), idl, cert, oaFriendlyName, redirectURL, mandateReferenceValue, profilesArray, targetType, sslFactory);
 			        String redirectMISGUI = misSessionID.getRedirectURL();
 			        
 			        if (misSessionID == null) {
@@ -213,6 +235,12 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
 			        
 			        session.setMISSessionID(misSessionID.getSessiondId());
 				
+					try {
+						AuthenticationSessionStoreage.storeSession(session);
+					} catch (MOADatabaseException e) {
+						throw new MOAIDException("Session store error", null);
+					}
+			        
 			        resp.setStatus(302);
 			    	  resp.addHeader("Location", redirectMISGUI);
 			    	  Logger.debug("REDIRECT TO: " + redirectURL);
@@ -220,17 +248,22 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
 			else {
 			
 				if (!samlArtifactBase64.equals("Redirect to Input Processor")) {
-					redirectURL = session.getOAURLRequested();
+					/*redirectURL = session.getOAURLRequested();
 					if (!session.getBusinessService()) {
 						redirectURL = addURLParameter(redirectURL, PARAM_TARGET, URLEncoder.encode(session.getTarget(), "UTF-8"));
 	          
 					}
 					redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
-					redirectURL = resp.encodeRedirectURL(redirectURL);
+					redirectURL = resp.encodeRedirectURL(redirectURL);*/
+					
+				
+					redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), 
+							ModulUtils.buildAuthURL(session.getModul(), session.getAction(), pendingRequestID), samlArtifactBase64);
+					
 				} else {
 					redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, session.getSessionID());
 				}
-			
+						
 				resp.setContentType("text/html");
 				resp.setStatus(302);
 			
@@ -242,16 +275,20 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
 		}
     
 		catch (MOAIDException ex) {
-			handleError(null, ex, req, resp);
+			handleError(null, ex, req, resp, pendingRequestID);
 		} catch (GeneralSecurityException e) {
-			handleError(null, e, req, resp);
+			handleError(null, e, req, resp, pendingRequestID);
 		} catch (PKIException e) {
-			handleError(null, e, req, resp);
+			handleError(null, e, req, resp, pendingRequestID);
 		} catch (MISSimpleClientException e) {
-			handleError(null, e, req, resp);
+			handleError(null, e, req, resp, pendingRequestID);
 		} catch (TransformerException e) {
-			handleError(null, e, req, resp);
+			handleError(null, e, req, resp, pendingRequestID);
 		}
+		
+	    finally {
+	    	ConfigurationDBUtils.closeSession();
+	    }
 
   }