diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java | 64 |
1 files changed, 42 insertions, 22 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java index 18fb08f1b..b29220af2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java @@ -24,9 +24,11 @@ package at.gv.egovernment.moa.id.moduls; import java.io.IOException; import java.io.PrintWriter; +import java.lang.reflect.InvocationTargetException; import java.security.NoSuchAlgorithmException; import java.util.ArrayList; import java.util.Collection; +import java.util.Enumeration; import java.util.Iterator; import java.util.List; import java.util.Map.Entry; @@ -96,7 +98,6 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.MOASAMLSOAPClient; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; -import at.gv.egovernment.moa.id.protocols.stork2.MOASTORKRequest; import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; @@ -468,15 +469,33 @@ public class AuthenticationManager extends MOAIDAuthConstants { AuthnContextClassRef authnClassRef = SAML2Utils.createSAMLObject(AuthnContextClassRef.class); + //check if STORK protocol module is in ClassPath + Object storkRequst = null; + Integer storkSecClass = null; + try { + storkRequst = Class.forName("at.gv.egovernment.moa.id.protocols.stork2.MOASTORKRequest").newInstance(); + if (storkRequst != null && + target.getClass().isInstance(storkRequst)) { + Object storkAuthnRequest = target.getClass().getMethod("getStorkAuthnRequest", null).invoke(target, null); + storkSecClass = (Integer) storkAuthnRequest.getClass().getMethod("getQaa", null).invoke(storkAuthnRequest, null); + + } + + } catch (ClassNotFoundException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException | NoSuchMethodException | java.lang.SecurityException ex) { + + + } + + if (sp != null && sp.isSTORKPVPGateway()){ //use PVP SecClass instead of STORK QAA level String secClass = null; - if (target instanceof MOASTORKRequest) { + if (storkRequst != null && + target.getClass().isInstance(storkRequst)) { - try { - MOASTORKRequest storkReq = (MOASTORKRequest) target; + try { secClass = PVPtoSTORKMapper.getInstance().mapToSecClass( - PVPConstants.STORK_QAA_PREFIX + storkReq.getStorkAuthnRequest().getQaa()); + PVPConstants.STORK_QAA_PREFIX + String.valueOf(storkSecClass)); } catch (Exception e) { Logger.warn("STORK-QAA level can not read from STORK request. Use default QAA 4", e); @@ -490,12 +509,12 @@ public class AuthenticationManager extends MOAIDAuthConstants { authnClassRef.setAuthnContextClassRef("http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0-3"); } else { - if (target instanceof MOASTORKRequest) { + if (storkRequst != null && + target.getClass().isInstance(storkRequst)) { //use requested QAA level from STORK request try { - MOASTORKRequest storkReq = (MOASTORKRequest) target; authnClassRef.setAuthnContextClassRef( - PVPConstants.STORK_QAA_PREFIX + storkReq.getStorkAuthnRequest().getQaa()); + PVPConstants.STORK_QAA_PREFIX + String.valueOf(storkSecClass)); Logger.debug("Use STORK-QAA level " + authnClassRef.getAuthnContextClassRef() + " from STORK request"); @@ -605,21 +624,22 @@ public class AuthenticationManager extends MOAIDAuthConstants { try { if (legacyallowed && legacyparamavail) { - - //parse request parameter into MOASession - StartAuthentificationParameterParser.parse(request, response, moasession, target); - - Logger.info("Start Authentication Module: " + moasession.getModul() - + " Action: " + moasession.getAction()); - - // create execution context + + // create execution context ExecutionContext executionContext = new ExecutionContextImpl(); - executionContext.put("ccc", moasession.getCcc()); - executionContext.put("useMandate", moasession.getUseMandate()); - executionContext.put("bkuURL", moasession.getBkuURL()); - executionContext.put(PARAM_SESSIONID, moasession.getSessionID()); + executionContext.put(MOAIDAuthConstants.PARAM_SESSIONID, moasession.getSessionID()); executionContext.put("pendingRequestID", target.getRequestID()); - + + executionContext.put("isLegacyRequest", true); + + Enumeration<String> reqParamNames = request.getParameterNames(); + while(reqParamNames.hasMoreElements()) { + String paramName = reqParamNames.nextElement(); + if (MiscUtil.isNotEmpty(paramName)) + executionContext.put(paramName, request.getParameter(paramName)); + + } + // create process instance String processDefinitionId = ModuleRegistration.getInstance().selectProcess(executionContext); @@ -642,7 +662,7 @@ public class AuthenticationManager extends MOAIDAuthConstants { throw new MOAIDException("init.04", new Object[] { moasession.getSessionID()}); } - + // start process processEngine.start(processInstanceId); |