diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java | 67 |
1 files changed, 25 insertions, 42 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java index 0da43d818..0f9b615a4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java @@ -32,14 +32,12 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; import at.gv.egovernment.moa.id.data.ExceptionContainer; -import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; /** @@ -112,48 +110,33 @@ public class ProtocolFinalizationController extends AbstractAuthProtocolModulCon try { Logger.debug("Finalize PendingRequest with ID " + pendingRequestID); - //get MOASession from database - String sessionID = pendingReq.getMOASessionIdentifier(); - - // check parameter - if (!ParamValidatorUtils.isValidSessionID(sessionID)) { - throw new WrongParametersException("FinalizeAuthProtocol", PARAM_SESSIONID, "auth.12"); - - } + //get MOA session data object from pending request + IAuthenticationSession pendingMoaSession = pendingReq.getMOASession(); - //load MOASession from database - AuthenticationSession moaSession = authenticatedSessionStorage.getSession(sessionID); - if (moaSession == null) { - Logger.error("No MOASession with ID " + sessionID + " found.!"); - handleErrorNoRedirect(new MOAIDException("auth.02", new Object[]{sessionID}), req, resp, true); - - } else { + //check if pending-request has 'abortedByUser' flag set + if (pendingReq.isAbortedByUser()) { + //send authentication aborted error to Service Provider + buildProtocolSpecificErrorResponse( + new AuthenticationException("auth.21", new Object[] {}), + req, resp, pendingReq); - //check if pending-request has 'abortedByUser' flag set - if (pendingReq.isAbortedByUser()) { - //send authentication aborted error to Service Provider - buildProtocolSpecificErrorResponse( - new AuthenticationException("auth.21", new Object[] {}), - req, resp, pendingReq); + //do not remove the full active SSO-Session + // in case of only one Service-Provider authentication request is aborted + if ( !(pendingMoaSession.isAuthenticated() + && pendingReq.needSingleSignOnFunctionality()) ) { + removeUserSession(pendingReq, req, resp); - //do not remove the full active SSO-Session - // in case of only one Service-Provider authentication request is aborted - if ( !(moaSession.isAuthenticated() - && pendingReq.needSingleSignOnFunctionality()) ) { - removeUserSession(pendingReq, req, resp); - - } - - //check if MOASession and pending-request are authenticated - } else if (moaSession.isAuthenticated() && pendingReq.isAuthenticated()) { - finalizeAuthenticationProcess(req, resp, pendingReq, moaSession); - - } else { - //suspect state: pending-request is not aborted but also are not authenticated - Logger.error("MOASession oder Pending-Request are not authenticated --> Abort authentication process!"); - handleErrorNoRedirect(new MOAIDException("auth.20", null), req, resp, true); - - } + } + + //check if MOASession and pending-request are authenticated + } else if (pendingMoaSession.isAuthenticated() && pendingReq.isAuthenticated()) { + finalizeAuthenticationProcess(req, resp, pendingReq, pendingMoaSession); + + } else { + //suspect state: pending-request is not aborted but also are not authenticated + Logger.error("MOASession oder Pending-Request are not authenticated --> Abort authentication process!"); + handleErrorNoRedirect(new MOAIDException("auth.20", null), req, resp, true); + } } catch (Exception e) { |