1 files changed, 13 insertions, 18 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java
index 3cc12ff98..4c70ce995 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java
@@ -30,13 +30,10 @@ import java.util.UUID;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
+import at.gv.egovernment.moa.id.data.IAuthData;
 import at.gv.egovernment.moa.id.data.SLOInformationImpl;
 import at.gv.egovernment.moa.id.data.SLOInformationInterface;
 import at.gv.egovernment.moa.id.moduls.IAction;
@@ -53,14 +50,13 @@ import at.gv.egovernment.moa.id.protocols.oauth20.json.OAuth20SignatureUtil;
 import at.gv.egovernment.moa.id.protocols.oauth20.json.OAuthJsonToken;
 import at.gv.egovernment.moa.id.protocols.oauth20.json.OAuthSigner;
 import at.gv.egovernment.moa.id.storage.AssertionStorage;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
 import at.gv.egovernment.moa.id.util.Random;
 import at.gv.egovernment.moa.logging.Logger;
 
 class OAuth20AuthAction implements IAction {
 	
 	public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp,
-			AuthenticationSession moasession) throws MOAIDException {
+			IAuthData authData) throws MOAIDException {
 		
 		OAuth20AuthRequest oAuthRequest = (OAuth20AuthRequest) req;		
 		String responseType = oAuthRequest.getResponseType();
@@ -78,7 +74,7 @@ class OAuth20AuthAction implements IAction {
 				o.setCode(code);
 				
 				//generate idToken from MOASession
-				Map<String, Object> idToken = generateIDToken(o, oAuthRequest, moasession, accessToken);
+				Map<String, Object> idToken = generateIDToken(o, oAuthRequest, authData, accessToken);
 				o.setAuthDataSession(idToken);
 				
 			} else if (responseType.equals(OAuth20Constants.RESPONSE_TOKEN)) {
@@ -104,7 +100,7 @@ class OAuth20AuthAction implements IAction {
 			
 			
 			//TODO: maybe add bPK / wbPK to SLO information
-			SLOInformationInterface sloInformation = new SLOInformationImpl(accessToken, null, req.requestedModule());
+			SLOInformationInterface sloInformation = new SLOInformationImpl(accessToken, null, null, req.requestedModule());
 			
 			return sloInformation;
 		}
@@ -124,7 +120,7 @@ class OAuth20AuthAction implements IAction {
 	}
 	
 	private Map<String, Object> generateIDToken(OAuth20SessionObject auth20SessionObject, 
-			OAuth20AuthRequest oAuthRequest, AuthenticationSession moasession, String accessToken) throws SignatureException, MOAIDException {
+			OAuth20AuthRequest oAuthRequest, IAuthData authData, String accessToken) throws SignatureException, MOAIDException {
 		
 		// create response
 		Map<String, Object> params = new HashMap<String, Object>();
@@ -134,7 +130,7 @@ class OAuth20AuthAction implements IAction {
 		
 		// build id token and scope
 		Pair<String, String> pair = buildIdToken(auth20SessionObject.getScope(), oAuthRequest,
-				moasession);
+				authData);
 		Logger.debug("RESPONSE ID_TOKEN: " + pair.getFirst());
 		params.put(OAuth20Constants.RESPONSE_ID_TOKEN, pair.getFirst());
 		Logger.debug("RESPONSE SCOPE: " + pair.getSecond());
@@ -144,34 +140,33 @@ class OAuth20AuthAction implements IAction {
 		
 	}
 	
-	private Pair<String, String> buildIdToken(String scope, OAuth20AuthRequest oAuthRequest, AuthenticationSession session)
+	private Pair<String, String> buildIdToken(String scope, OAuth20AuthRequest oAuthRequest, IAuthData authData)
 			throws MOAIDException, SignatureException {
 		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(oAuthRequest.getOAURL());
-		AuthenticationData authData = AuthenticationServer.buildAuthenticationData(session, oaParam, oAuthRequest.getTarget());
 		
 		OAuthSigner signer = OAuth20SignatureUtil.loadSigner(authData.getIssuer());
 		OAuthJsonToken token = new OAuthJsonToken(signer);
 		
 		StringBuilder resultScopes = new StringBuilder();
 		// always fill with open id
-		OAuth20AttributeBuilder.addScopeOpenId(token.getPayloadAsJsonObject(), session, oaParam, authData);
+		OAuth20AttributeBuilder.addScopeOpenId(token.getPayloadAsJsonObject(), oaParam, authData);
 		resultScopes.append("openId");
 		
 		for (String s : scope.split(" ")) {
 			if (s.equalsIgnoreCase("profile")) {
-				OAuth20AttributeBuilder.addScopeProfile(token.getPayloadAsJsonObject(), session, oaParam, authData);
+				OAuth20AttributeBuilder.addScopeProfile(token.getPayloadAsJsonObject(), oaParam, authData);
 				resultScopes.append(" profile");
 			} else if (s.equalsIgnoreCase("eID")) {
-				OAuth20AttributeBuilder.addScopeEID(token.getPayloadAsJsonObject(), session, oaParam, authData);
+				OAuth20AttributeBuilder.addScopeEID(token.getPayloadAsJsonObject(), oaParam, authData);
 				resultScopes.append(" eID");
 			} else if (s.equalsIgnoreCase("eID_gov")) {
-				OAuth20AttributeBuilder.addScopeEIDGov(token.getPayloadAsJsonObject(), session, oaParam, authData);
+				OAuth20AttributeBuilder.addScopeEIDGov(token.getPayloadAsJsonObject(), oaParam, authData);
 				resultScopes.append(" eID_gov");
 			} else if (s.equalsIgnoreCase("mandate")) {
-				OAuth20AttributeBuilder.addScopeMandate(token.getPayloadAsJsonObject(), session, oaParam, authData);
+				OAuth20AttributeBuilder.addScopeMandate(token.getPayloadAsJsonObject(), oaParam, authData);
 				resultScopes.append(" mandate");
 			} else if (s.equalsIgnoreCase("stork")) {
-				OAuth20AttributeBuilder.addScopeSTORK(token.getPayloadAsJsonObject(), session, oaParam, authData);
+				OAuth20AttributeBuilder.addScopeSTORK(token.getPayloadAsJsonObject(), oaParam, authData);
 				resultScopes.append(" stork");
 			}
 		}