1 files changed, 49 insertions, 15 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
index e6a8c9661..402927261 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
 package at.gv.egovernment.moa.id.protocols.pvp2x;
 
 import java.io.StringWriter;
@@ -44,27 +66,33 @@ import at.gv.egovernment.moa.logging.Logger;
 
 public class MetadataAction implements IAction {
 
+	private static final int VALIDUNTIL_IN_DAYES = 30;
+		
 	public String processRequest(IRequest req, HttpServletRequest httpReq,
 			HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {
 		try {
 
 			EntitiesDescriptor idpEntitiesDescriptor = 
 					SAML2Utils.createSAMLObject(EntitiesDescriptor.class);
-			
+						
 			idpEntitiesDescriptor.setName(PVPConfiguration.getInstance().getIDPIssuerName());
 
 			idpEntitiesDescriptor.setID(SAML2Utils.getSecureIdentifier());
 			
-			idpEntitiesDescriptor.setValidUntil(new DateTime().plusWeeks(4));
+			DateTime date = new DateTime();
 			
+			idpEntitiesDescriptor.setValidUntil(date.plusDays(VALIDUNTIL_IN_DAYES));
+				
 			EntityDescriptor idpEntityDescriptor = SAML2Utils
 					.createSAMLObject(EntityDescriptor.class);
 
 			idpEntitiesDescriptor.getEntityDescriptors().add(idpEntityDescriptor);
 			
 			idpEntityDescriptor
-					.setEntityID(PVPConfiguration.getInstance().getIDPPublicPath());
+					.setEntityID(PVPConfiguration.getInstance().getIDPSSOMetadataService());
 
+			idpEntityDescriptor.setValidUntil(date.plusDays(VALIDUNTIL_IN_DAYES));
+			
 			List<ContactPerson> persons = PVPConfiguration.getInstance()
 					.getIDPContacts();
 
@@ -78,17 +106,15 @@ public class MetadataAction implements IAction {
 			keyInfoFactory.setEmitEntityIDAsKeyName(true);
 			keyInfoFactory.setEmitEntityCertificate(true);
 			KeyInfoGenerator keyInfoGenerator = keyInfoFactory.newInstance();
-
-			Credential credential = CredentialProvider
-					.getIDPSigningCredential();
-
-			KeyDescriptor signKeyDescriptor = SAML2Utils
-					.createSAMLObject(KeyDescriptor.class);
-			signKeyDescriptor.setUse(UsageType.SIGNING);
-			signKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(credential));
-
+			
+			Credential metadataSigningCredential = CredentialProvider.getIDPMetaDataSigningCredential();
 			Signature signature = CredentialProvider
-					.getIDPSignature(credential);
+					.getIDPSignature(metadataSigningCredential);
+			
+//			KeyInfoBuilder metadataKeyInfoBuilder = new KeyInfoBuilder();
+//			KeyInfo metadataKeyInfo = metadataKeyInfoBuilder.buildObject();
+//			//KeyInfoHelper.addCertificate(metadataKeyInfo, metadataSigningCredential.);
+//			signature.setKeyInfo(metadataKeyInfo );
 			
 			idpEntitiesDescriptor.setSignature(signature);
 
@@ -139,9 +165,17 @@ public class MetadataAction implements IAction {
 				idpSSODescriptor.getArtifactResolutionServices().add(
 						artifactResolutionService);
 			}*/
+		
+			//set assertion signing key
+			Credential assertionSigingCredential = CredentialProvider
+					.getIDPAssertionSigningCredential();
 
+			KeyDescriptor signKeyDescriptor = SAML2Utils
+					.createSAMLObject(KeyDescriptor.class);
+			signKeyDescriptor.setUse(UsageType.SIGNING);
+			signKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(assertionSigingCredential));
 			idpSSODescriptor.getKeyDescriptors().add(signKeyDescriptor);
-			
+						
 			idpSSODescriptor.getAttributes().addAll(PVPAttributeBuilder.buildSupportedEmptyAttributes());
 			
 			NameIDFormat persistenNameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class);
@@ -184,7 +218,7 @@ public class MetadataAction implements IAction {
 
 			String metadataXML = sw.toString();
 
-			System.out.println("METADATA: " + metadataXML);
+			//System.out.println("METADATA: " + metadataXML);
 
 			httpResp.setContentType("text/xml");
 			httpResp.getOutputStream().write(metadataXML.getBytes());