diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java | 39 |
1 files changed, 33 insertions, 6 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java index 5f38cd05a..11f7fb257 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java @@ -11,6 +11,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang.StringEscapeUtils; +import org.opensaml.DefaultBootstrap; import org.opensaml.common.xml.SAMLConstants; import org.opensaml.saml2.core.AuthnRequest; import org.opensaml.saml2.core.RequestAbstractType; @@ -18,10 +19,11 @@ import org.opensaml.saml2.core.Response; import org.opensaml.saml2.core.Status; import org.opensaml.saml2.core.StatusCode; import org.opensaml.saml2.core.StatusMessage; -import org.opensaml.saml2.core.StatusResponseType; import org.opensaml.saml2.metadata.AssertionConsumerService; +import org.opensaml.saml2.metadata.AttributeConsumingService; import org.opensaml.saml2.metadata.EntityDescriptor; import org.opensaml.saml2.metadata.SPSSODescriptor; +import org.opensaml.xml.ConfigurationException; import at.gv.egovernment.moa.id.MOAIDException; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; @@ -32,15 +34,15 @@ import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.moduls.NoPassivAuthenticationException; import at.gv.egovernment.moa.id.moduls.ServletInfo; import at.gv.egovernment.moa.id.moduls.ServletType; -import at.gv.egovernment.moa.id.protocols.pvp2x.binding.ArtifactBinding; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IDecoder; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOARequest; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.PostBinding; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.RedirectBinding; import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.InvalidAssertionConsumerServiceException; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.MandateAttributesNotHandleAbleException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception; +import at.gv.egovernment.moa.id.protocols.pvp2x.utils.CheckMandateAttributes; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngine; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory; @@ -63,6 +65,13 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants { private static HashMap<String, IAction> actions = new HashMap<String, IAction>(); static { + try { + DefaultBootstrap.bootstrap(); + } catch (ConfigurationException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + servletList.add(new ServletInfo(PVPProcessor.class, REDIRECT, ServletType.AUTH)); servletList.add(new ServletInfo(PVPProcessor.class, POST, @@ -150,15 +159,23 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants { AuthnRequest authnRequest = (AuthnRequest)samlReq; Integer aIdx = authnRequest.getAssertionConsumerServiceIndex(); - int idx = 0; + int assertionidx = 0; + + if(aIdx != null) { + assertionidx = aIdx.intValue(); + } + + aIdx = authnRequest.getAttributeConsumingServiceIndex(); + int attributeIdx = 0; if(aIdx != null) { - idx = aIdx.intValue(); + attributeIdx = aIdx.intValue(); } EntityDescriptor metadata = moaRequest.getEntityMetadata(); SPSSODescriptor spSSODescriptor = metadata.getSPSSODescriptor(SAMLConstants.SAML20P_NS); - AssertionConsumerService consumerService = spSSODescriptor.getAssertionConsumerServices().get(idx); + AssertionConsumerService consumerService = spSSODescriptor.getAssertionConsumerServices().get(assertionidx); + AttributeConsumingService attributeConsumer = spSSODescriptor.getAttributeConsumingServices().get(attributeIdx); String oaURL = consumerService.getLocation(); String binding = consumerService.getBinding(); String entityID = moaRequest.getEntityMetadata().getEntityID(); @@ -173,6 +190,16 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants { config.setRequest(moaRequest); config.setTarget(PVPConfiguration.getInstance().getTargetForSP(entityID)); + //TODO: Implement check for Mandate Attributes if mandate request + String useMandate = request.getParameter(PARAM_USEMANDATE); + if(useMandate != null) { + if(useMandate.equals("true")) { + if(!CheckMandateAttributes.canHandleMandate(attributeConsumer)) { + throw new MandateAttributesNotHandleAbleException(); + } + } + } + request.getSession().setAttribute(PARAM_OA, oaURL); return config; |