diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java | 77 |
1 files changed, 46 insertions, 31 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java index 863bfe501..d9ce6250a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java @@ -82,6 +82,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.binding.RedirectBinding; import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionValidationExeption; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AttributQueryException; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.InvalidAssertionConsumerServiceException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.MandateAttributesNotHandleAbleException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NameIDFormatNotSupportedException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMetadataInformationException; @@ -543,52 +544,51 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants { AuthnRequest authnRequest = (AuthnRequest)samlReq; - Integer aIdx = authnRequest.getAssertionConsumerServiceIndex(); - int assertionidx = 0; + //parse AssertionConsumerService + AssertionConsumerService consumerService = null; + if (MiscUtil.isNotEmpty(authnRequest.getAssertionConsumerServiceURL()) && + MiscUtil.isNotEmpty(authnRequest.getProtocolBinding())) { + //use AssertionConsumerServiceURL from request + consumerService = SAML2Utils.createSAMLObject(AssertionConsumerService.class); + consumerService.setBinding(authnRequest.getProtocolBinding()); + consumerService.setLocation(authnRequest.getAssertionConsumerServiceURL()); + + } else { + //use AssertionConsumerServiceIndex and select consumerService from metadata + Integer aIdx = authnRequest.getAssertionConsumerServiceIndex(); + int assertionidx = 0; - if(aIdx != null) { - assertionidx = aIdx.intValue(); + if(aIdx != null) { + assertionidx = aIdx.intValue(); + + } else { + assertionidx = SAML2Utils.getDefaultAssertionConsumerServiceIndex(spSSODescriptor); + + } + consumerService = spSSODescriptor.getAssertionConsumerServices().get(assertionidx); - } else { - assertionidx = SAML2Utils.getDefaultAssertionConsumerServiceIndex(spSSODescriptor); + if (consumerService == null) { + throw new InvalidAssertionConsumerServiceException(aIdx); + + } } - aIdx = authnRequest.getAttributeConsumingServiceIndex(); + //select AttributeConsumingService from request + AttributeConsumingService attributeConsumer = null; + Integer aIdx = authnRequest.getAttributeConsumingServiceIndex(); int attributeIdx = 0; - + if(aIdx != null) { attributeIdx = aIdx.intValue(); } - AssertionConsumerService consumerService = spSSODescriptor.getAssertionConsumerServices().get(assertionidx); - - AttributeConsumingService attributeConsumer = null; - if (spSSODescriptor.getAttributeConsumingServices() != null && spSSODescriptor.getAttributeConsumingServices().size() > 0) { attributeConsumer = spSSODescriptor.getAttributeConsumingServices().get(attributeIdx); } - PVPTargetConfiguration config = new PVPTargetConfiguration(); - - String oaURL = moaRequest.getEntityMetadata().getEntityID(); - String binding = consumerService.getBinding(); - - Logger.info("Dispatch PVP2 AuthnRequest: OAURL=" + oaURL + " Binding=" + binding); - - oaURL = StringEscapeUtils.escapeHtml(oaURL); - - config.setOAURL(oaURL); - config.setBinding(binding); - config.setRequest(moaRequest); - config.setConsumerURL(consumerService.getLocation()); - - //parse AuthRequest - AuthnRequestImpl authReq = (AuthnRequestImpl) samlReq; - config.setPassiv(authReq.isPassive()); - config.setForce(authReq.isForceAuthn()); - //validate AuthnRequest + AuthnRequestImpl authReq = (AuthnRequestImpl) samlReq; AuthnRequestValidator.validate(authReq); String useMandate = request.getParameter(PARAM_USEMANDATE); @@ -599,7 +599,22 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants { } } } + + String oaURL = moaRequest.getEntityMetadata().getEntityID(); + oaURL = StringEscapeUtils.escapeHtml(oaURL); + + Logger.info("Dispatch PVP2 AuthnRequest: OAURL=" + oaURL + " Binding=" + consumerService.getBinding()); + + PVPTargetConfiguration config = new PVPTargetConfiguration(); + config.setOAURL(oaURL); + config.setBinding(consumerService.getBinding()); + config.setRequest(moaRequest); + config.setConsumerURL(consumerService.getLocation()); + //parse AuthRequest + config.setPassiv(authReq.isPassive()); + config.setForce(authReq.isForceAuthn()); + return config; } |