aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java120
1 files changed, 120 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
new file mode 100644
index 000000000..f8270cf33
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
@@ -0,0 +1,120 @@
+package at.gv.egovernment.moa.id.protocols.pvp2x.requestHandler;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.opensaml.common.xml.SAMLConstants;
+import org.opensaml.saml2.core.Assertion;
+import org.opensaml.saml2.core.AuthnRequest;
+import org.opensaml.saml2.core.Issuer;
+import org.opensaml.saml2.core.NameID;
+import org.opensaml.saml2.core.Response;
+import org.opensaml.saml2.metadata.AssertionConsumerService;
+import org.opensaml.saml2.metadata.EntityDescriptor;
+import org.opensaml.saml2.metadata.SPSSODescriptor;
+import org.opensaml.ws.message.encoder.MessageEncodingException;
+import org.opensaml.xml.security.SecurityException;
+
+import at.gv.egovernment.moa.id.AuthenticationException;
+import at.gv.egovernment.moa.id.MOAIDException;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
+import at.gv.egovernment.moa.id.protocols.pvp2x.binding.ArtifactBinding;
+import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder;
+import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOARequest;
+import at.gv.egovernment.moa.id.protocols.pvp2x.binding.PostBinding;
+import at.gv.egovernment.moa.id.protocols.pvp2x.binding.RedirectBinding;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.assertion.PVP2AssertionBuilder;
+import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.BindingNotSupportedException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.InvalidAssertionConsumerServiceException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
+import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
+import at.gv.egovernment.moa.logging.Logger;
+
+public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
+
+ public boolean handleObject(MOARequest obj) {
+ return (obj.getSamlRequest() instanceof AuthnRequest);
+ }
+
+ public void process(MOARequest obj, HttpServletRequest req,
+ HttpServletResponse resp, AuthenticationSession authSession) throws MOAIDException {
+ if (!handleObject(obj)) {
+ throw new MOAIDException("pvp2.13", null);
+ }
+
+ AuthnRequest authnRequest = (AuthnRequest) obj.getSamlRequest();
+ EntityDescriptor peerEntity = obj.getEntityMetadata();
+
+// if (!AuthenticationSessionStoreage.isAuthenticated(authSession.getSessionID())) {
+// throw new AuthenticationException("auth.21", new Object[] {});
+// }
+
+// AuthenticationManager authmanager = AuthenticationManager.getInstance();
+// AuthenticationSession authSession =authmanager.getAuthenticationSession(req.getSession());
+
+ // authSession.getM
+
+ Assertion assertion = PVP2AssertionBuilder.buildAssertion(authnRequest, authSession, peerEntity);
+
+ Response authResponse = SAML2Utils.createSAMLObject(Response.class);
+
+
+ Issuer nissuer = SAML2Utils.createSAMLObject(Issuer.class);
+ nissuer.setValue(PVPConfiguration.getInstance().getIDPIssuerName());
+ nissuer.setFormat(NameID.ENTITY);
+ authResponse.setIssuer(nissuer);
+ authResponse.setInResponseTo(authnRequest.getID());
+ authResponse.getAssertions().add(assertion);
+ authResponse.setStatus(SAML2Utils.getSuccessStatus());
+
+ Integer aIdx = authnRequest.getAssertionConsumerServiceIndex();
+ int idx = 0;
+
+ if (aIdx != null) {
+ idx = aIdx.intValue();
+ }
+
+ SPSSODescriptor spSSODescriptor = peerEntity
+ .getSPSSODescriptor(SAMLConstants.SAML20P_NS);
+
+ AssertionConsumerService consumerService = spSSODescriptor
+ .getAssertionConsumerServices().get(idx);
+
+ if (consumerService == null) {
+ throw new InvalidAssertionConsumerServiceException(idx);
+ }
+ String oaURL = consumerService.getLocation();
+
+ IEncoder binding = null;
+
+ if (consumerService.getBinding().equals(
+ SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
+ binding = new RedirectBinding();
+ } else if (consumerService.getBinding().equals(
+ SAMLConstants.SAML2_ARTIFACT_BINDING_URI)) {
+ // TODO: not supported YET!!
+ binding = new ArtifactBinding();
+ } else if (consumerService.getBinding().equals(
+ SAMLConstants.SAML2_POST_BINDING_URI)) {
+ binding = new PostBinding();
+ }
+
+ if (binding == null) {
+ throw new BindingNotSupportedException(consumerService.getBinding());
+ }
+
+ try {
+ binding.encodeRespone(req, resp, authResponse, oaURL);
+ // TODO add remoteSessionID to AuthSession ExternalPVPSessionStore
+ } catch (MessageEncodingException e) {
+ Logger.error("Message Encoding exception", e);
+ throw new MOAIDException("pvp2.01", null, e);
+ } catch (SecurityException e) {
+ Logger.error("Security exception", e);
+ throw new MOAIDException("pvp2.01", null, e);
+ }
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-11 06:24:49 +0000