diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java | 93 |
1 files changed, 91 insertions, 2 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java index ee0088576..a16fed9cd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java @@ -22,15 +22,25 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.pvp2x.utils; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.HashMap; import java.util.List; +import java.util.Map; import org.opensaml.saml2.core.Assertion; +import org.opensaml.saml2.core.Attribute; +import org.opensaml.saml2.core.AttributeStatement; import org.opensaml.saml2.core.AuthnContextClassRef; import org.opensaml.saml2.core.AuthnStatement; import org.opensaml.saml2.core.Response; import org.opensaml.saml2.core.StatusResponseType; import org.opensaml.saml2.core.Subject; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; + +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -38,6 +48,14 @@ import at.gv.egovernment.moa.util.MiscUtil; public class AssertionAttributeExtractor { private Assertion assertion = null; + private Map<String, String> attributs = new HashMap<String, String>(); + private PersonalAttributeList storkAttributes = new PersonalAttributeList(); + + private final List<String> minimalAttributeNameList = Arrays.asList( + PVPConstants.PRINCIPAL_NAME_NAME, + PVPConstants.GIVEN_NAME_NAME, + PVPConstants.BIRTHDATE_NAME); + public AssertionAttributeExtractor(StatusResponseType samlResponse) throws AssertionAttributeExtractorExeption { if (samlResponse != null && samlResponse instanceof Response) { @@ -48,12 +66,79 @@ public class AssertionAttributeExtractor { else if (assertions.size() > 1) Logger.warn("Found more then ONE PVP2.1 assertions. Only the First is used."); - assertion = assertions.get(0); - + assertion = assertions.get(0); + + if (assertion.getAttributeStatements() != null && + assertion.getAttributeStatements().size() > 0) { + AttributeStatement attrStat = assertion.getAttributeStatements().get(0); + for (Attribute attr : attrStat.getAttributes()) { + if (attr.getName().startsWith(PVPConstants.STORK_ATTRIBUTE_PREFIX)) { + List<String> storkAttrValues = new ArrayList<String>(); + storkAttrValues.add(attr.getAttributeValues().get(0).getDOM().getTextContent()); + PersonalAttribute storkAttr = new PersonalAttribute(attr.getName(), + false, storkAttrValues , "Available"); + storkAttributes.put(attr.getName(), storkAttr ); + + } else + attributs.put(attr.getName(), attr.getAttributeValues().get(0).getDOM().getTextContent()); + } + + } + } else throw new AssertionAttributeExtractorExeption(); } + /** + * check attributes from assertion with minimal required attribute list + * @return + */ + public boolean containsAllRequiredAttributes() { + return containsAllRequiredAttributes(minimalAttributeNameList); + + } + + /** + * check attributes from assertion with attributeNameList + * bPK or enc_bPK is always needed + * + * @param List of attributes which are required + * + * @return + */ + public boolean containsAllRequiredAttributes(List<String> attributeNameList) { + + //first check if a bPK or an encrypted bPK is available + if (attributs.containsKey(PVPConstants.ENC_BPK_LIST_NAME) || + (attributs.containsKey(PVPConstants.BPK_NAME) && attributs.containsKey(PVPConstants.EID_SECTOR_FOR_IDENTIFIER_NAME))) { + boolean flag = true; + for (String attr : attributeNameList) { + if (!attributs.containsKey(attr)) + flag = false; + } + + return flag; + + } + return false; + + } + + public boolean containsAttribute(String attributeName) { + return attributs.containsKey(attributeName); + + } + + public String getAttribute(String attributeName) { + return attributs.get(attributeName); + + } + + public PersonalAttributeList getSTORKAttributes() { + return storkAttributes; + } + + public String getNameID() throws AssertionAttributeExtractorExeption { if (assertion.getSubject() != null) { Subject subject = assertion.getSubject(); @@ -99,6 +184,10 @@ public class AssertionAttributeExtractor { throw new AssertionAttributeExtractorExeption("AuthnContextClassRef"); } + public Assertion getFullAssertion() { + return assertion; + } + private AuthnStatement getAuthnStatement() throws AssertionAttributeExtractorExeption { List<AuthnStatement> authnList = assertion.getAuthnStatements(); if (authnList.size() == 0) |