diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x')
4 files changed, 37 insertions, 9 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java index 41aa459ec..9dcef5778 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java @@ -132,6 +132,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants { try { PVPTargetConfiguration config = new PVPTargetConfiguration(); + MOARequest moaRequest = decoder.decodeRequest(request, response); RequestAbstractType samlReq = moaRequest.getSamlRequest(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java index 2038ef5a5..c438cb18c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java @@ -26,7 +26,12 @@ import org.opensaml.saml2.metadata.NameIDFormat; import org.opensaml.saml2.metadata.RequestedAttribute; import org.opensaml.saml2.metadata.SPSSODescriptor; +import at.gv.egovernment.moa.id.MOAIDException; +import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder; import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; @@ -39,8 +44,9 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; import at.gv.egovernment.moa.logging.Logger; public class PVP2AssertionBuilder implements PVPConstants { - public static Assertion buildAssertion(AuthnRequest authnRequest, - AuthenticationSession authSession, EntityDescriptor peerEntity) throws PVP2Exception { + public static Assertion buildAssertion(AuthnRequest authnRequest, + AuthenticationSession authSession, EntityDescriptor peerEntity) + throws MOAIDException { Assertion assertion = SAML2Utils.createSAMLObject(Assertion.class); RequestedAuthnContext reqAuthnContext = authnRequest @@ -71,7 +77,7 @@ public class PVP2AssertionBuilder implements PVPConstants { if (!stork_qaa_1_4_found) { throw new QAANotSupportedException(STORK_QAA_1_4); } - + reqAuthnContextClassRefIt = reqAuthnContext.getAuthnContextClassRefs() .iterator(); StringBuilder authContextsb = new StringBuilder(); @@ -107,7 +113,7 @@ public class PVP2AssertionBuilder implements PVPConstants { authnStatement.setAuthnContext(authnContext); assertion.getAuthnStatements().add(authnStatement); - + SPSSODescriptor spSSODescriptor = peerEntity .getSPSSODescriptor(SAMLConstants.SAML20P_NS); @@ -127,6 +133,9 @@ public class PVP2AssertionBuilder implements PVPConstants { Subject subject = SAML2Utils.createSAMLObject(Subject.class); NameID subjectNameID = SAML2Utils.createSAMLObject(NameID.class); boolean foundFormat = false; + + // TL: AuthData generation is moved to Assertion generation. + Iterator<NameIDFormat> formatIt = spSSODescriptor.getNameIDFormats() .iterator(); while (formatIt.hasNext()) { @@ -180,11 +189,27 @@ public class PVP2AssertionBuilder implements PVPConstants { assertion.getAttributeStatements().add(attributeStatement); } + // TODO: LOAD oaParam from request and not from MOASession in case of + // SSO + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() + .getOnlineApplicationParameter( + authSession.getPublicOAURLPrefix()); + + AuthenticationData authData = AuthenticationServer + .buildAuthenticationData(authSession, oaParam, + oaParam.getTarget()); + + // TL: getIdentificationValue holds the baseID --> change to pBK + // subjectNameID.setValue(authData.getIdentificationValue()); + subjectNameID.setFormat(NameID.PERSISTENT); - subjectNameID.setNameQualifier(authSession.getAssertionAuthData() + //TODO: build IdType in authData + subjectNameID.setNameQualifier(authData .getIdentificationType()); - subjectNameID.setValue(authSession.getAssertionAuthData() - .getIdentificationValue()); + if (authSession.getBusinessService()) + subjectNameID.setValue(authData.getWBPK()); + else + subjectNameID.setValue(authData.getBPK()); // } subject.setNameID(subjectNameID); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/BPKAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/BPKAttributeBuilder.java index ae3715b57..c2c1c8687 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/BPKAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/BPKAttributeBuilder.java @@ -11,7 +11,8 @@ public class BPKAttributeBuilder extends BaseAttributeBuilder { } public Attribute build(AuthenticationSession authSession) { - String bpk = authSession.getAssertionAuthData().getIdentificationValue(); + // TODO: authSession + oaParam => authData + String bpk = ""; //authSession.getAssertionAuthData().getIdentificationValue(); if(bpk.length() > BPK_MAX_LENGTH) { bpk = bpk.substring(0, BPK_MAX_LENGTH); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSectorForIDAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSectorForIDAttributeBuilder.java index 9b0c0a289..785db286d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSectorForIDAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSectorForIDAttributeBuilder.java @@ -11,8 +11,9 @@ public class EIDSectorForIDAttributeBuilder extends BaseAttributeBuilder { } public Attribute build(AuthenticationSession authSession) { + // TODO: authSession + oaParam => authData return buildStringAttribute(EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME, - EID_SECTOR_FOR_IDENTIFIER_NAME, authSession.getAssertionAuthData().getIdentificationType()); + EID_SECTOR_FOR_IDENTIFIER_NAME, ""/*authSession.getAssertionAuthData().getIdentificationType()*/); } public Attribute buildEmpty() { |