diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java | 58 |
1 files changed, 21 insertions, 37 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java index 587ca04e7..67f780b3a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java @@ -27,32 +27,26 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet; import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.AuthenticationData; +import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationImpl; import at.gv.egovernment.moa.id.data.SLOInformationInterface; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.URLEncoder; public class GetArtifactAction implements IAction { public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, - HttpServletResponse httpResp, AuthenticationSession session) throws AuthenticationException { + HttpServletResponse httpResp, IAuthData obj) throws AuthenticationException { String oaURL = (String) req.getOAURL(); - String target = (String) req.getTarget(); String sourceID = null; if (req instanceof SAML1RequestImpl) { @@ -61,42 +55,32 @@ public class GetArtifactAction implements IAction { } - try { - + SAML1AuthenticationData authData; + if (obj instanceof SAML1AuthenticationData) { + authData = (SAML1AuthenticationData) obj; - if (oaURL == null) { - throw new WrongParametersException("StartAuthentication", - PARAM_OA, "auth.12"); - } - - // check parameter - if (!ParamValidatorUtils.isValidOA(oaURL)) - throw new WrongParametersException("StartAuthentication", - PARAM_OA, "auth.12"); - - // TODO: Support Mandate MODE! + } else { + Logger.error("AuthDate is NOT of type SAML1AuthenticationData."); + throw new AuthenticationException("AuthDate is NOT of type SAML1AuthenticationData.", new Object[]{}); + } + + try { OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() - .getOnlineApplicationParameter(oaURL); - - SAML1AuthenticationServer saml1server = SAML1AuthenticationServer.getInstace(); - - AuthenticationData authData = SAML1AuthenticationServer.buildAuthenticationData(session, - oaParam, - target); + .getOnlineApplicationParameter(oaURL); + SAML1AuthenticationServer saml1server = SAML1AuthenticationServer.getInstace(); + // add other stork attributes to MOA assertion if available - if(null != session.getStorkAttributes()) { - List<ExtendedSAMLAttribute> moaExtendedSAMLAttibutes = STORKResponseProcessor.addAdditionalSTORKAttributes(session.getStorkAttributes()); - session.getExtendedSAMLAttributesOA().addAll(moaExtendedSAMLAttibutes); - //produce MOA-Assertion and artifact - AuthenticationServer.getInstance().getForeignAuthenticationData(session); + if(null != authData.getStorkAttributes()) { + List<ExtendedSAMLAttribute> moaExtendedSAMLAttibutes = STORKResponseProcessor.addAdditionalSTORKAttributes(authData.getStorkAttributes()); + authData.getExtendedSAMLAttributesOA().addAll(moaExtendedSAMLAttibutes); Logger.info("MOA assertion assembled and SAML Artifact generated."); } - String samlArtifactBase64 = saml1server.BuildSAMLArtifact(session, oaParam, authData, sourceID); + String samlArtifactBase64 = saml1server.BuildSAMLArtifact(oaParam, authData, sourceID); - if (AuthenticationSessionStoreage.isSSOSession(session.getSessionID())) { - String url = "RedirectServlet"; + if (authData.isSsoSession()) { + String url = AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/RedirectServlet"; url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(oaURL, "UTF-8")); if (!oaParam.getBusinessService()) url = addURLParameter(url, PARAM_TARGET, URLEncoder.encode(oaParam.getTarget(), "UTF-8")); @@ -125,7 +109,7 @@ public class GetArtifactAction implements IAction { } SLOInformationInterface sloInformation = - new SLOInformationImpl(authData.getAssertionID(), null, req.requestedModule()); + new SLOInformationImpl(authData.getAssertionID(), null, null, req.requestedModule()); return sloInformation; |