1 files changed, 111 insertions, 31 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
index 9f47123ab..6a86eb4a5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
@@ -1,7 +1,10 @@
 package at.gv.egovernment.moa.id.protocols.saml1;
 
+import iaik.x509.X509Certificate;
+
 import java.io.File;
 import java.io.IOException;
+import java.security.cert.CertificateEncodingException;
 import java.util.Date;
 
 import at.gv.egovernment.moa.id.AuthenticationException;
@@ -9,8 +12,10 @@ import at.gv.egovernment.moa.id.BuildException;
 import at.gv.egovernment.moa.id.ParseException;
 import at.gv.egovernment.moa.id.auth.AuthenticationServer;
 import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder;
+import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder;
 import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.IdentityLink;
 import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser;
 import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
@@ -20,6 +25,8 @@ import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.data.AuthenticationData;
 import at.gv.egovernment.moa.id.storage.AssertionStorage;
 import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.Base64Utils;
+import at.gv.egovernment.moa.util.StringUtils;
 
 public class SAML1AuthenticationServer extends AuthenticationServer {
 	
@@ -101,40 +108,113 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 
 		// builds authentication data and stores it together with a SAML
 		// artifact
-		AuthenticationData authData = buildAuthenticationData(session, session.getXMLVerifySignatureResponse(),
-				useUTC, false);
-
-		String samlAssertion = new AuthenticationDataAssertionBuilder().build(
-				authData, session.getAssertionPrPerson(),
-				session.getAssertionAuthBlock(),
-				session.getAssertionIlAssertion(), session.getBkuURL(),
-				session.getAssertionSignerCertificateBase64(),
-				session.getAssertionBusinessService(),
-				session.getExtendedSAMLAttributesOA(), useCondition,
-				conditionLength);
-		authData.setSamlAssertion(samlAssertion);
+		
+		//TODO: check, if this is correct!!!!
+		//AuthenticationData authData = buildAuthenticationData(session, session.getXMLVerifySignatureResponse(),
+		//		useUTC, false);
+		AuthenticationData authData = session.getAuthData();
+		
+		//TODO: check, if this is correct!!!!
+//		String samlAssertion = new AuthenticationDataAssertionBuilder().build(
+//				authData, session.getAssertionPrPerson(),
+//				session.getAssertionAuthBlock(),
+//				session.getAssertionIlAssertion(), session.getBkuURL(),
+//				session.getAssertionSignerCertificateBase64(),
+//				session.getAssertionBusinessService(),
+//				session.getExtendedSAMLAttributesOA(), useCondition,
+//				conditionLength);
 
-		String assertionFile = AuthConfigurationProvider.getInstance()
-				.getGenericConfigurationParameter(
-						"AuthenticationServer.WriteAssertionToFile");
-		if (!ParepUtils.isEmpty(assertionFile))
-			try {
-				ParepUtils.saveStringToFile(samlAssertion, new File(
-						assertionFile));
-			} catch (IOException e) {
-				throw new BuildException("builder.00", new Object[] {
-						"AuthenticationData", e.toString() }, e);
+		try {
+		
+			//set BASE64 encoded signer certificate
+			String signerCertificateBase64 = "";
+			if (oaParam.getProvideCertifcate()) {
+				byte[] signerCertificate = session.getEncodedSignerCertificate();
+				if (signerCertificate != null) {
+	
+						signerCertificateBase64 = Base64Utils
+								.encode(signerCertificate);				
+				} else {
+					Logger.info("\"provideCertificate\" is \"true\", but no signer certificate available");
+				}
 			}
-
-		String samlArtifact = new SAMLArtifactBuilder().build(
-				session.getAuthURL(), session.getSessionID(),
-				session.getSourceID());
+			
+			//set prPersion
+			boolean provideStammzahl = oaParam.getProvideStammzahl();
+			String prPerson = new PersonDataBuilder().build(session.getIdentityLink(),
+					provideStammzahl);
+			
+			//set Authblock
+			String authBlock = oaParam.getProvideAuthBlock() ? session
+					.getAuthBlock() : "";
+					
+			//set IdentityLink for assortion
+			String ilAssertion = oaParam.getProvideIdentityLink() ? session.getIdentityLink()
+					.getSerializedSamlAssertion()
+					: "";
+			if (!oaParam.getProvideStammzahl()) {
+				ilAssertion = StringUtils.replaceAll(ilAssertion, session.getIdentityLink()
+						.getIdentificationValue(), "");
+			}
+			
+			String samlAssertion;
+			
+			if (session.getUseMandate()) {
+				samlAssertion = new AuthenticationDataAssertionBuilder().buildMandate(
+						authData, 
+						prPerson, 
+						session.getMandateData(), 
+						authBlock, 
+						ilAssertion, 
+						session.getBkuURL(), 
+						signerCertificateBase64, 
+						oaParam.getBusinessService(),  
+						session.getExtendedSAMLAttributesOA(), 
+						useCondition, 
+						conditionLength);
+				
+			} else {
+				samlAssertion = new AuthenticationDataAssertionBuilder().build(
+					authData, 
+					prPerson,
+					authBlock,
+					ilAssertion, 
+					session.getBkuURL(),
+					signerCertificateBase64,
+					oaParam.getBusinessService(),
+					session.getExtendedSAMLAttributesOA(), 
+					useCondition,
+					conditionLength);
+			}
+			
+			authData.setSamlAssertion(samlAssertion);
+	
+			String assertionFile = AuthConfigurationProvider.getInstance()
+					.getGenericConfigurationParameter(
+							"AuthenticationServer.WriteAssertionToFile");
+			if (!ParepUtils.isEmpty(assertionFile))
+				try {
+					ParepUtils.saveStringToFile(samlAssertion, new File(
+							assertionFile));
+				} catch (IOException e) {
+					throw new BuildException("builder.00", new Object[] {
+							"AuthenticationData", e.toString() }, e);
+				}
+	
+			String samlArtifact = new SAMLArtifactBuilder().build(
+					session.getAuthURL(), session.getSessionID(),
+					session.getSourceID());
+			
+			storeAuthenticationData(samlArtifact, authData);
+	
+			Logger.info("Anmeldedaten zu MOASession " + session.getSessionID()
+					+ " angelegt, SAML Artifakt " + samlArtifact);
+			return samlArtifact;
 		
-		storeAuthenticationData(samlArtifact, authData);
-
-		Logger.info("Anmeldedaten zu MOASession " + session.getSessionID()
-				+ " angelegt, SAML Artifakt " + samlArtifact);
-		return samlArtifact;
+		} catch (Throwable ex) {
+			throw new BuildException("builder.00", new Object[] {
+					"AuthenticationData", ex.toString() }, ex);
+		}
 
 	}