1 files changed, 41 insertions, 7 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
index 2a7147bcb..fec2d2b35 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
@@ -1,13 +1,8 @@
 package at.gv.egovernment.moa.id.protocols.saml1;
 
-import iaik.x509.X509Certificate;
-
-import java.io.File;
 import java.io.IOException;
-import java.security.cert.CertificateEncodingException;
 import java.util.Date;
 import java.util.List;
-import java.util.Vector;
 
 import javax.xml.parsers.ParserConfigurationException;
 import javax.xml.transform.TransformerException;
@@ -27,16 +22,15 @@ import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
 import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.data.SAMLAttribute;
 import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser;
 import at.gv.egovernment.moa.id.auth.validator.ValidateException;
 import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.data.AuthenticationData;
+import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.storage.AssertionStorage;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Base64Utils;
@@ -66,6 +60,33 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 	 */
 	private static final long authDataTimeOut = 2 * 60 * 1000; // default 2 minutes
 		
+	
+	public Throwable getErrorResponse(String samlArtifact) throws AuthenticationException {
+		try {
+			new SAMLArtifactParser(samlArtifact).parseAssertionHandle();
+			
+		} catch (ParseException ex) {
+			throw new AuthenticationException("1205", new Object[] {
+					samlArtifact, ex.toString() });
+		}
+		Throwable error = null;
+		synchronized (authenticationDataStore) {
+			try {
+				error = authenticationDataStore
+						.get(samlArtifact, Throwable.class);
+			
+				authenticationDataStore.remove(samlArtifact);
+				
+			} catch (MOADatabaseException e) {
+				Logger.error("Assertion not found for SAML Artifact: " + samlArtifact);
+				throw new AuthenticationException("1206", new Object[] { samlArtifact });
+			}
+			
+		}
+		
+		return error;
+	}
+	
 	/**
 	 * Retrieves <code>AuthenticationData</code> indexed by the SAML artifact.
 	 * The <code>AuthenticationData</code> is deleted from the store upon end of
@@ -77,6 +98,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 			throws AuthenticationException {
 		try {
 			new SAMLArtifactParser(samlArtifact).parseAssertionHandle();
+			
 		} catch (ParseException ex) {
 			throw new AuthenticationException("1205", new Object[] {
 					samlArtifact, ex.toString() });
@@ -123,6 +145,18 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 		return authData;
 	}
 	
+	public String BuildErrorAssertion(Throwable error, IRequest protocolRequest) 
+			throws BuildException, MOADatabaseException {
+		
+		String samlArtifact = new SAMLArtifactBuilder().build(
+				protocolRequest.getOAURL(), protocolRequest.getRequestID(),
+				null);
+		
+		authenticationDataStore.put(samlArtifact, error);
+		
+		return samlArtifact;
+	}
+	
 	public String BuildSAMLArtifact(AuthenticationSession session, 
 			OAAuthParameter oaParam, 
 			AuthenticationData authData)