1 files changed, 175 insertions, 0 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
new file mode 100644
index 000000000..a310b16ff
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -0,0 +1,175 @@
+package at.gv.egovernment.moa.id.protocols.saml1;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.lang.StringEscapeUtils;
+
+import at.gv.egovernment.moa.id.AuthenticationException;
+import at.gv.egovernment.moa.id.MOAIDException;
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.auth.WrongParametersException;
+import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.moduls.IAction;
+import at.gv.egovernment.moa.id.moduls.IModulInfo;
+import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.id.moduls.ServletInfo;
+import at.gv.egovernment.moa.id.moduls.ServletType;
+import at.gv.egovernment.moa.id.moduls.RequestImpl;
+import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.URLEncoder;
+
+public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
+
+	public static final String NAME = SAML1Protocol.class.getName();
+	public static final String PATH = "id_saml1";
+
+	public static final String GETARTIFACT = "GetArtifact";
+
+	private static List<ServletInfo> servletList = new ArrayList<ServletInfo>();
+
+	private static HashMap<String, IAction> actions = new HashMap<String, IAction>();
+	
+	static {
+		servletList.add(new ServletInfo(GetArtifactServlet.class, GETARTIFACT,
+				ServletType.AUTH));
+
+		actions.put(GETARTIFACT, new GetArtifactAction());
+		
+		instance = new SAML1Protocol();
+	}
+
+	private static SAML1Protocol instance = null;
+
+	public static SAML1Protocol getInstance() {
+		if (instance == null) {
+			instance = new SAML1Protocol();
+		}
+		return instance;
+	}
+
+	public List<ServletInfo> getServlets() {
+		return servletList;
+	}
+
+
+	public String getName() {
+		return NAME;
+	}
+
+	public String getPath() {
+		return PATH;
+	}
+
+	public IRequest preProcess(HttpServletRequest request,
+			HttpServletResponse response, String action) throws MOAIDException {
+		RequestImpl config = new RequestImpl();
+		String oaURL = (String) request.getParameter(PARAM_OA);
+		oaURL = StringEscapeUtils.escapeHtml(oaURL);
+		
+		String target = (String) request.getParameter(PARAM_TARGET);
+		target = StringEscapeUtils.escapeHtml(target);
+		
+		//the target parameter is used to define the OA in SAML1 standard
+		if (target != null && target.startsWith("http")) {
+			oaURL = target;
+			target = null;
+		}
+		
+		if (!ParamValidatorUtils.isValidOA(oaURL))
+			throw new WrongParametersException("StartAuthentication", PARAM_OA,
+					"auth.12");
+		config.setOAURL(oaURL);
+		
+		//load Target only from OA config
+		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
+				.getOnlineApplicationParameter(oaURL);
+		
+		if (oaParam == null)
+			throw new AuthenticationException("auth.00",
+					new Object[] { oaURL });
+		
+		config.setTarget(oaParam.getTarget());
+		
+		
+		//TODO: set reauthenticate if OA.useSSO=false
+		
+		request.getSession().setAttribute(PARAM_OA, oaURL);
+		request.getSession().setAttribute(PARAM_TARGET, oaParam.getTarget());
+		return config;
+	}
+
+	public boolean generateErrorMessage(Throwable e,
+			HttpServletRequest request, HttpServletResponse response,
+			IRequest protocolRequest) 
+					throws Throwable{
+		
+		SAML1AuthenticationServer saml1authentication = SAML1AuthenticationServer.getInstace();
+		
+		String samlArtifactBase64 = saml1authentication.BuildErrorAssertion(e, protocolRequest);
+		
+		String url = "RedirectServlet";
+		url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(protocolRequest.getOAURL(), "UTF-8"));
+		url = addURLParameter(url, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
+		url = response.encodeRedirectURL(url);
+		
+		response.setContentType("text/html");
+		response.setStatus(302);
+		response.addHeader("Location", url);
+		Logger.debug("REDIRECT TO: " + url);
+		
+		return true;
+	}
+
+	public IAction getAction(String action) {
+		return actions.get(action);
+	}
+
+	public IAction canHandleRequest(HttpServletRequest request,
+			HttpServletResponse response) {
+		return null;
+	}
+
+	public boolean validate(HttpServletRequest request,
+			HttpServletResponse response, IRequest pending) {
+
+		//TODO: funktioniert so nicht!!!
+		
+//		String oaURL = (String) request.getParameter(PARAM_OA);
+//		oaURL = StringEscapeUtils.escapeHtml(oaURL);
+//		String target = (String) request.getParameter(PARAM_TARGET);
+//		target = StringEscapeUtils.escapeHtml(target);
+//		
+//		//the target parameter is used to define the OA in SAML1 standard
+//		if (target.startsWith("http")) {
+//			oaURL = target;
+//			target = null;
+//		}
+//		
+//		if (oaURL != null) {
+//			if (oaURL.equals(pending.getOAURL()))
+//				return true;
+//			else
+//				return false;
+//		}
+		
+		return true;
+	}
+	
+	protected static String addURLParameter(String url, String paramname,
+			String paramvalue) {
+		String param = paramname + "=" + paramvalue;
+		if (url.indexOf("?") < 0)
+			return url + "?" + param;
+		else
+			return url + "&" + param;
+	}
+
+}