aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java12
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java60
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java3
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/messages/MOARequest.java11
4 files changed, 76 insertions, 10 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index 9f1b6b3e8..1cc2a5711 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -41,7 +41,6 @@ import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.servlet.AuthServlet;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
-import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.data.IAuthData;
@@ -271,10 +270,17 @@ public class DispatcherServlet extends AuthServlet{
//request is a new authentication request
} else if (protocolRequest != null &&
- MiscUtil.isEmpty(protocolRequest.getRequestID())) {
+ MiscUtil.isEmpty(protocolRequest.getRequestID())) {
//Start new Authentication
- protocolRequest.setAction(action);
protocolRequest.setModule(module);
+
+ //if preProcessing has not set a specific action from decoded request
+ // then set the default action
+ if (MiscUtil.isEmpty(protocolRequest.requestedAction()))
+ protocolRequest.setAction(action);
+ else
+ moduleAction = info.getAction(protocolRequest.requestedAction());
+
protocolRequestID = Random.nextRandom();
protocolRequest.setRequestID(protocolRequestID);
RequestStorage.setPendingRequest(protocolRequest);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index a786420cf..e2e6e752b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -52,6 +52,7 @@ import org.opensaml.saml2.metadata.AssertionConsumerService;
import org.opensaml.saml2.metadata.AttributeConsumingService;
import org.opensaml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml2.metadata.SPSSODescriptor;
+import org.opensaml.saml2.metadata.SingleLogoutService;
import org.opensaml.xml.io.MarshallingException;
import org.opensaml.xml.signature.SignableXMLObject;
@@ -105,6 +106,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
public static final String SOAP = "Soap";
public static final String METADATA = "Metadata";
public static final String ATTRIBUTEQUERY = "AttributeQuery";
+ public static final String SINGLELOGOUT = "SingleLogOut";
private static List<IDecoder> decoder = new ArrayList<IDecoder>();
@@ -125,6 +127,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
actions.put(POST, new AuthenticationAction());
actions.put(METADATA, new MetadataAction());
actions.put(ATTRIBUTEQUERY, new AttributQueryAction());
+ actions.put(SINGLELOGOUT, new SingleLogOutAction());
//TODO: insert getArtifact action
@@ -179,6 +182,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
if(METADATA.equals(action)) {
return new PVPTargetConfiguration();
+
}
IDecoder decoder = findDecoder(action, request);
@@ -350,8 +354,10 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
HttpServletResponse response) {
if(request.getParameter("SAMLRequest") != null && request.getMethod().equals("GET")) {
return getAction(REDIRECT);
+
} else if(request.getParameter("SAMLRequest") != null && request.getMethod().equals("POST")) {
return getAction(POST);
+
}
if(METADATA.equals(request.getParameter("action"))) {
@@ -373,11 +379,57 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
* @param response
* @param msg
* @return
+ * @throws MOAIDException
*/
private IRequest preProcessLogOut(HttpServletRequest request,
- HttpServletResponse response, MOARequest msg) {
- // TODO Auto-generated method stub
- return null;
+ HttpServletResponse response, MOARequest msg) throws MOAIDException {
+
+ PVPTargetConfiguration config = new PVPTargetConfiguration();
+
+ if (((MOARequest)msg).getSamlRequest() instanceof LogoutRequest) {
+ //preProcess single logout request from service provider
+
+ EntityDescriptor metadata = msg.getEntityMetadata();
+ if(metadata == null) {
+ throw new NoMetadataInformationException();
+ }
+
+
+
+ String oaURL = metadata.getEntityID();
+ oaURL = StringEscapeUtils.escapeHtml(oaURL);
+
+ Logger.info("Dispatch PVP2 SingleLogOut: OAURL=" + oaURL + " Binding=" + msg.getRequestBinding());
+
+ config.setOAURL(oaURL);
+ config.setBinding(msg.getRequestBinding());
+
+
+ } else if (((MOARequest)msg).getSamlRequest() instanceof LogoutResponse) {
+ //preProcess single logour response from service provider
+
+ LogoutResponse resp = (LogoutResponse) (((MOARequest)msg).getSamlRequest());
+
+ Logger.debug("PreProcess SLO Response from " + resp.getIssuer());
+
+ if (!resp.getDestination().startsWith(
+ PVPConfiguration.getInstance().getIDPPublicPath())) {
+ Logger.warn("PVP 2.1 single logout response destination does not match to IDP URL");
+ throw new AssertionValidationExeption("PVP 2.1 single logout response destination does not match to IDP URL", null);
+
+ }
+
+ //TODO: check if relayState exists
+ msg.getRelayState();
+
+
+ } else
+ throw new MOAIDException("Unsupported request", new Object[] {});
+
+
+ config.setRequest(msg);
+ config.setAction(SINGLELOGOUT);
+ return config;
}
/**
@@ -485,7 +537,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
String oaURL = moaRequest.getEntityMetadata().getEntityID();
String binding = consumerService.getBinding();
- Logger.info("Dispatch PVP2 Request: OAURL=" + oaURL + " Binding=" + binding);
+ Logger.info("Dispatch PVP2 AuthnRequest: OAURL=" + oaURL + " Binding=" + binding);
oaURL = StringEscapeUtils.escapeHtml(oaURL);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java
index 96e2bf7e9..65da23565 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java
@@ -41,6 +41,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.builder.AttributQueryBuilder;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMetadataInformationException;
import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage;
import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest;
+import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse;
import at.gv.egovernment.moa.logging.Logger;
public class PVPTargetConfiguration extends RequestImpl {
@@ -50,7 +51,7 @@ public class PVPTargetConfiguration extends RequestImpl {
InboundMessage request;
String binding;
String consumerURL;
-
+
public InboundMessage getRequest() {
return request;
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/messages/MOARequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/messages/MOARequest.java
index f2f8f0a23..7679e74a6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/messages/MOARequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/messages/MOARequest.java
@@ -37,11 +37,18 @@ public class MOARequest extends InboundMessage{
private static final long serialVersionUID = 8613921176727607896L;
- public MOARequest(SignableXMLObject inboundMessage) {
- setSAMLMessage(inboundMessage.getDOM());
+ private String binding = null;
+
+ public MOARequest(SignableXMLObject inboundMessage, String binding) {
+ setSAMLMessage(inboundMessage.getDOM());
+ this.binding = binding;
}
+ public String getRequestBinding() {
+ return binding;
+ }
+
public SignableXMLObject getSamlRequest() {
UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory();
Unmarshaller unmashaller = unmarshallerFactory.getUnmarshaller(getInboundMessage());