aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java1
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java6
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java1
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java6
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java1
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java39
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/BPKAttributeBuilder.java3
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSectorForIDAttributeBuilder.java3
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java2
10 files changed, 44 insertions, 20 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
index 83b7ae592..a81baafac 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
@@ -5,6 +5,7 @@ import java.io.StringWriter;
import org.apache.commons.io.IOUtils;
+import at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet;
import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol;
import at.gv.egovernment.moa.logging.Logger;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
index 29d407dc7..e6eecd11b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
@@ -140,9 +140,9 @@ public class GenerateIFrameTemplateServlet extends AuthServlet {
//TODO: CHANGE to real OA config
List<String> bkuURIs = Arrays.asList(
- "http://labda.iaik.tugraz.at:8080/moa-id-auth/template_onlineBKU.html",
- "http://labda.iaik.tugraz.at:8080/moa-id-auth/template_handyBKU.html",
- "http://labda.iaik.tugraz.at:8080/moa-id-auth/template_localBKU.html");
+ "http://localhost:8080/moa-id-auth/template_onlineBKU.html",
+ "http://localhost:8080/moa-id-auth/template_handyBKU.html",
+ "http://127.0.0.1:8080/moa-id-auth/template_localBKU.html");
// List<String> bkuURIs = Arrays.asList(
// "http://demo.egiz.gv.at/demoportal_moaid-2.0/template_onlineBKU.html",
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java
index 4c4671084..930fedfd4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java
@@ -148,7 +148,6 @@ public class VerifyCertificateServlet extends AuthServlet {
}
else {
// Foreign Identities Modus
- session.setForeignMode(true);
String createXMLSignatureRequest = AuthenticationServer.getInstance().createXMLSignatureRequestForeignID(sessionID, cert);
// build dataurl (to the GetForeignIDSerlvet)
String dataurl =
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index d798ce9d6..d85d61bc7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -38,10 +38,6 @@ import org.hibernate.cfg.Configuration;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
-import test.tlenz.simpletest;
-
-import eu.stork.vidp.messages.common.STORKBootstrap;
-
import at.gv.egovernment.moa.id.commons.db.HibernateUtil;
import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore;
import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore;
@@ -56,8 +52,8 @@ import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.FileUtils;
import at.gv.egovernment.moa.util.MiscUtil;
-import at.gv.egovernment.moa.util.StringUtils;
import at.gv.egovernment.moa.util.XPathUtils;
+import eu.stork.vidp.messages.common.STORKBootstrap;
/**
* A class providing access to the Auth Part of the MOA-ID configuration data.
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index 5e792ab78..58fec9790 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -319,7 +319,7 @@ public class AuthenticationManager extends AuthServlet {
} catch (MOADatabaseException e) {
try {
moasession = AuthenticationSessionStoreage.createSession();
- Logger.info("Create a new MOASession with sessionID=" + sessionID + ".");
+ Logger.info("Create a new MOASession with sessionID=" + moasession.getSessionID() + ".");
} catch (MOADatabaseException e1) {
Logger.error("Database Error! MOASession are not created.");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index 41aa459ec..9dcef5778 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -132,6 +132,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
try {
PVPTargetConfiguration config = new PVPTargetConfiguration();
+
MOARequest moaRequest = decoder.decodeRequest(request, response);
RequestAbstractType samlReq = moaRequest.getSamlRequest();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
index 2038ef5a5..c438cb18c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
@@ -26,7 +26,12 @@ import org.opensaml.saml2.metadata.NameIDFormat;
import org.opensaml.saml2.metadata.RequestedAttribute;
import org.opensaml.saml2.metadata.SPSSODescriptor;
+import at.gv.egovernment.moa.id.MOAIDException;
+import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.data.AuthenticationData;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder;
import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
@@ -39,8 +44,9 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
import at.gv.egovernment.moa.logging.Logger;
public class PVP2AssertionBuilder implements PVPConstants {
- public static Assertion buildAssertion(AuthnRequest authnRequest,
- AuthenticationSession authSession, EntityDescriptor peerEntity) throws PVP2Exception {
+ public static Assertion buildAssertion(AuthnRequest authnRequest,
+ AuthenticationSession authSession, EntityDescriptor peerEntity)
+ throws MOAIDException {
Assertion assertion = SAML2Utils.createSAMLObject(Assertion.class);
RequestedAuthnContext reqAuthnContext = authnRequest
@@ -71,7 +77,7 @@ public class PVP2AssertionBuilder implements PVPConstants {
if (!stork_qaa_1_4_found) {
throw new QAANotSupportedException(STORK_QAA_1_4);
}
-
+
reqAuthnContextClassRefIt = reqAuthnContext.getAuthnContextClassRefs()
.iterator();
StringBuilder authContextsb = new StringBuilder();
@@ -107,7 +113,7 @@ public class PVP2AssertionBuilder implements PVPConstants {
authnStatement.setAuthnContext(authnContext);
assertion.getAuthnStatements().add(authnStatement);
-
+
SPSSODescriptor spSSODescriptor = peerEntity
.getSPSSODescriptor(SAMLConstants.SAML20P_NS);
@@ -127,6 +133,9 @@ public class PVP2AssertionBuilder implements PVPConstants {
Subject subject = SAML2Utils.createSAMLObject(Subject.class);
NameID subjectNameID = SAML2Utils.createSAMLObject(NameID.class);
boolean foundFormat = false;
+
+ // TL: AuthData generation is moved to Assertion generation.
+
Iterator<NameIDFormat> formatIt = spSSODescriptor.getNameIDFormats()
.iterator();
while (formatIt.hasNext()) {
@@ -180,11 +189,27 @@ public class PVP2AssertionBuilder implements PVPConstants {
assertion.getAttributeStatements().add(attributeStatement);
}
+ // TODO: LOAD oaParam from request and not from MOASession in case of
+ // SSO
+ OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
+ .getOnlineApplicationParameter(
+ authSession.getPublicOAURLPrefix());
+
+ AuthenticationData authData = AuthenticationServer
+ .buildAuthenticationData(authSession, oaParam,
+ oaParam.getTarget());
+
+ // TL: getIdentificationValue holds the baseID --> change to pBK
+ // subjectNameID.setValue(authData.getIdentificationValue());
+
subjectNameID.setFormat(NameID.PERSISTENT);
- subjectNameID.setNameQualifier(authSession.getAssertionAuthData()
+ //TODO: build IdType in authData
+ subjectNameID.setNameQualifier(authData
.getIdentificationType());
- subjectNameID.setValue(authSession.getAssertionAuthData()
- .getIdentificationValue());
+ if (authSession.getBusinessService())
+ subjectNameID.setValue(authData.getWBPK());
+ else
+ subjectNameID.setValue(authData.getBPK());
// }
subject.setNameID(subjectNameID);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/BPKAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/BPKAttributeBuilder.java
index ae3715b57..c2c1c8687 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/BPKAttributeBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/BPKAttributeBuilder.java
@@ -11,7 +11,8 @@ public class BPKAttributeBuilder extends BaseAttributeBuilder {
}
public Attribute build(AuthenticationSession authSession) {
- String bpk = authSession.getAssertionAuthData().getIdentificationValue();
+ // TODO: authSession + oaParam => authData
+ String bpk = ""; //authSession.getAssertionAuthData().getIdentificationValue();
if(bpk.length() > BPK_MAX_LENGTH) {
bpk = bpk.substring(0, BPK_MAX_LENGTH);
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSectorForIDAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSectorForIDAttributeBuilder.java
index 9b0c0a289..785db286d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSectorForIDAttributeBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSectorForIDAttributeBuilder.java
@@ -11,8 +11,9 @@ public class EIDSectorForIDAttributeBuilder extends BaseAttributeBuilder {
}
public Attribute build(AuthenticationSession authSession) {
+ // TODO: authSession + oaParam => authData
return buildStringAttribute(EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME,
- EID_SECTOR_FOR_IDENTIFIER_NAME, authSession.getAssertionAuthData().getIdentificationType());
+ EID_SECTOR_FOR_IDENTIFIER_NAME, ""/*authSession.getAssertionAuthData().getIdentificationType()*/);
}
public Attribute buildEmpty() {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
index 70156deb7..44f0563b1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
@@ -173,7 +173,7 @@ public class AuthenticationSessionStoreage {
} catch (MOADatabaseException e) {
Logger.info("No MOA Session with id: " + sessionID);
- return null;
+ throw new MOADatabaseException("No MOA Session with id: " + sessionID);
} catch (Throwable e) {
Log.warn("MOASession deserialization-exception by using MOASessionID=" + sessionID);