aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java111
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java13
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java15
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java29
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java14
7 files changed, 133 insertions, 55 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 9abbf2970..aef247edb 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -469,12 +469,12 @@ public class AuthenticationServer implements MOAIDAuthConstants {
* @return String representation of the
* <code>&lt;CreateXMLSignatureRequest&gt;</code>
*/
- public String verifyIdentityLink(String sessionID,
+ public String verifyIdentityLink(AuthenticationSession session,
Map infoboxReadResponseParameters) throws AuthenticationException,
BuildException, ParseException, ConfigurationException,
ValidateException, ServiceException {
- if (isEmpty(sessionID))
+ if (session == null)
throw new AuthenticationException("auth.10", new Object[] {
REQ_VERIFY_IDENTITY_LINK, PARAM_SESSIONID });
@@ -487,10 +487,11 @@ public class AuthenticationServer implements MOAIDAuthConstants {
throw new AuthenticationException("auth.10", new Object[] {
REQ_VERIFY_IDENTITY_LINK, PARAM_XMLRESPONSE });
- AuthenticationSession session = getSession(sessionID);
- if (session.getTimestampIdentityLink() != null)
- throw new AuthenticationException("auth.01",
- new Object[] { sessionID });
+// AuthenticationSession session = getSession(sessionID);
+// if (session.getTimestampIdentityLink() != null)
+// throw new AuthenticationException("auth.01",
+// new Object[] { sessionID });
+
session.setTimestampIdentityLink();
AuthConfigurationProvider authConf = AuthConfigurationProvider
.getInstance();
@@ -576,17 +577,9 @@ public class AuthenticationServer implements MOAIDAuthConstants {
verifyInfoboxes(session, infoboxReadResponseParameters, !oaParam
.getProvideStammzahl());
- String returnvalue = getCreateXMLSignatureRequestAuthBlockOrRedirect(session,
- authConf, oaParam);
-
- try {
- AuthenticationSessionStoreage.storeSession(session);
-
- } catch (MOADatabaseException e) {
- throw new AuthenticationException("", null);
- }
-
- return returnvalue;
+
+ //TODO: make it better!!
+ return "found!";
}
/**
@@ -614,12 +607,12 @@ public class AuthenticationServer implements MOAIDAuthConstants {
* @return String representation of the
* <code>&lt;CreateXMLSignatureRequest&gt;</code>
*/
- public String verifyCertificate(String sessionID,
+ public String verifyCertificate(AuthenticationSession session,
X509Certificate certificate) throws AuthenticationException,
BuildException, ParseException, ConfigurationException,
ValidateException, ServiceException, MOAIDException{
- if (isEmpty(sessionID))
+ if (session == null)
throw new AuthenticationException("auth.10", new Object[] {
REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID });
@@ -630,7 +623,8 @@ public class AuthenticationServer implements MOAIDAuthConstants {
// if (oid.equalsIgnoreCase(MISMandate.OID_ORGANWALTER))
// isOW = true;
//
- AuthenticationSession session = getSession(sessionID);
+// AuthenticationSession session = getSession(sessionID);
+
AuthConfigurationProvider authConf = AuthConfigurationProvider
.getInstance();
@@ -639,14 +633,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
String returnvalue = getCreateXMLSignatureRequestAuthBlockOrRedirectForOW(session,
authConf, oaParam, isOW);
-
- try {
- AuthenticationSessionStoreage.storeSession(session);
- } catch (MOADatabaseException e) {
- throw new MOAIDException("session store error", null);
- }
-
-
+
return returnvalue;
}
@@ -767,6 +754,9 @@ public class AuthenticationServer implements MOAIDAuthConstants {
String bpkBase64 = new BPKBuilder().buildBPK(identityLink
.getIdentificationValue(), session.getTarget());
identityLink.setIdentificationValue(bpkBase64);
+
+ //TODO: insert correct Type!!!!
+ identityLink.setIdentificationType(Constants.URN_PREFIX_CDID + "+" + session.getTarget());
}
// ..BZ
// }
@@ -828,6 +818,9 @@ public class AuthenticationServer implements MOAIDAuthConstants {
String bpkBase64 = new BPKBuilder().buildBPK(identityLink
.getIdentificationValue(), session.getTarget());
identityLink.setIdentificationValue(bpkBase64);
+
+ //TODO: insert correct Type!!!!
+ identityLink.setIdentificationType(Constants.URN_PREFIX_CDID + "+" + session.getTarget());
}
}
// ..BZ
@@ -2084,25 +2077,57 @@ public class AuthenticationServer implements MOAIDAuthConstants {
useCondition = oaParam.getUseCondition();
conditionLength = oaParam.getConditionLength();
- String isPrPerson = mandatePerson.getAttribute("xsi:type");
-
- if (!StringUtils.isEmpty(isPrPerson)) {
- if (isPrPerson.equalsIgnoreCase("pr:PhysicalPerson")) {
- Element prIdentification = (Element) mandatePerson
- .getElementsByTagNameNS(Constants.PD_NS_URI,
- "Identification").item(0);
- String baseid = getBaseId(mandatePerson);
- Element identificationBpK = createIdentificationBPK(mandatePerson,
- baseid, session.getTarget());
+ String oatargetType;
+
+ if(session.getBusinessService()) {
+ oatargetType = AuthenticationSession.REGISTERANDORDNR_PREFIX_+session.getDomainIdentifier();
+
+ } else {
+ oatargetType = AuthenticationSession.TARGET_PREFIX_ + session.getTarget();
+ }
+
+ Element prIdentification = (Element) mandatePerson
+ .getElementsByTagNameNS(Constants.PD_NS_URI,
+ "Identification").item(0);
+
+ if (!oatargetType.equals(tempIdentityLink.getIdentificationType())) {
- if (!provideStammzahl) {
- prIdentification.getFirstChild().setTextContent("");
+ String isPrPerson = mandatePerson.getAttribute("xsi:type");
+
+ if (!StringUtils.isEmpty(isPrPerson)) {
+ if (isPrPerson.equalsIgnoreCase("pr:PhysicalPerson")) {
+ String baseid = getBaseId(mandatePerson);
+ Element identificationBpK = createIdentificationBPK(mandatePerson,
+ baseid, session.getTarget());
+
+ if (!provideStammzahl) {
+ prIdentification.getFirstChild().setTextContent("");
+ }
+
+ mandatePerson.insertBefore(identificationBpK,
+ prIdentification);
}
-
- mandatePerson.insertBefore(identificationBpK,
- prIdentification);
}
+
+ } else {
+
+// Element identificationBpK = mandatePerson.getOwnerDocument()
+// .createElementNS(Constants.PD_NS_URI, "Identification");
+// Element valueBpK = mandatePerson.getOwnerDocument().createElementNS(
+// Constants.PD_NS_URI, "Value");
+//
+// valueBpK.appendChild(mandatePerson.getOwnerDocument().createTextNode(
+// tempIdentityLink.getIdentificationValue()));
+// Element typeBpK = mandatePerson.getOwnerDocument().createElementNS(
+// Constants.PD_NS_URI, "Type");
+// typeBpK.appendChild(mandatePerson.getOwnerDocument().createTextNode(
+// "urn:publicid:gv.at:cdid+bpk"));
+// identificationBpK.appendChild(valueBpK);
+// identificationBpK.appendChild(typeBpK);
+//
+// mandatePerson.insertBefore(identificationBpK, prIdentification);
}
+
mandateData = DOMUtils.serializeNode(mandatePerson);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
index 22a3337e3..6cfb12380 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
@@ -55,8 +55,8 @@ public class AuthenticationSession implements Serializable {
*/
private static final long serialVersionUID = 1L;
- private static String TARGET_PREFIX_ = Constants.URN_PREFIX_CDID + "+";
- private static String REGISTERANDORDNR_PREFIX_ = Constants.URN_PREFIX_WBPK
+ public static final String TARGET_PREFIX_ = Constants.URN_PREFIX_CDID + "+";
+ public static final String REGISTERANDORDNR_PREFIX_ = Constants.URN_PREFIX_WBPK
+ "+";
/**
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
index dc4361da5..2f866ca78 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
@@ -206,7 +206,18 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
String oaFriendlyName = oaParam.getFriendlyName();
String mandateReferenceValue = session.getMandateReferenceValue();
byte[] cert = session.getEncodedSignerCertificate();
- MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest(connectionParameters.getUrl(), idl, cert, oaFriendlyName, redirectURL, mandateReferenceValue, profilesArray, sslFactory);
+
+ String targetType = null;
+
+ if(session.getBusinessService()) {
+ targetType = AuthenticationSession.REGISTERANDORDNR_PREFIX_+session.getDomainIdentifier();
+
+ } else {
+ targetType = AuthenticationSession.TARGET_PREFIX_ + session.getTarget();
+ }
+
+
+ MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest(connectionParameters.getUrl(), idl, cert, oaFriendlyName, redirectURL, mandateReferenceValue, profilesArray, targetType, sslFactory);
String redirectMISGUI = misSessionID.getRedirectURL();
if (misSessionID == null) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java
index 51ec82e2d..fae69d81a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java
@@ -43,6 +43,8 @@ import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.WrongParametersException;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.id.util.ServletUtils;
import at.gv.egovernment.moa.logging.Logger;
@@ -140,7 +142,7 @@ public class VerifyCertificateServlet extends AuthServlet {
if (useMandate) {
// verify certificate for OrganWalter
- String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyCertificate(sessionID, cert);
+ String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyCertificate(session, cert);
ServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, session, createXMLSignatureRequestOrRedirect, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink");
}
@@ -159,9 +161,14 @@ public class VerifyCertificateServlet extends AuthServlet {
Logger.debug("Send CreateXMLSignatureRequest to BKU");
- }
-
-
+ }
+
+ try {
+ AuthenticationSessionStoreage.storeSession(session);
+ } catch (MOADatabaseException e) {
+ throw new MOAIDException("session store error", null);
+ }
+
}
catch (MOAIDException ex) {
handleError(null, ex, req, resp);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
index 61b55f73d..f1ecd512a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
@@ -43,6 +43,10 @@ import at.gv.egovernment.moa.id.auth.WrongParametersException;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilderCertificate;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.id.util.ServletUtils;
import at.gv.egovernment.moa.logging.Logger;
@@ -134,11 +138,14 @@ public class VerifyIdentityLinkServlet extends AuthServlet {
if (!ParamValidatorUtils.isValidSessionID(sessionID))
throw new WrongParametersException("VerifyIdentityLink", PARAM_SESSIONID, "auth.12");
- AuthenticationSession session = AuthenticationServer.getSession(sessionID);
- String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyIdentityLink(sessionID, parameters);
+
+ AuthenticationSession session = AuthenticationServer.getSession(sessionID);
+
+ String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyIdentityLink(session, parameters);
Logger.debug(createXMLSignatureRequestOrRedirect);
+
if (createXMLSignatureRequestOrRedirect == null) {
// no identity link found
@@ -200,12 +207,28 @@ public class VerifyIdentityLinkServlet extends AuthServlet {
}
else {
Logger.info("Normal");
+
+ OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
+ .getOnlineApplicationParameter(session.getPublicOAURLPrefix());
+ AuthConfigurationProvider authConf = AuthConfigurationProvider
+ .getInstance();
+
+ createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance()
+ .getCreateXMLSignatureRequestAuthBlockOrRedirect(session,
+ authConf, oaParam);
+
ServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, session, createXMLSignatureRequestOrRedirect, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink");
}
}
-
+
+ try {
+ AuthenticationSessionStoreage.storeSession(session);
+
+ } catch (MOADatabaseException e) {
+ throw new AuthenticationException("", null);
+ }
}
catch (ParseException ex) {
handleError(null, ex, req, resp);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index 610c61343..b5e957c5a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -81,6 +81,8 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
throw new WrongParametersException("StartAuthentication", PARAM_OA,
"auth.12");
config.setOAURL(oaURL);
+ config.setTarget(target);
+
request.getSession().setAttribute(PARAM_OA, oaURL);
request.getSession().setAttribute(PARAM_TARGET, target);
return config;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java
index ad4e45a2b..7ee3b4e84 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java
@@ -143,7 +143,7 @@ public class MISSimpleClient {
}
}
- public static MISSessionId sendSessionIdRequest(String webServiceURL, byte[] idl, byte[] cert, String oaFriendlyName, String redirectURL, String referenceValue, String mandateIdentifier[], SSLSocketFactory sSLSocketFactory) throws MISSimpleClientException {
+ public static MISSessionId sendSessionIdRequest(String webServiceURL, byte[] idl, byte[] cert, String oaFriendlyName, String redirectURL, String referenceValue, String mandateIdentifier[], String targetType, SSLSocketFactory sSLSocketFactory) throws MISSimpleClientException {
if (webServiceURL == null) {
throw new NullPointerException("Argument webServiceURL must not be null.");
}
@@ -201,7 +201,17 @@ public class MISSimpleClient {
}
filtersElement.appendChild(mandateIdentifiersElement);
mirElement.appendChild(filtersElement);
- }
+ }
+
+ //add Target element
+ Element targetElement = doc.createElementNS(MIS_NS, "Target");
+ Element targetTypeElement = doc.createElementNS(MIS_NS, "Type");
+ targetTypeElement.appendChild(doc.createTextNode(targetType));
+ targetElement.appendChild(targetTypeElement);
+ mirElement.appendChild(targetElement);
+
+
+
// send soap request
Element mandateIssueResponseElement = sendSOAPRequest(webServiceURL, mirElement);