diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at')
3 files changed, 37 insertions, 10 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index 89adbce3f..ff2cee559 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -2301,9 +2301,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { try { - //TODO: resign the IdentityLink!!! - - if (session.getUseMandate() && session.isOW()) { MISMandate mandate = session.getMISMandate(); authData.setBPK(mandate.getOWbPK()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java index bc53a876c..28288815a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java @@ -830,6 +830,23 @@ public class AuthConfigurationProvider extends ConfigurationProvider { return prop; } + public boolean isIdentityLinkResigning() { + String prop = props.getProperty("configuration.resignidentitylink", "false"); + if (Boolean.valueOf(prop)) + return true; + else + return false; + } + + public String getIdentityLinkResigningKey() { + String prop = props.getProperty("configuration.resignidentitylink.keygroup"); + + if (MiscUtil.isNotEmpty(prop)) + return prop; + else + return null; + } + /** * Retruns the STORK Configuration * @return STORK Configuration diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java index fec2d2b35..ee0b4e7e2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java @@ -32,6 +32,7 @@ import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.storage.AssertionStorage; +import at.gv.egovernment.moa.id.util.IdentityLinkReSigner; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.Constants; @@ -193,14 +194,26 @@ public class SAML1AuthenticationServer extends AuthenticationServer { .getAuthBlock() : ""; //set IdentityLink for assortion - String ilAssertion = saml1parameter.isProvideIdentityLink() ? authData.getIdentityLink() - .getSerializedSamlAssertion() - : ""; - if (!saml1parameter.isProvideStammzahl()) { - ilAssertion = StringUtils.replaceAll(ilAssertion, authData.getIdentityLink() - .getIdentificationValue(), ""); + String ilAssertion = ""; + if (saml1parameter.isProvideIdentityLink()) { + if (session.getBusinessService()) { + IdentityLinkReSigner identitylinkresigner = IdentityLinkReSigner.getInstance(); + + Element resignedilAssertion = identitylinkresigner.resignIdentityLink(authData.getIdentityLink() + .getSamlAssertion()); + + ilAssertion = DOMUtils.serializeNode(resignedilAssertion); + + } else { + ilAssertion = authData.getIdentityLink().getSerializedSamlAssertion(); + + if (!saml1parameter.isProvideStammzahl()) + ilAssertion = StringUtils.replaceAll(ilAssertion, authData.getIdentityLink() + .getIdentificationValue(), ""); + + } } - + String samlAssertion; if (session.getUseMandate()) { |