diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java')
3 files changed, 66 insertions, 7 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index 5ae3d8e47..ec1762cbf 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -1699,7 +1699,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { * @throws SZRGWClientException */ - public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String citizenSignature, String represented, String representative, String mandateContent, String organizationAddress, String organizationType) throws SZRGWClientException { + public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String gender, String citizenSignature, String represented, String representative, String mandateContent, String organizationAddress, String organizationType) throws SZRGWClientException { SZRGWClient client = null; @@ -1752,7 +1752,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { * @throws ConfigurationException the configuration exception */ public CreateIdentityLinkResponse getIdentityLink(Element signature) throws SZRGWClientException, ConfigurationException { - return getIdentityLink(null, null, null, null, XMLHelper.nodeToString(signature), null, null, null); + return getIdentityLink(null, null, null, null, null, XMLHelper.nodeToString(signature), null, null, null); } /** @@ -1768,7 +1768,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { * @throws ConfigurationException the configuration exception */ public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String signature) throws SZRGWClientException { - return getIdentityLink(PEPSIdentifier, PEPSFirstname, PEPSFamilyname, PEPSDateOfBirth, signature, null, null, null); + return getIdentityLink(PEPSIdentifier, PEPSFirstname, PEPSFamilyname, PEPSDateOfBirth, null, signature, null, null, null); } /** @@ -1786,7 +1786,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { public CreateIdentityLinkResponse getIdentityLink(String citizenSignature, String representative, String represented, String mandateContent, String organizationAddress, String organizationType) throws SZRGWClientException { - return getIdentityLink(null, null, null, null, citizenSignature, represented, representative, mandateContent, organizationAddress, organizationType); + return getIdentityLink(null, null, null, null, null, citizenSignature, represented, representative, mandateContent, organizationAddress, organizationType); } /** @@ -1804,10 +1804,10 @@ public class AuthenticationServer implements MOAIDAuthConstants { * @throws SZRGWClientException the sZRGW client exception */ public CreateIdentityLinkResponse getIdentityLink(String eIdentifier, - String givenName, String lastName, String dateOfBirth, + String givenName, String lastName, String dateOfBirth, String gender, String citizenSignature, String representative, String represented, String mandate) throws SZRGWClientException { - return getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, citizenSignature, representative, represented, mandate, null, null); + return getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, gender, citizenSignature, representative, represented, mandate, null, null); } /** diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java index 45e6ab816..a1d38d488 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java @@ -1,6 +1,8 @@ package at.gv.egovernment.moa.id.auth.servlet;
import java.io.IOException;
+import java.io.StringWriter;
+import java.util.ArrayList;
import java.util.List;
import javax.servlet.ServletException;
@@ -9,6 +11,9 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
+import org.apache.velocity.Template;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
import org.opensaml.saml2.core.Assertion;
import org.opensaml.saml2.core.StatusCode;
import org.w3c.dom.Element;
@@ -22,6 +27,7 @@ import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.stork.STORKException;
import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor;
+import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.moduls.ModulUtils;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
@@ -30,6 +36,7 @@ import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.StringUtils;
import eu.stork.peps.auth.commons.PEPSUtil;
+import eu.stork.peps.auth.commons.PersonalAttribute;
import eu.stork.peps.auth.commons.STORKAuthnRequest;
import eu.stork.peps.auth.commons.STORKAuthnResponse;
import eu.stork.peps.auth.engine.STORKSAMLEngine;
@@ -154,12 +161,59 @@ public class PEPSConnectorServlet extends AuthServlet { Logger.debug("Foregin Citizen signature successfully extracted from STORK Assertion (signedDoc)");
Logger.debug("Citizen signature will be verified by SZR Gateway!");
+ ////////////// incorporate gender from parameters if not in stork response
+
+ PersonalAttribute gender = authnResponse.getPersonalAttributeList().get("gender");
+ if(null == gender) {
+ String gendervalue = (String) request.getParameter("gender");
+ if(null != gendervalue) {
+ gender = new PersonalAttribute();
+ gender.setName("gender");
+ ArrayList<String> tmp = new ArrayList<String>();
+ tmp.add(gendervalue);
+ gender.setValue(tmp);
+
+ authnResponse.getPersonalAttributeList().add(gender);
+ }
+ }
+
+ //////////////////////////////////////////////////////////////////////////
+
+
Logger.debug("Starting connecting SZR Gateway");
//contact SZR Gateway
IdentityLink identityLink = null;
try {
identityLink = STORKResponseProcessor.connectToSZRGateway(authnResponse.getPersonalAttributeList());
} catch (STORKException e) {
+ // this is really nasty but we work against the system here. We are supposed to get the gender attribute from
+ // stork. If we do not, we cannot register the person in the ERnP - we have to have the
+ // gender for the represented person. So here comes the dirty hack.
+ if(e.getMessage().equals("gender not found in response")) {
+ // fetch gender
+
+ try {
+ Logger.trace("Initialize VelocityEngine...");
+
+ VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
+ Template template = velocityEngine.getTemplate("/resources/templates/fetchGender.html");
+ VelocityContext context = new VelocityContext();
+ context.put("SAMLResponse", request.getParameter("SAMLResponse"));
+ context.put("action", request.getRequestURL());
+
+ StringWriter writer = new StringWriter();
+ template.merge(context, writer);
+
+// response.setContentType("text/html");
+ response.getOutputStream().write(writer.toString().getBytes());
+ } catch (Exception e1) {
+ Logger.error("Error sending gender retrival form.", e1);
+ httpSession.invalidate();
+ throw new MOAIDException("stork.10", null);
+ }
+
+ return;
+ }
Logger.error("Error connecting SZR Gateway", e);
throw new MOAIDException("stork.10", null);
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java index 466d86f87..5406dc0e1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java @@ -369,10 +369,13 @@ public class STORKResponseProcessor { String givenName = getAttributeValue("givenName", attributeList);
String lastName = getAttributeValue("surname", attributeList);
String dateOfBirth = getAttributeValue("dateOfBirth", attributeList);
+
+ // gender attribute is mandatory here because of some legal stuff
+// String gender = getAttributeValue("gender", attributeList);
if (!StringUtils.isEmpty(dateOfBirth))
dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth);
- identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, citizenSignature, representative, represented, mandate);
+ identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, gender, citizenSignature, representative, represented, mandate);
}
} else {
// we do not have a representation case
@@ -406,6 +409,8 @@ public class STORKResponseProcessor { } catch (ParseException e) {
Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
throw new STORKException("Error parsing IdentityLink received from SZR-Gateway: ", e);
+ } catch(STORKException e) {
+ throw e;
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
|