aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java8
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java22
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java5
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java49
4 files changed, 45 insertions, 39 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 5eb23cabc..093d22732 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -1538,7 +1538,6 @@ public class AuthenticationServer implements MOAIDAuthConstants {
session.getBkuURL(),
session.getAssertionSignerCertificateBase64(),
session.getAssertionBusinessService(),
- session.getSourceID(),
session.getExtendedSAMLAttributesOA());
authData.setSamlAssertion(samlAssertion);
@@ -1554,7 +1553,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
}
String samlArtifact =
- new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID());
+ new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID(), session.getSourceID());
storeAuthenticationData(samlArtifact, authData);
// invalidates the authentication session
@@ -1717,7 +1716,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
}
String samlArtifact =
- new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID());
+ new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID(), session.getSourceID());
storeAuthenticationData(samlArtifact, authData);
// invalidates the authentication session
@@ -1816,7 +1815,6 @@ public class AuthenticationServer implements MOAIDAuthConstants {
session.getBkuURL(),
session.getAssertionSignerCertificateBase64(),
session.getAssertionBusinessService(),
- session.getSourceID(),
session.getExtendedSAMLAttributesOA());
authData.setSamlAssertion(samlAssertion);
@@ -1832,7 +1830,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
}
String samlArtifact =
- new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID());
+ new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID(), session.getSourceID());
storeAuthenticationData(samlArtifact, authData);
// invalidates the authentication session
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java
index 410d045f0..bcad65eed 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java
@@ -114,25 +114,5 @@ public class AuthenticationAssertionBuilder {
return sb.toString();
}
- /**
- * Builds the SAML attributes to be appended to the AUTHBlock or to the SAML assertion
- * delivered to the online application.
- * The method traverses through the list of given SAML attribute objects and builds an
- * XML structure (String representation) for each of the attributes.
- *
- * @param extendedSAMLAttributes The SAML attributes to be appended to the AUTHBlock or
- * to the SAML assertion delivered to the online application.
- * @return A string representation including the XML structures of
- * the SAML attributes.
- *
- * @throws ParseException If an error occurs on serializing an SAML attribute.
- */
- protected String buildSourceIDSAMLAttributes(String sourceID) throws ParseException {
- StringBuffer sb = new StringBuffer();
- if (sourceID!=null)
- sb.append(MessageFormat.format( SAML_ATTRIBUTE_NO_NAMESPACE, new Object[] {"SourceID", sourceID}));
-
- return sb.toString();
- }
-
+
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
index 7032e09eb..b9e44544d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
@@ -72,7 +72,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
"{10}" +
"{11}" +
"{12}" +
- "{13}" +
" </saml:AttributeStatement>" + NL +
"</saml:Assertion>";
@@ -107,7 +106,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
"{11}" +
"{12}" +
"{13}" +
- "{14}" +
" </saml:AttributeStatement>" + NL +
"</saml:Assertion>";
/**
@@ -158,7 +156,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
String bkuURL,
String signerCertificateBase64,
boolean businessService,
- String sourceID,
List extendedSAMLAttributes)
throws BuildException
{
@@ -210,7 +207,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
StringUtils.removeXMLDeclaration(xmlPersonData),
isQualifiedCertificate,
bkuURL,
- buildSourceIDSAMLAttributes(sourceID),
publicAuthorityAttribute,
signerCertificateAttribute,
buildExtendedSAMLAttributes(extendedSAMLAttributes)});
@@ -301,7 +297,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
StringUtils.removeXMLDeclaration(xmlMandateData),
isQualifiedCertificate,
bkuURL,
- buildSourceIDSAMLAttributes(sourceID),
publicAuthorityAttribute,
signerCertificateAttribute,
buildExtendedSAMLAttributes(extendedSAMLAttributes)});
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java
index 41e4cd37d..145664a2b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java
@@ -67,7 +67,7 @@ public class SAMLArtifactBuilder {
* of <code>AssertionHandle</code>
* @return the 42-byte SAML artifact, encoded BASE64
*/
- public String build(String authURL, String sessionID) throws BuildException {
+ public String build(String authURL, String sessionID, String sourceIdParam) throws BuildException {
try {
MessageDigest md = MessageDigest.getInstance("SHA-1");
byte[] sourceID;
@@ -77,16 +77,45 @@ public class SAMLArtifactBuilder {
//System.out.println("alternativeSourceID: " + alternativeSourceID);
//System.out.println("authURL: " + authURL);
- if (!ParepUtils.isEmpty(alternativeSourceID)) {
- // if generic config parameter "AuthenticationServer.SourceID" is given, use that sourceID instead of authURL;
- sourceID = md.digest(alternativeSourceID.getBytes());
- Logger.info("Building SAMArtifact from sourceID \"" + alternativeSourceID + "\" instead of authURL \"" + authURL + "\".");
- } else {
- sourceID = md.digest(authURL.getBytes());
+ // if sourceID is given in GET/POST param - use this as source id
+ if (!ParepUtils.isEmpty(sourceIdParam)) {
+ // if GET/POST parameter sourceID is set, use that sourceID instead of authURL;
+ sourceID = md.digest(sourceIdParam.getBytes());
+ Logger.info("Building SAMArtifact from sourceID \"" + sourceIdParam + "\" instead of authURL \"" + authURL + "\".");
+
+ byte[] assertionHandle = md.digest(sessionID.getBytes());
+ ByteArrayOutputStream out = new ByteArrayOutputStream(42);
+ out.write(0);
+ out.write(1);
+ out.write(sourceID, 0, 20);
+ out.write(assertionHandle, 0, 20);
+ byte[] samlArtifact = out.toByteArray();
+ //System.out.println("samlArtifact: " + new String(samlArtifact));
+ String samlArtifactBase64 = Base64Utils.encode(samlArtifact);
+ //System.out.println("samlArtifact Base64: " + samlArtifactBase64);
+ return samlArtifactBase64;
}
- //System.out.println("sourceID: " + new String(sourceID));
+ // if generic config parameter "AuthenticationServer.SourceID" is given, use that sourceID instead of authURL;
+ if (!ParepUtils.isEmpty(alternativeSourceID)) {
+ sourceID = md.digest(alternativeSourceID.getBytes());
+ Logger.info("Building SAMArtifact from sourceID \"" + alternativeSourceID + "\" instead of authURL \"" + authURL + "\".");
+
+ byte[] assertionHandle = md.digest(sessionID.getBytes());
+ ByteArrayOutputStream out = new ByteArrayOutputStream(42);
+ out.write(0);
+ out.write(1);
+ out.write(sourceID, 0, 20);
+ out.write(assertionHandle, 0, 20);
+ byte[] samlArtifact = out.toByteArray();
+ System.out.println("samlArtifact: " + new String(samlArtifact));
+ String samlArtifactBase64 = Base64Utils.encode(samlArtifact);
+ System.out.println("samlArtifact Base64: " + samlArtifactBase64);
+ return samlArtifactBase64;
+ }
+ // default: sourecID from authURL
+ sourceID = md.digest(authURL.getBytes());
byte[] assertionHandle = md.digest(sessionID.getBytes());
ByteArrayOutputStream out = new ByteArrayOutputStream(42);
out.write(0);
@@ -98,6 +127,10 @@ public class SAMLArtifactBuilder {
String samlArtifactBase64 = Base64Utils.encode(samlArtifact);
//System.out.println("samlArtifact Base64: " + samlArtifactBase64);
return samlArtifactBase64;
+
+ //System.out.println("sourceID: " + new String(sourceID));
+
+
}
catch (Throwable ex) {
throw new BuildException(