diff options
Diffstat (limited to 'id/server/idserverlib/src/main')
8 files changed, 62 insertions, 25 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java index 48933d5c9..5c0e497a3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java @@ -364,8 +364,28 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants { authData.setIdentificationType(extractor.getSingleAttributeValue(PVPConstants.EID_SOURCE_PIN_TYPE_NAME)); if (extractor.containsAttribute(PVPConstants.BPK_NAME)) { - String pvpbPK = extractor.getSingleAttributeValue(PVPConstants.BPK_NAME); - authData.setBPK(pvpbPK.split(":")[1]); + String pvpbPK = extractor.getSingleAttributeValue(PVPConstants.BPK_NAME); + String[] spitted = pvpbPK.split(":"); + authData.setBPK(spitted[1]); + if (MiscUtil.isEmpty(authData.getBPKType())) { + Logger.debug("PVP assertion contains NO bPK/wbPK target attribute. " + + "Starting target extraction from bPK/wbPK prefix ..."); + //exract bPK/wbPK type from bpk attribute value prefix if type is + //not transmitted as single attribute + Pattern pattern = Pattern.compile("[a-zA-Z]{2}(-[a-zA-Z]+)?"); + Matcher matcher = pattern.matcher(spitted[0]); + if (matcher.matches()) { + //find public service bPK + authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + spitted[0]); + Logger.debug("Found bPK prefix. Set target to " + authData.getBPKType()); + + } else { + //find business service wbPK + authData.setBPKType(Constants.URN_PREFIX_WBPK+ "+" + spitted[0]); + Logger.debug("Found wbPK prefix. Set target to " + authData.getBPKType()); + + } + } } boolean foundEncryptedbPKForOA = false; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java index a2570ed7e..063d7d8e4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java @@ -277,11 +277,10 @@ public class BPKBuilder { MessageDigest md = MessageDigest.getInstance("SHA-1"); byte[] hash = md.digest(basisbegriff.getBytes("ISO-8859-1")); String hashBase64 = Base64Utils.encode(hash); - Logger.debug("STORK identification defined as: " + hashBase64); return hashBase64; } catch (Exception ex) { - throw new BuildException("builder.00", new Object[]{"storkid", ex.toString()}, ex); + throw new BuildException("builder.00", new Object[]{"bPK/wbPK", ex.toString()}, ex); } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java index dbf54951f..0a8a6a581 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java @@ -194,7 +194,7 @@ public class MetadataAction implements IAction { .createSAMLObject(SPSSODescriptor.class); spSSODescriptor.setAuthnRequestsSigned(true); - spSSODescriptor.setWantAssertionsSigned(true); + spSSODescriptor.setWantAssertionsSigned(false); //Set AuthRequest Signing certificate diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java index 8b6e71e6b..3d8661143 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java @@ -150,14 +150,14 @@ public class PVPAttributeBuilder { } public static Attribute buildAttribute(String name, OAAuthParameter oaParam, - IAuthData authData) throws PVP2Exception { + IAuthData authData) throws PVP2Exception, AttributeException { if (builders.containsKey(name)) { try { return builders.get(name).build(oaParam, authData, generator); } catch (AttributeException e) { if (e instanceof UnavailableAttributeException) { - throw new UnprovideableAttributeException(((UnavailableAttributeException) e).getAttributeName()); + throw e; } else if (e instanceof InvalidDateFormatAttributeException) { throw new InvalidDateFormatException(); } else if (e instanceof NoMandateDataAttributeException) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java index 3b01e91ad..b301b6e5e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java @@ -70,6 +70,8 @@ import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationImpl; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.UnavailableAttributeException; import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.MandateAttributesNotHandleAbleException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMandateDataAvailableException; @@ -251,10 +253,21 @@ public class PVP2AssertionBuilder implements PVPConstants { } else { attrList.add(attr); } + + } catch (UnavailableAttributeException e) { + Logger.info( + "Attribute generation for " + + reqAttribut.getFriendlyName() + " not possible."); + if (reqAttribut.isRequired()) { + throw new UnprovideableAttributeException( + reqAttribut.getName()); + } + + } catch (PVP2Exception e) { - Logger.error( + Logger.warn( "Attribute generation failed! for " - + reqAttribut.getFriendlyName(), e); + + reqAttribut.getFriendlyName()); if (reqAttribut.isRequired()) { throw new UnprovideableAttributeException( reqAttribut.getName()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java index 7d3c72630..65e520cc3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java @@ -36,8 +36,6 @@ import javax.xml.transform.TransformerException; import org.w3c.dom.Element; import org.xml.sax.SAXException; -import com.sun.xml.bind.marshaller.NamespacePrefixMapper; - import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder; import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; @@ -235,14 +233,14 @@ public class SAML1AuthenticationServer extends AuthenticationServer { Marshaller m = jc.createMarshaller(); m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); - m.setProperty("com.sun.xml.bind.namespacePrefixMapper", new NamespacePrefixMapper() { - public String getPreferredPrefix(String arg0, String arg1, boolean arg2) { - if (Constants.PD_NS_URI.equals(arg0)) - return Constants.PD_PREFIX; - else - return arg1; - } - }); +// m.setProperty("com.sun.xml.bind.namespacePrefixMapper", new NamespacePrefixMapper() { +// public String getPreferredPrefix(String arg0, String arg1, boolean arg2) { +// if (Constants.PD_NS_URI.equals(arg0)) +// return Constants.PD_PREFIX; +// else +// return arg1; +// } +// }); ByteArrayOutputStream stream = new ByteArrayOutputStream(); m.marshal( diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java index 021eaee37..aaded0ce6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java @@ -36,12 +36,17 @@ import eu.stork.peps.auth.commons.STORKStatusCode; import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; +import java.text.DateFormat; +import java.text.SimpleDateFormat; import java.util.ArrayList; import java.util.Collections; import java.util.HashMap; import java.util.List; import java.util.Map; +import org.joda.time.format.DateTimeFormat; +import org.joda.time.format.DateTimeFormatter; + import javassist.expr.Instanceof; /** @@ -65,7 +70,7 @@ public class MOAAttributeProvider { Map<String, String> tempFunctionMap = new HashMap<String, String>(); tempFunctionMap.put("eIdentifier", "geteIdentifier"); tempFunctionMap.put("ECApplicationRole","getECApplicationRole"); - tempSimpleMap.put("dateOfBirth", "getFormatedDateOfBirth"); + tempFunctionMap.put("dateOfBirth", "getFormatedDateOfBirth"); storkAttributeFunctionMapping = Collections.unmodifiableMap(tempFunctionMap); } @@ -116,7 +121,7 @@ public class MOAAttributeProvider { private List<String> getECApplicationRole() { List<String> storkRoles = null; - if (true || authData.getAuthenticationRoles() != null + if (authData.getAuthenticationRoles() != null && authData.getAuthenticationRoles().size() > 0) { storkRoles = new ArrayList<String>(); @@ -132,9 +137,11 @@ public class MOAAttributeProvider { } private String getFormatedDateOfBirth() { - if (authData.getDateOfBirth() != null) - return authData.getFormatedDateOfBirth(); + if (authData.getDateOfBirth() != null) { + DateFormat fmt = new SimpleDateFormat("yyyyMMdd"); + return fmt.format(authData.getDateOfBirth()); + } else return null; diff --git a/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties b/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties index 5bcfc7bd2..295d381cd 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties @@ -1,2 +1,2 @@ -xxpvprole=CIRCABC/viewer -yypvprole=CIRCABC/admin
\ No newline at end of file +viewer=CIRCABC/viewer +CIRCABC-viewer=CIRCABC/viewer
\ No newline at end of file |