aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java108
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java1
2 files changed, 52 insertions, 57 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 030d7c497..84831a7b5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -31,13 +31,19 @@ import java.io.StringWriter;
import java.util.ArrayList;
import java.util.List;
+import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
+
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+
/**
* the AttributeCollector Action tries to get all requested attributes from a set of {@link AttributeProvider} Plugins.
* The class is called whenever the {@link AuthenticationRequest} Action is invoked and checks for missing attributes.
* Furthermore, the class can handle direct posts. That is when the class triggers an attribute query which needs user
* interaction, redirect to another portal, etc. The redirect will hit here and the class can continue to fetch attributes.
- * <p/>
+ *
* TODO how do we treat mandatory and optional attributes?
+ *
*/
public class AttributeCollector implements IAction {
@@ -56,57 +62,49 @@ public class AttributeCollector implements IAction {
this.httpResp = httpResp;
- // read configuration parameters of OA
- OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
- if (oaParam == null)
- throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()});
-
- // find the attribute provider plugin that can handle the response
- IPersonalAttributeList newAttributes = null;
- for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs()))
- try {
- newAttributes = current.parse(httpReq);
- } catch (UnsupportedAttributeException e1) {
- // the current provider cannot find anything familiar within the
- // provided httpreq. Try the next one.
- // TODO check the loop
- }
-
- if (null == newAttributes) {
- // we do not have a provider which is capable of fetching something
- // from the received httpreq.
- // TODO should we continue with the next attribute?
- Logger.error("No attribute could be retrieved from the response the attribute provider gave us.");
- throw new MOAIDException("stork.11", null);
- }
-
- // - fetch the container
- String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID);
- DataContainer container;
- try {
- container = AssertionStorage.getInstance().get(artifactId, DataContainer.class);
- } catch (MOADatabaseException e) {
- Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e);
- throw new MOAIDException("stork.11", null);
- }
-
-
-
- // - insert the embedded attribute(s) into the container
- for (PersonalAttribute current : newAttributes)
- container.getResponse().getPersonalAttributeList().add(current);
-
- // see if we need some more attributes
- return processRequest(container, httpReq, httpResp, moasession, oaParam);
+ // find the attribute provider plugin that can handle the response
+ IPersonalAttributeList newAttributes = null;
+ for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs()))
+ try {
+ newAttributes = current.parse(httpReq);
+ } catch (UnsupportedAttributeException e1) {
+ // the current provider cannot find anything familiar within the
+ // provided httpreq. Try the next one.
+ }
+
+ if (null == newAttributes) {
+ // we do not have a provider which is capable of fetching something
+ // from the received httpreq.
+ // TODO should we continue with the next attribute?
+ Logger.error("No attribute could be retrieved from the response the attribute provider gave us.");
+ throw new MOAIDException("stork.11", null);
+ }
+
+ // - fetch the container
+ String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID);
+ DataContainer container;
+ try {
+ container = AssertionStorage.getInstance().get(artifactId, DataContainer.class);
+ } catch (MOADatabaseException e) {
+ Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e);
+ throw new MOAIDException("stork.11", null);
+ }
+
+ // - insert the embedded attribute(s) into the container
+ for(PersonalAttribute current : newAttributes)
+ container.getResponse().getPersonalAttributeList().add(current);
+
+ // see if we need some more attributes
+ return processRequest(container, httpReq, httpResp, moasession, oaParam);
}
-
+
/**
* Checks if there are missing attributes and tries to fetch them. If there are no more attribute to fetch,
* this very method creates and sends the protocol result to the asking S-PEPS.
*
* @param container the {@link DataContainer} representing the status of the overall query.
* @return the string
- * @throws MOAIDException
+ * @throws MOAIDException
*/
public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, AuthenticationSession moasession, OAAuthParameter oaParam) throws MOAIDException {
// check if there are attributes we need to fetch
@@ -117,25 +115,22 @@ public class AttributeCollector implements IAction {
IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList();
List<PersonalAttribute> missingAttributes = new ArrayList<PersonalAttribute>();
for (PersonalAttribute current : requestAttributeList)
- if (!responseAttributeList.containsKey(current))
+ if (!responseAttributeList.containsKey(current.getName()))
missingAttributes.add(current);
// Try to get all missing attributes
try {
// for each attribute still missing
for (PersonalAttribute currentAttribute : missingAttributes) {
- Logger.error("Checking missing attribute: " + currentAttribute.getName());
// - check if we can find a suitable AttributeProvider Plugin
for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) {
try {
// - hand over control to the suitable plugin
- Logger.error("Going to acquire missing attribute: " + currentAttribute.getName() + " at provider: " + currentProvider.getClass().getName());
IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute, moasession);
// - add the aquired attribute to the container
-
- try { for (PersonalAttribute current : aquiredAttributes)
- container.getResponse().getPersonalAttributeList().add(current); } catch (NullPointerException ex) { Logger.error ("Nothing found");}
+ for (PersonalAttribute current : aquiredAttributes)
+ container.getResponse().getPersonalAttributeList().add(current);
} catch (UnsupportedAttributeException e) {
// ok, try the next attributeprovider
} catch (MOAIDException e) {
@@ -157,7 +152,6 @@ public class AttributeCollector implements IAction {
} catch (ExternalAttributeRequestRequiredException e) {
// the attribute request is ongoing and requires an external service.
- Logger.error("EXTERNAL EXCEPTION CAUGHT");
try {
// memorize the container again
// - generate new key
@@ -167,19 +161,19 @@ public class AttributeCollector implements IAction {
AssertionStorage.getInstance().put(newArtifactId, container);
// add container-key to redirect embedded within the return URL
- Logger.info("Performing redirect to gather attributes to: " + AuthConfigurationProvider.getInstance().getPublicURLPrefix());
- e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam);
+ e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/dispatcher?mod=id_stork2&action=AttributeCollector&" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam);
} catch (Exception e1) {
// TODO should we return the response as is to the PEPS?
Logger.error("Error putting incomplete Stork response into temporary storage", e);
- e1.printStackTrace();
- throw new MOAIDException("stork.11", null);
+ throw new MOAIDException("stork.11", An Introduction to Knowledge Engineeringnull);
}
return "12345"; // TODO what to do here?
}
+
+
}
@@ -262,7 +256,7 @@ public class AttributeCollector implements IAction {
* @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) {
- // this action does not need any authentication. The authentication is already done by the preceding AuthenticationRequest-Action.
+ // this action does not need any authentication. The authentication is already done by the preceding AuthenticationRequest-Action.
return false;
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index 3762a5101..4806edde6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -1,5 +1,6 @@
package at.gv.egovernment.moa.id.protocols.stork2;
+import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.moduls.IAction;