diff options
Diffstat (limited to 'id/server/idserverlib')
2 files changed, 41 insertions, 5 deletions
| diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 47a631ce3..56b87bfa9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -15,10 +15,7 @@ import at.gv.egovernment.moa.id.moduls.IRequest;  import at.gv.egovernment.moa.id.storage.AssertionStorage;  import at.gv.egovernment.moa.id.util.VelocityProvider;  import at.gv.egovernment.moa.logging.Logger; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.*;  import eu.stork.peps.auth.engine.STORKSAMLEngine;  import eu.stork.peps.exceptions.STORKSAMLEngineException;  import org.apache.velocity.Template; @@ -49,6 +46,45 @@ public class AttributeCollector implements IAction {       */      public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { +        //   TODO extract attribute response and check if it corresponds to the container + +        if (httpReq.getParameter("SAMLResponse") != null) { +            MOASTORKResponse STORK2Response = new MOASTORKResponse(); + +            //extract STORK Response from HTTP Request +            byte[] decSamlToken; +            try { +                decSamlToken = PEPSUtil.decodeSAMLToken(httpReq.getParameter("SAMLResponse")); +            } catch (NullPointerException e) { +                if (httpReq.getRemoteHost().contains("129.27.142")) { +                    Logger.warn("Availability check by " + httpReq.getRemoteHost() + " on URI: " + httpReq.getRequestURI()); +                } else { +                    Logger.error("Unable to retrieve STORK Request for host: " + httpReq.getRemoteHost() + " and URI: " + httpReq.getRequestURI(), e); +                } +                throw new MOAIDException("stork.04", null); +            } + +            //Get SAMLEngine instance +            STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); + +            STORKAuthnResponse authnResponse = null; + + +            // check if valid authn request is contained +            try { +                authnResponse = engine.validateSTORKAuthnResponse(decSamlToken, httpReq.getRemoteAddr()); +            } catch (STORKSAMLEngineException ex) { +                Logger.error("Unable to validate Stork AuthenticationResponse: " + ex.getMessage()); +            } + +            STORK2Response.setSTORKAuthnResponseToken(decSamlToken); + + +        } + +        // end addition + +  		// - fetch the container  		String artifactId = (String) httpReq.getParameter(ARTIFACT_ID);  		DataContainer container; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 689aed8aa..e93a7ec87 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -71,7 +71,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {  			return STORK2Request; -        if (request.getParameter("SAMLResponse") != null) { +        if (request.getParameter("SAMLResponse") != null) {        // TODO check attribute collector              //extract STORK Response from HTTP Request              byte[] decSamlToken;              try { | 
