2 files changed, 8 insertions, 30 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index fb67d078e..c33e5c735 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -1096,14 +1096,14 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 * <li>Stores authentication data in the authentication data store indexed
 	 * by the SAML artifact</li>
 	 * <li>Deletes authentication session</li>
-	 * <li>Returns the SAML artifact, encoded BASE64</li>
+	 * <li><strike>Returns the SAML artifact, encoded BASE64</strike><br/>New id of the authenticated MOA session or {@code null} in case of mandate mode (???)</li>
 	 * </ul>
 	 *
 	 * @param sessionID                         session ID of the running authentication session
 	 * @param xmlCreateXMLSignatureReadResponse String representation of the
 	 *                                          <code>&lt;CreateXMLSignatureResponse&gt;</code>
-	 * @return SAML artifact needed for retrieving authentication data, encoded
-	 * BASE64
+	 * @return <strike>SAML artifact needed for retrieving authentication data, encoded
+	 * BASE64</strike><br/>New id of the authenticated MOA session or {@code null} in case of mandate mode (???)
 	 * @throws BKUException
 	 */
 	public String verifyAuthenticationBlock(AuthenticationSession session,
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/tasks/VerifyAuthenticationBlockTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/tasks/VerifyAuthenticationBlockTask.java
index 24fea05c9..2bc0bb8ad 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/tasks/VerifyAuthenticationBlockTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/tasks/VerifyAuthenticationBlockTask.java
@@ -116,11 +116,9 @@ public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask {
 				//change MOASessionID

 			    sessionID = AuthenticationSessionStoreage.changeSessionID(session);

 				

-				String samlArtifactBase64 = AuthenticationServer.getInstance().verifyAuthenticationBlock(session, createXMLSignatureResponse);

+				String authenticatedMOASessionId = AuthenticationServer.getInstance().verifyAuthenticationBlock(session, createXMLSignatureResponse);

 				

-

-				

-				if (samlArtifactBase64 == null) { 

+				if (authenticatedMOASessionId == null) { 

 					//mandate Mode

 				

 					  AuthConfigurationProvider authConf= AuthConfigurationProvider.getInstance();

@@ -156,11 +154,6 @@ public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask {
 				      	  throw new AuthenticationException("config.21", new Object[] { GET_MIS_SESSIONID});

 				        }

 				        

-//				        String profilesArray[] = profiles.split(",");  	 		 

-//				        for(int i = 0; i < profilesArray.length; i++) {

-//				      	  profilesArray[i] = profilesArray[i].trim();

-//				        }

-				        

 				        String oaFriendlyName = oaParam.getFriendlyName();

 				        String mandateReferenceValue = session.getMandateReferenceValue();

 				        byte[] cert = session.getEncodedSignerCertificate();

@@ -212,24 +205,9 @@ public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask {
 				    	  Logger.debug("REDIRECT TO: " + redirectURL);

 				}

 				else {

-					if (!samlArtifactBase64.equals("Redirect to Input Processor")) {

-						/*redirectURL = session.getOAURLRequested();

-						if (!session.getBusinessService()) {

-							redirectURL = addURLParameter(redirectURL, PARAM_TARGET, URLEncoder.encode(session.getTarget(), "UTF-8"));

-		          

-						}

-						redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));

-						redirectURL = resp.encodeRedirectURL(redirectURL);*/

-						

-						// TODO[branch]: Final step back to /dispatcher

-					

-						redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), 

-								ModulUtils.buildAuthURL(session.getModul(), session.getAction(), pendingRequestID), samlArtifactBase64);

-						

-					} else {

-						// TODO[tlenz]: Should not be needed any more (respective code in AuthenticationServer has been disabled)

-						redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, session.getSessionID());

-					}

+					// TODO[branch]: Final step back to /dispatcher

+					redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), 

+							ModulUtils.buildAuthURL(session.getModul(), session.getAction(), pendingRequestID), authenticatedMOASessionId);

 							

 					resp.setContentType("text/html");

 					resp.setStatus(302);