diff options
Diffstat (limited to 'id/server/idserverlib')
5 files changed, 47 insertions, 12 deletions
| diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java index ff294dc3d..68545e1c2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java @@ -100,6 +100,7 @@ public class SSOManager {  		if (MiscUtil.isNotEmpty(protocolRequest.getRequestedIDP())) {  			Logger.info("Protocolspecific preprocessing already set interfederation IDP " + protocolRequest.getRequestedIDP()); +			return;  		} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 3bd827667..95597e0ad 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -22,7 +22,6 @@   *******************************************************************************/  package at.gv.egovernment.moa.id.protocols.stork2; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;  import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;  import at.gv.egovernment.moa.id.auth.exception.MOAIDException;  import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; @@ -38,6 +37,7 @@ import at.gv.egovernment.moa.id.storage.AssertionStorage;  import at.gv.egovernment.moa.id.util.VelocityProvider;  import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate;  import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil;  import eu.stork.peps.auth.commons.*;  import eu.stork.peps.auth.engine.STORKSAMLEngine;  import eu.stork.peps.exceptions.STORKSAMLEngineException; @@ -67,14 +67,11 @@ public class AuthenticationRequest implements IAction {      private VelocityEngine velocityEngine; -    private IAuthData authData = null;      private MOASTORKRequest moaStorkRequest = null;      public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData) throws MOAIDException { -        this.authData = authData; -          if ((req instanceof MOASTORKRequest)) { // && ( ((MOASTORKRequest) req).getCitizenCountryCode() == null || ((MOASTORKRequest) req).getCitizenCountryCode().equals("AT") )) {              this.moaStorkRequest = (MOASTORKRequest) req; @@ -111,7 +108,10 @@ public class AuthenticationRequest implements IAction {                 // }                  // Get personal attributtes from MOA/IdentityLink -                moaStorkResponse.setPersonalAttributeList(populateAttributes(oaParam)); +                 +                //build STORK attributes from local authentication information +                if (authData != null) +                	moaStorkResponse.setPersonalAttributeList(populateAttributes(authData, oaParam));              }              //moaStorkResponse.setCountry(moaStorkRequest.getSpCountry()); @@ -390,6 +390,10 @@ public class AuthenticationRequest implements IAction {      public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { +    	//redirect to national PVP IDP infrastructure if special attributes are requested +    	if (MiscUtil.isEmpty(req.getRequestedIDP()) && req instanceof MOASTORKRequest) +    		return !STORKPVPUtilits.performAuthenticationOnNationalIDP((MOASTORKRequest) req); +    	    	  //        // authentication is not needed if we have authentication request from SP for citizen of configured PEPS country  //        if (req instanceof MOASTORKRequest) {  //            MOASTORKRequest moastorkRequest = (MOASTORKRequest) req; @@ -444,7 +448,7 @@ public class AuthenticationRequest implements IAction {      } -    public PersonalAttributeList populateAttributes(IOAAuthParameters oaParam) { +    public PersonalAttributeList populateAttributes(IAuthData authData, IOAAuthParameters oaParam) {          IPersonalAttributeList attrLst = moaStorkRequest.getStorkAuthnRequest().getPersonalAttributeList();          Logger.info("Found " + attrLst.size() + " personal attributes in the request."); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 440121417..57531992d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -23,11 +23,15 @@  package at.gv.egovernment.moa.id.protocols.stork2;  import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;  import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;  import at.gv.egovernment.moa.id.moduls.IAction;  import at.gv.egovernment.moa.id.moduls.IModulInfo;  import at.gv.egovernment.moa.id.moduls.IRequest;  import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil;  import eu.stork.peps.auth.commons.*;  import eu.stork.peps.auth.engine.STORKSAMLEngine;  import eu.stork.peps.exceptions.STORKSAMLEngineException; @@ -145,20 +149,23 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {              STORKAuthnRequest authnRequest = null;              STORKAttrQueryRequest attrRequest = null; - - +                          // check if valid authn request is contained              try {                  authnRequest = engine.validateSTORKAuthnRequest(decSamlToken); +                              } catch (STORKSAMLEngineException ex) {                  Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); +                              } catch (ClassCastException e) {                  // we do not have a authnRequest                  // check if a valid attr request is container                  try {                      attrRequest = engine.validateSTORKAttrQueryRequest(decSamlToken); +                                      } catch (STORKSAMLEngineException ex) {                      Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); +                                      }              } @@ -176,11 +183,32 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {                  Logger.error("Exception, attributes: " + e.getMessage());              } -              STORK2Request.setSTORKAuthnRequest(authnRequest);              STORK2Request.setSTORKAttrRequest(attrRequest); - - +             +            //check if OA is instance of VIDP or STORKPVPGateway +            OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(STORK2Request.getOAURL()); +            if (oaParam == null) +                throw new AuthenticationException("stork.12", new Object[]{STORK2Request.getOAURL()}); +             +            else { +            	if (oaParam.isSTORKPVPGateway()) { +            		if (MiscUtil.isNotEmpty(oaParam.getSTORKPVPForwardEntity())) { +            			Logger.info("Received request for STORK->PVP gateway. " + +            					"Forward to PVP portal with entiyID " + oaParam.getSTORKPVPForwardEntity() + +            					" ..." ); +            			STORK2Request.setRequestedIDP(oaParam.getSTORKPVPForwardEntity()); +            			 +            		} else { +            			Logger.error("InterfederatedGateway configuration with ID " + STORK2Request.getOAURL() + +            					" not configure a forward entityID."); +            			throw new MOAIDException("", null); +            			 +            		} +            	} +            	 +            } +                          return STORK2Request;          } else {              throw new MOAIDException("stork.14", null);  // TODO Specify message diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties index 9bfa14a7c..361c6b5ee 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties @@ -72,7 +72,8 @@ config.17=Fehler beim initialisieren von Hibernate  config.18=Keine MOA-ID 2.x Konfiguration gefunden.
  config.19=Kein Schl\u00FCssel f\u00FCr die Resignierung der Personenbindung gefunden.
  config.20=Umgebungsvariable "moa.id.proxy.configuration" nicht gesetzt
 -config.21=F\u00FCr diese Online Applikation sind keine Vollmachtsprofile hinterlegt.  
 +config.21=F\u00FCr diese Online Applikation sind keine Vollmachtsprofile hinterlegt.
 +config.22=F\u00FCr den Interfederation-Gateway mit der ID {0} ist kein Endpunkt zur Weiterleitung konfiguriert.   
  parser.00=Leichter Fehler beim Parsen: {0}
  parser.01=Fehler beim Parsen: {0}
 diff --git a/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties index 3f9cf2f1d..085625972 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties @@ -52,6 +52,7 @@ config.18=9199  config.19=9199  config.20=9199   config.21=9006 +config.22=9008  parser.00=1101  parser.01=1101 | 
