diff options
Diffstat (limited to 'id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java')
-rw-r--r-- | id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java | 41 |
1 files changed, 28 insertions, 13 deletions
diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java index 0cef4cb41..b17f0c121 100644 --- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java +++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java @@ -29,13 +29,13 @@ import javax.annotation.PostConstruct; import org.springframework.beans.factory.annotation.Autowired; -import at.gv.egovernment.moa.id.auth.modules.AuthModule; +import at.gv.egiz.eaaf.core.api.data.EAAFConstants; +import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager; +import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; import at.gv.egovernment.moa.id.auth.modules.bkamobileauthtests.tasks.FirstBKAMobileAuthTask; -import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; -import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; -import at.gv.egovernment.moa.id.moduls.AuthenticationManager; -import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -45,19 +45,20 @@ import at.gv.egovernment.moa.util.MiscUtil; */ public class BKAMobileAuthModule implements AuthModule { - private int priority = 1; + private int priority = 2; @Autowired(required=true) protected AuthConfiguration authConfig; - @Autowired(required=true) private AuthenticationManager authManager; + @Autowired(required=true) private IAuthenticationManager authManager; private List<String> uniqueIDsDummyAuthEnabled = new ArrayList<String>(); + private String noAuthHeaderValue = null; /* (non-Javadoc) * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getPriority() */ @Override public int getPriority() { - return priority; + return priority; } /** @@ -67,11 +68,13 @@ public class BKAMobileAuthModule implements AuthModule { public void setPriority(int priority) { this.priority = priority; } - @PostConstruct public void initialDummyAuthWhiteList() { - String sensitiveSpIdentifier = authConfig.getBasicMOAIDConfiguration("modules.bkamobileAuth.entityID"); + String sensitiveSpIdentifier = authConfig.getBasicConfiguration("modules.bkamobileAuth.entityID"); + noAuthHeaderValue = authConfig.getBasicConfiguration("modules.bkamobileAuth.noAuthHeaderValue", "0"); + Logger.info("Dummy authentication is sensitive on 'X-MOA-VDA' value: " + noAuthHeaderValue); + if (MiscUtil.isNotEmpty(sensitiveSpIdentifier)) { uniqueIDsDummyAuthEnabled.addAll(KeyValueUtils.getListOfCSVValues(sensitiveSpIdentifier)); @@ -84,6 +87,8 @@ public class BKAMobileAuthModule implements AuthModule { //parameter to whiteList authManager.addParameterNameToWhiteList(FirstBKAMobileAuthTask.REQ_PARAM_eID_BLOW); +// authManager.addHeaderNameToWhiteList("SL2ClientType"); +// authManager.addHeaderNameToWhiteList("X-MOA-VDA"); } /* (non-Javadoc) @@ -91,13 +96,23 @@ public class BKAMobileAuthModule implements AuthModule { */ @Override public String selectProcess(ExecutionContext context) { - String spEntityID = (String) context.get(MOAIDAuthConstants.PROCESSCONTEXT_UNIQUE_OA_IDENTFIER); - if (MiscUtil.isNotEmpty(spEntityID)) { - if (uniqueIDsDummyAuthEnabled.contains(spEntityID)) { + String spEntityID = (String) context.get(EAAFConstants.PROCESS_ENGINE_SERVICE_PROVIDER_ENTITYID); + String sl20ClientTypeHeader = (String) context.get("SL2ClientType".toLowerCase()); + String sl20VDATypeHeader = (String) context.get("X-MOA-VDA".toLowerCase()); + if (MiscUtil.isNotEmpty(spEntityID)) { + Logger.trace("Check dummy-auth for SP: " + spEntityID); + + + if ( (uniqueIDsDummyAuthEnabled.contains(spEntityID))) { String eIDBlob = (String)context.get(FirstBKAMobileAuthTask.REQ_PARAM_eID_BLOW); if (eIDBlob != null && MiscUtil.isNotEmpty(eIDBlob.trim())) { return "BKAMobileAuthentication"; + } else if (MiscUtil.isNotEmpty(sl20ClientTypeHeader) + && MiscUtil.isNotEmpty(sl20VDATypeHeader) && sl20VDATypeHeader.equals(noAuthHeaderValue)) { + Logger.info("Find dummy-auth request for oe.gv.at demos ... "); + return "BKAMobileAuthentication"; + } else { Logger.debug("Dummy-auth are enabled for " + spEntityID + " but no '" + FirstBKAMobileAuthTask.REQ_PARAM_eID_BLOW + "' req. parameter available."); |