diff options
Diffstat (limited to 'id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine')
2 files changed, 11 insertions, 7 deletions
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAProtocolEngine.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAProtocolEngine.java index f347022b8..d5b1a9e4e 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAProtocolEngine.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAProtocolEngine.java @@ -1,5 +1,7 @@ package at.gv.egovernment.moa.id.auth.modules.eidas.engine; +import java.util.Collection; + import org.opensaml.saml2.core.AuthnRequest; import org.opensaml.saml2.core.Response; import org.w3c.dom.Document; @@ -26,9 +28,9 @@ public class MOAProtocolEngine extends ProtocolEngine { * */ @Override - public Correlated unmarshallResponse(byte[] responseBytes) throws EIDASSAMLEngineException { + public Correlated unmarshallResponse(byte[] responseBytes, Collection<String> metadataWhitelist, boolean checkWhitelist) throws EIDASSAMLEngineException { try { - return super.unmarshallResponse(responseBytes); + return super.unmarshallResponse(responseBytes, metadataWhitelist, checkWhitelist); } catch (EIDASSAMLEngineException e) { if (responseBytes != null ) { @@ -45,7 +47,7 @@ public class MOAProtocolEngine extends ProtocolEngine { if (startInternalMetadataRefesh(entityID)) { Logger.debug("Metadata refresh success. Revalidate eIDAS Response ..."); - return super.unmarshallResponse(responseBytes); + return super.unmarshallResponse(responseBytes, metadataWhitelist, checkWhitelist); } Logger.info("eIDAS metadata refresh not possible or not successful."); @@ -61,9 +63,9 @@ public class MOAProtocolEngine extends ProtocolEngine { * */ @Override - public AuthnRequest unmarshallRequest(byte[] requestBytes) throws EIDASSAMLEngineException { + public AuthnRequest unmarshallRequest(byte[] requestBytes, Collection<String> whitelistMetadata, boolean checkWhitelist) throws EIDASSAMLEngineException { try { - return super.unmarshallRequest(requestBytes); + return super.unmarshallRequest(requestBytes, whitelistMetadata, checkWhitelist); } catch (EIDASSAMLEngineException e) { @@ -81,7 +83,7 @@ public class MOAProtocolEngine extends ProtocolEngine { if (startInternalMetadataRefesh(entityID)) { Logger.debug("Metadata refresh success. Revalidate eIDAS Authn. Request ..."); - return super.unmarshallRequest(requestBytes); + return super.unmarshallRequest(requestBytes, whitelistMetadata, checkWhitelist); } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java index aca818532..feeff6f84 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java @@ -440,7 +440,9 @@ public class MOAeIDASChainingMetadataProvider extends SimpleMetadataProvider imp AuthConfiguration moaAuthConfig = (AuthConfiguration) basicConfig; //FIX: change hostname validation default flag to true when httpClient is updated to > 4.4 MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory( - PVPConstants.SSLSOCKETFACTORYNAME, + PVPConstants.SSLSOCKETFACTORYNAME, + basicConfig.getBasicMOAIDConfigurationBoolean( + AuthConfiguration.PROP_KEY_SSL_USE_JVM_TRUSTSTORE, false), moaAuthConfig.getTrustedCACertificates(), null, AuthConfiguration.DEFAULT_X509_CHAININGMODE, |