9 files changed, 54 insertions, 31 deletions

diff --git a/id/server/modules/moa-id-module-sl20_authentication/pom.xml b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
index 74aa6682b..280d350fe 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/pom.xml
+++ b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>${moa-id-version}</version>
+    <version>4.1.2-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-module-sl20_authentication</artifactId>
   <name>moa-id-module-sl20_authentication</name>
@@ -45,6 +45,10 @@
   		<groupId>MOA.id.server</groupId>
   		<artifactId>moa-id-lib</artifactId>
   	</dependency> 
+	<dependency> 
+		<groupId>at.gv.egiz.eaaf</groupId>
+	  	<artifactId>eaaf_module_auth_sl20</artifactId> 
+	</dependency>
 	
 	<dependency>
     	<groupId>com.google.code.gson</groupId>
@@ -65,6 +69,7 @@
 </dependency>
   
   
+  	<!-- Dependencies for testing -->
   	<dependency>
 		<groupId>org.springframework</groupId>
 		<artifactId>spring-test</artifactId>
@@ -75,6 +80,27 @@
       <artifactId>junit</artifactId>
       <scope>test</scope>
     </dependency>
+    <dependency>
+		<groupId>xerces</groupId>
+		<artifactId>xercesImpl</artifactId>
+		<scope>test</scope>
+	</dependency>
+	<dependency>
+		<groupId>xalan-bin-dist</groupId>
+		<artifactId>xml-apis</artifactId>
+		<scope>test</scope>
+	</dependency>
+	<dependency>
+		<groupId>xalan-bin-dist</groupId>
+		<artifactId>xalan</artifactId>
+		<scope>test</scope>
+	</dependency>
+	<dependency>
+		<groupId>xalan-bin-dist</groupId>
+		<artifactId>serializer</artifactId>
+		<scope>test</scope>
+	</dependency>
+    
   </dependencies>
   
 </project>
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
index 9c2d47ca7..9142210c8 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
@@ -29,7 +29,7 @@ import javax.annotation.PostConstruct;
 
 import org.springframework.beans.factory.annotation.Autowired;
 
-import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
@@ -77,11 +77,8 @@ public class SL20AuthenticationModulImpl implements AuthModule {
 	 * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
 	 */
 	@Override
-	public String selectProcess(ExecutionContext context) {
-		ISPConfiguration spConfig = (ISPConfiguration) context.get(EAAFConstants.PROCESSCONTEXT_SP_CONFIG);
-//		if (spConfigObj != null && spConfigObj instanceof IOAAuthParameters)
-//			spConfig = (IOAAuthParameters)spConfigObj;
-					
+	public String selectProcess(ExecutionContext context, IRequest pendingReq) {
+		ISPConfiguration spConfig = pendingReq.getServiceProviderConfiguration();					
 		String sl20ClientTypeHeader = (String) context.get(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE.toLowerCase());
 		String sl20VDATypeHeader = (String)  context.get(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE.toLowerCase());
 		
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20SignalServlet.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20SignalServlet.java
index a8c4a941e..a5a472ed8 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20SignalServlet.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20SignalServlet.java
@@ -31,6 +31,7 @@ import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController;
 import at.gv.egovernment.moa.logging.Logger;
 
@@ -54,7 +55,7 @@ public class SL20SignalServlet extends AbstractProcessEngineSignalController {
 							  Constants.HTTP_ENDPOINT_RESUME
 							}, 
 					method = {RequestMethod.POST, RequestMethod.GET})
-	public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+	public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {
 		Logger.trace("Receive req. on SL2.0 servlet with pendingReqId ... ");		
 		signalProcessManagement(req, resp);
 	}
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java
index a02f86376..39364f062 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java
@@ -32,6 +32,7 @@ import com.google.gson.JsonSyntaxException;
 
 import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
 import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils;
+import at.gv.egiz.eaaf.core.impl.utils.X509Utils;
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.Constants;
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.data.VerificationResult;
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SL20Exception;
@@ -40,11 +41,11 @@ import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SLCommandoBuil
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SLCommandoParserException;
 import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
 import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
-import at.gv.egovernment.moa.id.commons.utils.X509Utils;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Base64Utils;
 import at.gv.egovernment.moa.util.MiscUtil;
 
+
 @Service
 public class JsonSecurityUtils implements IJOSETools{
 
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/verifier/QualifiedeIDVerifier.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/verifier/QualifiedeIDVerifier.java
index 599a67dfd..8a288b9b8 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/verifier/QualifiedeIDVerifier.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/verifier/QualifiedeIDVerifier.java
@@ -19,6 +19,7 @@ import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
 import at.gv.egiz.eaaf.modules.pvp2.impl.utils.SAML2Utils;
 import at.gv.egiz.eaaf.modules.pvp2.sp.impl.utils.AssertionAttributeExtractor;
 import at.gv.egovernment.moa.id.auth.builder.SignatureVerificationUtils;
+import at.gv.egovernment.moa.id.auth.exception.ValidateException;
 import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SL20eIDDataValidationException;
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.SL20Constants;
@@ -112,7 +113,7 @@ public class QualifiedeIDVerifier {
 			// date and time
 			validateSigningDateTime(sigVerifyResult, authBlockExtractor);
 			
-		} catch ( Exception e) {
+		} catch ( ValidateException e) {
 			Logger.warn("Validation of eID information FAILED. ", e);
 			throw new SL20eIDDataValidationException(new Object[] {
 					SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_IDL,
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
index 3408cf538..9c74a3cdb 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
@@ -55,6 +55,7 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
 	@Autowired(required=true) private IJOSETools joseTools;
 	@Autowired private AuthConfiguration moaAuthConfig;
 	
+	
 	@Override 
 	public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
 			throws TaskExecutionException {
@@ -97,7 +98,7 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
 
 				
 				X509Certificate encCert = null;
-				if (authConfig.getBasicMOAIDConfigurationBoolean(Constants.CONFIG_PROP_ENABLE_EID_ENCRYPTION, true))
+				if (authConfig.getBasicConfigurationBoolean(Constants.CONFIG_PROP_ENABLE_EID_ENCRYPTION, true))
 					encCert = joseTools.getEncryptionCertificate();
 				else
 					Logger.info("eID data encryption is disabled by configuration");
@@ -120,7 +121,7 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
 						vdaQualeIDUrl);
 				CloseableHttpClient httpClient = HttpClientWithProxySupport.getHttpClient(
 						sslFactory,
-						moaAuthConfig.getBasicMOAIDConfigurationBoolean(AuthConfiguration.PROP_KEY_OVS_SSL_HOSTNAME_VALIDATION, true));
+						moaAuthConfig.getBasicConfigurationBoolean(AuthConfiguration.PROP_KEY_OVS_SSL_HOSTNAME_VALIDATION, true));
 				
 				//build http POST request
 				HttpPost httpReq = new HttpPost(new URIBuilder(vdaQualeIDUrl).build());								
@@ -211,7 +212,7 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
 			
 	private String extractVDAURLForSpecificOA(ISPConfiguration oaConfig, ExecutionContext executionContext) {		
 		String spSpecificVDAEndpoints = oaConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS);		
-		Map<String, String> endPointMap = authConfig.getBasicMOAIDConfigurationWithPrefix(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST);
+		Map<String, String> endPointMap = moaAuthConfig.getBasicConfigurationWithPrefix(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST);
 		if (MiscUtil.isNotEmpty(spSpecificVDAEndpoints)) {
 			endPointMap.putAll(KeyValueUtils.convertListToMap(
 							KeyValueUtils.getListOfCSVValues(
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
index fc386b796..1826f824d 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
@@ -103,10 +103,10 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
 				//validate signature
 				VerificationResult payLoadContainer = SL20JSONExtractorUtils.extractSL20PayLoad(
 						sl20ReqObj, joseTools, 
-						authConfig.getBasicMOAIDConfigurationBoolean(Constants.CONFIG_PROP_FORCE_EID_SIGNED_RESULT, true));
+						authConfig.getBasicConfigurationBoolean(Constants.CONFIG_PROP_FORCE_EID_SIGNED_RESULT, true));
 				
 				if ( (payLoadContainer.isValidSigned() == null || !payLoadContainer.isValidSigned())) {
-					if (authConfig.getBasicMOAIDConfigurationBoolean(Constants.CONFIG_PROP_FORCE_EID_SIGNED_RESULT, true)) {
+					if (authConfig.getBasicConfigurationBoolean(Constants.CONFIG_PROP_FORCE_EID_SIGNED_RESULT, true)) {
 						Logger.info("SL20 result from VDA was not valid signed");
 						throw new SL20SecurityException(new Object[]{"Signature on SL20 result NOT valid."});
 				
@@ -133,7 +133,7 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
 								
 					JsonElement qualeIDResult = SL20JSONExtractorUtils.extractSL20Result(
 							payLoad, joseTools, 
-							authConfig.getBasicMOAIDConfigurationBoolean(Constants.CONFIG_PROP_FORCE_EID_ENCRYPTION, true));
+							authConfig.getBasicConfigurationBoolean(Constants.CONFIG_PROP_FORCE_EID_ENCRYPTION, true));
 
 					//extract attributes from result
 					Map<String, String> eIDData = SL20JSONExtractorUtils.getMapOfStringElements(qualeIDResult);
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/VerifyQualifiedeIDTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/VerifyQualifiedeIDTask.java
index 0c97641c7..fa48b9c64 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/VerifyQualifiedeIDTask.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/VerifyQualifiedeIDTask.java
@@ -94,7 +94,7 @@ public class VerifyQualifiedeIDTask extends AbstractAuthServletTask {
 				//TODO: add LoA verification
 				
 			} catch (MOAIDException e) {
-				if (authConfig.getBasicMOAIDConfigurationBoolean(Constants.CONFIG_PROP_DISABLE_EID_VALIDATION, false)) {
+				if (authConfig.getBasicConfigurationBoolean(Constants.CONFIG_PROP_DISABLE_EID_VALIDATION, false)) {
 					Logger.warn("SL20 eID data validation IS DISABLED!!");
 					Logger.warn("SL20 eID data IS NOT VALID!!! Reason: " + e.getMessage(), e);
 					
@@ -116,6 +116,8 @@ public class VerifyQualifiedeIDTask extends AbstractAuthServletTask {
 			} else
 				moasession.setIssueInstant(DateTimeUtils.buildDateTimeUTC(Calendar.getInstance()));
 			
+		  //set NeedConsent to false, because user gives consont during authentication
+      pendingReq.setNeedUserConsent(false);
 			
 			//store pending request
 			requestStoreage.storePendingRequest(pendingReq);
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/dummydata/DummyAuthConfig.java b/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/dummydata/DummyAuthConfig.java
index fe12e9b76..b43eb22f8 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/dummydata/DummyAuthConfig.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/dummydata/DummyAuthConfig.java
@@ -127,7 +127,7 @@ public class DummyAuthConfig implements AuthConfiguration {
 	}
 
 	@Override
-	public Map<String, String> getBasicMOAIDConfigurationWithPrefix(String prefix) {
+	public Map<String, String> getBasicConfigurationWithPrefix(String prefix) {
 		// TODO Auto-generated method stub
 		return null;
 	}
@@ -395,45 +395,39 @@ public class DummyAuthConfig implements AuthConfiguration {
 	}
 
 	@Override
-	public boolean getBasicMOAIDConfigurationBoolean(String key, boolean defaultValue) {
-		// TODO Auto-generated method stub
-		return false;
-	}
-
-	@Override
-	public URI getConfigurationFilePath() {
+	public URI getConfigurationRootDirectory() {
 		// TODO Auto-generated method stub
 		return null;
 	}
 
 	@Override
-	public URI getConfigurationRootDirectory() {
+	public ISPConfiguration getServiceProviderConfiguration(String arg0) throws EAAFConfigurationException {
 		// TODO Auto-generated method stub
 		return null;
 	}
 
 	@Override
-	public Properties getFullConfigurationProperties() {
+	public <T> T getServiceProviderConfiguration(String arg0, Class<T> arg1) throws EAAFConfigurationException {
 		// TODO Auto-generated method stub
 		return null;
 	}
 
 	@Override
-	public ISPConfiguration getServiceProviderConfiguration(String arg0) throws EAAFConfigurationException {
+	public String validateIDPURL(URL arg0) throws EAAFException {
 		// TODO Auto-generated method stub
 		return null;
 	}
 
 	@Override
-	public <T> T getServiceProviderConfiguration(String arg0, Class<T> arg1) throws EAAFConfigurationException {
+	public Boolean getBasicConfigurationBoolean(String key) {
 		// TODO Auto-generated method stub
 		return null;
 	}
 
 	@Override
-	public String validateIDPURL(URL arg0) throws EAAFException {
+	public boolean getBasicConfigurationBoolean(String key, boolean defaultValue) {
 		// TODO Auto-generated method stub
-		return null;
+		return false;
 	}
 
 }