aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/moa-id-module-ssoTransfer/src
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/modules/moa-id-module-ssoTransfer/src')
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java16
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java24
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java9
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java11
4 files changed, 26 insertions, 34 deletions
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java
index 78cbd788d..2f6a54027 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java
@@ -28,14 +28,14 @@ import java.util.List;
import org.w3c.dom.Element;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
+import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink;
+import at.gv.egovernment.moa.id.commons.api.data.IMISMandate;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.data.AuthenticationRole;
import at.gv.egovernment.moa.id.data.IAuthData;
-import at.gv.egovernment.moa.id.data.MISMandate;
import at.gv.egovernment.moa.logging.Logger;
/**
@@ -44,10 +44,10 @@ import at.gv.egovernment.moa.logging.Logger;
*/
public class SSOTransferAuthenticationData implements IAuthData {
- private AuthenticationSession authSession = null;
+ private IAuthenticationSession authSession = null;
boolean isIDPPrivateService = true;
- public SSOTransferAuthenticationData(AuthConfiguration authConfig, AuthenticationSession authSession) throws ConfigurationException {
+ public SSOTransferAuthenticationData(AuthConfiguration authConfig, IAuthenticationSession authSession) throws ConfigurationException {
this.authSession = authSession;
String domainIdentifier = authConfig.getSSOTagetIdentifier();
if (domainIdentifier != null)
@@ -197,9 +197,9 @@ public class SSOTransferAuthenticationData implements IAuthData {
* @see at.gv.egovernment.moa.id.data.IAuthData#getIdentityLink()
*/
@Override
- public IdentityLink getIdentityLink() {
+ public IIdentityLink getIdentityLink() {
return this.authSession.getIdentityLink();
- }
+ }
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.data.IAuthData#getSignerCertificate()
@@ -272,7 +272,7 @@ public class SSOTransferAuthenticationData implements IAuthData {
* @see at.gv.egovernment.moa.id.data.IAuthData#getMISMandate()
*/
@Override
- public MISMandate getMISMandate() {
+ public IMISMandate getMISMandate() {
return this.authSession.getMISMandate();
}
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java
index 70b2ebbe9..7d1bfd7b9 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java
@@ -82,6 +82,7 @@ import at.gv.egovernment.moa.id.auth.modules.ssotransfer.data.SSOTransferContain
import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.SSOContainerUtils;
import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
@@ -190,7 +191,7 @@ public class SSOTransferServlet{
Logger.debug("Load token:" + token + " from storage.");
SSOTransferContainer container = transactionStorage.get(token, SSOTransferContainer.class, transmisionTimeOut * 1000);
if (container != null) {
- AuthenticationSession moaSession = new AuthenticationSession("123456", new Date());
+ IAuthenticationSession moaSession = new AuthenticationSession("123456", new Date());
URL idlURL = new URL(FileUtils.makeAbsoluteURL(
authConfig.getMonitoringTestIdentityLinkURL(),
@@ -288,7 +289,7 @@ public class SSOTransferServlet{
try {
SSOTransferContainer container = transactionStorage.get(token, SSOTransferContainer.class, transmisionTimeOut);
if (container != null) {
- AuthenticationSession moaSession = authenticationSessionStorage.getSession(container.getMoaSessionID());
+ IAuthenticationSession moaSession = authenticationSessionStorage.getInternalSSOSession(container.getMoaSessionID());
if (moaSession != null) {
internalTransferPersonalInformation(req, resp, container, moaSession, false);
@@ -405,19 +406,16 @@ public class SSOTransferServlet{
//create first step of SSO Transfer GUI
- String moaSessionID = authenticationSessionStorage.getMOASessionSSOID(ssoid);
- if (MiscUtil.isNotEmpty(moaSessionID)) {
- AuthenticationSession authSession = authenticationSessionStorage.getSession(moaSessionID);
- if(authSession != null) {
- internalCreateQRCodeForTransfer(resp, authURL,
- authSession.getSessionID(),
- SSOTransferConstants.SERVLET_SSOTRANSFER_TO_SMARTPHONE, config);
+ IAuthenticationSession authSession = authenticationSessionStorage.getInternalMOASessionWithSSOID(ssoid);
+ if(authSession != null) {
+ internalCreateQRCodeForTransfer(resp, authURL,
+ authSession.getSessionID(),
+ SSOTransferConstants.SERVLET_SSOTRANSFER_TO_SMARTPHONE, config);
- return;
- }
+ return;
}
-
}
+
config.putCustomParameter("errorMsg",
"No active Single Sign-On session found! SSO Session transfer is not possible.");
@@ -439,7 +437,7 @@ public class SSOTransferServlet{
}
private void internalTransferPersonalInformation(HttpServletRequest req, HttpServletResponse resp,
- SSOTransferContainer container, AuthenticationSession moaSession, boolean developmentMode) throws IOException, InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException, OperatorCreationException, CredentialsNotAvailableException, PKCSException, CertificateException, SessionDataStorageException, IllegalBlockSizeException, BadPaddingException, NoSuchPaddingException {
+ SSOTransferContainer container, IAuthenticationSession moaSession, boolean developmentMode) throws IOException, InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException, OperatorCreationException, CredentialsNotAvailableException, PKCSException, CertificateException, SessionDataStorageException, IllegalBlockSizeException, BadPaddingException, NoSuchPaddingException {
Logger.debug("");
JsonObject receivedData = getJSONObjectFromPostMessage(req, developmentMode);
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
index 003ce8c21..cf4590fc1 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
@@ -200,14 +200,7 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask {
ssoTransferUtils.parseSSOContainerToMOASessionDataObject(pendingReq, moasession, attributeExtractor);
// store MOASession into database
- try {
- authenticatedSessionStorage.storeSession(moasession);
-
- } catch (MOADatabaseException e) {
- Logger.error("Database Error! MOASession is not stored!");
- throw new MOAIDException("init.04", new Object[] {
- moasession.getSessionID()});
- }
+ requestStoreage.storePendingRequest(pendingReq);
executionContext.put(SSOTransferConstants.FLAG_SSO_SESSION_RESTORED, true);
executionContext.put("sessionRestoreFinished", false);
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java
index 0785f767b..568ffb330 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java
@@ -97,7 +97,6 @@ import org.w3c.dom.NodeList;
import com.google.gson.JsonObject;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.ParseException;
import at.gv.egovernment.moa.id.auth.modules.ssotransfer.SSOTransferConstants;
import at.gv.egovernment.moa.id.auth.modules.ssotransfer.data.Pair;
@@ -107,6 +106,8 @@ import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.IRequest;
+import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
+import at.gv.egovernment.moa.id.commons.api.data.IMISMandate;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
@@ -168,7 +169,7 @@ public class SSOContainerUtils {
@Autowired SAMLVerificationEngineSP samlVerificationEngine;
@Autowired AuthConfiguration authConfig;
- public void parseSSOContainerToMOASessionDataObject(IRequest pendingReq, AuthenticationSession moasession, AssertionAttributeExtractor attributeExtractor) throws AssertionAttributeExtractorExeption, ConfigurationException {
+ public void parseSSOContainerToMOASessionDataObject(IRequest pendingReq, IAuthenticationSession moasession, AssertionAttributeExtractor attributeExtractor) throws AssertionAttributeExtractorExeption, ConfigurationException {
// AssertionAttributeExtractor attributeExtractor = new AssertionAttributeExtractor(ssoInformation);
//TODO: maybe change to correct URL
@@ -233,7 +234,7 @@ public class SSOContainerUtils {
Logger.info("Found mandate information in SSO session-container.");
try {
- MISMandate mandate = new MISMandate();
+ IMISMandate mandate = new MISMandate();
String mandateFull = attributeExtractor.getSingleAttributeValue(PVPConstants.MANDATE_FULL_MANDATE_NAME);
if (MiscUtil.isNotEmpty(mandateFull)) {
@@ -336,7 +337,7 @@ public class SSOContainerUtils {
public String generateSignedAndEncryptedSSOContainer(String authURL,
- AuthenticationSession authSession, Date date, byte[] hashedSecret) {
+ IAuthenticationSession authSession, Date date, byte[] hashedSecret) {
try {
String entityID = PVPConfiguration.getInstance().getIDPSSOMetadataService(authURL);
AuthnContextClassRef authnContextClassRef = SAML2Utils
@@ -527,7 +528,7 @@ public class SSOContainerUtils {
}
- private static List<Attribute> buildSSOAttributeForTransfer(AuthenticationSession authSession, IAuthData authData) {
+ private static List<Attribute> buildSSOAttributeForTransfer(IAuthenticationSession authSession, IAuthData authData) {
List<Attribute> attrList = new ArrayList<Attribute>();
IOAAuthParameters oaParam = new SSOTransferOnlineApplication();