aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/moa-id-modules-saml1/src
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/modules/moa-id-modules-saml1/src')
-rw-r--r--id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java42
-rw-r--r--id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java3
-rw-r--r--id/server/modules/moa-id-modules-saml1/src/main/resources/plain_info.vm2
3 files changed, 31 insertions, 16 deletions
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java
index b01ea666d..893799b5d 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java
@@ -66,9 +66,12 @@ import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.w3c.dom.Element;
+import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;
+import com.google.common.net.MediaType;
+
import at.gv.egovernment.moa.id.auth.builder.SAMLResponseBuilder;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityProvider;
@@ -122,7 +125,8 @@ public class GetAuthenticationDataService extends AbstractController implements
private static final String CONTEXT_SOAP_STATUSCODE = "statusCode";
private static final String CONTEXT_SOAP_ASSERTION = "assertion";
- @RequestMapping(value = "/services/GetAuthenticationData", method = {RequestMethod.POST})
+ @RequestMapping(value = {"/services/GetAuthenticationData", "/services"},
+ method = {RequestMethod.POST})
public void getAuthenticationData(HttpServletRequest req, HttpServletResponse resp)
throws IOException {
InputStream is = null;
@@ -136,13 +140,13 @@ public class GetAuthenticationDataService extends AbstractController implements
String respString = DOMUtils.serializeNode(soapResp, true);
- resp.setContentType("text/xml;charset=UTF-8");
+ resp.setContentType(MediaType.XML_UTF_8.toString());
context.put(CONTEXT_SOAP_ASSERTION, respString);
evaluateTemplate(context, resp, TEMPLATE_SOAP_SUCCESS);
} catch (ParserConfigurationException | SAXException | IOException | TransformerException e) {
Logger.error("SAML1 GetAuthenticationData receive a non-valid request.", e);
- resp.setContentType("text/xml;charset=UTF-8");
+ resp.setContentType(MediaType.XML_UTF_8.toString());
context.put(CONTEXT_SOAP_ISSUEINSTANT, DateTimeUtils.buildDateTimeUTC(Calendar.getInstance()));
context.put(CONTEXT_SOAP_RESPONSEID, Random.nextRandom());
@@ -153,7 +157,7 @@ public class GetAuthenticationDataService extends AbstractController implements
} catch (SAML1AssertionResponseBuildException e) {
Logger.error("SAML1 GetAuthenticationData response build failed..", e);
- resp.setContentType("text/xml;charset=UTF-8");
+ resp.setContentType(MediaType.XML_UTF_8.toString());
context.put(CONTEXT_SOAP_ISSUEINSTANT, e.getIssueInstant());
context.put(CONTEXT_SOAP_REQUESTEID, e.getRequestID());
@@ -187,17 +191,17 @@ public class GetAuthenticationDataService extends AbstractController implements
if (wsdl_param != null) {
//print wsdl
- resp.setContentType("text/xml;charset=UTF-8");
+ resp.setContentType(MediaType.XML_UTF_8.toString());
evaluateTemplate(context, resp, TEMPLATE_WSDL);
} else if (xsd_param != null){
//print xsd
- resp.setContentType("text/xml;charset=UTF-8");
+ resp.setContentType(MediaType.XML_UTF_8.toString());
evaluateTemplate(context, resp, TEMPLATE_XSD);
} else {
//print plain info
- resp.setContentType("text/html;charset=UTF-8");
+ resp.setContentType(MediaType.XML_UTF_8.toString());
evaluateTemplate(context, resp, TEMPLATE_PLAIN_INFO);
}
@@ -223,13 +227,23 @@ public class GetAuthenticationDataService extends AbstractController implements
}
}
- //get first child from body --> should be the SAML1 Request element
- Element saml1Req;
- if (saml1ReqList.item(0).getFirstChild() instanceof Element)
- saml1Req = (Element) saml1ReqList.item(0).getFirstChild();
-
- else {
- throw new SAXException("First child of 'soap-env:Body' element has a wrong type.");
+ //get the first child from body which is of type Element (SAML1 Request element)
+ Element saml1Req = null;
+
+ Node reqObj = saml1ReqList.item(0).getFirstChild();
+ while (reqObj != null) {
+ if (reqObj instanceof Element) {
+ saml1Req = (Element) reqObj;
+ break;
+
+ } else {
+ reqObj = reqObj.getNextSibling();
+
+ }
+ }
+
+ if (saml1Req == null) {
+ throw new SAXException("Every child of 'soap-env:Body' element has a wrong type.");
}
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java
index 42fafc01e..1d3525626 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java
@@ -26,6 +26,7 @@ import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
+import org.opensaml.saml2.metadata.provider.MetadataProvider;
import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;
@@ -81,7 +82,7 @@ public class SAML1RequestImpl extends RequestImpl {
* @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes()
*/
@Override
- public Collection<String> getRequestedAttributes() {
+ public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider) {
List<String> reqAttr = new ArrayList<String>();
reqAttr.addAll(SAML1Protocol.DEFAULTREQUESTEDATTRFORINTERFEDERATION);
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/resources/plain_info.vm b/id/server/modules/moa-id-modules-saml1/src/main/resources/plain_info.vm
index dfc11820f..858479904 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/resources/plain_info.vm
+++ b/id/server/modules/moa-id-modules-saml1/src/main/resources/plain_info.vm
@@ -1,6 +1,6 @@
<html>
<head>
-<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
+<meta content="text/html; charset=utf-8" http-equiv="Content-Type"/>
</head>
<body>
<h1>GetAuthenticationData</h1>