1 files changed, 28 insertions, 2 deletions

diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java
index 59f54f957..6e0bd19ff 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java
@@ -6,8 +6,10 @@ import java.io.IOException;
 import java.io.InputStream;

 import java.io.StringWriter;

 import java.net.URL;

+import java.text.SimpleDateFormat;

 import java.util.ArrayList;

 import java.util.Arrays;

+import java.util.Date;

 import java.util.List;

 import java.util.Properties;

 

@@ -28,6 +30,7 @@ import org.apache.velocity.Template;
 import org.apache.velocity.VelocityContext;

 import org.apache.velocity.app.VelocityEngine;

 import org.opensaml.saml2.core.StatusCode;

+import org.springframework.format.datetime.DateFormatter;

 import org.w3c.dom.Element;

 import org.w3c.dom.Node;

 

@@ -170,6 +173,15 @@ public class PepsConnectorTask extends AbstractAuthServletTask {
 			Logger.debug("STORK response: ");

 			Logger.debug(authnResponse.toString());

 

+			// do PEPS-conform logging for easier evaluation

+			try {

+				// 2015-03-12 16:44:27.144#S-PEPS receives response from C-PEPS#orig_msg_id id2 (in response to)#orig_msg_id id1 (in response to)#status#msghash#msg_id id3#

+				Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS receives response from C-PEPS#" + 

+						authnResponse.getInResponseTo() + "#NA#" + authnResponse.getMessage() + "#_hash_#" + authnResponse.getSamlId() + "#");

+			} catch (Exception e1) {

+				Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage());

+			}

+

 			Logger.debug("Trying to find MOA Session-ID ...");

 			// String moaSessionID = request.getParameter(PARAM_SESSIONID);

 			// first use SAML2 relayState

@@ -315,9 +327,13 @@ public class PepsConnectorTask extends AbstractAuthServletTask {
 

 			// ////////////////////////////////////////////////////////////////////////

 

+			AuthConfigurationProvider config = AuthConfigurationProvider.getInstance();

+			String citizenSignature = null;

+			if(config.isStorkFakeIdLActive() && config.getStorkNoSignatureCountries().contains(storkAuthnRequest.getCitizenCountryCode()) && config.getStorkFakeIdLCountries().contains(storkAuthnRequest.getCitizenCountryCode())) {

+				Logger.debug("signedDoc extraction skipped due to configuration");

+			} else {

 			Logger.debug("Starting extraction of signedDoc attribute");

 			// extract signed doc element and citizen signature

-			String citizenSignature = null;

 			try {

 

 				if (authnResponse.getPersonalAttributeList().get("signedDoc") == null 

@@ -398,6 +414,7 @@ public class PepsConnectorTask extends AbstractAuthServletTask {
 				Logger.error("Could not extract citizen signature from C-PEPS", e);

 				throw new MOAIDException("stork.09", null);

 			}

+			}

 			Logger.debug("Foregin Citizen signature successfully extracted from STORK Assertion (signedDoc)");

 			Logger.debug("Citizen signature will be verified by SZR Gateway!");

 

@@ -430,7 +447,6 @@ public class PepsConnectorTask extends AbstractAuthServletTask {
 			IdentityLink identityLink = null;

 			executionContext.put("identityLinkAvailable", false);

 			try {

-				AuthConfigurationProvider config = AuthConfigurationProvider.getInstance();

 				if(config.isStorkFakeIdLActive() && config.getStorkFakeIdLCountries().contains(storkAuthnRequest.getCitizenCountryCode())) {

 					// create fake IdL

 					// - fetch IdL template from resources

@@ -467,6 +483,7 @@ public class PepsConnectorTask extends AbstractAuthServletTask {
 			        if(!STORKResponseProcessor.hasAttribute("dateOfBirth", attributeList))

 			        	throw new STORKException("dateOfBirth is missing");

 					String dateOfBirth = STORKResponseProcessor.getAttributeValue("dateOfBirth", attributeList, false);

+					dateOfBirth = new SimpleDateFormat("yyyy-MM-dd").format(new SimpleDateFormat("yyyyMMdd").parse(dateOfBirth));

 					prDateOfBirth.getFirstChild().setNodeValue(dateOfBirth);

 

 		            identityLink = new IdentityLinkAssertionParser(idlassertion).parseIdentityLink();

@@ -549,6 +566,15 @@ public class PepsConnectorTask extends AbstractAuthServletTask {
 			// stork did the authentication step

 			moaSession.setAuthenticated(true);

 

+			// do PEPS-conform logging for easier evaluation

+			try {

+				// 2015-03-12 16:44:27.144#S-PEPS generates response to SP#orig_msg_id id1 (in response to)#status#msghash#msg_id id4#

+				Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS generates response to SP#" + 

+						"#" + moaSession.getProcessInstanceId() + "#" + authnResponse.getMessage() + "#_hash_#" + moaSession.getProcessInstanceId() + "#");

+			} catch (Exception e1) {

+				Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage());

+			}

+

 			// TODO: found better solution, but QAA Level in STORK response is not be supported yet

 //			try {

 //