diff options
Diffstat (limited to 'id/server/modules/module-stork')
| -rw-r--r-- | id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java | 30 | 
1 files changed, 28 insertions, 2 deletions
| diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java index 59f54f957..6e0bd19ff 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java @@ -6,8 +6,10 @@ import java.io.IOException;  import java.io.InputStream;
  import java.io.StringWriter;
  import java.net.URL;
 +import java.text.SimpleDateFormat;
  import java.util.ArrayList;
  import java.util.Arrays;
 +import java.util.Date;
  import java.util.List;
  import java.util.Properties;
 @@ -28,6 +30,7 @@ import org.apache.velocity.Template;  import org.apache.velocity.VelocityContext;
  import org.apache.velocity.app.VelocityEngine;
  import org.opensaml.saml2.core.StatusCode;
 +import org.springframework.format.datetime.DateFormatter;
  import org.w3c.dom.Element;
  import org.w3c.dom.Node;
 @@ -170,6 +173,15 @@ public class PepsConnectorTask extends AbstractAuthServletTask {  			Logger.debug("STORK response: ");
  			Logger.debug(authnResponse.toString());
 +			// do PEPS-conform logging for easier evaluation
 +			try {
 +				// 2015-03-12 16:44:27.144#S-PEPS receives response from C-PEPS#orig_msg_id id2 (in response to)#orig_msg_id id1 (in response to)#status#msghash#msg_id id3#
 +				Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS receives response from C-PEPS#" + 
 +						authnResponse.getInResponseTo() + "#NA#" + authnResponse.getMessage() + "#_hash_#" + authnResponse.getSamlId() + "#");
 +			} catch (Exception e1) {
 +				Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage());
 +			}
 +
  			Logger.debug("Trying to find MOA Session-ID ...");
  			// String moaSessionID = request.getParameter(PARAM_SESSIONID);
  			// first use SAML2 relayState
 @@ -315,9 +327,13 @@ public class PepsConnectorTask extends AbstractAuthServletTask {  			// ////////////////////////////////////////////////////////////////////////
 +			AuthConfigurationProvider config = AuthConfigurationProvider.getInstance();
 +			String citizenSignature = null;
 +			if(config.isStorkFakeIdLActive() && config.getStorkNoSignatureCountries().contains(storkAuthnRequest.getCitizenCountryCode()) && config.getStorkFakeIdLCountries().contains(storkAuthnRequest.getCitizenCountryCode())) {
 +				Logger.debug("signedDoc extraction skipped due to configuration");
 +			} else {
  			Logger.debug("Starting extraction of signedDoc attribute");
  			// extract signed doc element and citizen signature
 -			String citizenSignature = null;
  			try {
  				if (authnResponse.getPersonalAttributeList().get("signedDoc") == null 
 @@ -398,6 +414,7 @@ public class PepsConnectorTask extends AbstractAuthServletTask {  				Logger.error("Could not extract citizen signature from C-PEPS", e);
  				throw new MOAIDException("stork.09", null);
  			}
 +			}
  			Logger.debug("Foregin Citizen signature successfully extracted from STORK Assertion (signedDoc)");
  			Logger.debug("Citizen signature will be verified by SZR Gateway!");
 @@ -430,7 +447,6 @@ public class PepsConnectorTask extends AbstractAuthServletTask {  			IdentityLink identityLink = null;
  			executionContext.put("identityLinkAvailable", false);
  			try {
 -				AuthConfigurationProvider config = AuthConfigurationProvider.getInstance();
  				if(config.isStorkFakeIdLActive() && config.getStorkFakeIdLCountries().contains(storkAuthnRequest.getCitizenCountryCode())) {
  					// create fake IdL
  					// - fetch IdL template from resources
 @@ -467,6 +483,7 @@ public class PepsConnectorTask extends AbstractAuthServletTask {  			        if(!STORKResponseProcessor.hasAttribute("dateOfBirth", attributeList))
  			        	throw new STORKException("dateOfBirth is missing");
  					String dateOfBirth = STORKResponseProcessor.getAttributeValue("dateOfBirth", attributeList, false);
 +					dateOfBirth = new SimpleDateFormat("yyyy-MM-dd").format(new SimpleDateFormat("yyyyMMdd").parse(dateOfBirth));
  					prDateOfBirth.getFirstChild().setNodeValue(dateOfBirth);
  		            identityLink = new IdentityLinkAssertionParser(idlassertion).parseIdentityLink();
 @@ -549,6 +566,15 @@ public class PepsConnectorTask extends AbstractAuthServletTask {  			// stork did the authentication step
  			moaSession.setAuthenticated(true);
 +			// do PEPS-conform logging for easier evaluation
 +			try {
 +				// 2015-03-12 16:44:27.144#S-PEPS generates response to SP#orig_msg_id id1 (in response to)#status#msghash#msg_id id4#
 +				Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS generates response to SP#" + 
 +						"#" + moaSession.getProcessInstanceId() + "#" + authnResponse.getMessage() + "#_hash_#" + moaSession.getProcessInstanceId() + "#");
 +			} catch (Exception e1) {
 +				Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage());
 +			}
 +
  			// TODO: found better solution, but QAA Level in STORK response is not be supported yet
  //			try {
  //
 | 
