10 files changed, 88 insertions, 20 deletions

diff --git a/id/server/modules/module-stork/pom.xml b/id/server/modules/module-stork/pom.xml
index 1b2e3f008..2fec7f519 100644
--- a/id/server/modules/module-stork/pom.xml
+++ b/id/server/modules/module-stork/pom.xml
@@ -22,6 +22,33 @@
 	<dependencies>
 
 		<dependency>
+			<groupId>eu.stork</groupId>
+			<artifactId>DocumentService</artifactId>
+			<version>0.0.1-SNAPSHOT</version>
+			<classifier>classes</classifier>
+			<exclusions>
+				<exclusion>
+					<artifactId>axis</artifactId>
+					<groupId>org.apache.axis</groupId>
+				</exclusion>
+				<exclusion>
+					<artifactId>bcprov-jdk16</artifactId>
+					<groupId>org.bouncycastle</groupId>
+				</exclusion>
+				<exclusion>
+					<artifactId>jaxws-tools</artifactId>
+					<groupId>com.sun.xml.ws</groupId>
+				</exclusion>
+			</exclusions>
+		</dependency>
+
+        <dependency>
+            <groupId>eu.stork</groupId>
+            <artifactId>SamlEngine</artifactId>
+            <version>1.5.1</version>
+        </dependency>
+
+		<dependency>
 			<groupId>org.springframework</groupId>
 			<artifactId>spring-test</artifactId>
 			<scope>test</scope>
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java
index 7c178d97e..c0422e06e 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java
@@ -1,6 +1,6 @@
 package at.gv.egovernment.moa.id.auth.modules.stork.tasks;

 

-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;

+import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_SESSIONID;

 

 import java.io.IOException;

 import java.io.StringWriter;

@@ -17,7 +17,6 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;

 

 import org.apache.commons.io.IOUtils;

-import org.apache.commons.lang.StringEscapeUtils;

 import org.apache.commons.lang3.BooleanUtils;

 import org.apache.commons.lang3.StringUtils;

 import org.apache.velocity.Template;

@@ -53,7 +52,6 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;

 import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;

 import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;

-

 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;

 import at.gv.egovernment.moa.id.config.ConfigurationException;

 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;

@@ -61,9 +59,6 @@ import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.config.stork.CPEPS;

 import at.gv.egovernment.moa.id.config.stork.STORKConfig;

 import at.gv.egovernment.moa.id.config.stork.StorkAttribute;

-

-import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;

-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;

 import at.gv.egovernment.moa.id.moduls.IRequest;

 import at.gv.egovernment.moa.id.moduls.RequestStorage;

 import at.gv.egovernment.moa.id.process.api.ExecutionContext;

@@ -71,6 +66,21 @@ import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
 import at.gv.egovernment.moa.id.util.ParamValidatorUtils;

 import at.gv.egovernment.moa.id.util.VelocityProvider;

 import at.gv.egovernment.moa.logging.Logger;

+import eu.stork.oasisdss.api.AdditionalProfiles;

+import eu.stork.oasisdss.api.ApiUtils;

+import eu.stork.oasisdss.api.Profiles;

+import eu.stork.oasisdss.api.QualityLevels;

+import eu.stork.oasisdss.api.SignatureTypes;

+import eu.stork.oasisdss.api.exceptions.ApiUtilsException;

+import eu.stork.oasisdss.profile.AnyType;

+import eu.stork.oasisdss.profile.DocumentType;

+import eu.stork.oasisdss.profile.SignRequest;

+import eu.stork.peps.auth.commons.PEPSUtil;

+import eu.stork.peps.auth.commons.PersonalAttribute;

+import eu.stork.peps.auth.commons.PersonalAttributeList;

+import eu.stork.peps.auth.commons.STORKAuthnRequest;

+import eu.stork.peps.auth.engine.STORKSAMLEngine;

+import eu.stork.peps.exceptions.STORKSAMLEngineException;

 

 /**

  * Creates a SAML2 STORK authentication request, embeds it in a form (in order to satisfy saml post binging) and returns the form withing the HttpServletResponse.<p/>

@@ -120,6 +130,8 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask {
 

 			sessionID = (String) executionContext.get(PARAM_SESSIONID);

 			pendingRequestID = (String) executionContext.get("pendingRequestID");

+			String ccc = (String) executionContext.get("CCC");

+			

 			

 			// check parameter

 			if (!ParamValidatorUtils.isValidSessionID(sessionID)) {

@@ -145,10 +157,13 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask {
 

 			// STORK authentication

 			// cpeps cannot be null

-			CPEPS cpeps = storkConfig.getCPEPS(moasession.getCcc());

+			CPEPS cpeps = storkConfig.getCPEPS(ccc);

 			Logger.debug("Found C-PEPS configuration for citizen of country: " + moasession.getCcc());

 			executionContext.put(PROCESS_CTX_KEY_CPEPS_ISXMLSIGSUPPORTED, cpeps.isXMLSignatureSupported());

 

+			//add selected Country-Code to MOASession DAO 

+			moasession.setCcc(ccc);

+			

 			Logger.info("Starting STORK authentication for a citizen of country: " + moasession.getCcc());

 			startSTORKAuthentication(req, resp, moasession, pendingReq);

 

@@ -207,7 +222,7 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask {
 		Logger.debug("C-PEPS URL: " + destination);

 

 

-		String issuerValue = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix();

+		String issuerValue = pendingReq.getAuthURL();

 		//        String acsURL = new DataURLBuilder().buildDataURL(issuerValue, 

 		//    			PEPSConnectorServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN, moasession.getSessionID());

 

diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java
index 8240f6d00..0ac26f45f 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java
@@ -30,7 +30,9 @@ import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor;
 

 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;

 import at.gv.egovernment.moa.id.config.stork.StorkAttributeProviderPlugin;

+import at.gv.egovernment.moa.id.moduls.IRequest;

 import at.gv.egovernment.moa.id.moduls.ModulUtils;

+import at.gv.egovernment.moa.id.moduls.RequestStorage;

 import at.gv.egovernment.moa.id.process.api.ExecutionContext;

 import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;

 import at.gv.egovernment.moa.id.util.HTTPUtils;

@@ -183,7 +185,8 @@ public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPep
 			// throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_SESSIONID, "auth.12");

 

 			pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moaSessionID);

-

+			IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID);

+			

 			// load MOASession from database

 			AuthenticationSession moaSession = BaseAuthenticationServer.getSession(moaSessionID);

 			// change MOASessionID

@@ -294,7 +297,7 @@ public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPep
 					// set return url to PEPSConnectorWithLocalSigningServlet and add newMOASessionID

 					// signRequest

 

-					String issuerValue = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix();

+					String issuerValue = pendingReq.getAuthURL();

 					String acsURL = issuerValue

 							+ AbstractPepsConnectorWithLocalSigningTask.PEPSCONNECTOR_SERVLET_URL_PATTERN;

 

diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 25cb952d7..2e72f216a 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -83,7 +83,7 @@ public class AttributeCollector implements IAction {
         if (httpReq.getParameter("SAMLResponse") != null) {
             Logger.info("Got SAML response from external attribute provider.");
 
-            MOASTORKResponse STORK2Response = new MOASTORKResponse();
+            MOASTORKResponse STORK2Response = new MOASTORKResponse(httpReq);
 
             //extract STORK Response from HTTP Request
             byte[] decSamlToken;
@@ -173,7 +173,7 @@ public class AttributeCollector implements IAction {
         SLOInformationImpl sloInfo = (SLOInformationImpl) processRequest(container, httpReq, httpResp, authData, oaParam);
         
         if (sloInfo == null) {
-        	sloInfo = new SLOInformationImpl(null, null, null, req.requestedModule());
+        	sloInfo = new SLOInformationImpl(req.getAuthURL(), null, null, null, req.requestedModule());
         }
         
         return sloInfo;
@@ -297,7 +297,7 @@ public class AttributeCollector implements IAction {
 				Logger.info(e.getAp().getClass().getSimpleName() + " is going to ask an external service provider for the requested attributes");
 
                 // add container-key to redirect embedded within the return URL
-                e.getAp().performRedirect(AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/stork2/ResumeAuthentication?" + ARTIFACT_ID + "=" + newArtifactId, request, response, oaParam);
+                e.getAp().performRedirect(AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix().get(0) + "/stork2/ResumeAuthentication?" + ARTIFACT_ID + "=" + newArtifactId, request, response, oaParam);
 
             } catch (Exception e1) {
                 // TODO should we return the response as is to the PEPS?
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 4d3c01bee..f16f7c9a8 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -85,7 +85,7 @@ public class AuthenticationRequest implements IAction {
             if (oaParam == null)
                 throw new AuthenticationException("stork.12", new Object[]{req.getOAURL()});
 
-            MOASTORKResponse moaStorkResponse = new MOASTORKResponse();
+            MOASTORKResponse moaStorkResponse = new MOASTORKResponse(httpReq);
 
             // check if it is attribute query
             if (moaStorkRequest.isAttrRequest()) {
@@ -217,9 +217,9 @@ public class AuthenticationRequest implements IAction {
         String destinationURL = null;
 
         try {
-            issuer = new URL(AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix()).toString();
+            issuer = new URL(moaStorkRequest.getAuthURL()).toString();
             destinationURL = AuthConfigurationProviderFactory.getInstance().getStorkConfig().getCPEPS(citizenCountryCode).getPepsURL().toString();
-            publicURLPrefix = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix();
+            publicURLPrefix = moaStorkRequest.getAuthURL();
             assertionConsumerURL = publicURLPrefix + "/stork2/SendPEPSAuthnRequest";
         } catch (MalformedURLException ex) {
             Logger.error("Wrong PublicURLPrefix setting of MOA instance: " + AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(), ex);
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
index 947accf8e..2b7d4e045 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
@@ -145,7 +145,7 @@ public class ConsentEvaluator implements IAction {
 			Template template = velocityEngine.getTemplate("/resources/templates/stork2_consent.html");
 			VelocityContext context = new VelocityContext();
 
-			context.put("action", AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/stork2/GetConsent?" + ARTIFACT_ID + "=" + newArtifactId);
+			context.put("action", AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix().get(0) + "/stork2/GetConsent?" + ARTIFACT_ID + "=" + newArtifactId);
 
 			// assemble table
 			String table = "";
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
index 11eb01453..4e666c21c 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
@@ -26,6 +26,8 @@ import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
 
+import javax.servlet.http.HttpServletRequest;
+
 import org.opensaml.saml2.core.Attribute;
 
 import at.gv.egovernment.moa.id.auth.builder.DynamicOAAuthParameterBuilder;
@@ -52,6 +54,15 @@ import eu.stork.peps.auth.commons.STORKAuthnResponse;
  */
 public class MOASTORKRequest extends RequestImpl {
 	
+	/**
+	 * @param req
+	 * @throws ConfigurationException
+	 */
+	public MOASTORKRequest(HttpServletRequest req)
+			throws ConfigurationException {
+		super(req);
+	}
+
 	public static final List<String> DEFAULTREQUESTEDATTRFORINTERFEDERATION = Arrays.asList(
 			new String[] {
 					PVPConstants.BPK_NAME,
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java
index d2cf2e813..a233835bf 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java
@@ -22,6 +22,7 @@
  *******************************************************************************/
 package at.gv.egovernment.moa.id.protocols.stork2;
 
+import at.gv.egovernment.moa.id.config.ConfigurationException;
 import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.moduls.RequestImpl;
 import at.gv.egovernment.moa.logging.Logger;
@@ -33,6 +34,8 @@ import eu.stork.peps.auth.commons.STORKAuthnResponse;
 import java.io.Serializable;
 import java.util.List;
 
+import javax.servlet.http.HttpServletRequest;
+
 import org.opensaml.saml2.core.Attribute;
 
 /**
@@ -43,6 +46,15 @@ import org.opensaml.saml2.core.Attribute;
 public class MOASTORKResponse extends RequestImpl {
 
     /**
+	 * @param req
+	 * @throws ConfigurationException
+	 */
+	public MOASTORKResponse(HttpServletRequest req)
+			throws ConfigurationException {
+		super(req);
+	}
+
+	/**
      * The Constant serialVersionUID.
      */
     private static final long serialVersionUID = -5798803155055518747L;
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java
index e58fe804f..2351450e4 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java
@@ -92,7 +92,7 @@ public class MandateRetrievalRequest implements IAction {
         if (oaParam == null)
             throw new AuthenticationException("stork.12", new Object[]{req.getOAURL()});
 
-        MOASTORKResponse moaStorkResponse = new MOASTORKResponse();
+        MOASTORKResponse moaStorkResponse = new MOASTORKResponse(httpReq);
         STORKAttrQueryResponse attrResponse = new STORKAttrQueryResponse();
 
         this.authData = authData;
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index 071b5ae8a..c4f9658e4 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -91,8 +91,8 @@ public class STORKProtocol extends MOAIDAuthConstants implements IModulInfo {
         Logger.debug("Request content length: " + request.getContentLength());
         Logger.debug("Initiating action: " + action);
 
-        MOASTORKRequest STORK2Request = new MOASTORKRequest();
-        MOASTORKResponse STORK2Response = new MOASTORKResponse();
+        MOASTORKRequest STORK2Request = new MOASTORKRequest(request);
+        MOASTORKResponse STORK2Response = new MOASTORKResponse(request);
 
 
         if (AttributeCollector.class.getSimpleName().equals(action) || ConsentEvaluator.class.getSimpleName().equals(action))