summaryrefslogtreecommitdiff
path: root/id/server
diff options
context:
space:
mode:
Diffstat (limited to 'id/server')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java179
1 files changed, 89 insertions, 90 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 599d0c302..51ec1fff3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -19,9 +19,6 @@ import org.apache.velocity.Template;
import org.apache.velocity.VelocityContext;
import org.apache.velocity.app.VelocityEngine;
import org.apache.velocity.runtime.RuntimeConstants;
-import org.opensaml.saml2.core.AudienceRestriction;
-import org.opensaml.saml2.core.impl.AudienceRestrictionBuilder;
-import org.opensaml.saml2.core.impl.AudienceRestrictionImpl;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
@@ -76,15 +73,15 @@ public class AuthenticationRequest implements IAction {
Logger.debug("Starting AuthenticationRequest");
moaStorkResponse.setSTORKAuthnResponse(new STORKAuthnResponse());
- STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
+ //STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
- Logger.debug("Starting generation of SAML response");
- try {
- moaStorkResponse.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(moaStorkRequest.getStorkAuthnRequest(), moaStorkResponse.getStorkAuthnResponse(), httpReq.getRemoteAddr(), false));
- } catch (STORKSAMLEngineException ex) {
- Logger.error("Failed to generate STORK SAML Response", ex);
- throw new MOAIDException("stork.05", null); // TODO
- }
+ // Logger.debug("Starting generation of SAML response");
+ // try {
+ // moaStorkResponse.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(moaStorkRequest.getStorkAuthnRequest(), moaStorkResponse.getStorkAuthnResponse(), httpReq.getRemoteAddr(), false));
+ // } catch (STORKSAMLEngineException ex) {
+ // Logger.error("Failed to generate STORK SAML Response", ex);
+ // throw new MOAIDException("stork.05", null); // TODO
+ // }
// Get personal attributtes from MOA/IdentityLink
moaStorkResponse.setPersonalAttributeList(populateAttributes());
@@ -112,103 +109,105 @@ public class AuthenticationRequest implements IAction {
}
// check if we are getting request for citizen of some other country
else if (req instanceof MOASTORKRequest) {
- STORKAuthnRequest spAuthnRequest = ((MOASTORKRequest) req).getStorkAuthnRequest();
- STORKAuthnRequest storkAuthnRequest = null;
-
- String citizenCountryCode = spAuthnRequest.getCitizenCountryCode();
- Logger.info("Got authentication request for citizen of " + citizenCountryCode);
+ return handleMOAStorkRequest("VIDP", (MOASTORKRequest) req, httpReq.getRemoteAddr(), httpResp);
+ }
- try {
- storkAuthnRequest = (STORKAuthnRequest) spAuthnRequest.clone();
- } catch (CloneNotSupportedException e) {
- Logger.error("Could not clone AuthnRequest ", e);
- throw new MOAIDException("stork.05", null); // TODO
- }
+ // Check if we got the response from PEPS
+ // If so then process it and forward to SP
+ else if ((req instanceof MOASTORKResponse)) {
+ return handleMOAStorkResponse("VIDP", (MOASTORKResponse) req, httpReq.getRemoteAddr(), httpResp);
+ } else {
+ Logger.error("Could not recognize request.");
+ throw new MOAIDException("stork.15", null);
+ }
+ }
+ /*
+ Handles STORKAuthnRequeste received for citizens of other countries
+ */
+ private String handleMOAStorkRequest(String instanceName, MOASTORKRequest moastorkRequest, String remoteAddr, HttpServletResponse httpResp) throws MOAIDException {
- // check if citizen country is configured in the system
- if (!(AuthConfigurationProvider.getInstance().getStorkConfig().getCpepsMap().containsKey(citizenCountryCode))) {
- Logger.error("Citizen country PEPS not configured in MOA instance: " + citizenCountryCode);
- throw new MOAIDException("stork.05", null); // TODO
- }
+ STORKAuthnRequest spAuthnRequest = moastorkRequest.getStorkAuthnRequest();
+ STORKAuthnRequest storkAuthnRequest = null;
- // extracting basic settings and adjusting assertion consumer
- String issuer = null;
- String assertionConsumerURL = null;
- String publicURLPrefix = null;
- String destinationURL = null;
+ String citizenCountryCode = spAuthnRequest.getCitizenCountryCode();
+ Logger.info("Got authentication request for citizen of " + citizenCountryCode);
- try {
- issuer = new URL(AuthConfigurationProvider.getInstance().getPublicURLPrefix()).toString();
- destinationURL = AuthConfigurationProvider.getInstance().getStorkConfig().getCPEPS(citizenCountryCode).getPepsURL().toString();
- publicURLPrefix = AuthConfigurationProvider.getInstance().getPublicURLPrefix();
- assertionConsumerURL = publicURLPrefix + "/stork2/SendPEPSAuthnRequest";
- } catch (MalformedURLException ex) {
- Logger.error("Wrong PublicURLPrefix setting of MOA instance: " + AuthConfigurationProvider.getInstance().getPublicURLPrefix(), ex);
- throw new MOAIDException("stork.05", null); // TODO
- } catch (Exception ex) {
- Logger.error("Problem with PEPS configuration of MOA instance.", ex);
- throw new MOAIDException("stork.05", null); // TODO
- }
+ try {
+ storkAuthnRequest = (STORKAuthnRequest) spAuthnRequest.clone();
+ } catch (CloneNotSupportedException e) {
+ Logger.error("Could not clone AuthnRequest ", e);
+ throw new MOAIDException("stork.05", null); // TODO
+ }
- // drop if we do not have publicprefix url configured on the instance
- if (publicURLPrefix == null)
- throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()});
+ // check if citizen country is configured in the system
+ if (!(AuthConfigurationProvider.getInstance().getStorkConfig().getCpepsMap().containsKey(citizenCountryCode))) {
+ Logger.error("Citizen country PEPS not configured in MOA instance: " + citizenCountryCode);
+ throw new MOAIDException("stork.05", null); // TODO
+ }
- // adjusting request
- storkAuthnRequest.setEIDCrossBorderShare(spAuthnRequest.isEIDCrossBorderShare());
- storkAuthnRequest.setEIDSectorShare(spAuthnRequest.isEIDSectorShare());
- storkAuthnRequest.setEIDCrossSectorShare(spAuthnRequest.isEIDCrossSectorShare());
- storkAuthnRequest.setCitizenCountryCode(spAuthnRequest.getCitizenCountryCode());
- storkAuthnRequest.setIssuer(issuer);
- storkAuthnRequest.setAssertionConsumerServiceURL(assertionConsumerURL);
- storkAuthnRequest.setDestination(destinationURL);
+ // extracting basic settings and adjusting assertion consumer
+ String issuer = null;
+ String assertionConsumerURL = null;
+ String publicURLPrefix = null;
+ String destinationURL = null;
- // regenerate request
- try {
- //Get SAMLEngine instance
- STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
- Logger.debug("Starting generation of SAML request");
- storkAuthnRequest = engine.generateSTORKAuthnRequest(storkAuthnRequest);
-
- //generateSAML Token
- Logger.info("SAML response succesfully generated!");
- } catch (STORKSAMLEngineException e) {
- Logger.error("Failed to generate STORK SAML Response", e);
- throw new MOAIDException("stork.05", null);
- }
+ try {
+ issuer = new URL(AuthConfigurationProvider.getInstance().getPublicURLPrefix()).toString();
+ destinationURL = AuthConfigurationProvider.getInstance().getStorkConfig().getCPEPS(citizenCountryCode).getPepsURL().toString();
+ publicURLPrefix = AuthConfigurationProvider.getInstance().getPublicURLPrefix();
+ assertionConsumerURL = publicURLPrefix + "/stork2/SendPEPSAuthnRequest";
+ } catch (MalformedURLException ex) {
+ Logger.error("Wrong PublicURLPrefix setting of MOA instance: " + AuthConfigurationProvider.getInstance().getPublicURLPrefix(), ex);
+ throw new MOAIDException("stork.05", null); // TODO
+ } catch (Exception ex) {
+ Logger.error("Problem with PEPS configuration of MOA instance.", ex);
+ throw new MOAIDException("stork.05", null); // TODO
+ }
- // store original request from SP in order to be able to extract it in later iteration/response
- DataContainer spRequestContainer = new DataContainer();
- spRequestContainer.setRequest((MOASTORKRequest) req);
- try {
- AssertionStorage.getInstance().put(storkAuthnRequest.getSamlId(), spRequestContainer);
- Logger.info("Storing artifactId " + storkAuthnRequest.getSamlId() + " of SP authentication request with id " + spAuthnRequest.getSamlId());
- } catch (MOADatabaseException e) {
- e.printStackTrace();
- }
+ // drop if we do not have publicprefix url configured on the instance
+ if (publicURLPrefix == null)
+ throw new AuthenticationException("stork.12", new String[]{"PublicURLPrefix"});
- // preparing redirection for the client
- performRedirection("SAMLRequest", destinationURL, storkAuthnRequest.getTokenSaml(), httpResp);
- return "xxxx";// TODO
+ // adjusting request
+ storkAuthnRequest.setEIDCrossBorderShare(spAuthnRequest.isEIDCrossBorderShare());
+ storkAuthnRequest.setEIDSectorShare(spAuthnRequest.isEIDSectorShare());
+ storkAuthnRequest.setEIDCrossSectorShare(spAuthnRequest.isEIDCrossSectorShare());
+ storkAuthnRequest.setCitizenCountryCode(spAuthnRequest.getCitizenCountryCode());
+ storkAuthnRequest.setIssuer(issuer);
+ storkAuthnRequest.setAssertionConsumerServiceURL(assertionConsumerURL);
+ storkAuthnRequest.setDestination(destinationURL);
- }
+ // regenerate request
+ try {
+ //Get SAMLEngine instance
+ STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
+ Logger.debug("Starting generation of SAML request");
+ storkAuthnRequest = engine.generateSTORKAuthnRequest(storkAuthnRequest);
- // Check if we got the response from PEPS
- // If so then process it and forward to SP
- else if ((req instanceof MOASTORKResponse)) {
- return handleMOAStorkResponse("VIDP", (MOASTORKResponse) req, httpReq.getRemoteAddr(), httpResp);
- } else {
- Logger.error("Could not recognize request.");
- throw new MOAIDException("stork.15", null);
+ //generateSAML Token
+ Logger.info("SAML response succesfully generated!");
+ } catch (STORKSAMLEngineException e) {
+ Logger.error("Failed to generate STORK SAML Response", e);
+ throw new MOAIDException("stork.05", null);
}
- }
+ // store original request from SP in order to be able to extract it in later iteration/response
+ DataContainer spRequestContainer = new DataContainer();
+ spRequestContainer.setRequest(moastorkRequest);
- private String handleMOAStorkRequest(String instanceName, MOASTORKRequest moastorkRequest, String remoteAddr, HttpServletResponse httpResp) {
+ try {
+ AssertionStorage.getInstance().put(storkAuthnRequest.getSamlId(), spRequestContainer);
+ Logger.info("Storing artifactId " + storkAuthnRequest.getSamlId() + " of SP authentication request with id " + spAuthnRequest.getSamlId());
+ } catch (MOADatabaseException e) {
+ e.printStackTrace();
+ }
+ // preparing redirection for the client
+ performRedirection("SAMLRequest", destinationURL, storkAuthnRequest.getTokenSaml(), httpResp);
+ return "xxxx";// TODO
}
/*
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-31 03:47:02 +0000