diff options
Diffstat (limited to 'id/server')
4 files changed, 26 insertions, 4 deletions
diff --git a/id/server/doc/handbook/protocol/protocol.html b/id/server/doc/handbook/protocol/protocol.html index 450df0aad..ebe0dbdca 100644 --- a/id/server/doc/handbook/protocol/protocol.html +++ b/id/server/doc/handbook/protocol/protocol.html @@ -1083,6 +1083,11 @@ Folgende Parameter müssen mit dem AuthCode-Request mitgesendet werden, wobei für <td>BE, SI, </td> <td><strong>Optional:</strong> Gibt an ob die Anmeldung mittels STORK im angegebenen Land erfolgen soll. Die Angabe erfolgt mit dem Ländercode (Bsp: PT, LU, ES, ...) des jeweiligen Landes.</td> </tr> + <tr> + <td>sourceID=<xxxxxxx></td> + <td>abcdef141245</td> + <td><strong>Optional:</strong> Die sourceID fließt in die Genierung des SAML1 Artifacts, welches an den Service Provider returniert wird, ein. Detailinformationen zur Genierierung des SAML1 Artifacts und zur sourceID finden Sie in der <a href="#referenzierte_spezifikation">SAML1 Spezifikation</a>.</td> + </tr> </table> <h2><a name="saml1_getassertion" id="saml1_zugang3"></a>3.4 GetAuthenticationData Request</h2> <p>Nach erfolgter Authentisierung stehen in MOA-ID-AUTH Anmeldedaten zum Abholen bereit, und MOA-ID-AUTH veranlasst einen Redirect zur Online-Applikation (OA). <br> diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java index c22f6d25f..c337433b6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java @@ -52,6 +52,13 @@ public class GetArtifactAction implements IAction { String oaURL = (String) req.getOAURL(); String target = (String) req.getTarget(); + String sourceID = null; + if (req instanceof SAML1RequestImpl) { + SAML1RequestImpl saml1req = (SAML1RequestImpl) req; + sourceID = saml1req.getSourceID(); + + } + try { @@ -84,7 +91,7 @@ public class GetArtifactAction implements IAction { Logger.info("MOA assertion assembled and SAML Artifact generated."); } - String samlArtifactBase64 = saml1server.BuildSAMLArtifact(session, oaParam, authData); + String samlArtifactBase64 = saml1server.BuildSAMLArtifact(session, oaParam, authData, sourceID); if (AuthenticationSessionStoreage.isSSOSession(session.getSessionID())) { String url = "RedirectServlet"; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java index 7c91026bf..6391860ff 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java @@ -165,7 +165,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer { public String BuildSAMLArtifact(AuthenticationSession session, OAAuthParameter oaParam, - AuthenticationData authData) + AuthenticationData authData, String sourceID) throws ConfigurationException, BuildException, AuthenticationException { //Load SAML1 Parameter from OA config @@ -326,7 +326,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer { String samlArtifact = new SAMLArtifactBuilder().build( session.getAuthURL(), Random.nextRandom(), - saml1parameter.getSourceID()); + sourceID); storeAuthenticationData(samlArtifact, authData); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java index ada0bfa8f..b6a2ac0b6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java @@ -82,7 +82,7 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants { public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action) throws MOAIDException { - RequestImpl config = new RequestImpl(); + SAML1RequestImpl config = new SAML1RequestImpl(); if (!AuthConfigurationProvider.getInstance().getAllowedProtocols().isSAML1Active()) { Logger.info("SAML1 is deaktivated!"); @@ -96,6 +96,9 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants { String target = (String) request.getParameter(PARAM_TARGET); target = StringEscapeUtils.escapeHtml(target); + String sourceID = request.getParameter(PARAM_SOURCEID); + sourceID = StringEscapeUtils.escapeHtml(sourceID); + //the target parameter is used to define the OA in SAML1 standard if (target != null && target.startsWith("http")) { oaURL = target; @@ -112,10 +115,15 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants { if (!ParamValidatorUtils.isValidOA(oaURL)) throw new WrongParametersException("StartAuthentication", PARAM_OA, "auth.12"); + config.setOAURL(oaURL); Logger.info("Dispatch SAML1 Request: OAURL=" + oaURL); + if (!ParamValidatorUtils.isValidSourceID(sourceID)) + throw new WrongParametersException("StartAuthentication", PARAM_SOURCEID, "auth.12"); + + //load Target only from OA config OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() .getOnlineApplicationParameter(oaURL); @@ -131,6 +139,8 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants { new Object[] { oaURL }); } + config.setSourceID(sourceID); + config.setTarget(oaParam.getTarget()); // request.getSession().setAttribute(PARAM_OA, oaURL); |