aboutsummaryrefslogtreecommitdiff
path: root/id
diff options
context:
space:
mode:
Diffstat (limited to 'id')
-rw-r--r--id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/stork.jsp3
-rw-r--r--id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css84
-rw-r--r--id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html68
-rw-r--r--id/server/idserverlib/pom.xml4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java80
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java10
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java22
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java16
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/UserRestrictionTask.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java8
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java11
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java32
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java3
-rw-r--r--id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties6
-rw-r--r--id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties2
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/AuthenticationDataBuilderTest.java2
-rw-r--r--id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java12
-rw-r--r--id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/utils/FormBuildUtils.java18
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java10
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java2
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java4
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java2
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java3
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java9
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java3
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java3
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java3
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java3
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java3
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java4
-rw-r--r--id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/CreateAuthnRequestTask.java50
-rw-r--r--id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/ReceiveAuthnResponseTask.java34
-rw-r--r--id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/utils/Utils.java45
-rw-r--r--id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/tasks/FirstBKAMobileAuthTask.java19
-rw-r--r--id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/tasks/SecondBKAMobileAuthTask.java13
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java18
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java19
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java6
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ReceiveElgaMandateResponseTask.java8
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java4
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java3
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java11
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java4
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java3
-rw-r--r--id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java2
-rw-r--r--id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java19
-rw-r--r--id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/VerifyQualifiedeIDTask.java14
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java4
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java14
-rw-r--r--id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java2
-rw-r--r--id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java16
-rw-r--r--id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java6
-rw-r--r--id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java4
54 files changed, 411 insertions, 341 deletions
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/stork.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/stork.jsp
index 76c8d069b..129b32508 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/stork.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/stork.jsp
@@ -22,7 +22,7 @@
labelposition="left"
cssClass="textfield_long"/>
-
+ <!--
<h4><%=LanguageHelper.getGUIString("webpages.oaconfig.stork.enabledcpeps", request) %></h4>
<s:checkboxlist name="storkOA.enabledCitizenCountries" list="storkOA.availableCitizenCountries" value="storkOA.enabledCitizenCountries" />
<h4><%=LanguageHelper.getGUIString("webpages.oaconfig.stork.attributes.header", request) %></h4>
@@ -39,6 +39,7 @@
</tr>
</s:iterator>
</table>
+ -->
</div>
</div>
diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css b/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css
index c8de82c50..f95106c5a 100644
--- a/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css
+++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css
@@ -87,7 +87,7 @@
}
#leftcontent {
- width: 300px;
+ width: 400px;
/*margin-top: 30px;*/
margin: auto;
}
@@ -99,9 +99,9 @@
}
#bkulogin {
- overflow:hidden;
- min-width: 190px;
- min-height: 180px;
+ overflow:hidden;
+ min-width: 190px;
+ min-height: 180px;
/*height: 260px;*/
}
@@ -130,11 +130,16 @@
float:left;
margin-left: 40px;
}
+ #centerbutton {
+ width: 30%
+ float: middle;
+ }
+
#rightbutton {
width: 30%;
float:right;
- margin-right: 45px;
+ margin-right: 40px;
text-align: right;
}
@@ -266,7 +271,7 @@
}
}
- @media screen and (max-width: 399px) and (min-width: 300px) {
+ @media screen and (max-width: 399px) and (min-width: 400px) {
#localBKU p {
font-size: 0.9em;
}
@@ -381,15 +386,14 @@
visibility: hidden;
}
- #leftcontent {
- visibility: visible;
- margin-bottom: 0px;
- text-align: left;
- border:none;
- vertical-align: middle;
- min-height: 173px;
- min-width: 204px;
-
+ #leftcontent {
+ visibility: visible;
+ margin-bottom: 0px;
+ text-align: left;
+ border:none;
+ vertical-align: middle;
+ min-height: 173px;
+ min-width: 204px;
}
#bku_header {
@@ -452,13 +456,14 @@
}
#leftbutton {
- width: 35%;
+ width: 30%;
float:left;
margin-left: 15px;
}
+
#rightbutton {
- width: 35%;
+ width: 30%;
float:right;
margin-right: 25px;
text-align: right;
@@ -479,12 +484,17 @@
padding-top: 4%;
height: 10%;
position: relative;
- text-align: center;
+ text-align: left;
}
.verticalcenter {
vertical-align: middle;
}
+
+ .mandate{
+ float: left;
+ margin-left: 4%;
+ }
#mandateLogin div {
clear: both;
@@ -509,29 +519,37 @@
#bkukarte {
float:left;
text-align:center;
- width:40%;
- min-height: 70px;
- padding-left: 5%;
- padding-top: 2%;
+ width:33%;
+ min-height: 90px;
+
+ padding-top: 2%;
}
#bkuhandy {
- float:right;
+ float:left;
text-align:center;
- width:40%;
- min-height: 90px;
- padding-right: 5%;
- padding-top: 2%;
+ width:33%;
+ min-height: 90px;
+
+ padding-top: 2%;
}
+ #bkueulogin {
+ float:left;
+ text-align:center;
+ width:33%;
+ min-height: 90px;
+ padding-top: 2%;
+
+ }
- .bkuimage {
- width: 60%;
- height: auto;
- margin-bottom: 10%;
- }
+ .bkuimage {
+ width: 55%;
+ height: auto;
+ margin-bottom: 10%;
+ }
#mandate{
- text-align:center;
+ text-align:left;
padding : 5px 5px 5px 5px;
}
diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html b/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html
index fe9bc2166..01249537f 100644
--- a/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html
+++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html
@@ -4,7 +4,7 @@
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
<!-- MOA-ID 2.x BKUSelection Layout CSS -->
- <link rel="stylesheet" href="$contextPath/css/buildCSS?pendingid=$pendingReqID" />
+ <link rel="stylesheet" href="$contextPath/css/buildCSS?pendingid=$pendingReqID"/>
<!-- MOA-ID 2.x BKUSelection JavaScript fucnctions-->
<script src="$contextPath/js/buildJS?pendingid=$pendingReqID"></script>
@@ -26,8 +26,8 @@
<div id="mandateLogin" class="$MANDATEVISIBLE">
<div>
<input tabindex="1" type="checkbox" name="Mandate"
- id="mandateCheckBox" class="verticalcenter" role="checkbox" $MANDATECHECKED>
- <label for="mandateCheckBox" class="verticalcenter">in
+ id="mandateCheckBox" class="mandate" role="checkbox" $MANDATECHECKED>
+ <label for="mandateCheckBox" class="mandate">in
Vertretung anmelden</label>
<!--a href="info_mandates.html"
target="_blank"
@@ -37,31 +37,41 @@
</div>
<div id="bkuselectionarea">
<div id="bkukarte">
- <img id="bkuimage" class="bkuimage" src="$contextPath/img/karte.png" alt="OnlineBKU" />
+ <img id="bkuimage" class="bkuimage" src="$contextPath/img/karte.png" alt="OnlineBKU"/>
- <!-- Remove support for Online BKU and swith the card button to local BKU-->
- <!--input name="bkuButtonOnline" type="button" onClick="bkuOnlineClicked();" tabindex="2" role="button" value="Karte" /-->
+ <!-- Remove support for Online BKU and swith the card button to local BKU-->
+ <!--input name="bkuButtonOnline" type="button" onClick="bkuOnlineClicked();" tabindex="2" role="button" value="Karte" /-->
- <form method="get" id="moaidform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent">
- <input type="hidden" name="bkuURI" value="$bkuLocal" />
- <input type="hidden" name="useMandate" id="useMandate" />
- <input type="hidden" name="SSO" id="useSSO" />
- <input type="hidden" name="ccc" id="ccc" />
- <input type="hidden" name="pendingid" value="$pendingReqID" />
- <input type="submit" value=" Karte " tabindex="4" role="button">
- </form>
+ <form method="get" id="moaidform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent">
+ <input type="hidden" name="bkuURI" value="$bkuLocal" />
+ <input type="hidden" name="useMandate" id="useMandate" />
+ <input type="hidden" name="SSO" id="useSSO" />
+ <input type="hidden" name="ccc" id="ccc" />
+ <input type="hidden" name="pendingid" value="$pendingReqID" />
+ <input type="submit" value=" Karte " tabindex="5" role="button" onclick="setMandateSelection();" />
+ </form>
- <iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/feature/bkuDetection?pendingid=$pendingReqID"></iframe>
+ <iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/feature/bkuDetection?pendingid=$pendingReqID"></iframe>
- <!-- BKU detection with static template-->
- <!--iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/iframeLBKUdetect.html"></iframe-->
-
- </div>
- <div id="bkuhandy">
- <img class="bkuimage" src="$contextPath/img/handysign.png" alt="HandyBKU" />
- <input name="bkuButtonHandy" type="button" tabindex="3" role="button" value="HANDY" />
- </div>
- </div>
+ <!-- BKU detection with static template-->
+ <!--iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/iframeLBKUdetect.html"></iframe-->
+ </div>
+
+ <div id="bkuhandy">
+ <img class="bkuimage" src="$contextPath/img/handysign.png" alt="HandyBKU" />
+ <input name="bkuButtonHandy" type="button" tabindex="3" role="button" value="HANDY" />
+ </div>
+
+
+ <div id="bkueulogin" style="$STORKVISIBLE">
+ <img class="bkuimage" src="$contextPath/img/eIDAS_small.png" alt="EULogin" />
+ <form method="get" id="moaidform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent">
+ <input type="hidden" name="useeIDAS" value="true" />
+ <input type="hidden" name="useMandate" id="useMandate" />
+ <input type="hidden" name="pendingid" value="$pendingReqID" />
+ <input name="bkuButtonEULogin" onclick="setMandateSelection();" type="submit" role="button" value="EULogin" />
+ </form>
+ </div>
<!--div id="localBKU">
<form method="get" id="moaidform" action="$contextPath$submitEndpoint"
class="verticalcenter" target="_parent">
@@ -80,7 +90,11 @@
<!--div id="ssoSessionTransferBlock">
<a href="$contextPath$submitEndpoint?pendingid=$pendingReqID&restoreSSOSession=true">>Restore SSO Session from Smartphone</a>
</div-->
-
+
+
+
+
+ <!--
<div id="stork" align="center" class="$STORKVISIBLE">
<h2 id="tabheader" class="dunkel">Home Country Selection</h2>
<p>
@@ -88,9 +102,9 @@
$countryList
</select>
<button id="eIDASButton" name="bkuButton" type="button">Proceed</button>
- <!--a href="info_stork.html" target="_blank" class="infobutton">i</a-->
+ a href="info_stork.html" target="_blank" class="infobutton">i</a
</p>
- </div>
+ </div>-->
<div id="metroDetected" class="unvisible">
<p>Anscheinend verwenden Sie Internet Explorer im
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index 9b9b13d8b..0e8b996ba 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -319,8 +319,8 @@
<artifactId>eaaf-core</artifactId>
<type>test-jar</type>
<classifier>tests</classifier>
- <version>1.0.0-snapshot</version>
- <scope>test</scope>
+ <version>1.0.0</version>
+ <scope>test</scope>
</dependency>
<!-- <dependency>
<groupId>org.opensaml</groupId>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java
index e92c3377a..f642cddc7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java
@@ -61,7 +61,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameterDecorator;
import at.gv.egovernment.moa.id.data.IMOAAuthData;
-import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
+import at.gv.egovernment.moa.id.moduls.SSOManager;
import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -142,12 +142,15 @@ public class StatisticLogger implements IStatisticLogger{
IMOAAuthData moaAuthData = (IMOAAuthData) authData;
dblog.setOatarget(moaAuthData.getBPKType());
- boolean isFederatedAuthentication = protocolRequest.getGenericData(AuthenticationManager.DATAID_INTERFEDERATIOIDP_RESPONSE) != null;
+ boolean isFederatedAuthentication = protocolRequest.getRawData(SSOManager.DATAID_INTERFEDERATIOIDP_RESPONSE) != null;
dblog.setInterfederatedSSOSession(isFederatedAuthentication);
if (isFederatedAuthentication) {
dblog.setBkutype(IOAAuthParameters.INDERFEDERATEDIDP);
- dblog.setBkuurl(protocolRequest.getGenericData(AuthenticationManager.DATAID_INTERFEDERATIOIDP_ENTITYID, String.class));
+ dblog.setBkuurl(protocolRequest.getRawData(SSOManager.DATAID_INTERFEDERATIOIDP_ENTITYID, String.class));
+
+ } else if (moaAuthData.isForeigner()) {
+ dblog.setBkutype(IOAAuthParameters.EIDAS);
} else {
dblog.setBkuurl(moaAuthData.getBkuURL());
@@ -299,7 +302,8 @@ public class StatisticLogger implements IStatisticLogger{
} else {
Logger.debug("Use MOA session information from pending-req for ErrorLogging");
- moasession = new AuthenticationSessionWrapper(errorRequest.genericFullDataStorage());
+ moasession = (IAuthenticationSession) errorRequest.getSessionData(AuthenticationSessionWrapper.class);
+
}
@@ -393,45 +397,47 @@ public class StatisticLogger implements IStatisticLogger{
private String findBKUType(String bkuURL, IOAAuthParameters dbOA) {
- if (dbOA != null) {
- if (bkuURL.equals(dbOA.getBKUURL(OAAuthParameterDecorator.HANDYBKU)))
- return IOAAuthParameters.HANDYBKU;
-
- if (bkuURL.equals(dbOA.getBKUURL(OAAuthParameterDecorator.LOCALBKU)))
- return IOAAuthParameters.LOCALBKU;
-
- if (bkuURL.equals(dbOA.getBKUURL(OAAuthParameterDecorator.THIRDBKU)))
- return IOAAuthParameters.THIRDBKU;
- }
-
- Logger.trace("Staticic Log search BKUType from DefaultBKUs");
-
- try {
- if (bkuURL.equals(authConfig.getDefaultBKUURL(IOAAuthParameters.THIRDBKU)))
- return IOAAuthParameters.THIRDBKU;
+ if (bkuURL != null) {
+ if (dbOA != null) {
+ if (bkuURL.equals(dbOA.getBKUURL(OAAuthParameterDecorator.HANDYBKU)))
+ return IOAAuthParameters.HANDYBKU;
+
+ if (bkuURL.equals(dbOA.getBKUURL(OAAuthParameterDecorator.LOCALBKU)))
+ return IOAAuthParameters.LOCALBKU;
+
+ if (bkuURL.equals(dbOA.getBKUURL(OAAuthParameterDecorator.THIRDBKU)))
+ return IOAAuthParameters.THIRDBKU;
+ }
+
+ Logger.trace("Staticic Log search BKUType from DefaultBKUs");
- if (bkuURL.equals(authConfig.getDefaultBKUURL(IOAAuthParameters.LOCALBKU)))
+ try {
+ if (bkuURL.equals(authConfig.getDefaultBKUURL(IOAAuthParameters.THIRDBKU)))
+ return IOAAuthParameters.THIRDBKU;
+
+ if (bkuURL.equals(authConfig.getDefaultBKUURL(IOAAuthParameters.LOCALBKU)))
+ return IOAAuthParameters.LOCALBKU;
+
+ if (bkuURL.equals(authConfig.getDefaultBKUURL(IOAAuthParameters.HANDYBKU)))
+ return IOAAuthParameters.HANDYBKU;
+
+ } catch (ConfigurationException e) {
+ Logger.info("Advanced Logging: Default BKUs read failed");
+ }
+
+ Logger.debug("Staticic Log search BKUType from generneric Parameters");
+
+ if (bkuURL.endsWith(GENERIC_LOCALBKU)) {
+ Logger.debug("BKUURL " + bkuURL + " is mapped to " + IOAAuthParameters.LOCALBKU);
return IOAAuthParameters.LOCALBKU;
+ }
- if (bkuURL.equals(authConfig.getDefaultBKUURL(IOAAuthParameters.HANDYBKU)))
+ if (bkuURL.startsWith(GENERIC_HANDYBKU)) {
+ Logger.debug("BKUURL " + bkuURL + " is mapped to " + IOAAuthParameters.HANDYBKU);
return IOAAuthParameters.HANDYBKU;
-
- } catch (ConfigurationException e) {
- Logger.info("Advanced Logging: Default BKUs read failed");
- }
-
- Logger.debug("Staticic Log search BKUType from generneric Parameters");
-
- if (bkuURL.endsWith(GENERIC_LOCALBKU)) {
- Logger.debug("BKUURL " + bkuURL + " is mapped to " + IOAAuthParameters.LOCALBKU);
- return IOAAuthParameters.LOCALBKU;
+ }
}
- if (bkuURL.startsWith(GENERIC_HANDYBKU)) {
- Logger.debug("BKUURL " + bkuURL + " is mapped to " + IOAAuthParameters.HANDYBKU);
- return IOAAuthParameters.HANDYBKU;
- }
-
Logger.debug("BKUURL " + bkuURL + " is mapped to " + IOAAuthParameters.AUTHTYPE_OTHERS);
return IOAAuthParameters.AUTHTYPE_OTHERS;
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index a13455972..2c14af463 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -129,12 +129,12 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
public IAuthData buildAuthenticationData(IRequest pendingReq) throws EAAFAuthenticationException {
try {
return buildAuthenticationData(pendingReq,
- new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage()),
+ pendingReq.getSessionData(AuthenticationSessionWrapper.class),
pendingReq.getServiceProviderConfiguration(OAAuthParameterDecorator.class));
} catch (ConfigurationException | BuildException | WrongParametersException | DynamicOABuildException | EAAFBuilderException e) {
Logger.warn("Can not build authentication data from session information");
- throw new EAAFAuthenticationException("TODO", new Object[]{}, e);
+ throw new EAAFAuthenticationException("builder.11", new Object[]{}, e);
}
@@ -186,14 +186,14 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
if (oaParam.isSTORKPVPGateway())
oaParam = DynamicOAAuthParameterBuilder.buildFromAuthnRequest(oaParam, pendingReq);
- Boolean isMinimalFrontChannelResp = pendingReq.getGenericData(
+ Boolean isMinimalFrontChannelResp = pendingReq.getRawData(
MOAIDAuthConstants.DATAID_INTERFEDERATION_MINIMAL_FRONTCHANNEL_RESP, Boolean.class);
if (isMinimalFrontChannelResp != null && isMinimalFrontChannelResp) {
//only set minimal response attributes
authdata.setQAALevel(
- pendingReq.getGenericData(MOAIDAuthConstants.DATAID_INTERFEDERATION_QAALEVEL, String.class));
+ pendingReq.getRawData(MOAIDAuthConstants.DATAID_INTERFEDERATION_QAALEVEL, String.class));
authdata.setBPK(
- pendingReq.getGenericData(MOAIDAuthConstants.DATAID_INTERFEDERATION_NAMEID, String.class));
+ pendingReq.getRawData(MOAIDAuthConstants.DATAID_INTERFEDERATION_NAMEID, String.class));
} else {
//build AuthenticationData from MOASession
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
index a43e6a7fb..399ecc022 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
@@ -191,7 +191,7 @@ public class CreateXMLSignatureRequestBuilder implements Constants {
String sectorName = null;
- String saml1Target = pendingReq.getGenericData(
+ String saml1Target = pendingReq.getRawData(
MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, String.class);
if (MiscUtil.isNotEmpty(saml1Target)) {
target = saml1Target;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
index 926bfe242..cadaec2a0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
@@ -45,6 +45,7 @@ import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import java.util.Map.Entry;
import org.apache.commons.collections4.map.HashedMap;
@@ -235,13 +236,17 @@ public class AuthenticationSession implements Serializable, IAuthenticationSessi
*/
@Override
public X509Certificate getSignerCertificate() {
- try {
- return new X509Certificate(signerCertificate);
- }
- catch (CertificateException e) {
- Logger.warn("Signer certificate can not be loaded from session database!", e);
- return null;
+ if (signerCertificate != null && signerCertificate.length > 0) {
+ try {
+ return new X509Certificate(signerCertificate);
+ }
+ catch (CertificateException e) {
+ Logger.warn("Signer certificate can not be loaded from session database!", e);
+
+ }
}
+
+ return null;
}
/* (non-Javadoc)
@@ -665,8 +670,9 @@ public class AuthenticationSession implements Serializable, IAuthenticationSessi
result.put(VALUE_SIGNER_CERT, getSignerCertificate());
result.put(VALUE_VERIFYSIGRESP, getXMLVerifySignatureResponse());
- result.putAll(genericSessionDataStorate);
-
+ for (Entry<String, Object> el : genericSessionDataStorate.entrySet())
+ result.put(GENERIC_PREFIX + el.getKey(), el.getValue());
+
return Collections.unmodifiableMap(result);
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java
index b976cba9e..375b144d7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java
@@ -78,13 +78,8 @@ public class EvaluateSSOConsentsTaskImpl extends AbstractAuthServletTask {
//defaultTaskInitialization(request, executionContext);
//check SSO session cookie and MOASession object
- String ssoId = ssoManager.getSSOSessionID(request);
- boolean isValidSSOSession = ssoManager.isValidSSOSession(ssoId, pendingReq);
-
- //load MOA SSO-session from database
- AuthenticationSession ssoMOSSession = authenticatedSessionStorage.getInternalSSOSession(pendingReq.getInternalSSOSessionIdentifier());
-
- if (!(isValidSSOSession && ssoMOSSession.isAuthenticated() )) {
+ String ssoId = ssoManager.getSSOSessionID(request);
+ if (!(ssoManager.isValidSSOSession(ssoId, pendingReq))) {
Logger.info("Single Sign-On consents evaluator found NO valid SSO session. Stopping authentication process ...");
throw new AuthenticationException("auth.30", null);
@@ -95,9 +90,12 @@ public class EvaluateSSOConsentsTaskImpl extends AbstractAuthServletTask {
//user allow single sign-on authentication
if (ssoConsents) {
-
+ //load MOA SSO-session from database
+ AuthenticationSession ssoMOSSession = authenticatedSessionStorage.getInternalSSOSession(pendingReq.getInternalSSOSessionIdentifier());
+
+
//Populate this pending request with SSO session information
- pendingReq.setGenericDataToSession(ssoMOSSession.getKeyValueRepresentationFromAuthSession());;
+ pendingReq.setRawDataToTransaction(ssoMOSSession.getKeyValueRepresentationFromAuthSession());;
//authenticate pending-request
pendingReq.setAuthenticated(true);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/UserRestrictionTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/UserRestrictionTask.java
index 7d9a2c28c..acaf21682 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/UserRestrictionTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/UserRestrictionTask.java
@@ -35,7 +35,7 @@ public class UserRestrictionTask extends AbstractAuthServletTask {
List<String> restrictedSPs = KeyValueUtils.getListOfCSVValues(authConfig.getBasicConfiguration(CONFIG_PROPS_SP_LIST));
if (restrictedSPs.contains(spEntityId)) {
Logger.debug("SP:" + spEntityId + " has a user restrication. Check users bPK ... ");
- AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+ AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
//check if user idl is already loaded
if (moasession.getIdentityLink() == null) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
index 0e1e1bf12..ead80b117 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
@@ -138,8 +138,8 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{
resultTargetFriendlyName = targetFriendlyNameConfig;
//set info's into request-context. (It's required to support SAML1 requested target parameters)
- protocolReq.setGenericDataToSession(MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, resultTarget);
- protocolReq.setGenericDataToSession(
+ protocolReq.setRawDataToTransaction(MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, resultTarget);
+ protocolReq.setRawDataToTransaction(
MOAIDAuthConstants.AUTHPROCESS_DATA_TARGETFRIENDLYNAME, resultTargetFriendlyName);
} else {
@@ -206,7 +206,7 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{
if (!ParamValidatorUtils.isValidTemplate(req, templateURL, oaParam.getTemplateURL()))
throw new WrongParametersException("StartAuthentication", PARAM_TEMPLATE, "auth.12");
- protocolReq.setGenericDataToSession(
+ protocolReq.setRawDataToTransaction(
MOAIDAuthConstants.AUTHPROCESS_DATA_SECURITYLAYERTEMPLATE,
templateURL);
@@ -248,7 +248,7 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{
oaURL = pendingReq.getSPEntityId();
//only needed for SAML1
- String target = pendingReq.getGenericData("saml1_target", String.class);
+ String target = pendingReq.getRawData("saml1_target", String.class);
parse(moasession, target, oaURL, bkuURL, templateURL, useMandate, ccc, req, pendingReq);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index 6544766b2..77abe07af 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -60,12 +60,9 @@ import at.gv.egovernment.moa.util.MiscUtil;
@Service("MOAID_AuthenticationManager")
public class AuthenticationManager extends AbstractAuthenticationManager {
- public static final String DATAID_INTERFEDERATIOIDP_URL = "interIDPURL";
- public static final String DATAID_INTERFEDERATIOIDP_RESPONSE = "interIDPResponse";
- public static final String DATAID_REQUESTED_ATTRIBUTES = "requestedAttributes";
- public static final String DATAID_INTERFEDERATIOIDP_ENTITYID = "interIDPEntityID";
public static final String eIDAS_GENERIC_REQ_DATA_LEVELOFASSURENCE = "eIDAS_LoA";
-
+ public static final String DATAID_REQUESTED_ATTRIBUTES = "requestedAttributes";
+
public static final String MOA_SESSION = "MoaAuthenticationSession";
public static final String MOA_AUTHENTICATED = "MoaAuthenticated";
@@ -167,13 +164,13 @@ public class AuthenticationManager extends AbstractAuthenticationManager {
//set interfederation authentication flag
executionContext.put(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_INTERFEDERATION_AUTH,
MiscUtil.isNotEmpty(
- pendingReq.getGenericData(DATAID_INTERFEDERATIOIDP_URL, String.class)));
+ pendingReq.getRawData(SSOManager.DATAID_INTERFEDERATIOIDP_URL, String.class)));
//set legacy mode or BKU-selection flags
boolean leagacyMode = (legacyallowed && legacyparamavail);
executionContext.put(MOAIDAuthConstants.PROCESSCONTEXT_ISLEGACYREQUEST, leagacyMode);
executionContext.put(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_BKUSELECTION, !leagacyMode
- && MiscUtil.isEmpty(pendingReq.getGenericData(DATAID_INTERFEDERATIOIDP_URL, String.class)));
+ && MiscUtil.isEmpty(pendingReq.getRawData(SSOManager.DATAID_INTERFEDERATIOIDP_URL, String.class)));
//add additional http request parameter to context
if (leagacyMode) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
index 97c4f40cd..b5005d0c9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
@@ -23,6 +23,8 @@
package at.gv.egovernment.moa.id.moduls;
import java.util.Date;
+import java.util.Map;
+import java.util.Map.Entry;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
@@ -73,9 +75,10 @@ public class SSOManager implements ISSOManager {
private static final int INTERFEDERATIONCOOKIEMAXAGE = 5 * 60;// sec
- public static final String DATAID_INTERFEDERATIOIDP_URL = "INTERFEDERATIOIDP_URL";
- public static final String DATAID_INTERFEDERATIOIDP_RESPONSE = "INTERFEDERATIOIDP_RESPONSE";
- public static final String DATAID_INTERFEDERATIOIDP_ENTITYID = "INTERFEDERATIOIDP_ENTITYID";
+ public static final String DATAID_INTERFEDERATIOIDP_URL = "interIDPURL";
+ public static final String DATAID_INTERFEDERATIOIDP_RESPONSE = "interIDPResponse";
+ public static final String DATAID_INTERFEDERATIOIDP_ENTITYID = "interIDPEntityID";
+
@Autowired private IAuthenticationSessionStoreage authenticatedSessionStore;
@Autowired private AuthConfiguration authConfig;
@@ -166,8 +169,17 @@ public class SSOManager implements ISSOManager {
Logger.debug("Found authenticated MOASession with provided SSO-Cookie.");
revisionsLogger.logEvent(pendingReq, EVENT_SSO_SESSION_VALID);
- Logger.trace("Populatint pending request with SSO session information .... ");
- pendingReq.setGenericDataToSession(ssoMOASession.getKeyValueRepresentationFromAuthSession());
+ Logger.trace("Populatint pending request with SSO session information .... ");
+ Map<String, Object> fullSSOData = ssoMOASession.getKeyValueRepresentationFromAuthSession();
+ if (Logger.isTraceEnabled()) {
+ Logger.trace("Full SSO DataSet: ");
+ for (Entry<String, Object> el : fullSSOData.entrySet()) {
+ Logger.trace(" Key: " + el.getKey() + " Value: " + el.getValue());
+
+ }
+
+ }
+ pendingReq.setRawDataToTransaction(fullSSOData);
pendingReq.setAuthenticated(true);
}
@@ -301,7 +313,7 @@ public void updateSSOSession(IRequest pendingReq, String newSSOSessionId, SLOInf
String interIDP = httpReq.getParameter(MOAIDAuthConstants.INTERFEDERATION_IDP);
String interfederationIDP =
- protocolRequest.getGenericData(DATAID_INTERFEDERATIOIDP_URL, String.class);
+ protocolRequest.getRawData(DATAID_INTERFEDERATIOIDP_URL, String.class);
if (MiscUtil.isNotEmpty(interfederationIDP)) {
Logger.debug("Protocolspecific preprocessing already set interfederation IDP " + interfederationIDP);
return;
@@ -313,14 +325,14 @@ public void updateSSOSession(IRequest pendingReq, String newSSOSessionId, SLOInf
RequestImpl moaReq = (RequestImpl) protocolRequest;
if (MiscUtil.isNotEmpty(interIDP)) {
Logger.info("Receive SSO request for interfederation IDP " + interIDP);
- moaReq.setGenericDataToSession(DATAID_INTERFEDERATIOIDP_URL, interIDP);
+ moaReq.setRawDataToTransaction(DATAID_INTERFEDERATIOIDP_URL, interIDP);
} else {
//check if IDP cookie is set
String cookie = getValueFromCookie(httpReq, SSOINTERFEDERATION);
if (MiscUtil.isNotEmpty(cookie)) {
Logger.info("Receive SSO request for interfederated IDP from Cookie " + cookie);
- moaReq.setGenericDataToSession(DATAID_INTERFEDERATIOIDP_URL, cookie);
+ moaReq.setRawDataToTransaction(DATAID_INTERFEDERATIOIDP_URL, cookie);
deleteCookie(httpReq, httpResp, SSOINTERFEDERATION);
}
@@ -367,7 +379,7 @@ public void updateSSOSession(IRequest pendingReq, String newSSOSessionId, SLOInf
//in case of federated SSO session, jump to federated IDP for authentication
String interfederationIDP =
- protocolRequest.getGenericData(DATAID_INTERFEDERATIOIDP_URL, String.class);
+ protocolRequest.getRawData(DATAID_INTERFEDERATIOIDP_URL, String.class);
if (MiscUtil.isEmpty(interfederationIDP)) {
InterfederationSessionStore selectedIDP = authenticatedSessionStore.searchInterfederatedIDPFORSSOWithMOASession(storedSession.getSessionid());
@@ -375,7 +387,7 @@ public void updateSSOSession(IRequest pendingReq, String newSSOSessionId, SLOInf
if (selectedIDP != null) {
//no local SSO session exist -> request interfederated IDP
Logger.info("SSO Session refer to federated IDP: " + selectedIDP.getIdpurlprefix());
- protocolRequest.setGenericDataToSession(
+ protocolRequest.setRawDataToTransaction(
DATAID_INTERFEDERATIOIDP_URL, selectedIDP.getIdpurlprefix());
} else {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java
index 0f75cf63b..405e44112 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java
@@ -95,7 +95,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
dbsession.setAdditionalInformationBytes(mapper.serialize(sessionExt).getBytes("UTF-8"));
AuthenticationSession session = new AuthenticationSession(id, now,
- new AuthenticationSessionWrapper(target.genericFullDataStorage()));
+ (IAuthenticationSession)target.getSessionData(AuthenticationSessionWrapper.class));
encryptSession(session, dbsession);
//store AssertionStore element to Database
@@ -341,6 +341,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
dbsession.setSSOSession(true);
dbsession.setSSOsessionid(externalSSOSessionID);
+ dbsession.setAuthenticated(true);
//Store MOASession
entityManager.merge(dbsession);
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
index 7d6730925..66b9be341 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
@@ -114,6 +114,7 @@ builder.07=Fehlerhaftes SecurityLayer Template.
builder.08=Authentication process could NOT completed. Reason: {0}
builder.09=Can not build GUI component. Reason: {0}
builder.10=Can not create or update SSO session. SSO NOT POSSIBLE
+builder.11=Fehler beim generieren der Anmeldedaten f\u00FCr die Online Applikation
service.00=Fehler beim Aufruf des Web Service: {0}
service.01=Fehler beim Aufruf des Web Service: kein Endpoint
@@ -310,8 +311,8 @@ pvp2.25=Fehler beim Validieren der PVP2 Metadaten
##add status codes!!!!
sp.pvp2.00=Can not build PVP AuthnRequest for {0} {1}. No valid SingleSignOnService endpoint found.
-sp.pvp2.01=Can not build PVP AuthnRequest for {0} {0}. IDP is not allowed for federated authentication.
-sp.pvp2.02=Can not build PVP AuthnRequest for {0} {0}. IDP has no (valid) metadata.
+sp.pvp2.01=Can not build PVP AuthnRequest for {0}. IDP is not allowed for federated authentication.
+sp.pvp2.02=Can not build PVP AuthnRequest for {0}. IDP has no (valid) metadata.
sp.pvp2.03=Receive PVP Response from {0} with unsupported Binding.
sp.pvp2.04=Receive invalid PVP Response from {0}. No PVP metadata found.
sp.pvp2.05=Receive invalid PVP Response from {0} {1}. StatusCode:{2} Msg:{3}.
@@ -322,6 +323,7 @@ sp.pvp2.09=Receive invalid PVP Response from {0} {1}. StatusCodes:{2} {3} Msg:{4
sp.pvp2.10=Receive invalid PVP Response from {0}. No valid assertion included.
sp.pvp2.11=Receive invalid PVP Response from {0}. Assertion decryption FAILED.
sp.pvp2.12=Receive invalid PVP Response from {0}. Msg:{1}
+sp.pvp2.13=Can not build PVP AuthnRequest for {0}. Internal processing error.
oauth20.01=Fehlerhafte redirect url
oauth20.02=Fehlender oder ung\u00FCltiger Parameter "{0}"
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties
index 5d7588dd5..b878eadf3 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties
@@ -92,6 +92,7 @@ builder.07=9002
builder.08=1008
builder.09=9103
builder.10=1009
+builder.11=9102
service.00=4300
service.03=4300
@@ -122,6 +123,7 @@ sp.pvp2.09=4503
sp.pvp2.10=4502
sp.pvp2.11=4502
sp.pvp2.12=4502
+sp.pvp2.13=4501
validator.00=1102
validator.01=1102
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/AuthenticationDataBuilderTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/AuthenticationDataBuilderTest.java
index 16cdc9c12..1ea057186 100644
--- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/AuthenticationDataBuilderTest.java
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/AuthenticationDataBuilderTest.java
@@ -43,7 +43,7 @@ public class AuthenticationDataBuilderTest {
IAuthenticationSession session = new DummyAuthSession();
session.setIdentityLink(new IdentityLinkAssertionParser(new ByteArrayInputStream(Base64Utils.decode(DUMMY_IDL, false))).parseIdentityLink());
- pendingReq.setGenericDataToSession(session.getKeyValueRepresentationFromAuthSession());
+ pendingReq.setRawDataToTransaction(session.getKeyValueRepresentationFromAuthSession());
IMOAAuthData authData = (IMOAAuthData) authBuilder.buildAuthenticationData(pendingReq);
diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java
index 2fcec92c5..c9dcd291a 100644
--- a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java
+++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java
@@ -63,6 +63,7 @@ public abstract class AbstractServiceProviderSpecificGUIFormBuilderConfiguration
public static final String PARAM_OANAME = "OAName";
public static final String PARAM_COUNTRYLIST = "countryList";
+ public static final String PARAM_EIDAS_VISIBLE = "eIDASVisible";
protected IRequest pendingReq = null;
protected String templateClasspahtDir = null;
@@ -141,10 +142,15 @@ public abstract class AbstractServiceProviderSpecificGUIFormBuilderConfiguration
params.put(PARAM_BKU_URL_THIRD, oaParam.getBKUURL(IOAAuthParameters.THIRDBKU));
//set eIDAS login information if requird
- if (oaParam.isShowStorkLogin())
+ if (oaParam.isShowStorkLogin()) {
addCountrySelection(params, oaParam);
- else
- params.put(PARAM_COUNTRYLIST, "");
+ params.put(PARAM_EIDAS_VISIBLE, "");
+
+ } else {
+ params.put(PARAM_COUNTRYLIST, "");
+ params.put(PARAM_EIDAS_VISIBLE, FormBuildUtils.TEMPLATEVISIBLE);
+
+ }
FormBuildUtils.customiceLayoutBKUSelection(params, oaParam);
diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/utils/FormBuildUtils.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/utils/FormBuildUtils.java
index 53ec222dc..248bde700 100644
--- a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/utils/FormBuildUtils.java
+++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/utils/FormBuildUtils.java
@@ -50,12 +50,10 @@ public class FormBuildUtils {
private static String PARAM_MANDATEVISIBLE = "MANDATEVISIBLE";
private static String PARAM_MANDATECHECKED = "MANDATECHECKED";
- private static String PARAM_STORKVISIBLE = "STORKVISIBLE";
-
- private static final String TEMPLATEVISIBLE = " unvisible";
- private static final String TEMPLATEDISABLED = "disabled=\"true\"";
- private static final String TEMPLATECHECKED = "checked=\"true\"";
- private static final String TEMPLATE_ARIACHECKED = "aria-checked=";
+ public static final String TEMPLATEVISIBLE = " unvisible";
+ public static final String TEMPLATEDISABLED = "disabled=\"true\"";
+ public static final String TEMPLATECHECKED = "checked=\"true\"";
+ public static final String TEMPLATE_ARIACHECKED = "aria-checked=";
static {
@@ -91,12 +89,7 @@ public class FormBuildUtils {
} else
params.put(PARAM_MANDATECHECKED, TEMPLATE_ARIACHECKED + "\"false\"");
-
- if (oaParam.isShowStorkLogin())
- params.put(PARAM_STORKVISIBLE, "");
- else
- params.put(PARAM_STORKVISIBLE, TEMPLATEVISIBLE);
-
+
//add more SP specific infos
setFormCustomizatenFromSP(params, oaParam);
@@ -126,7 +119,6 @@ public class FormBuildUtils {
public static void defaultLayoutBKUSelection(Map<String, Object> params) {
params.put(PARAM_MANDATEVISIBLE, TEMPLATEVISIBLE);
params.put(PARAM_MANDATECHECKED, TEMPLATE_ARIACHECKED + "\"false\"");
- params.put(PARAM_STORKVISIBLE, TEMPLATEVISIBLE);
params.putAll(getDefaultMap());
}
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 34567131b..a77ba45a5 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -151,7 +151,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
throw new AuthenticationException("auth.00", new Object[]{pendingReq.getSPEntityId()});
//load Template
- String templateURL = pendingReq.getGenericData(
+ String templateURL = pendingReq.getRawData(
MOAIDAuthConstants.AUTHPROCESS_DATA_SECURITYLAYERTEMPLATE, String.class);
String template = null;
if (MiscUtil.isNotEmpty(templateURL)) {
@@ -450,8 +450,8 @@ public class AuthenticationServer extends BaseAuthenticationServer {
SpecificTraceLogger.trace("Req. Authblock: " + createXMLSignatureRequest);
SpecificTraceLogger.trace("OA config: " + pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class).toString());
- SpecificTraceLogger.trace("saml1RequestedTarget: " + pendingReq.getGenericData(MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, String.class));
- SpecificTraceLogger.trace("saml1RequestedFriendlyName: " + pendingReq.getGenericData(MOAIDAuthConstants.AUTHPROCESS_DATA_TARGETFRIENDLYNAME, String.class));
+ SpecificTraceLogger.trace("saml1RequestedTarget: " + pendingReq.getRawData(MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, String.class));
+ SpecificTraceLogger.trace("saml1RequestedFriendlyName: " + pendingReq.getRawData(MOAIDAuthConstants.AUTHPROCESS_DATA_TARGETFRIENDLYNAME, String.class));
return createXMLSignatureRequest;
}
@@ -547,10 +547,10 @@ public class AuthenticationServer extends BaseAuthenticationServer {
String authURL = pendingReq.getAuthURL();
@Deprecated
- String saml1RequestedTarget = pendingReq.getGenericData(
+ String saml1RequestedTarget = pendingReq.getRawData(
MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, String.class);
@Deprecated
- String saml1RequestedFriendlyName = pendingReq.getGenericData(
+ String saml1RequestedFriendlyName = pendingReq.getRawData(
MOAIDAuthConstants.AUTHPROCESS_DATA_TARGETFRIENDLYNAME, String.class);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
index a46c81d06..a2e03bc4e 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
@@ -162,7 +162,7 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion
result.put(AUTHBLOCK_TEXT_PATTERN_TIME, timeformat.format(datetime.getTime()));
//set other values from pendingReq if exists
- Map<?,?> processSpecificElements = pendingReq.getGenericData(PENDING_REQ_AUTHBLOCK_TEXT_KEY, Map.class);
+ Map<?,?> processSpecificElements = pendingReq.getRawData(PENDING_REQ_AUTHBLOCK_TEXT_KEY, Map.class);
if (processSpecificElements != null && !processSpecificElements.isEmpty()) {
Logger.debug("Find process-specific patterns for 'special AuthBlock-Text'. Start processing ...");
Iterator<?> mapIterator = processSpecificElements.entrySet().iterator();
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java
index f53dfae45..3eb7225a8 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java
@@ -51,8 +51,8 @@ public class CertificateReadRequestTask extends AbstractAuthServletTask {
Logger.debug("Send InfoboxReadRequest to BKU to get signer certificate.");
try {
- //execute default task initialization
- AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+ //execute default task initialization
+ AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
boolean useMandate = moasession.isMandateUsed();
boolean identityLinkAvailable = BooleanUtils.isTrue((Boolean) executionContext.get("identityLinkAvailable"));
if (!identityLinkAvailable && useMandate) {
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
index af8f780ec..50add6beb 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
@@ -64,7 +64,7 @@ public class CreateIdentityLinkFormTask extends AbstractAuthServletTask {
throws TaskExecutionException {
try {
//execute default task initialization
- AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+ AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
//normal MOA-ID authentication
Logger.debug("Starting normal MOA-ID authentication");
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
index af4abe813..e4966a53b 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
@@ -71,7 +71,7 @@ public class GetMISSessionIDTask extends AbstractAuthServletTask {
try {
//execute default task initialization
- AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+ AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
//get MIS sessionID
String misSessionID = moasession.getMISSessionID();
@@ -120,7 +120,6 @@ public class GetMISSessionIDTask extends AbstractAuthServletTask {
//revisionsLogger.logMandateEventSet(pendingReq, mandate);
//store pending request with new MOASession data information
- pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
requestStoreage.storePendingRequest(pendingReq);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java
index ab53671f2..65ae9cf91 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java
@@ -34,6 +34,7 @@ import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.EAAFException;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
+import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
@@ -87,7 +88,9 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
HttpServletRequest request, HttpServletResponse response) throws EAAFException {
Logger.info("BKU is selected -> Start BKU communication ...");
- AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+ //AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+
+ AuthenticationSessionWrapper moasession = ((RequestImpl)pendingReq).getSessionData(AuthenticationSessionWrapper.class);
boolean isLegacyRequest = false;
Object isLegacyRequestObj = executionContext.get("isLegacyRequest");
@@ -122,9 +125,9 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
//get Target from config or from request in case of SAML 1
String target = null;
- if (MiscUtil.isNotEmpty(pendingReq.getGenericData("saml1_target", String.class)) &&
+ if (MiscUtil.isNotEmpty(pendingReq.getRawData("saml1_target", String.class)) &&
pendingReq.requestedModule().equals("at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol"))
- target = pendingReq.getGenericData("saml1_target", String.class);
+ target = pendingReq.getRawData("saml1_target", String.class);
String bkuURL = oaParam.getBKUURL(bkuid);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
index d1d0ef086..a02032e74 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
@@ -50,14 +50,13 @@ public class PrepareAuthBlockSignatureTask extends AbstractAuthServletTask {
try {
//initialize task
- AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+ AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
//build authBlock
String createXMLSignatureRequest = authServer
.getCreateXMLSignatureRequestAuthBlockOrRedirect(moasession, pendingReq);
//store pending request with new MOASession data information
- pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
requestStoreage.storePendingRequest(pendingReq);
//write response
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java
index 7c9702b8b..dd7890b7e 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java
@@ -71,7 +71,7 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
//mandate Mode
try {
//perform default task initialization
- AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+ AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
ConnectionParameterInterface connectionParameters =
moaAuthConfig.getOnlineMandatesConnectionParameter(pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class));
@@ -131,7 +131,6 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
moasession.setMISSessionID(misSessionID.getSessiondId());
//store pending request with new MOASession data information
- pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
requestStoreage.storePendingRequest(pendingReq);
revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_REDIRECT);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
index 3b70c55e9..c8b562282 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
@@ -87,7 +87,7 @@ public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask {
throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_XMLRESPONSE, "auth.12");
//execute default task initialization
- AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+ AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
@@ -95,7 +95,6 @@ public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask {
authServer.verifyAuthenticationBlock(pendingReq, moasession, createXMLSignatureResponse);
//store pending request with new MOASession data information
- pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
requestStoreage.storePendingRequest(pendingReq);
}
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
index 5b207d33e..9f1f23344 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
@@ -77,7 +77,7 @@ public class VerifyCertificateTask extends AbstractAuthServletTask {
try {
//execute default task initialization
- AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+ AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
@@ -98,7 +98,6 @@ public class VerifyCertificateTask extends AbstractAuthServletTask {
authServer.getCreateXMLSignatureRequestAuthBlockOrRedirect(moasession, pendingReq);
//store pending request with new MOASession data information
- pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
requestStoreage.storePendingRequest(pendingReq);
CitizenCardServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, pendingReq, createXMLSignatureRequestOrRedirect, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyCertificate");
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java
index 99eba56c1..b7c45a032 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java
@@ -66,7 +66,7 @@ public class VerifyIdentityLinkTask extends AbstractAuthServletTask {
try {
//execute default task initialization
- AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+ AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
@@ -74,7 +74,6 @@ public class VerifyIdentityLinkTask extends AbstractAuthServletTask {
boolean identityLinkAvailable = authServer.verifyIdentityLink(pendingReq, moasession, parameters) != null;
//store pending request with new MOASession data information
- pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
requestStoreage.storePendingRequest(pendingReq);
//set 'identityLink exists' flag to context
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
index 01ef4ee26..ab9be7163 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
@@ -144,10 +144,10 @@ public class CreateXMLSignatureResponseValidator {
IIdentityLink identityLink = session.getIdentityLink();
@Deprecated
- String saml1RequestedTarget = pendingReq.getGenericData(
+ String saml1RequestedTarget = pendingReq.getRawData(
MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, String.class);
@Deprecated
- String saml1RequestedFriendlyName = pendingReq.getGenericData(
+ String saml1RequestedFriendlyName = pendingReq.getRawData(
MOAIDAuthConstants.AUTHPROCESS_DATA_TARGETFRIENDLYNAME, String.class);
try {
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/CreateAuthnRequestTask.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/CreateAuthnRequestTask.java
index c3c3331e1..c1229e3ff 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/CreateAuthnRequestTask.java
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/CreateAuthnRequestTask.java
@@ -29,7 +29,6 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.apache.commons.lang3.StringUtils;
import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
import org.opensaml.saml2.core.Attribute;
import org.opensaml.saml2.metadata.EntityDescriptor;
@@ -40,21 +39,20 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
-import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
-import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EAAFRequestedAttribute;
import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder;
import at.gv.egiz.eaaf.modules.pvp2.impl.utils.SAML2Utils;
+import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AuthnRequestBuildException;
import at.gv.egiz.eaaf.modules.pvp2.sp.impl.PVPAuthnRequestBuilder;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.EidasCentralAuthConstants;
import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.config.EidasCentralAuthRequestBuilderConfiguration;
import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.utils.EidasCentralAuthCredentialProvider;
import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.utils.EidasCentralAuthMetadataProvider;
-import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.utils.Utils;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
import at.gv.egovernment.moa.logging.Logger;
@@ -92,7 +90,7 @@ public class CreateAuthnRequestTask extends AbstractAuthServletTask {
}
// get entityID for central ms-specific eIDAS node
- String msNodeEntityID = getCentraleIDASNodeEntityId(pendingReq.getServiceProviderConfiguration());
+ String msNodeEntityID = Utils.getCentraleIDASNodeEntityId(pendingReq.getServiceProviderConfiguration(), authConfig);
if (MiscUtil.isEmpty(msNodeEntityID)) {
@@ -149,48 +147,24 @@ public class CreateAuthnRequestTask extends AbstractAuthServletTask {
throw new TaskExecutionException(pendingReq, e.getMessage(), e);
} catch (MetadataProviderException e) {
- throw new TaskExecutionException(pendingReq, "Build PVP2.1 AuthnRequest to connect 'ms-specific eIDAS node' FAILED.", e);
+
+ throw new TaskExecutionException(pendingReq,
+ "Build PVP2.1 AuthnRequest to connect 'ms-specific eIDAS node' FAILED.",
+ new AuthnRequestBuildException("sp.pvp2.02", new Object[] {"'national central eIDASNode'"},e ));
} catch (MessageEncodingException | NoSuchAlgorithmException | SecurityException e) {
- Logger.error("Build PVP2.1 AuthnRequest for SSO inderfederation FAILED", e);
- throw new TaskExecutionException(pendingReq, e.getMessage(), e);
+ Logger.error("Build PVP2.1 AuthnRequest to connect 'ms-specific eIDAS node' FAILED", e);
+ throw new TaskExecutionException(pendingReq,
+ e.getMessage(),
+ new AuthnRequestBuildException("sp.pvp2.13", new Object[] {"'national central eIDASNode'"},e ));
} catch (Exception e) {
- Logger.error("Build PVP2.1 AuthnRequest for SSO inderfederation FAILED", e);
+ Logger.error("Build PVP2.1 AuthnRequest to connect 'ms-specific eIDAS node' FAILED", e);
throw new TaskExecutionException(pendingReq, e.getMessage(), e);
}
}
- private String getCentraleIDASNodeEntityId(ISPConfiguration spConfiguration) {
- //load from service-provider configuration
- String msNodeEntityID = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_EXTERNAL_CENTRAL_EIDASNODE_SERVICE_URL);
-
- if (StringUtils.isEmpty(msNodeEntityID)) {
- Logger.debug("No SP-specific central eIDAS-node URL. Switch to general configuration ... ");
- if (authConfig instanceof AuthConfiguration) {
- AuthConfiguration moaAuthConfig = (AuthConfiguration)authConfig;
- List<String> configuratedEntityIDs = KeyValueUtils.getListOfCSVValues(
- moaAuthConfig.getConfigurationWithKey(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_CENTRAL_EIDASNODE_URL));
-
- if (configuratedEntityIDs.size() > 0)
- msNodeEntityID = configuratedEntityIDs.get(0);
- else
- Logger.info("No central eIDAS-node URL in IDP configuration. Switch to backup configuration ... ");
-
- } else
- Logger.info("Basic configuration is NOT of type '" + AuthConfiguration.class.getName()
- + "' Switch to generic Type ... ");
-
-
- if (StringUtils.isEmpty(msNodeEntityID))
- msNodeEntityID = authConfig.getBasicConfiguration(EidasCentralAuthConstants.CONFIG_PROPS_NODE_ENTITYID);
-
- }
-
- return msNodeEntityID;
- }
-
private List<EAAFRequestedAttribute> buildRequestedAttributes() {
List<EAAFRequestedAttribute> attributs = new ArrayList<EAAFRequestedAttribute>();
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/ReceiveAuthnResponseTask.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/ReceiveAuthnResponseTask.java
index c034dc95e..f3eaff11a 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/ReceiveAuthnResponseTask.java
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/ReceiveAuthnResponseTask.java
@@ -29,6 +29,7 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.transform.TransformerException;
+import org.apache.commons.lang3.StringUtils;
import org.opensaml.saml2.core.Response;
import org.opensaml.saml2.core.StatusCode;
import org.opensaml.ws.message.decoder.MessageDecodingException;
@@ -55,10 +56,12 @@ import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AssertionValidationExeption;
import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AuthnResponseValidationException;
import at.gv.egiz.eaaf.modules.pvp2.sp.impl.utils.AssertionAttributeExtractor;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.BuildException;
import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.EidasCentralAuthConstants;
import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.utils.EidasCentralAuthCredentialProvider;
import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.utils.EidasCentralAuthMetadataProvider;
+import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.utils.Utils;
import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngineSP;
@@ -129,7 +132,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
PVPSProfileResponse processedMsg = preProcessAuthResponse((PVPSProfileResponse) msg);
//validate entityId of response
- String msNodeEntityID = authConfig.getBasicConfiguration(EidasCentralAuthConstants.CONFIG_PROPS_NODE_ENTITYID);
+ String msNodeEntityID = Utils.getCentraleIDASNodeEntityId(pendingReq.getServiceProviderConfiguration(), authConfig);
String respEntityId = msg.getEntityID();
if (!msNodeEntityID.equals(respEntityId)) {
Logger.warn("Response Issuer is not a 'ms-specific eIDAS node'. Stopping eIDAS authentication ...");
@@ -155,23 +158,28 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
} catch (MessageDecodingException | SecurityException e) {
String samlRequest = request.getParameter("SAMLRequest");
Logger.warn("Receive INVALID PVP Response from 'ms-specific eIDAS node': " + samlRequest, e);
- throw new TaskExecutionException(pendingReq, "Receive INVALID PVP Response from federated IDP", e);
+ throw new TaskExecutionException(pendingReq, "Receive INVALID PVP Response from federated IDP",
+ new AuthnResponseValidationException("sp.pvp2.11", new Object[] {"'national central eIDASNode'"}, e));
} catch (IOException | MarshallingException | TransformerException e) {
Logger.warn("Processing PVP response from 'ms-specific eIDAS node' FAILED.", e);
- throw new TaskExecutionException(pendingReq, "Processing PVP response from 'ms-specific eIDAS node' FAILED.", e);
+ throw new TaskExecutionException(pendingReq, "Processing PVP response from 'ms-specific eIDAS node' FAILED.",
+ new AuthnResponseValidationException("sp.pvp2.12", new Object[] {"'national central eIDASNode'", e.getMessage()}, e));
} catch (CredentialsNotAvailableException e) {
Logger.error("PVP response decrytion FAILED. No credential found.", e);
- throw new TaskExecutionException(pendingReq, "PVP response decrytion FAILED. No credential found.", e);
+ throw new TaskExecutionException(pendingReq, "PVP response decrytion FAILED. No credential found.",
+ new AuthnResponseValidationException("sp.pvp2.10", new Object[] {"'national central eIDASNode'"}, e));
} catch (AssertionValidationExeption | AuthnResponseValidationException e) {
Logger.info("PVP response validation FAILED. Msg:" + e.getMessage());
- throw new TaskExecutionException(pendingReq, "PVP response validation FAILED.", e);
+ throw new TaskExecutionException(pendingReq, "PVP response validation FAILED.",
+ new AuthnResponseValidationException("sp.pvp2.10", new Object[] {"'national central eIDASNode'"}, e));
} catch (Exception e) {
Logger.warn("PVP response validation FAILED. Msg:" + e.getMessage(), e);
- throw new TaskExecutionException(pendingReq, "PVP response validation FAILED.", e);
+ throw new TaskExecutionException(pendingReq, "PVP response validation FAILED.",
+ new AuthnResponseValidationException("sp.pvp2.12", new Object[] {"'national central eIDASNode'", e.getMessage()}, e));
}
@@ -182,19 +190,29 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
//check if all attributes are include
if (!extractor.containsAllRequiredAttributes()
&& !extractor.containsAllRequiredAttributes(EidasCentralAuthConstants.DEFAULT_REQUIRED_PVP_ATTRIBUTE_NAMES)) {
- Logger.warn("PVP Response from federated IDP contains not all requested attributes.");
+ Logger.warn("PVP Response from 'ms-specific eIDAS node' contains not all requested attributes.");
throw new AssertionValidationExeption("sp.pvp2.06", new Object[]{EidasCentralAuthConstants.MODULE_NAME_FOR_LOGGING});
}
//copy attributes into MOASession
+ AuthenticationSessionWrapper session = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
Set<String> includedAttrNames = extractor.getAllIncludeAttributeNames();
for (String el : includedAttrNames) {
String value = extractor.getSingleAttributeValue(el);
- pendingReq.setGenericDataToSession(el, value);
+ session.setGenericDataToSession(el, value);
Logger.debug("Add PVP-attribute " + el + " into MOASession");
}
+
+ //set foreigner flag
+ session.setForeigner(true);
+ if (extractor.getFullAssertion().getIssuer() != null &&
+ StringUtils.isNotEmpty(extractor.getFullAssertion().getIssuer().getValue()))
+ session.setBkuURL(extractor.getFullAssertion().getIssuer().getValue());
+ else
+ session.setBkuURL("eIDAS_Authentication");
+
} catch (AssertionValidationExeption e) {
throw new BuildException("builder.06", null, e);
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/utils/Utils.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/utils/Utils.java
new file mode 100644
index 000000000..642008726
--- /dev/null
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/utils/Utils.java
@@ -0,0 +1,45 @@
+package at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.utils;
+
+import java.util.List;
+
+import org.apache.commons.lang3.StringUtils;
+
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.EidasCentralAuthConstants;
+import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.logging.Logger;
+
+public class Utils {
+
+ public static String getCentraleIDASNodeEntityId(ISPConfiguration spConfiguration, IConfiguration authConfig) {
+ //load from service-provider configuration
+ String msNodeEntityID = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_EXTERNAL_CENTRAL_EIDASNODE_SERVICE_URL);
+
+ if (StringUtils.isEmpty(msNodeEntityID)) {
+ Logger.debug("No SP-specific central eIDAS-node URL. Switch to general configuration ... ");
+ if (authConfig instanceof AuthConfiguration) {
+ AuthConfiguration moaAuthConfig = (AuthConfiguration)authConfig;
+ List<String> configuratedEntityIDs = KeyValueUtils.getListOfCSVValues(
+ moaAuthConfig.getConfigurationWithKey(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_CENTRAL_EIDASNODE_URL));
+
+ if (configuratedEntityIDs.size() > 0)
+ msNodeEntityID = configuratedEntityIDs.get(0);
+ else
+ Logger.info("No central eIDAS-node URL in IDP configuration. Switch to backup configuration ... ");
+
+ } else
+ Logger.info("Basic configuration is NOT of type '" + AuthConfiguration.class.getName()
+ + "' Switch to generic Type ... ");
+
+
+ if (StringUtils.isEmpty(msNodeEntityID))
+ msNodeEntityID = authConfig.getBasicConfiguration(EidasCentralAuthConstants.CONFIG_PROPS_NODE_ENTITYID);
+
+ }
+
+ return msNodeEntityID;
+ }
+}
diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/tasks/FirstBKAMobileAuthTask.java b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/tasks/FirstBKAMobileAuthTask.java
index ec43adccc..0cbf009ad 100644
--- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/tasks/FirstBKAMobileAuthTask.java
+++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/tasks/FirstBKAMobileAuthTask.java
@@ -29,7 +29,6 @@ import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
-import java.util.Date;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
@@ -57,14 +56,12 @@ import com.google.gson.JsonParser;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
-import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
-import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
import at.gv.egovernment.moa.logging.Logger;
@@ -136,9 +133,7 @@ public class FirstBKAMobileAuthTask extends AbstractAuthServletTask {
* @throws MOAIDException
* @throws IOException
*/
- private void parseDemoValuesIntoMOASession(IRequest pendingReq, String eIDBlobRawB64) throws MOAIDException, IOException {
- IAuthenticationSession moaSession = new AuthenticationSession("1235", new Date());
-
+ private void parseDemoValuesIntoMOASession(IRequest pendingReq, String eIDBlobRawB64) throws MOAIDException, IOException {
Logger.debug("Check eID blob signature ... ");
byte[] eIDBlobRaw = Base64Utils.decode(eIDBlobRawB64.trim(), false);
@@ -206,16 +201,14 @@ public class FirstBKAMobileAuthTask extends AbstractAuthServletTask {
Logger.debug("Parse eID information into MOA-Session ...");
byte[] rawIDL = Base64Utils.decode(idlB64, false);
IIdentityLink identityLink = new IdentityLinkAssertionParser(new ByteArrayInputStream(rawIDL)).parseIdentityLink();
+ AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
moaSession.setIdentityLink(identityLink);
moaSession.setUseMandates(false);
moaSession.setForeigner(false);
moaSession.setBkuURL("http://egiz.gv.at/BKA_MobileAuthTest");
moaSession.setQAALevel(PVPConstants.EIDAS_QAA_SUBSTANTIAL);
Logger.info("Session Restore completed");
-
-
- pendingReq.setGenericDataToSession(moaSession.getKeyValueRepresentationFromAuthSession());
-
+
} catch (MOAIDException e) {
throw e;
@@ -243,10 +236,6 @@ public class FirstBKAMobileAuthTask extends AbstractAuthServletTask {
Logger.error("Can not extract mobile-app binding-certificate from eID blob.", e);
throw new MOAIDException("Can not extract mobile-app binding-certificate from eID blob.", null, e);
- } catch (EAAFStorageException e) {
- Logger.error("Can not populate pending-request with eID data.", e);
- throw new MOAIDException("Can not populate pending-request with eID data.", null, e);
-
} finally {
}
diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/tasks/SecondBKAMobileAuthTask.java b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/tasks/SecondBKAMobileAuthTask.java
index 5e79aee8e..bb5700bd7 100644
--- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/tasks/SecondBKAMobileAuthTask.java
+++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/tasks/SecondBKAMobileAuthTask.java
@@ -25,7 +25,6 @@ package at.gv.egovernment.moa.id.auth.modules.bkamobileauthtests.tasks;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
-import java.util.Date;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -40,11 +39,10 @@ import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.ParseException;
import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
-import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
import at.gv.egovernment.moa.logging.Logger;
@@ -87,9 +85,8 @@ public class SecondBKAMobileAuthTask extends AbstractAuthServletTask {
* @throws MOAIDException
* @throws EAAFStorageException
*/
- private void parseDemoValuesIntoMOASession(IRequest pendingReq) throws MOAIDException, EAAFStorageException {
- IAuthenticationSession moaSession = new AuthenticationSession("1233", new Date());
-
+ private void parseDemoValuesIntoMOASession(IRequest pendingReq) throws MOAIDException, EAAFStorageException {
+ AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
moaSession.setUseMandates(false);
moaSession.setForeigner(false);
@@ -108,9 +105,7 @@ public class SecondBKAMobileAuthTask extends AbstractAuthServletTask {
throw new MOAIDException("IdentityLink is not parseable.", null);
}
-
- pendingReq.setGenericDataToSession(moaSession.getKeyValueRepresentationFromAuthSession());
-
+
}
}
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java
index 103781470..3dea62ec4 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java
@@ -24,7 +24,6 @@ package at.gv.egovernment.moa.id.auth.modules.eidas.tasks;
import java.io.InputStream;
import java.text.SimpleDateFormat;
-import java.util.Date;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -42,8 +41,8 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egiz.eaaf.core.impl.utils.DOMUtils;
import at.gv.egiz.eaaf.core.impl.utils.XPathUtils;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.modules.eidas.Constants;
import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.eIDASAttributeException;
import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils;
@@ -73,7 +72,8 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
throws TaskExecutionException {
try{
//get eIDAS attributes from MOA-Session
- ImmutableAttributeMap eIDASAttributes = pendingReq.getGenericData(
+ AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
+ ImmutableAttributeMap eIDASAttributes = moaSession.getGenericDataFromSession(
AuthenticationSessionStorageConstants.eIDAS_ATTRIBUTELIST,
ImmutableAttributeMap.class);
@@ -161,13 +161,11 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
}
revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_PEPS_IDL_RECEIVED);
- AuthenticationSession moasession = new AuthenticationSession("1234", new Date());
- moasession.setForeigner(true);
- moasession.setIdentityLink(identityLink);
- moasession.setBkuURL("Not applicable (eIDASAuthentication)");
- pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
-
-
+ moaSession.setForeigner(true);
+ moaSession.setIdentityLink(identityLink);
+ moaSession.setBkuURL("Not applicable (eIDASAuthentication)");
+
+
//store MOA-session to database
requestStoreage.storePendingRequest(pendingReq);
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java
index 55416e92b..1788facf0 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java
@@ -12,6 +12,7 @@ import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.modules.eidas.Constants;
import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetadataProvider;
import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASEngineException;
@@ -89,21 +90,19 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
// **********************************************************
//update MOA-Session data with received information
- Logger.debug("Store eIDAS response information into MOA-session.");
-
- pendingReq.setGenericDataToSession(AuthProzessDataConstants.VALUE_QAALEVEL, samlResp.getLevelOfAssurance());
-
- pendingReq.setGenericDataToSession(
+ Logger.debug("Store eIDAS response information into MOA-session.");
+ AuthenticationSessionWrapper session = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
+ session.setGenericDataToSession(AuthProzessDataConstants.VALUE_QAALEVEL, samlResp.getLevelOfAssurance());
+ session.setGenericDataToSession(
AuthenticationSessionStorageConstants.eIDAS_ATTRIBUTELIST,
- samlResp.getAttributes());
-
- pendingReq.setGenericDataToSession(
+ samlResp.getAttributes());
+ session.setGenericDataToSession(
AuthenticationSessionStorageConstants.eIDAS_RESPONSE,
decSamlToken);
//set issuer nation as PVP attribute into MOASession
- pendingReq.setGenericDataToSession(PVPConstants.EID_ISSUING_NATION_NAME, samlResp.getCountry());
-
+ session.setGenericDataToSession(PVPConstants.EID_ISSUING_NATION_NAME, samlResp.getCountry());
+
//store MOA-session to database
requestStoreage.storePendingRequest(pendingReq);
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
index 42ca6e507..d268dd2f6 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
@@ -350,15 +350,15 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController implement
pendingReq.setRemoteRelayState(relayState);
//store level of assurance
- pendingReq.setGenericDataToSession(eIDAS_GENERIC_REQ_DATA_LEVELOFASSURENCE,
+ pendingReq.setRawDataToTransaction(eIDAS_GENERIC_REQ_DATA_LEVELOFASSURENCE,
eIDASSamlReq.getEidasLevelOfAssurance().stringValue());
//set flag if transiend identifier is requested
if (MiscUtil.isNotEmpty(eIDASSamlReq.getNameIdFormat())
&& eIDASSamlReq.getNameIdFormat().equals(SamlNameIdFormat.TRANSIENT.getNameIdFormat()))
- pendingReq.setGenericDataToSession(EIDASData.REQ_PARAM_eIDAS_AUTHN_TRANSIENT_ID, true);
+ pendingReq.setRawDataToTransaction(EIDASData.REQ_PARAM_eIDAS_AUTHN_TRANSIENT_ID, true);
else
- pendingReq.setGenericDataToSession(EIDASData.REQ_PARAM_eIDAS_AUTHN_TRANSIENT_ID, false);
+ pendingReq.setRawDataToTransaction(EIDASData.REQ_PARAM_eIDAS_AUTHN_TRANSIENT_ID, false);
// - memorize requested attributes
pendingReq.setEidasRequestedAttributes(eIDASSamlReq.getRequestedAttributes());
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ReceiveElgaMandateResponseTask.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ReceiveElgaMandateResponseTask.java
index 25f303816..b1db1564e 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ReceiveElgaMandateResponseTask.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ReceiveElgaMandateResponseTask.java
@@ -55,6 +55,7 @@ import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AuthnResponseValidationExceptio
import at.gv.egiz.eaaf.modules.pvp2.sp.impl.utils.AssertionAttributeExtractor;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants;
import at.gv.egovernment.moa.id.auth.modules.elgamandates.utils.ELGAMandateServiceMetadataProvider;
import at.gv.egovernment.moa.id.auth.modules.elgamandates.utils.ELGAMandatesCredentialProvider;
@@ -162,8 +163,11 @@ public class ReceiveElgaMandateResponseTask extends AbstractAuthServletTask {
Logger.debug("Validation of PVP Response from ELGA mandate-service is complete.");
Set<String> includedAttrNames = extractor.getAllIncludeAttributeNames();
+
+ AuthenticationSessionWrapper session = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
for (String el : includedAttrNames) {
- pendingReq.setGenericDataToSession(el, extractor.getSingleAttributeValue(el));
+ session.setGenericDataToSession(el, extractor.getSingleAttributeValue(el));
+ //pendingReq.setGenericDataToSession(el, extractor.getSingleAttributeValue(el));
Logger.debug("Add PVP-attribute " + el + " into MOASession");
}
@@ -243,7 +247,7 @@ public class ReceiveElgaMandateResponseTask extends AbstractAuthServletTask {
Response samlResp = (Response) msg.getResponse();
//validate 'inResponseTo' attribute
- String authnReqID = pendingReq.getGenericData(
+ String authnReqID = pendingReq.getRawData(
MOAIDAuthConstants.DATAID_INTERFEDERATION_REQUESTID, String.class);
String inResponseTo = samlResp.getInResponseTo();
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java
index 658502d2c..50fb2cb4a 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java
@@ -114,7 +114,7 @@ public class RequestELGAMandateTask extends AbstractAuthServletTask {
EntityDescriptor entityDesc = metadataService.getEntityDescriptor(elgaMandateServiceEntityID);
//load MOASession from database
- AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+ AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
//setup AuthnRequestBuilder configuration
@@ -192,7 +192,7 @@ public class RequestELGAMandateTask extends AbstractAuthServletTask {
//set MandateReferenceValue as RequestID
authnReqConfig.setRequestID(moasession.getMandateReferenceValue());
- pendingReq.setGenericDataToSession(
+ pendingReq.setRawDataToTransaction(
MOAIDAuthConstants.DATAID_INTERFEDERATION_REQUESTID,
authnReqConfig.getRequestID());
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
index 40701d91d..0350a113c 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
@@ -28,6 +28,7 @@ import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
@@ -159,7 +160,7 @@ public class OAuth20AuthRequest extends OAuth20BaseRequest {
}
@Override
- protected void populateSpecialParameters(HttpServletRequest request) throws OAuth20Exception {
+ protected void populateSpecialParameters(HttpServletRequest request, IConfiguration authConfig) throws OAuth20Exception {
this.setResponseType(this.getParam(request, OAuth20Constants.PARAM_RESPONSE_TYPE, true));
this.setState(this.getParam(request, OAuth20Constants.PARAM_STATE, true));
this.setRedirectUri(this.getParam(request, OAuth20Constants.PARAM_REDIRECT_URI, true));
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
index 2ce5234ac..118de861c 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
@@ -30,7 +30,6 @@ import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang.StringUtils;
-import org.springframework.beans.factory.annotation.Autowired;
import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
@@ -49,9 +48,7 @@ abstract class OAuth20BaseRequest extends RequestImpl {
private static final long serialVersionUID = 1L;
protected Set<String> allowedParameters = new HashSet<String>();
-
- @Autowired(required=true) protected IConfiguration authConfig;
-
+
protected String getParam(final HttpServletRequest request, final String name, final boolean isNeeded) throws OAuth20Exception {
String param = request.getParameter(name);
Logger.debug("Reading param " + name + " from HttpServletRequest with value " + param);
@@ -65,7 +62,7 @@ abstract class OAuth20BaseRequest extends RequestImpl {
return param;
}
- protected void populateParameters(final HttpServletRequest request) throws OAuth20Exception {
+ protected void populateParameters(final HttpServletRequest request, IConfiguration authConfig) throws OAuth20Exception {
// moa id - load oa with client id!
try {
@@ -91,7 +88,7 @@ abstract class OAuth20BaseRequest extends RequestImpl {
}
// oAuth
- this.populateSpecialParameters(request);
+ this.populateSpecialParameters(request, authConfig);
// cleanup parameters
this.checkAllowedParameters(request);
@@ -115,6 +112,6 @@ abstract class OAuth20BaseRequest extends RequestImpl {
}
- protected abstract void populateSpecialParameters(final HttpServletRequest request) throws OAuth20Exception;
+ protected abstract void populateSpecialParameters(final HttpServletRequest request, IConfiguration authConfig) throws OAuth20Exception;
}
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
index 30e89d15a..9f4174bf0 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
@@ -79,7 +79,7 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController impleme
try {
pendingReq.initialize(req, authConfig);
pendingReq.setModule(OAuth20Protocol.NAME);
- pendingReq.populateParameters(req);
+ pendingReq.populateParameters(req, authConfig);
} catch (EAAFException e) {
Logger.info("OpenID-Connect request has a validation error: " + e.getMessage());
@@ -113,7 +113,7 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController impleme
try {
pendingReq.initialize(req, authConfig);
pendingReq.setModule(OAuth20Protocol.NAME);
- pendingReq.populateParameters(req);
+ pendingReq.populateParameters(req, authConfig);
} catch (EAAFException e) {
Logger.info("OpenID-Connect request has a validation error: " + e.getMessage());
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
index e14914512..89e4252b1 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
@@ -28,6 +28,7 @@ import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
@@ -124,7 +125,7 @@ class OAuth20TokenRequest extends OAuth20BaseRequest {
}
@Override
- protected void populateSpecialParameters(HttpServletRequest request) throws OAuth20Exception {
+ protected void populateSpecialParameters(HttpServletRequest request, IConfiguration authConfig) throws OAuth20Exception {
this.setCode(this.getParam(request, OAuth20Constants.RESPONSE_CODE, true));
this.setGrantType(this.getParam(request, OAuth20Constants.PARAM_GRANT_TYPE, true));
this.setClientID(this.getParam(request, OAuth20Constants.PARAM_CLIENT_ID, true));
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
index fec78d88c..3408cf538 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
@@ -167,7 +167,7 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
command, signedCommand);
//store pending request
- pendingReq.setGenericDataToSession(Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_REQID,
+ pendingReq.setRawDataToTransaction(Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_REQID,
qualeIDReqId);
requestStoreage.storePendingRequest(pendingReq);
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
index a3175713a..fc386b796 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
@@ -25,7 +25,6 @@ import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
-import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController;
import at.gv.egiz.eaaf.core.impl.utils.DataURLBuilder;
import at.gv.egiz.eaaf.core.impl.utils.StreamUtils;
import at.gv.egiz.eaaf.core.impl.utils.TransactionIDUtils;
@@ -93,7 +92,7 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
}
//validate reqId with inResponseTo
- String sl20ReqId = pendingReq.getGenericData(Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_REQID, String.class);
+ String sl20ReqId = pendingReq.getRawData(Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_REQID, String.class);
String inRespTo = SL20JSONExtractorUtils.getStringValue(sl20ReqObj, SL20Constants.SL20_INRESPTO, true);
if (sl20ReqId == null || !sl20ReqId.equals(inRespTo)) {
Logger.info("SL20 'reqId': " + sl20ReqId + " does NOT match to 'inResponseTo':" + inRespTo);
@@ -153,16 +152,16 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
}
//cache qualified eID data into pending request
- pendingReq.setGenericDataToSession(
+ pendingReq.setRawDataToTransaction(
Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_IDL,
idlB64);
- pendingReq.setGenericDataToSession(
+ pendingReq.setRawDataToTransaction(
Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_AUTHBLOCK,
authBlockB64);
- pendingReq.setGenericDataToSession(
+ pendingReq.setRawDataToTransaction(
Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_CCSURL,
ccsURL);
- pendingReq.setGenericDataToSession(
+ pendingReq.setRawDataToTransaction(
Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_LOA,
LoA);
@@ -176,7 +175,7 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
Logger.warn("SL2.0 processing error:", e);
if (sl20Result != null)
Logger.debug("Received SL2.0 result: " + sl20Result);
- pendingReq.setGenericDataToSession(
+ pendingReq.setRawDataToTransaction(
Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_IDENTIFIER_ERROR,
new TaskExecutionException(pendingReq, "SL2.0 Authentication FAILED. Msg: " + e.getMessage(), e));
@@ -185,7 +184,7 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
Logger.warn("SL2.0 Authentication FAILED with a generic error.", e);
if (sl20Result != null)
Logger.debug("Received SL2.0 result: " + sl20Result);
- pendingReq.setGenericDataToSession(
+ pendingReq.setRawDataToTransaction(
Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_IDENTIFIER_ERROR,
new TaskExecutionException(pendingReq, e.getMessage(), e));
@@ -246,7 +245,7 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
Map<String, String> reqParameters = new HashMap<String, String>();
reqParameters.put(EAAFConstants.PARAM_HTTP_TARGET_PENDINGREQUESTID, pendingReq.getPendingRequestId());
JsonObject callReqParams = SL20JSONBuilderUtils.createCallCommandParameters(
- new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), AbstractAuthProtocolModulController.ENDPOINT_FINALIZEPROTOCOL, null),
+ new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), Constants.HTTP_ENDPOINT_RESUME, null),
SL20Constants.SL20_COMMAND_PARAM_GENERAL_CALL_METHOD_GET,
false,
reqParameters);
@@ -260,7 +259,7 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
//build second redirect command for IDP
JsonObject redirectTwoParams = SL20JSONBuilderUtils.createRedirectCommandParameters(
- new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), AbstractAuthProtocolModulController.ENDPOINT_FINALIZEPROTOCOL, null),
+ new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), Constants.HTTP_ENDPOINT_RESUME, null),
redirectOneCommand, null, true);
JsonObject redirectTwoCommand = SL20JSONBuilderUtils.createCommand(SL20Constants.SL20_COMMAND_IDENTIFIER_REDIRECT, redirectTwoParams);
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/VerifyQualifiedeIDTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/VerifyQualifiedeIDTask.java
index 403423e46..6811d1016 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/VerifyQualifiedeIDTask.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/VerifyQualifiedeIDTask.java
@@ -40,7 +40,7 @@ public class VerifyQualifiedeIDTask extends AbstractAuthServletTask {
Logger.debug("Verify qualified eID data from SL20 response .... ");
try {
//check if there was an error
- TaskExecutionException sl20Error = pendingReq.getGenericData(
+ TaskExecutionException sl20Error = pendingReq.getRawData(
Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_IDENTIFIER_ERROR,
TaskExecutionException.class);
if (sl20Error != null) {
@@ -50,19 +50,19 @@ public class VerifyQualifiedeIDTask extends AbstractAuthServletTask {
}
//get data from pending request
- String sl20ReqId = pendingReq.getGenericData(
+ String sl20ReqId = pendingReq.getRawData(
Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_REQID,
String.class);
- String idlB64 = pendingReq.getGenericData(
+ String idlB64 = pendingReq.getRawData(
Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_IDL,
String.class);
- String authBlockB64 = pendingReq.getGenericData(
+ String authBlockB64 = pendingReq.getRawData(
Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_AUTHBLOCK,
String.class);
- String ccsURL = pendingReq.getGenericData(
+ String ccsURL = pendingReq.getRawData(
Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_CCSURL,
String.class);
- String LoA = pendingReq.getGenericData(
+ String LoA = pendingReq.getRawData(
Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_LOA,
String.class);
@@ -104,7 +104,7 @@ public class VerifyQualifiedeIDTask extends AbstractAuthServletTask {
//add into session
- AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+ AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
moasession.setIdentityLink(idl);
moasession.setBkuURL(ccsURL);
//TODO: from AuthBlock
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java
index 95590b51a..921e3844b 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java
@@ -91,8 +91,8 @@ public class InitializeRestoreSSOSessionTask extends AbstractAuthServletTask {
//store DH params and nonce to pending-request
SSOTransferContainer container = new SSOTransferContainer();
container.setDhParams(dhKeyIDP);
- pendingReq.setGenericDataToSession(SSOTransferConstants.PENDINGREQ_DH, container);
- pendingReq.setGenericDataToSession(SSOTransferConstants.PENDINGREQ_NONCE, nonce);
+ pendingReq.setRawDataToTransaction(SSOTransferConstants.PENDINGREQ_DH, container);
+ pendingReq.setRawDataToTransaction(SSOTransferConstants.PENDINGREQ_NONCE, nonce);
//store pending-request
requestStoreage.storePendingRequest(pendingReq);
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
index c7e42c8ab..90b74ebd7 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
@@ -27,7 +27,6 @@ import java.io.IOException;
import java.io.PrintWriter;
import java.math.BigInteger;
import java.security.MessageDigest;
-import java.util.Date;
import javax.crypto.Cipher;
import javax.crypto.spec.DHPublicKeySpec;
@@ -50,13 +49,11 @@ import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egiz.eaaf.core.impl.utils.HTTPUtils;
import at.gv.egiz.eaaf.modules.pvp2.sp.impl.utils.AssertionAttributeExtractor;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.modules.ssotransfer.SSOTransferConstants;
import at.gv.egovernment.moa.id.auth.modules.ssotransfer.data.SSOTransferContainer;
import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.GUIUtils;
import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.SSOContainerUtils;
-import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
@@ -102,8 +99,8 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask {
}
- String nonce = pendingReq.getGenericData(SSOTransferConstants.PENDINGREQ_NONCE, String.class);
- SSOTransferContainer container = pendingReq.getGenericData(
+ String nonce = pendingReq.getRawData(SSOTransferConstants.PENDINGREQ_NONCE, String.class);
+ SSOTransferContainer container = pendingReq.getRawData(
SSOTransferConstants.PENDINGREQ_DH, SSOTransferContainer.class);
if (container == null) {
throw new TaskExecutionException(pendingReq, "NO DH-Params in pending-request",
@@ -189,9 +186,8 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask {
Logger.debug("MobileDevice is valid. --> Starting session reconstruction ...");
//transfer SSO Assertion into MOA-Session
- AuthenticationSession moaSession = new AuthenticationSession("1235", new Date());
+ AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
ssoTransferUtils.parseSSOContainerToMOASessionDataObject(pendingReq, moaSession, attributeExtractor);
- pendingReq.setGenericDataToSession(moaSession.getKeyValueRepresentationFromAuthSession());
// store MOASession into database
requestStoreage.storePendingRequest(pendingReq);
@@ -249,8 +245,8 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask {
} else {
//session is valid --> load MOASession object
-
- IAuthenticationSession moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+ AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
+
DateTime moaSessionCreated = new DateTime(moasession.getSessionCreated().getTime());
if (moaSessionCreated.plusMinutes(1).isBeforeNow()) {
Logger.warn("No SSO session-container received. Stop authentication process after time-out.");
diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java
index 20fd5ebc4..d0d97e9e8 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java
+++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java
@@ -73,7 +73,7 @@ public class CreateAuthnRequestTask extends AbstractAuthServletTask {
throws TaskExecutionException {
try{
// get IDP entityID
- String idpEntityID = pendingReq.getGenericData(SSOManager.DATAID_INTERFEDERATIOIDP_URL, String.class);
+ String idpEntityID = pendingReq.getRawData(SSOManager.DATAID_INTERFEDERATIOIDP_URL, String.class);
if (MiscUtil.isEmpty(idpEntityID)) {
Logger.info("Interfederation not possible -> not inderfederation IDP EntityID found!");
diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java
index f5af84405..6b6d1a196 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java
+++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java
@@ -47,6 +47,7 @@ import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egiz.eaaf.modules.pvp2.api.binding.IDecoder;
import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
@@ -168,11 +169,11 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
//check if SP is also a federated IDP
if (spConfig.isInderfederationIDP()) {
//SP is a federated IDP --> answer only with nameID and wait for attribute-Query
- pendingReq.setGenericDataToSession(
+ pendingReq.setRawDataToTransaction(
MOAIDAuthConstants.DATAID_INTERFEDERATION_MINIMAL_FRONTCHANNEL_RESP, true);
- pendingReq.setGenericDataToSession(
+ pendingReq.setRawDataToTransaction(
MOAIDAuthConstants.DATAID_INTERFEDERATION_NAMEID, extractor.getNameID());
- pendingReq.setGenericDataToSession(
+ pendingReq.setRawDataToTransaction(
MOAIDAuthConstants.DATAID_INTERFEDERATION_QAALEVEL, extractor.getQAALevel());
authenticatedSessionStorage.
@@ -195,8 +196,8 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
}
//store valid assertion into pending-request
- pendingReq.setGenericDataToSession(SSOManager.DATAID_INTERFEDERATIOIDP_RESPONSE, processedMsg);
- pendingReq.setGenericDataToSession(SSOManager.DATAID_INTERFEDERATIOIDP_ENTITYID, processedMsg.getEntityID());
+ pendingReq.setRawDataToTransaction(SSOManager.DATAID_INTERFEDERATIOIDP_RESPONSE, processedMsg);
+ pendingReq.setRawDataToTransaction(SSOManager.DATAID_INTERFEDERATIOIDP_ENTITYID, processedMsg.getEntityID());
//store pending-request
requestStoreage.storePendingRequest(pendingReq);
@@ -297,6 +298,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
//copy attributes into MOASession
Set<String> includedAttrNames = extractor.getAllIncludeAttributeNames();
+ AuthProcessDataWrapper session = pendingReq.getSessionData(AuthProcessDataWrapper.class);
for (String el : includedAttrNames) {
String value = extractor.getSingleAttributeValue(el);
@@ -310,13 +312,13 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
}
}
- pendingReq.setGenericDataToSession(el, value);
+ session.setGenericDataToSession(el, value);
Logger.debug("Add PVP-attribute " + el + " into MOASession");
}
//set validTo from this federated IDP response
- pendingReq.setGenericDataToSession(
+ session.setGenericDataToSession(
AuthenticationSessionStorageConstants.FEDERATION_RESPONSE_VALIDE_TO,
extractor.getAssertionNotOnOrAfter());
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
index 92bcce24b..21dbb573a 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
@@ -85,14 +85,14 @@ public class GetArtifactAction implements IAction {
String samlArtifactBase64 = saml1server.BuildSAMLArtifact(oaParam, authData, sourceID);
- String oaTargetArea = req.getGenericData(SAML1Protocol.REQ_DATA_TARGET, String.class);
+ String oaTargetArea = req.getRawData(SAML1Protocol.REQ_DATA_TARGET, String.class);
if (authData.isSsoSession()) {
String url = req.getAuthURL() + RedirectServlet.SERVICE_ENDPOINT;
url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(oaURL, "UTF-8"));
if (MiscUtil.isNotEmpty(oaTargetArea))
url = addURLParameter(url, MOAIDAuthConstants.PARAM_TARGET,
- URLEncoder.encode(req.getGenericData(SAML1Protocol.REQ_DATA_TARGET, String.class), "UTF-8"));
+ URLEncoder.encode(req.getRawData(SAML1Protocol.REQ_DATA_TARGET, String.class), "UTF-8"));
url = addURLParameter(url, MOAIDAuthConstants.PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
url = httpResp.encodeRedirectURL(url);
@@ -104,7 +104,7 @@ public class GetArtifactAction implements IAction {
String redirectURL = oaURL;
if (MiscUtil.isNotEmpty(oaTargetArea)) {
redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_TARGET,
- URLEncoder.encode(req.getGenericData(SAML1Protocol.REQ_DATA_TARGET, String.class), "UTF-8"));
+ URLEncoder.encode(req.getRawData(SAML1Protocol.REQ_DATA_TARGET, String.class), "UTF-8"));
}
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index 398119a7f..30d740a2a 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -193,7 +193,7 @@ public class SAML1Protocol extends AbstractAuthProtocolModulController implement
revisionsLogger.logEvent(pendingRequest, MOAIDEventConstants.AUTHPROTOCOL_SAML1_AUTHNREQUEST);
if (MiscUtil.isNotEmpty(target)) {
- pendingRequest.setGenericDataToSession(REQ_DATA_TARGET, target);
+ pendingRequest.setRawDataToTransaction(REQ_DATA_TARGET, target);
pendingRequest.setTarget(MOAIDAuthConstants.PREFIX_CDID + target);
} else {
@@ -201,7 +201,7 @@ public class SAML1Protocol extends AbstractAuthProtocolModulController implement
pendingRequest.setTarget(targetArea);
if (targetArea.startsWith(MOAIDAuthConstants.PREFIX_CDID))
- pendingRequest.setGenericDataToSession(REQ_DATA_TARGET,
+ pendingRequest.setRawDataToTransaction(REQ_DATA_TARGET,
targetArea.substring(MOAIDAuthConstants.PREFIX_CDID.length()));