From 27b4ca05aeac39b0a180a13e44ed354e80fb47dd Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Wed, 26 Feb 2014 19:28:55 +0100
Subject: attribute collector

---
 .../data/deploy/conf/moa-id/stork/SamlEngine.xml   | 16 ++++
 .../conf/moa-id/stork/StorkSamlEngine_VIDP.xml     | 93 ++++++++++++++++++++++
 .../id/protocols/stork2/AttributeCollector.java    | 30 +++++--
 .../id/protocols/stork2/AuthenticationRequest.java |  2 +
 4 files changed, 133 insertions(+), 8 deletions(-)
 create mode 100644 id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_VIDP.xml

diff --git a/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml b/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml
index e6a29ea18..75245d8f0 100644
--- a/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml
+++ b/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml
@@ -33,5 +33,21 @@
                 </configuration>
         </instance>
 
+        <instance name="VIDP">
+                <!-- Configurations parameters StorkSamlEngine  -->
+                <configuration name="SamlEngineConf">
+                        <parameter name="fileConfiguration" value="StorkSamlEngine_VIDP.xml" />
+                </configuration>
+
+                <!-- Settings module signature-->
+                <configuration name="SignatureConf">
+                        <!-- Specific signature module -->
+                        <parameter name="class" value="eu.stork.peps.auth.engine.core.impl.SignSW" />
+                        <!-- Settings specific module -->
+                        <parameter name="fileConfiguration" value="SignModule_incoming.xml" />
+                </configuration>
+        </instance>
+
+
 	
 </instances>
diff --git a/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_VIDP.xml b/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_VIDP.xml
new file mode 100644
index 000000000..fb786529a
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_VIDP.xml
@@ -0,0 +1,93 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+	<comment>SAML constants for AuthnRequests and Responses.</comment>
+
+	<!--
+		Types of consent obtained from the user for this authentication and
+		data transfer.
+		Allow values: 'unspecified'.
+	-->
+	<entry key="consentAuthnRequest">unspecified</entry>
+	
+	<!--
+	Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'.
+	-->
+	<entry key="consentAuthnResponse">obtained</entry>
+
+	<!--URI representing the classification of the identifier
+		Allow values: 'entity'.
+	-->
+	<entry key="formatEntity">entity</entry>
+
+	<!--Only HTTP-POST binding is only supported for inter PEPS-->
+	<!--The SOAP binding is only supported for direct communication between SP-MW and VIdP-->
+	<entry key="protocolBinding">HTTP-POST</entry>
+	
+	
+	
+	
+	<!--URI representing the classification of the identifier
+		Allow values: 'entity'.
+		<entry key="eIDSectorShare">true</entry>
+		<entry key="eIDCrossSectorShare">true</entry>
+		<entry key="eIDCrossBorderShare">true</entry>
+	-->
+	
+	
+	
+	<!-- A friendly name for the attribute that can be displayed to a user -->
+	<entry key="friendlyName">false</entry>
+	
+	<!-- A friendly name for the attribute that can be displayed to a user -->
+	<entry key="isRequired">true</entry>
+	
+	<!--PEPS in the Service Provider's country-->
+	<entry key="requester">http://S-PEPS.gov.xx</entry>
+
+	<!--PEPS in the citizen's origin country-->
+	<entry key="responder">http://C-PEPS.gov.xx</entry>
+
+	<!--Subject cannot be confirmed on or after this seconds time (positive number)-->
+	<entry key="timeNotOnOrAfter">300</entry>
+	
+	<!--Validation IP of the response-->
+	<entry key="ipAddrValidation">false</entry>
+	
+	
+	<!--Subject Attribute Definitions-->
+	<entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
+	<entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
+	<entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
+	<entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
+	<entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
+	<entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
+	<entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
+	<entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
+	<entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
+	<entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
+	<entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
+	<entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
+	<entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
+	<entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
+	<entry key="age">http://www.stork.gov.eu/1.0/age</entry>
+	<entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
+
+	<entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
+	<entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
+
+	<entry key="title">http://www.stork.gov.eu/1.0/title</entry>
+	<entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
+
+	<entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
+	<entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry>
+	
+	<entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
+	<entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
+	<entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+	<entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry>
+	<entry key="representative">http://www.stork.gov.eu/1.0/representative</entry>
+	<entry key="represented">http://www.stork.gov.eu/1.0/represented</entry>
+	
+</properties>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index bc5a0c0c6..57c68e94c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -69,6 +69,7 @@ public class AttributeCollector implements IAction {
             } catch (UnsupportedAttributeException e1) {
                 // the current provider cannot find anything familiar within the
                 // provided httpreq. Try the next one.
+                // TODO check the loop
             }
 
         if (null == newAttributes) {
@@ -89,6 +90,8 @@ public class AttributeCollector implements IAction {
             throw new MOAIDException("stork.11", null);
         }
 
+
+
         // - insert the embedded attribute(s) into the container
         for (PersonalAttribute current : newAttributes)
             container.getResponse().getPersonalAttributeList().add(current);
@@ -117,6 +120,7 @@ public class AttributeCollector implements IAction {
             if (!responseAttributeList.containsKey(current))
                 missingAttributes.add(current);
 
+        // Try to get all missing attributes
         try {
             // for each attribute still missing
             for (PersonalAttribute currentAttribute : missingAttributes) {
@@ -138,6 +142,16 @@ public class AttributeCollector implements IAction {
 
                 }
             }
+
+            // build response
+            generateSTORKResponse();
+
+            // set new http response
+            generateRedirectResponse();
+            response = httpResp;
+
+            return "12345"; // AssertionId
+
         } catch (ExternalAttributeRequestRequiredException e) {
             // the attribute request is ongoing and requires an external service.
             try {
@@ -145,6 +159,13 @@ public class AttributeCollector implements IAction {
                 // - generate new key
                 String newArtifactId = new SecureRandomIdentifierGenerator()
                         .generateIdentifier();
+                // - put container in temporary store.
+                AssertionStorage.getInstance().put(newArtifactId, container);
+
+                // add container-key to redirect embedded within the return URL
+                e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam);
+
+
             } catch (Exception e1) {
                 // TODO should we return the response as is to the PEPS?
                 Logger.error("Error putting incomplete Stork response into temporary storage", e);
@@ -154,14 +175,7 @@ public class AttributeCollector implements IAction {
             return "12345"; // TODO what to do here?
         }
 
-        // build response
-        generateSTORKResponse();
-
-        // set new http response
-        generateRedirectResponse();
-        response = httpResp;
 
-        return "12345"; // AssertionId
     }
 
 
@@ -171,7 +185,7 @@ public class AttributeCollector implements IAction {
 
         try {
             //Get SAMLEngine instance
-            STORKSAMLEngine engine = STORKSAMLEngine.getInstance("vidp");
+            STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
             Logger.debug("Starting generation of SAML response");
             authnResponse = engine.generateSTORKAuthnResponse(authnRequest, authnResponse, container.getRemoteAddress(), false);
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index b3f009ae2..d4996c26a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -105,6 +105,8 @@ public class AuthenticationRequest implements IAction {
         // - memorize the target url were we have to return the result
         container.setTarget(((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL());
 
+        container.setRemoteAddress(httpReq.getRemoteAddr());
+
 
         Logger.debug("Data container prepared");
 
-- 
cgit v1.2.3