From 4ade7db6124eec07aebf087721d3d478f92bdaad Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Wed, 12 Mar 2014 09:59:19 +0100
Subject: added consent-checkbox to config ui

---
 .../moa/id/configuration/data/oa/OASTORKConfig.java         | 10 ++++++++++
 .../moa/id/configuration/struts/action/EditOAAction.java    |  1 +
 .../src/main/resources/applicationResources.properties      |  1 +
 id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp      |  6 ++++++
 .../gv/egovernment/moa/id/config/auth/OAAuthParameter.java  |  5 ++++-
 .../moa/id/protocols/stork2/AttributeCollector.java         |  7 ++++++-
 .../src/main/resources/config/moaid_config_2.0.xsd          | 13 +++++++++----
 7 files changed, 37 insertions(+), 6 deletions(-)

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
index 929a3673c..d9f2a4d85 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
@@ -84,6 +84,7 @@ public class OASTORKConfig {
 				
 				// fetch vidp config
 				setVidpEnabled(config.isVidpEnabled());
+				setRequireConsent(config.isRequireConsent());
 
 				attributeProviderPlugins = config.getAttributeProviders();
 				// - if no attribute providers are configured, add a dummy
@@ -150,6 +151,7 @@ public class OASTORKConfig {
 	 */
 	private boolean vidpEnabled = false;
 	private List<AttributeProviderPlugin> attributeProviderPlugins = new ArrayList<AttributeProviderPlugin>();
+	private boolean requireConsent;
 
 	public List<String> getAvailableAttributeProviderPlugins() {
 		return AttributeProviderFactory.getAvailablePlugins();
@@ -170,4 +172,12 @@ public class OASTORKConfig {
 	public void setVidpEnabled(boolean update) {
 		vidpEnabled = update;
 	}
+	
+	public boolean isRequireConsent() {
+		return requireConsent;
+	}
+	
+	public void setRequireConsent(boolean update) {
+		requireConsent = update;
+	}
 }
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
index 370923ca1..f8a12e58b 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
@@ -1036,6 +1036,7 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware,
         stork.setQaa(storkOA.getQaa());
         stork.setOAAttributes(storkOA.getAttributes());
         stork.setVidpEnabled(storkOA.isVidpEnabled());
+        stork.setRequireConsent(storkOA.isRequireConsent());
         stork.setAttributeProviders(storkOA.getAttributeProviderPlugins());
 
         try {
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources.properties b/id/ConfigWebTool/src/main/resources/applicationResources.properties
index ef52892b3..18d19c06b 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources.properties
@@ -278,6 +278,7 @@ webpages.oaconfig.oauth20.clientSecret=Client Passwort
 webpages.oaconfig.oauth20.redirectUri=Redirect Uri 
 
 webpages.oaconfig.vidp.enabled=VIDP interface aktiv
+webpages.oaconfig.vidp.requireconsent=Zustimmung f\u00FCr das Ausliefern der Attribute vom Benutzer einholen?
 webpages.oaconfig.vidp.ap.new=Neuen Attribut Provider erstellen
 webpages.oaconfig.vidp.ap.remove=Entfernen
 webpages.oaconfig.vidp.ap.list=Liste der konfigurierten Attribut Provider
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp
index 78ad500ef..6749b5131 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp
@@ -537,6 +537,12 @@
 								key="webpages.oaconfig.vidp.enabled"
 								cssClass="checkbox"
 								id="OAuseVidp" /></p>
+							<p><s:checkbox name="storkOA.requireConsent" 
+								value="%{storkOA.requireConsent}"
+								labelposition="left"
+								key="webpages.oaconfig.vidp.requireconsent"
+								cssClass="checkbox"
+								id="OArequireConsent" /></p>
 							<h5><%=LanguageHelper.getGUIString("webpages.oaconfig.vidp.ap.list", request) %></h5>
 							<table id="stork_aplist">
 								<tr><th>AP Plugin</th><th>URL</th><th>Attribute (CSV)</th></tr>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
index d1de20c4d..31ba64be0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
@@ -67,7 +67,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;
 import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
 import at.gv.egovernment.moa.id.config.ConfigurationUtils;
 import at.gv.egovernment.moa.id.config.OAParameter;
-import at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider;
 import at.gv.egovernment.moa.id.util.FormBuildUtils;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
@@ -350,6 +349,10 @@ public List<OAStorkAttribute> getRequestedAttributes() {
 	return oa_auth.getOASTORK().getOAAttributes();
 }
 
+public boolean isRequireConsentForStorkAttributes() {
+	return oa_auth.getOASTORK().isRequireConsent();
+}
+
 public List<AttributeProviderPlugin> getStorkAPs() {
 	return oa_auth.getOASTORK().getAttributeProviders();
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 5d972ba00..7dbbb5734 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -148,7 +148,12 @@ public class AttributeCollector implements IAction {
 					// else, update any existing attributes
 					addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes);
             }
-            	new ConsentEvaluatorSepp().requestConsent(container, response, oaParam);
+            
+            // ask for consent if necessary
+            if(oaParam.isRequireConsentForStorkAttributes())
+            	new ConsentEvaluator().requestConsent(container, response, oaParam);
+            else
+            	new ConsentEvaluator().generateSTORKResponse(response, container);
 
             return "12345"; // AssertionId
 
diff --git a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
index b7e8f6ff3..936363169 100644
--- a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
+++ b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
@@ -883,11 +883,16 @@
 	<xsd:element name="OA_STORK">
 		<xsd:complexType>
 			<xsd:sequence>
-				<xsd:element name="StorkLogonEnabled" type="xsd:boolean"/>
-				<xsd:element ref="Qaa" minOccurs="0" maxOccurs="1"/>
-				<xsd:element ref="OAAttributes" minOccurs="0" maxOccurs="unbounded"/>
+				<xsd:element name="StorkLogonEnabled"
+					type="xsd:boolean" />
+				<xsd:element ref="Qaa" minOccurs="0" maxOccurs="1" />
+				<xsd:element ref="OAAttributes" minOccurs="0"
+					maxOccurs="unbounded" />
 				<xsd:element name="VidpEnabled" type="xsd:boolean"></xsd:element>
-				<xsd:element ref="AttributeProviders" maxOccurs="unbounded" minOccurs="0"></xsd:element>
+				<xsd:element ref="AttributeProviders"
+					maxOccurs="unbounded" minOccurs="0">
+				</xsd:element>
+				<xsd:element name="requireConsent" type="xsd:boolean"></xsd:element>
 			</xsd:sequence>
 		</xsd:complexType>
 	</xsd:element>
-- 
cgit v1.2.3