From 5af029d47de31ceb0b171b3fe39744722a5adb63 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 5 Jul 2013 11:56:00 +0200
Subject: =?UTF-8?q?Gilt=20nicht=20f=C3=BCr=20den=20privatwirtschaftlichen?=
 =?UTF-8?q?=20Modus.=20=20--=20Der=20IdentityLink=20beinhaltet=20ab=20dies?=
 =?UTF-8?q?em=20Commit=20wieder=20die=20Stammzahl!!!=20=20--=20Diese=20wir?=
 =?UTF-8?q?d=20f=C3=BCr=20den=20AuthBlock=20und=20zur=20Generierung=20des?=
 =?UTF-8?q?=20AuthData=20Objekts=20umgerechnet.=20=20--=20AuthData.Identit?=
 =?UTF-8?q?yLinkValue=20h=C3=A4lt=20jetzt=20ebenfalls=20die=20Stammzahl!!!?=
 =?UTF-8?q?=20=20--=20Die=20bPK=20oder=20wbPK=20sind=20im=20jeweiligen=20E?=
 =?UTF-8?q?lement=20AuthData.bPK=20oder=20AuthData.wbPK=20abgelegt.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../moa/id/auth/AuthenticationServer.java          | 71 ++++++++++++++--------
 .../id/auth/servlet/VerifyIdentityLinkServlet.java | 50 +++++++--------
 2 files changed, 71 insertions(+), 50 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index aef247edb..87bd4ffea 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -744,20 +744,19 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 					.getOnlineApplicationParameter(
 							session.getPublicOAURLPrefix());
 
+		//TODO: CHECK!! is moved to buildAuthenticationBlock to hold the baseID in identitylink 		
 		// if (!fromMandate) {
 		// BZ.., calculate bPK for signing to be already present in AuthBlock
-		IdentityLink identityLink = session.getIdentityLink();
-		if (identityLink.getIdentificationType().equals(
-				Constants.URN_PREFIX_BASEID)) {
-			// only compute bPK if online application is a public service and we
-			// have the Stammzahl
-			String bpkBase64 = new BPKBuilder().buildBPK(identityLink
-					.getIdentificationValue(), session.getTarget());
-			identityLink.setIdentificationValue(bpkBase64);
-			
-			//TODO: insert correct Type!!!!
-			identityLink.setIdentificationType(Constants.URN_PREFIX_CDID + "+" + session.getTarget());
-		}
+//		IdentityLink identityLink = session.getIdentityLink();
+//		if (identityLink.getIdentificationType().equals(
+//				Constants.URN_PREFIX_BASEID)) {
+//			// only compute bPK if online application is a public service and we
+//			// have the Stammzahl
+//			String bpkBase64 = new BPKBuilder().buildBPK(identityLink
+//					.getIdentificationValue(), session.getTarget());
+//			identityLink.setIdentificationValue(bpkBase64);
+//			identityLink.setIdentificationType(Constants.URN_PREFIX_CDID + "+" + session.getTarget());
+//		}
 		// ..BZ
 		// }
 
@@ -1025,12 +1024,32 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 */
 	private String buildAuthenticationBlock(AuthenticationSession session,
 			OAAuthParameter oaParam) throws BuildException {
+		
 		IdentityLink identityLink = session.getIdentityLink();
 		String issuer = identityLink.getName();
 		String gebDat = identityLink.getDateOfBirth();
-		String identificationValue = identityLink.getIdentificationValue();
-		String identificationType = identityLink.getIdentificationType();
 
+		String identificationValue = null;
+		String identificationType = null;
+		
+		if (identityLink.getIdentificationType().equals(
+				Constants.URN_PREFIX_BASEID)) {
+			// only compute bPK if online application is a public service and we
+			// have the Stammzahl
+			String bpkBase64 = new BPKBuilder().buildBPK(identityLink
+					.getIdentificationValue(), session.getTarget());
+			
+			identificationValue = bpkBase64;
+			identificationType = Constants.URN_PREFIX_CDID + "+" + session.getTarget();
+			
+//			identityLink.setIdentificationValue(bpkBase64);
+//			identityLink.setIdentificationType(Constants.URN_PREFIX_CDID + "+" + session.getTarget());
+		
+		} else {
+			identificationValue = identityLink.getIdentificationValue();
+			identificationType = identityLink.getIdentificationType();
+		}
+			
 		String issueInstant = DateTimeUtils.buildDateTime(Calendar
 				.getInstance(), oaParam.getUseUTC());
 		session.setIssueInstant(issueInstant);
@@ -2441,19 +2460,19 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 				//we have Austrian citizen
 				if (businessService) {
 					authData.setWBPK(identityLink.getIdentificationValue());
+					
 				} else {
-					authData.setBPK(identityLink.getIdentificationValue());
-	
-					// BZ.., calculation of bPK already before sending AUTHBlock
-					/*
-					 * if(identityLink.getIdentificationType().equals(Constants.
-					 * URN_PREFIX_BASEID)) { // only compute bPK if online
-					 * application is a public service and we have the Stammzahl
-					 * String bpkBase64 = new BPKBuilder().buildBPK(
-					 * identityLink.getIdentificationValue(), session.getTarget());
-					 * authData.setBPK(bpkBase64); }
-					 */
-	
+					
+					// OLD! BZ.., calculation of bPK already before sending AUTHBlock
+					//TL: identitylLink holds the BASEID, bPK is only calculated for AUTHBlock
+					//authData.setBPK(identityLink.getIdentificationValue());
+					
+					 // only compute bPK if online application is a public service and we have the Stammzahl
+					if(identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) {
+						String bpkBase64 = new BPKBuilder().buildBPK(
+								identityLink.getIdentificationValue(), session.getTarget());
+						authData.setBPK(bpkBase64); 
+					 }
 				}
 			} else {
 				//we have foreigner, thus we have to calculate bPK and wbPK now (after receiving identity link from SZR-GW
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
index f1ecd512a..77817ac72 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
@@ -183,29 +183,31 @@ public class VerifyIdentityLinkServlet extends AuthServlet {
     		// @TODO: unteren InfoboxReadRequest zu, Signer-Cert auslesen (wegen Cert Abfrage auf Organwalter OID),
     		// nach oben verschoben vor verifyIdentityLink (da hier schon bPK berechnet, die aber f�r OW nicht in
     		// AUTH Block aufscheinen darf. --> D.h. verifyIdentityLink umbauen - verify und AUTH Block bauen trennen)
-    		boolean useMandate = session.getUseMandate();
-    		if (useMandate) { // Mandate modus
-    			// read certificate and set dataurl to 
-    			Logger.debug("Send InfoboxReadRequest to BKU to get signer certificate.");
-    			
-    
-     		   String infoboxReadRequest = new InfoboxReadRequestBuilderCertificate().build(true);
-
-     		   // build dataurl (to the GetForeignIDSerlvet)
-     		   String dataurl =
-                 new DataURLBuilder().buildDataURL(
-                   session.getAuthURL(),
-                   REQ_VERIFY_CERTIFICATE,
-                   session.getSessionID());
-           
-          
-     		  //Logger.debug("ContentType set to: application/x-www-form-urlencoded (ServletUtils)");
-     		  //ServletUtils.writeCreateXMLSignatureRequestURLEncoded(resp, session, infoboxReadRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl);
-     		  Logger.debug("ContentType set to: text/xml;charset=UTF-8 (ServletUtils)");
-     		  ServletUtils.writeCreateXMLSignatureRequest(resp, session, infoboxReadRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl);
-    			
-    		}
-    		else {
+    		
+    		//TODO: Klaus fragen ob der Teil wirklich noch benötigt wird!!!!!
+//    		boolean useMandate = session.getUseMandate();
+//    		if (useMandate) { // Mandate modus
+//    			// read certificate and set dataurl to 
+//    			Logger.debug("Send InfoboxReadRequest to BKU to get signer certificate.");
+//    			
+//    
+//     		   String infoboxReadRequest = new InfoboxReadRequestBuilderCertificate().build(true);
+//
+//     		   // build dataurl (to the GetForeignIDSerlvet)
+//     		   String dataurl =
+//                 new DataURLBuilder().buildDataURL(
+//                   session.getAuthURL(),
+//                   REQ_VERIFY_CERTIFICATE,
+//                   session.getSessionID());
+//           
+//          
+//     		  //Logger.debug("ContentType set to: application/x-www-form-urlencoded (ServletUtils)");
+//     		  //ServletUtils.writeCreateXMLSignatureRequestURLEncoded(resp, session, infoboxReadRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl);
+//     		  Logger.debug("ContentType set to: text/xml;charset=UTF-8 (ServletUtils)");
+//     		  ServletUtils.writeCreateXMLSignatureRequest(resp, session, infoboxReadRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl);
+//    			
+//    		}
+//    		else {
     			Logger.info("Normal");
     			
     			OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
@@ -221,7 +223,7 @@ public class VerifyIdentityLinkServlet extends AuthServlet {
     		}
     		
     		
-    	}
+//    	}
     	
 		try {
 			AuthenticationSessionStoreage.storeSession(session);
-- 
cgit v1.2.3