From abc2537a4d2e6d6a06b3b24d7268daf379aa949b Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 9 Sep 2019 12:27:09 +0200 Subject: read requested LoA from configuration --- .../java/at/gv/egovernment/moa/id/demoOA/Configuration.java | 5 +++++ .../egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java | 12 ++++++++++-- id/server/data/deploy/conf/moa-id-oa/oa.properties | 10 ++++++++++ 3 files changed, 25 insertions(+), 2 deletions(-) diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java index 8ada01cb6..d6c14fd07 100644 --- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java +++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java @@ -187,6 +187,11 @@ public class Configuration { return Boolean.parseBoolean(props.getProperty("general.login.pvp2.req.set.authncontextclassref", "true")); } + public String getAuthnContextClassRefValue() { + return props.getProperty("general.login.pvp2.req.authncontextclassref.value"); + + } + public String getScopeRequesterId() { return props.getProperty("general.login.pvp2.sp.requesterId"); } diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java index 0671b8c14..4e8e12499 100644 --- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java +++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java @@ -191,8 +191,16 @@ public class Authenticate extends HttpServlet { RequestedAuthnContext reqAuthContext = SAML2Utils.createSAMLObject(RequestedAuthnContext.class); AuthnContextClassRef authnClassRef = - SAML2Utils.createSAMLObject(AuthnContextClassRef.class); - authnClassRef.setAuthnContextClassRef("http://www.stork.gov.eu/1.0/citizenQAALevel/4"); + SAML2Utils.createSAMLObject(AuthnContextClassRef.class); + + if (MiscUtil.isNotEmpty(config.getAuthnContextClassRefValue())) { + authnClassRef.setAuthnContextClassRef(config.getAuthnContextClassRefValue()); + + } else { + authnClassRef.setAuthnContextClassRef("http://www.stork.gov.eu/1.0/citizenQAALevel/4"); + + } + reqAuthContext.setComparison(AuthnContextComparisonTypeEnumeration.MINIMUM); reqAuthContext.getAuthnContextClassRefs().add(authnClassRef); authReq.setRequestedAuthnContext(reqAuthContext); diff --git a/id/server/data/deploy/conf/moa-id-oa/oa.properties b/id/server/data/deploy/conf/moa-id-oa/oa.properties index ff5bd0c03..3f5cb53d9 100644 --- a/id/server/data/deploy/conf/moa-id-oa/oa.properties +++ b/id/server/data/deploy/conf/moa-id-oa/oa.properties @@ -25,3 +25,13 @@ general.login.pvp2.keystore.authrequest.sign.key.password=password general.login.pvp2.keystore.assertion.encryption.key.alias=pvp_encryption general.login.pvp2.keystore.assertion.encryption.key.password=password + +#### For testing and debugging +#general.login.pvp2.req.set.authncontextclassref=true +#general.login.pvp2.req.authncontextclassref.value=http://eidas.europa.eu/LoA/low + +#general.login.pvp2.req.set.nameIDPolicy=true +#general.login.pvp2.sp.requesterId= + +#general.login.pvp2.binding.req.redirect=true +#general.login.pvp2.binding.resp.redirect=false \ No newline at end of file -- cgit v1.2.3