From 8f0153f4c6e2fd63dab1f3820b1f61521d1c2220 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 9 Jul 2014 10:49:32 +0200 Subject: use country code from certificate as default --- .../id/auth/builder/AuthenticationDataBuilder.java | 48 +++++++++++----------- 1 file changed, 24 insertions(+), 24 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java index 9af2f5ee5..3fd83bbe6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java @@ -238,6 +238,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants { } else { //TODO: check if response include attributes and map this attributes to requested attributes + //TODO: insert code to parse Attributes from AuthnRespones for USP --> Zustelldienst //get PVP 2.1 attributes from protocol specific requested attributes attributs = req.getRequestedAttributes(); @@ -504,33 +505,33 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants { authData.setQAALevel(session.getQAALevel()); if (session.isForeigner()) { - if (authData.getStorkAuthnRequest() != null) { - authData.setCcc(authData.getStorkAuthnRequest() - .getCitizenCountryCode()); - - } else { - - try { - //TODO: replace with TSL lookup when TSL is ready! - X509Certificate certificate = new X509Certificate(authData.getSignerCertificate()); - - if (certificate != null) { - - LdapName ln = new LdapName(certificate.getIssuerDN() - .getName()); - for (Rdn rdn : ln.getRdns()) { - if (rdn.getType().equalsIgnoreCase("C")) { - Logger.info("C is: " + rdn.getValue()); - authData.setCcc(rdn.getValue().toString()); - break; - } + try { + //TODO: replace with TSL lookup when TSL is ready! + X509Certificate certificate = new X509Certificate(authData.getSignerCertificate()); + if (certificate != null) { + LdapName ln = new LdapName(certificate.getIssuerDN() + .getName()); + for (Rdn rdn : ln.getRdns()) { + if (rdn.getType().equalsIgnoreCase("C")) { + Logger.info("C is: " + rdn.getValue()); + authData.setCcc(rdn.getValue().toString()); + break; } } - - } catch (Exception e) { - Logger.error("Failed to extract country code from certificate", e); + } + + } catch (Exception e) { + Logger.error("Failed to extract country code from certificate", e); + + } + + if (MiscUtil.isEmpty(authData.getCcc())) { + if (authData.getStorkAuthnRequest() != null) { + authData.setCcc(authData.getStorkAuthnRequest().getCitizenCountryCode()); + Logger.info("Can not extract country from certificate -> Use country from STORK request."); } + } } else { @@ -539,7 +540,6 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants { } try { - authData.setSsoSession(AuthenticationSessionStoreage.isSSOSession(session.getSessionID())); //set max. SSO session time -- cgit v1.2.3