From b73822979de23a3b7236411a7a737e2c93642a7d Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 4 Jul 2013 10:09:26 +0200
Subject: =?UTF-8?q?BKU=20Auswahl=20in=20Kontext=20von=20MOA-ID=20f=C3=BCr?=
 =?UTF-8?q?=20standardkonforme=20Variante?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../CreateXMLSignatureResponseValidator.java       | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

(limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
index 8d2f95cce..93bc0d214 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
@@ -231,7 +231,29 @@ public class CreateXMLSignatureResponseValidator {
     } else {
       throw new ValidateException("validator.35", null);
     }
+     
+    // check four attribute could be a special text
+    samlAttribute = samlAttributes[3 + offset];
+    if (!samlAttribute.getName().equals("SpecialText")) {
+      throw new ValidateException(
+          "validator.37", 
+          new Object[] {samlAttribute.getName(), "SpecialText", String.valueOf(3)});
+    }
+    if (samlAttribute.getNamespace().equals("http://reference.e-government.gv.at/namespace/moa/20020822#")) {
+      String samlSpecialText = (String)samlAttribute.getValue();
+      
+      //TODO:load Text from OA config
+      String text = "Hiermit bestätige ich, #NAME#, die Übernahme sämtlicher eingelangter Zustellstücke zum #DATE# um #TIME#.";
+      //String text = "";
       
+      String specialText = AuthenticationBlockAssertionBuilder.generateSpecialText(text, issuer, issueInstant);
+      if (!samlSpecialText.equals(specialText)) {
+        throw new ValidateException("validator.67", new Object[] {samlSpecialText, specialText});
+      }
+    } else {
+      throw new ValidateException("validator.35", null);
+    }
+    
     // now check the extended SAML attributes
     int i = AuthenticationBlockAssertionBuilder.NUM_OF_SAML_ATTRIBUTES + offset;
     if (extendedSAMLAttributes != null) {
-- 
cgit v1.2.3