From cc20e4171331f78a1bb188f2b885c9754da58a28 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 3 Jun 2014 17:09:42 +0200
Subject: update IDP single logout

---
 .../moa/id/data/SLOInformationContainer.java       | 102 ++++++++++++++-------
 1 file changed, 70 insertions(+), 32 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationContainer.java
index a0f3dd309..df195c0de 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationContainer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationContainer.java
@@ -29,8 +29,10 @@ import java.util.LinkedHashMap;
 import java.util.List;
 
 import org.opensaml.common.xml.SAMLConstants;
+import org.opensaml.saml2.core.NameID;
 import org.opensaml.saml2.metadata.SingleLogoutService;
 
+import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore;
 import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration;
@@ -52,47 +54,87 @@ public class SLOInformationContainer implements Serializable {
 	
 	
 	public void parseActiveOAs(List<OASessionStore> dbOAs, String removeOAID) {
-		activeFrontChannalOAs = new LinkedHashMap<String, SLOInformationImpl>();
-		activeBackChannelOAs = new LinkedHashMap<String, SLOInformationImpl>();
+		if (activeBackChannelOAs == null)
+			activeBackChannelOAs = new LinkedHashMap<String, SLOInformationImpl>();
+		if (activeFrontChannalOAs == null)
+			activeFrontChannalOAs = new LinkedHashMap<String, SLOInformationImpl>();
 		
 		if (dbOAs != null) {
 			for (OASessionStore oa : dbOAs) {
-				//Actually only PVP 2.1 support Single LogOut
-				if (PVP2XProtocol.NAME.equals(oa.getProtocolType()) &&
-						!oa.getOaurlprefix().equals(removeOAID)) {					
+				if (!oa.getOaurlprefix().equals(removeOAID)) {
+					
+					//Actually only PVP 2.1 support Single LogOut
+					if (PVP2XProtocol.PATH.equals(oa.getProtocolType())) {					
+						SingleLogoutService sloDesc;
+						try {
+							sloDesc = SingleLogOutBuilder.getRequestSLODescriptor(oa.getOaurlprefix());
+						
+							if (sloDesc.getBinding().equals(SAMLConstants.SAML2_SOAP11_BINDING_URI))										
+								activeBackChannelOAs.put(oa.getOaurlprefix(), 
+										new SLOInformationImpl(
+											oa.getAssertionSessionID(), 
+											oa.getUserNameID(), 
+											oa.getUserNameIDFormat(), 
+											oa.getProtocolType(),
+											sloDesc));
+						
+							else
+								activeFrontChannalOAs.put(oa.getOaurlprefix(), 
+										new SLOInformationImpl(
+											oa.getAssertionSessionID(), 
+											oa.getUserNameID(), 
+											oa.getUserNameIDFormat(), 
+											oa.getProtocolType(),
+											sloDesc));
+							
+						} catch (NOSLOServiceDescriptorException e) {
+							putFailedOA(oa.getOaurlprefix());
+													
+						}
+					
+					} else
+						putFailedOA(oa.getOaurlprefix());
+				}
+			}			
+		}		
+	}
+
+	/**
+	 * @param dbIDPs
+	 * @param value
+	 */
+	public void parseActiveIDPs(List<InterfederationSessionStore> dbIDPs,
+			String removeIDP) {		
+		if (activeBackChannelOAs == null)
+			activeBackChannelOAs = new LinkedHashMap<String, SLOInformationImpl>();
+		if (activeFrontChannalOAs == null)
+			activeFrontChannalOAs = new LinkedHashMap<String, SLOInformationImpl>();
+		
+		if (dbIDPs != null) {
+			for (InterfederationSessionStore el : dbIDPs) {				
+				if (!el.getIdpurlprefix().equals(removeIDP)) {
+					
 					SingleLogoutService sloDesc;
 					try {
-						sloDesc = SingleLogOutBuilder.getRequestSLODescriptor(oa.getOaurlprefix());
-					
-						if (sloDesc.getBinding().equals(SAMLConstants.SAML2_SOAP11_BINDING_URI))										
-							activeBackChannelOAs.put(oa.getOaurlprefix(), 
-									new SLOInformationImpl(
-										oa.getAssertionSessionID(), 
-										oa.getUserNameID(), 
-										oa.getUserNameIDFormat(), 
-										oa.getProtocolType(),
-										sloDesc));
+						sloDesc = SingleLogOutBuilder.getRequestSLODescriptor(el.getIdpurlprefix());
 					
-						else
-							activeFrontChannalOAs.put(oa.getOaurlprefix(), 
-									new SLOInformationImpl(
-										oa.getAssertionSessionID(), 
-										oa.getUserNameID(), 
-										oa.getUserNameIDFormat(), 
-										oa.getProtocolType(),
+						activeFrontChannalOAs.put(el.getIdpurlprefix(), 
+								new SLOInformationImpl(
+										el.getSessionIndex(), 
+										el.getUserNameID(), 
+										NameID.TRANSIENT, 
+										PVP2XProtocol.PATH,
 										sloDesc));
 						
 					} catch (NOSLOServiceDescriptorException e) {
-						putFailedOA(oa.getOaurlprefix());
+						putFailedOA(el.getIdpurlprefix());
 												
 					}
-					
-				} else
-					putFailedOA(oa.getOaurlprefix());
+				}				
 			}			
 		}		
 	}
-		
+	
 	public String getNextFrontChannelOA() {
 		Iterator<String> interator = activeFrontChannalOAs.keySet().iterator();
 		if (interator.hasNext())
@@ -147,9 +189,5 @@ public class SLOInformationContainer implements Serializable {
 		if (sloFailedOAs == null)
 			sloFailedOAs = new ArrayList<String>();
 		sloFailedOAs.add(oaID);
-	}
-
-
-	
-	
+	}	
 }
-- 
cgit v1.2.3