From 9fe8db82075de8780feec90f94063e708e521391 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 2 May 2014 13:16:29 +0200
Subject: add interfederation attribute query

---
 .../gv/egovernment/moa/id/moduls/SSOManager.java   | 95 +++++++++++++++++-----
 1 file changed, 75 insertions(+), 20 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
index 684c6630a..c2e6cd273 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
@@ -31,11 +31,14 @@ import javax.servlet.http.HttpServletResponse;
 import org.hibernate.Query;
 import org.hibernate.Session;
 
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
 import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore;
+import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore;
 import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore;
 import at.gv.egovernment.moa.id.config.ConfigurationException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
 import at.gv.egovernment.moa.id.util.Random;
 import at.gv.egovernment.moa.logging.Logger;
@@ -68,7 +71,7 @@ public class SSOManager {
 		return instance;
 	}
 	
-	public boolean isValidSSOSession(String ssoSessionID, HttpServletRequest httpReq) {
+	public boolean isValidSSOSession(String ssoSessionID, IRequest protocolRequest) {
 		
 		// search SSO Session
 		if (ssoSessionID == null) {
@@ -76,10 +79,36 @@ public class SSOManager {
 			return false;
 		}
 		
-		// String moaSessionId =HTTPSessionUtils.getHTTPSessionString(httpReq.getSession(),
-		// AuthenticationManager.MOA_SESSION, null);
+		AuthenticatedSessionStore storedSession = AuthenticationSessionStoreage.isValidSessionWithSSOID(ssoSessionID, null);
 		
-		return AuthenticationSessionStoreage.isValidSessionWithSSOID(ssoSessionID, null);
+		if (storedSession == null)
+			return false;
+		
+		else {
+			if (protocolRequest != null && 
+					protocolRequest instanceof RequestImpl &&
+					storedSession.isInterfederatedSSOSession()) {
+
+				if (MiscUtil.isEmpty(((RequestImpl) protocolRequest).getRequestedIDP())) {
+					InterfederationSessionStore selectedIDP = AuthenticationSessionStoreage.searchInterfederatedIDPFORSSOWithMOASession(storedSession.getSessionid());
+
+					if (selectedIDP != null) {				
+						//no local SSO session exist -> request interfederated IDP
+						((RequestImpl) protocolRequest).setRequestedIDP(selectedIDP.getIdpurlprefix());
+						
+					} else {
+						Logger.warn("MOASession is marked as interfederated SSO session but no interfederated IDP is found. Switch to local authentication ...");
+						MOASessionDBUtils.delete(storedSession);
+					
+					}
+				}
+				
+				return false;
+									 				
+			}
+						
+			return true;
+		}
 		
 	}
 	
@@ -95,24 +124,10 @@ public class SSOManager {
 		List<OldSSOSessionIDStore> result;
 		
 		synchronized (session) {
-			
-//			try {
-//				session.getTransaction().rollback();
-//			}
-//			catch (Exception e) {
-//				e.printStackTrace();
-//			}
-//			try {
-//				session.getSessionFactory().openSession();
-//			}
-//			catch (Exception e) {
-//				e.printStackTrace();
-//			}
-			// session.getTransaction().begin();
-			
+						
 			session.beginTransaction();
 			Query query = session.getNamedQuery("getSSOSessionWithOldSessionID");
-			query.setString("sessionid", ssoId);
+			query.setParameter("sessionid", ssoId);
 			result = query.list();
 			
 			// send transaction
@@ -198,4 +213,44 @@ public class SSOManager {
 			}
 		}
 	}
+
+	/**
+	 * @param entityID
+	 * @param request
+	 */
+	public boolean removeInterfederatedSSOIDP(String entityID,
+			HttpServletRequest request) {
+		
+		String ssoSessionID = getSSOSessionID(request);
+		
+		if (MiscUtil.isNotEmpty(ssoSessionID)) {
+			
+			AuthenticatedSessionStore storedSession = AuthenticationSessionStoreage.isValidSessionWithSSOID(ssoSessionID, null);
+			
+			if (storedSession == null)
+				return false;
+			
+			InterfederationSessionStore selectedIDP = AuthenticationSessionStoreage.searchInterfederatedIDPFORSSOWithMOASessionIDPID(storedSession.getSessionid(), entityID);
+
+			if (selectedIDP != null) {				
+				//no local SSO session exist -> request interfederated IDP
+				Logger.info("Delete interfederated IDP " + selectedIDP.getIdpurlprefix() 
+						+ " from MOASession " + storedSession.getSessionid());
+				MOASessionDBUtils.delete(selectedIDP);
+				
+			} else {
+				Logger.warn("MOASession is marked as interfederated SSO session but no interfederated IDP is found. Switch to local authentication ...");
+				
+			}
+
+			
+			
+			
+			return true;
+			
+		} else
+			return false;
+		
+	}
+
 }
-- 
cgit v1.2.3