From 85da46b80e3b1c3d3565d044c1fba9c07182482b Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Mon, 3 Mar 2014 09:26:02 +0100
Subject: refactoring

---
 .../id/protocols/stork2/AttributeCollector.java    | 37 ++++++++++++----------
 .../moa/id/protocols/stork2/DataContainer.java     | 21 ++++++++++++
 2 files changed, 41 insertions(+), 17 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 7801f9a54..93b2b0495 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -1,11 +1,14 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
+import java.io.IOException;
+import java.io.StringWriter;
 import java.util.ArrayList;
 import java.util.List;
 
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
@@ -17,10 +20,18 @@ import at.gv.egovernment.moa.logging.Logger;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.apache.velocity.Template;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
 import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
 
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PEPSUtil;
 import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
+import eu.stork.peps.auth.commons.STORKAuthnResponse;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
 
 /**
  * the AttributeCollector Action tries to get all requested attributes from a set of {@link AttributeProvider} Plugins.
@@ -92,8 +103,6 @@ public class AttributeCollector implements IAction {
      */
     public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, AuthenticationSession moasession, OAAuthParameter oaParam) throws MOAIDException {
         // check if there are attributes we need to fetch
-        this.httpResp = response;
-        this.container = container;
 
         IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList();
         IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList();
@@ -126,11 +135,10 @@ public class AttributeCollector implements IAction {
             }
 
             // build response
-            generateSTORKResponse();
+            generateSTORKResponse(container);
 
             // set new http response
-            generateRedirectResponse();
-            response = httpResp;
+            generateRedirectResponse(response, container);
 
             return "12345"; // AssertionId
 
@@ -161,7 +169,7 @@ public class AttributeCollector implements IAction {
     }
 
 
-    private void generateSTORKResponse() throws MOAIDException {
+    private void generateSTORKResponse(DataContainer container) throws MOAIDException {
         STORKAuthnResponse authnResponse = container.getResponse();
         STORKAuthnRequest authnRequest = container.getRequest();
 
@@ -181,21 +189,16 @@ public class AttributeCollector implements IAction {
         Logger.info("STORK SAML Response message succesfully generated ");
         String statusCodeValue = authnResponse.getStatusCode();
 
-        try {
-            Logger.debug("authn saml plain:" + authnResponse.getTokenSaml());
-            Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); // works
-            Logger.debug("authn saml encodedx: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes())));
-
-        } catch (IOException e) {
-            e.printStackTrace();
-        }
+        Logger.debug("authn saml plain:" + authnResponse.getTokenSaml());
+		Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml()));
+		Logger.debug("authn saml encodedx: " + PEPSUtil.encodeSAMLToken(authnResponse.getTokenSaml()));
 
         container.setResponse(authnResponse);
 
     }
 
 
-    private void generateRedirectResponse() {
+    private void generateRedirectResponse(HttpServletResponse httpResp, DataContainer container) {
         STORKAuthnResponse authnResponse = container.getResponse();
         STORKAuthnRequest authnRequest = container.getRequest();
 
@@ -207,8 +210,8 @@ public class AttributeCollector implements IAction {
             Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html");
             VelocityContext context = new VelocityContext();
 
-            context.put("SAMLResponse", new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes())));
-            Logger.debug("SAMLResponse original: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes())));
+            context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(authnResponse.getTokenSaml()).getBytes());
+            Logger.debug("SAMLResponse original: " + new String(authnResponse.getTokenSaml()).getBytes());
 
             Logger.debug("Putting assertion consumer url as action: " + authnRequest.getAssertionConsumerServiceURL());
             context.put("action", authnRequest.getAssertionConsumerServiceURL());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java
index 40c827ef8..a1c40526d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java
@@ -23,6 +23,9 @@ public class DataContainer implements Serializable {
 	/** The target. */
 	private String target;
 	
+	/** The remote address. */
+	private String remoteAddress;
+	
 	/**
 	 * Gets the request.
 	 *
@@ -76,4 +79,22 @@ public class DataContainer implements Serializable {
 	public void setTarget(String target) {
 		this.target = target;
 	}
+
+	/**
+	 * Gets the remote address.
+	 *
+	 * @return the remote address
+	 */
+	public String getRemoteAddress() {
+		return remoteAddress;
+	}
+
+	/**
+	 * Sets the remote address.
+	 *
+	 * @param remoteAddress the new remote address
+	 */
+	public void setRemoteAddress(String remoteAddress) {
+		this.remoteAddress = remoteAddress;
+	}
 }
-- 
cgit v1.2.3


From bf784b6222784758eb846b0aaf2080b009549be0 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Mon, 3 Mar 2014 09:30:41 +0100
Subject: cleanup

---
 .../id/protocols/stork2/AttributeCollector.java    | 29 +++++++++-------------
 .../ExternalAttributeRequestRequiredException.java | 15 +++++++++++
 2 files changed, 27 insertions(+), 17 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 93b2b0495..c711d9400 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -1,6 +1,5 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
-import java.io.IOException;
 import java.io.StringWriter;
 import java.util.ArrayList;
 import java.util.List;
@@ -164,11 +163,14 @@ public class AttributeCollector implements IAction {
 
             return "12345"; // TODO what to do here?
         }
-
-
     }
 
-
+    /**
+     * generates binary response from given response class.
+     *
+     * @param container the container
+     * @throws MOAIDException the mOAID exception
+     */
     private void generateSTORKResponse(DataContainer container) throws MOAIDException {
         STORKAuthnResponse authnResponse = container.getResponse();
         STORKAuthnRequest authnRequest = container.getRequest();
@@ -187,24 +189,24 @@ public class AttributeCollector implements IAction {
         }
 
         Logger.info("STORK SAML Response message succesfully generated ");
-        String statusCodeValue = authnResponse.getStatusCode();
-
         Logger.debug("authn saml plain:" + authnResponse.getTokenSaml());
 		Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml()));
 		Logger.debug("authn saml encodedx: " + PEPSUtil.encodeSAMLToken(authnResponse.getTokenSaml()));
 
         container.setResponse(authnResponse);
-
     }
 
-
+    /**
+     * writes the storkresponse to the httpresponse using the velocity engine.
+     *
+     * @param httpResp the http resp
+     * @param container the container
+     */
     private void generateRedirectResponse(HttpServletResponse httpResp, DataContainer container) {
         STORKAuthnResponse authnResponse = container.getResponse();
         STORKAuthnRequest authnRequest = container.getRequest();
 
-
         // preparing redirection for the client
-
         try {
             VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
             Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html");
@@ -225,18 +227,11 @@ public class AttributeCollector implements IAction {
             Logger.debug("Sending html content: " + writer.getBuffer().toString());
             Logger.debug("Sending html content2  : " + new String(writer.getBuffer()));
 
-
             httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes());
 
         } catch (Exception e) {
             Logger.error("Velocity error: " + e.getMessage());
         }
-
-        //HttpSession httpSession = this.httpResp.getSession();
-        //httpSession.setAttribute("STORKSessionID", "12345");
-        //Logger.info("Status code again: " + authnResponse.getStatusCode());
-
-        //return "12345"; // AssertionId
     }
 
     /* (non-Javadoc)
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java
index 29b09487b..56f31723c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java
@@ -1,12 +1,27 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
 public class ExternalAttributeRequestRequiredException extends Exception {
+	
+	/** The Constant serialVersionUID. */
+	private static final long serialVersionUID = 5207631348933518908L;
+	
+	/** The ap. */
 	private AttributeProvider ap;
 
+	/**
+	 * Instantiates a new external attribute request required exception.
+	 *
+	 * @param provider the provider
+	 */
 	public ExternalAttributeRequestRequiredException(AttributeProvider provider) {
 		ap = provider;
 	}
 
+	/**
+	 * Gets the ap.
+	 *
+	 * @return the ap
+	 */
 	public AttributeProvider getAp() {
 		return ap;
 	}
-- 
cgit v1.2.3


From 156ef68f4d89cf83e55fac8526e98e7cd445a31c Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Mon, 3 Mar 2014 11:17:30 +0100
Subject: cleanup

---
 .../id/protocols/stork2/AttributeCollector.java    | 91 ++++++++++++----------
 1 file changed, 48 insertions(+), 43 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index c711d9400..428d1c52c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -42,54 +42,59 @@ import eu.stork.peps.exceptions.STORKSAMLEngineException;
  * 
  */
 public class AttributeCollector implements IAction {
-	
-	/** The Constant ARTIFACT_ID. */
-	private static final String ARTIFACT_ID = "artifactId";
-	
+
+    /**
+     * The Constant ARTIFACT_ID.
+     */
+    private static final String ARTIFACT_ID = "artifactId";
+
     /* (non-Javadoc)
      * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.auth.data.AuthenticationSession)
      */
     public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {
 
-		// read configuration parameters of OA
-		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
-		if (oaParam == null)
-			throw new AuthenticationException("stork.12", new Object[] { moasession.getPublicOAURLPrefix() });
-
-    	// find the attribute provider plugin that can handle the response
-		IPersonalAttributeList newAttributes = null;
-		for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs()))
-			try {
-				newAttributes = current.parse(httpReq);
-			} catch (UnsupportedAttributeException e1) {
-				// the current provider cannot find anything familiar within the
-				// provided httpreq. Try the next one.
-			}
-
-		if (null == newAttributes) {
-			// we do not have a provider which is capable of fetching something
-			// from the received httpreq.
-			// TODO should we continue with the next attribute?
-			Logger.error("No attribute could be retrieved from the response the attribute provider gave us.");
-			throw new MOAIDException("stork.11", null);
-		}
-
-    	// - fetch the container
-		String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID);
-		DataContainer container;
-		try {
-			container = AssertionStorage.getInstance().get(artifactId, DataContainer.class);
-		} catch (MOADatabaseException e) {
-			Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e);
-			throw new MOAIDException("stork.11", null);
-		}
-
-    	// - insert the embedded attribute(s) into the container
-		for(PersonalAttribute current : newAttributes)
-			container.getResponse().getPersonalAttributeList().add(current);
-    	
-    	// see if we need some more attributes
-    	return processRequest(container, httpReq, httpResp, moasession, oaParam);
+        // read configuration parameters of OA
+        OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
+        if (oaParam == null)
+            throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()});
+
+        // find the attribute provider plugin that can handle the response
+        IPersonalAttributeList newAttributes = null;
+        for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs()))
+            try {
+                newAttributes = current.parse(httpReq);
+            } catch (UnsupportedAttributeException e1) {
+                // the current provider cannot find anything familiar within the
+                // provided httpreq. Try the next one.
+                // TODO check the loop
+            }
+
+        if (null == newAttributes) {
+            // we do not have a provider which is capable of fetching something
+            // from the received httpreq.
+            // TODO should we continue with the next attribute?
+            Logger.error("No attribute could be retrieved from the response the attribute provider gave us.");
+            throw new MOAIDException("stork.11", null);
+        }
+
+        // - fetch the container
+        String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID);
+        DataContainer container;
+        try {
+            container = AssertionStorage.getInstance().get(artifactId, DataContainer.class);
+        } catch (MOADatabaseException e) {
+            Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e);
+            throw new MOAIDException("stork.11", null);
+        }
+
+
+
+        // - insert the embedded attribute(s) into the container
+        for (PersonalAttribute current : newAttributes)
+            container.getResponse().getPersonalAttributeList().add(current);
+
+        // see if we need some more attributes
+        return processRequest(container, httpReq, httpResp, moasession, oaParam);
     }
     
     /**
-- 
cgit v1.2.3


From e938b31db45af14312e0fe195d274f7f4c9e0aa9 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Mon, 3 Mar 2014 14:43:47 +0100
Subject: fixed spCountryCode in Stork AttrQuery Plugin

---
 .../egovernment/moa/id/protocols/stork2/AttributeCollector.java  | 4 ++--
 .../egovernment/moa/id/protocols/stork2/AttributeProvider.java   | 6 +++---
 .../moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java     | 2 +-
 .../moa/id/protocols/stork2/StorkAttributeRequestProvider.java   | 9 ++++-----
 4 files changed, 10 insertions(+), 11 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 428d1c52c..6b7769c49 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -157,12 +157,12 @@ public class AttributeCollector implements IAction {
                 AssertionStorage.getInstance().put(newArtifactId, container);
 
                 // add container-key to redirect embedded within the return URL
-                e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/dispatcher?mod=id_stork2&action=AttributeCollector&" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam);
+                e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/dispatcher?mod=id_stork2&action=AttributeCollector&" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam);
 
 
             } catch (Exception e1) {
                 // TODO should we return the response as is to the PEPS?
-                Logger.error("Error putting incomplete Stork response into temporary storage", e);
+                Logger.error("Error putting incomplete Stork response into temporary storage", e1);
                 throw new MOAIDException("stork.11", null);
             }
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
index 59376fef6..6fba91fde 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
@@ -34,13 +34,13 @@ public interface AttributeProvider {
 	 * Perform redirect.
 	 *
 	 * @param url the return URL ending with ?artifactId=...
-	 * @param citizenCountyCode the citizen county code
+	 * @param spCountyCode the sp county code
 	 * @param req the request we got from the S-PEPS and for which we have to ask our APs
 	 * @param resp the response to the preceding request
 	 * @param oaParam the oa param
-	 * @throws MOAIDException 
+	 * @throws MOAIDException the mOAID exception
 	 */
-	public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException;
+	public void performRedirect(String url, String spCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException;
 	
 	/**
 	 * Parses the response we got from the external attribute provider.
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
index 8b96e0d10..4404af4e3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
@@ -204,7 +204,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.config.auth.OAAuthParameter)
 	 */
 	@Override
-	public void performRedirect(String url, String citizenCountyCode,
+	public void performRedirect(String url, String spCountyCode,
 			HttpServletRequest req, HttpServletResponse resp,
 			OAAuthParameter oaParam) throws MOAIDException {
 		// there is no redirect required
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
index bd6f192dc..5efdfd117 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
@@ -91,13 +91,11 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String)
 	 */
-	@Override
-	public void performRedirect(String url, String citizenCountryCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException {
+	public void performRedirect(String url, String spCountryCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException {
 		
     	String spSector = "Business";
     	String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName();
     	String spApplication = spInstitution;
-    	String spCountry = "AT";
 
     	//generate AuthnRquest
     	STORKAttrQueryRequest attributeRequest = new STORKAttrQueryRequest();
@@ -106,12 +104,13 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
     	attributeRequest.setIssuer(HTTPUtils.getBaseURL(req));
     	attributeRequest.setQaa(oaParam.getQaaLevel());
     	attributeRequest.setSpInstitution(spInstitution);
-    	attributeRequest.setCountry(spCountry);
+    	attributeRequest.setCountry(spCountryCode);
+    	attributeRequest.setSpCountry(spCountryCode);
     	attributeRequest.setSpApplication(spApplication);
     	attributeRequest.setSpSector(spSector);
     	attributeRequest.setPersonalAttributeList(requestedAttributes);
 
-    	attributeRequest.setCitizenCountryCode(citizenCountryCode);
+    	attributeRequest.setCitizenCountryCode("AT");
 
 
     	Logger.debug("STORK AttrRequest succesfully assembled.");
-- 
cgit v1.2.3


From 013bc5647275872ba182ad7bf62be1cbd7c80f38 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Mon, 3 Mar 2014 16:47:25 +0100
Subject: treated possible infinite loop in ap collection

---
 .../id/protocols/stork2/AttributeCollector.java    | 59 ++++++++++++++++------
 1 file changed, 43 insertions(+), 16 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 6b7769c49..2735fde68 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -27,6 +27,7 @@ import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.PEPSUtil;
 import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
 import eu.stork.peps.auth.commons.STORKAuthnRequest;
 import eu.stork.peps.auth.commons.STORKAuthnResponse;
 import eu.stork.peps.auth.engine.STORKSAMLEngine;
@@ -63,18 +64,18 @@ public class AttributeCollector implements IAction {
         for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs()))
             try {
                 newAttributes = current.parse(httpReq);
+                
+                // stop as soon as we hit a capable plugin
+                break;
             } catch (UnsupportedAttributeException e1) {
                 // the current provider cannot find anything familiar within the
                 // provided httpreq. Try the next one.
-                // TODO check the loop
             }
 
         if (null == newAttributes) {
             // we do not have a provider which is capable of fetching something
             // from the received httpreq.
-            // TODO should we continue with the next attribute?
             Logger.error("No attribute could be retrieved from the response the attribute provider gave us.");
-            throw new MOAIDException("stork.11", null);
         }
 
         // - fetch the container
@@ -87,11 +88,8 @@ public class AttributeCollector implements IAction {
             throw new MOAIDException("stork.11", null);
         }
 
-
-
         // - insert the embedded attribute(s) into the container
-        for (PersonalAttribute current : newAttributes)
-            container.getResponse().getPersonalAttributeList().add(current);
+        addOrUpdateAll(container.getResponse().getPersonalAttributeList(), newAttributes);
 
         // see if we need some more attributes
         return processRequest(container, httpReq, httpResp, moasession, oaParam);
@@ -119,23 +117,35 @@ public class AttributeCollector implements IAction {
         try {
             // for each attribute still missing
             for (PersonalAttribute currentAttribute : missingAttributes) {
-                // - check if we can find a suitable AttributeProvider Plugin
+            	
+				/*
+				 * prefill attributes with "notAvailable". If we get them later, we override the value and status.
+				 * This way, there is no error case in which an attribute is left unanswered.
+				 */
+				IPersonalAttributeList aquiredAttributes = new PersonalAttributeList();
+				currentAttribute.setStatus("notAvailable");
+				addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes);
+
+            	// - check if we can find a suitable AttributeProvider Plugin
                 for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) {
                     try {
                         // - hand over control to the suitable plugin
-                        IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute, moasession);
-
-                        // - add the aquired attribute to the container
-                        for (PersonalAttribute current : aquiredAttributes)
-                            container.getResponse().getPersonalAttributeList().add(current);
+                        aquiredAttributes = currentProvider.acquire(currentAttribute, moasession);
+                        break;
                     } catch (UnsupportedAttributeException e) {
                         // ok, try the next attributeprovider
                     } catch (MOAIDException e) {
                         // the current plugin had an error. Try the next one.
-                        // TODO we might want to add the non-fetchable attribute as "NotAvailable" to prevent an infinite loop
                     }
-
                 }
+                
+				// check if we could fetch the attribute
+				if (null == aquiredAttributes) {
+					// if not
+					Logger.error("We have no suitable plugin for obtaining the attribute '" + currentAttribute.getName() + "'");
+				} else
+					// else, update any existing attributes
+					addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes);
             }
 
             // build response
@@ -159,7 +169,6 @@ public class AttributeCollector implements IAction {
                 // add container-key to redirect embedded within the return URL
                 e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/dispatcher?mod=id_stork2&action=AttributeCollector&" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam);
 
-
             } catch (Exception e1) {
                 // TODO should we return the response as is to the PEPS?
                 Logger.error("Error putting incomplete Stork response into temporary storage", e1);
@@ -238,6 +247,24 @@ public class AttributeCollector implements IAction {
             Logger.error("Velocity error: " + e.getMessage());
         }
     }
+    
+    /**
+     * Adds or updates all {@link PersonalAttribute} objects given in {@code source} to/in {@code target}.
+     *
+     * @param target the target
+     * @param source the source
+     */
+	private void addOrUpdateAll(IPersonalAttributeList target, IPersonalAttributeList source) {
+		for (PersonalAttribute current : source) {
+			// check if we need to update the current pa
+			if (target.containsKey(current.getName())) {
+				target.get(current.getName()).setStatus(current.getStatus());
+				target.get(current.getName()).setValue(current.getValue());
+				target.get(current.getName()).setComplexValue(current.getComplexValue());
+			} else
+				target.add(current);
+		}
+	}
 
     /* (non-Javadoc)
      * @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
-- 
cgit v1.2.3