From 37be718068ed2c9c3e26a79d2deba88b33655f30 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Fri, 17 Jan 2014 17:29:51 +0100
Subject: copying old changes

---
 .../egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java   | 2 ++
 .../main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java   | 2 +-
 .../java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java   | 2 ++
 .../src/main/java/at/gv/egovernment/moa/id/moduls/ModulStorage.java    | 3 ++-
 .../gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java  | 0
 5 files changed, 7 insertions(+), 2 deletions(-)
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java
index 965213b0a..099ee19a2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java
@@ -88,9 +88,11 @@ public class SignatureVerificationInvoker {
       authConnParam = authConfigProvider.getMoaSpConnectionParameter();
       //If the ConnectionParameter do NOT exist, we try to get the api to work....
       if (authConnParam != null) {
+        Logger.debug("Connecting using auth url: " + authConnParam.getUrl() + ", service " + serviceName.getNamespaceURI() + " : " + serviceName.getLocalPart() + " : "+ serviceName.getPrefix());
         endPoint = authConnParam.getUrl();
         call.setTargetEndpointAddress(endPoint);
         responses = (Vector) call.invoke(serviceName, params);
+        Logger.debug("Got responses: " + responses.size()); // TODO handle axis 302 response when incorrect service url is used
         response = (SOAPBodyElement) responses.get(0);
         return response.getAsDOM();
       }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
index 6a3f4cc9e..8b6504659 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
@@ -89,7 +89,7 @@ public class STORKConfig {
 			}
 		}
 		
-		SAMLSigningParameter samlsign = stork.getSAMLSigningParameter();
+		SAMLSigningParameter samlsign = stork.getSAMLSigningParameter();   // TODO Fix nullpointerexception when nothing is configured
 		
 		if (samlsign == null) {
 			Logger.warn("Error in MOA-ID Configuration. No STORK->SAMLSigningParameter configuration found.");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index 777081da0..89da2b7af 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -481,6 +481,8 @@ public class DispatcherServlet extends AuthServlet{
 	    	ConfigurationDBUtils.closeSession();
 	    }
 
+        Logger.info("Clossing Dispatcher processing loop");
+        Logger.info("Http response prepared sent: " + resp.toString());
 	}
 	
 	@Override
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ModulStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ModulStorage.java
index 2a92f3ce5..8b8a4a63f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ModulStorage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ModulStorage.java
@@ -10,7 +10,8 @@ public class ModulStorage {
 	
 	private static final String[] modulClasses = new String[]{
 		"at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol",
-		"at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol"
+		"at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol",
+        "at.gv.egovernment.moa.id.protocols.stork2.STORKProtocol"
 	};
 	
 	
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
new file mode 100644
index 000000000..e69de29bb
-- 
cgit v1.2.3


From 5a929406263d98b140af591ca33ef5ecc1222284 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Fri, 17 Jan 2014 17:31:42 +0100
Subject: copying old changes

---
 MOA.iml                                            | 13 ++++++++++
 common/moa-common.iml                              | 29 ++++++++++++++++++++++
 id/id.iml                                          | 13 ++++++++++
 id/oa/moa-id-oa.iml                                | 25 +++++++++++++++++++
 .../id/protocols/stork2/STORKAuthnRequestDEL.java  |  0
 .../moa/id/protocols/stork2/STORKProcotol.java     |  0
 id/templates/moa-id-templates.iml                  | 25 +++++++++++++++++++
 spss/spss.iml                                      | 13 ++++++++++
 8 files changed, 118 insertions(+)
 create mode 100644 MOA.iml
 create mode 100644 common/moa-common.iml
 create mode 100644 id/id.iml
 create mode 100644 id/oa/moa-id-oa.iml
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProcotol.java
 create mode 100644 id/templates/moa-id-templates.iml
 create mode 100644 spss/spss.iml

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/MOA.iml b/MOA.iml
new file mode 100644
index 000000000..c418d6693
--- /dev/null
+++ b/MOA.iml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
+  <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+    <content url="file://$MODULE_DIR$">
+      <excludeFolder url="file://$MODULE_DIR$/target" />
+    </content>
+    <orderEntry type="inheritedJdk" />
+    <orderEntry type="sourceFolder" forTests="false" />
+  </component>
+</module>
+
diff --git a/common/moa-common.iml b/common/moa-common.iml
new file mode 100644
index 000000000..9d4261fc6
--- /dev/null
+++ b/common/moa-common.iml
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
+  <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+    <content url="file://$MODULE_DIR$">
+      <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
+      <sourceFolder url="file://$MODULE_DIR$/src/test/java" isTestSource="true" />
+      <sourceFolder url="file://$MODULE_DIR$/src/main/resources" type="java-resource" />
+      <excludeFolder url="file://$MODULE_DIR$/target" />
+    </content>
+    <orderEntry type="inheritedJdk" />
+    <orderEntry type="sourceFolder" forTests="false" />
+    <orderEntry type="library" name="Maven: commons-logging:commons-logging:1.0.4" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_jce_full:5.101" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_moa:1.5" level="project" />
+    <orderEntry type="library" scope="TEST" name="Maven: junit:junit:3.8.1" level="project" />
+    <orderEntry type="library" name="Maven: jaxen:jaxen:1.0-FCS" level="project" />
+    <orderEntry type="library" name="Maven: saxpath:saxpath:1.0-FCS" level="project" />
+    <orderEntry type="library" name="Maven: xalan-bin-dist:xalan:2.7.1" level="project" />
+    <orderEntry type="library" name="Maven: xalan:serializer:2.7.1" level="project" />
+    <orderEntry type="library" name="Maven: xml-apis:xml-apis:1.3.04" level="project" />
+    <orderEntry type="library" name="Maven: xerces:xercesImpl:2.9.0" level="project" />
+    <orderEntry type="library" name="Maven: xalan-bin-dist:xml-apis:2.7.1" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: xalan-bin-dist:serializer:2.7.1" level="project" />
+    <orderEntry type="library" name="Maven: joda-time:joda-time:1.6.2" level="project" />
+  </component>
+</module>
+
diff --git a/id/id.iml b/id/id.iml
new file mode 100644
index 000000000..c418d6693
--- /dev/null
+++ b/id/id.iml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
+  <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+    <content url="file://$MODULE_DIR$">
+      <excludeFolder url="file://$MODULE_DIR$/target" />
+    </content>
+    <orderEntry type="inheritedJdk" />
+    <orderEntry type="sourceFolder" forTests="false" />
+  </component>
+</module>
+
diff --git a/id/oa/moa-id-oa.iml b/id/oa/moa-id-oa.iml
new file mode 100644
index 000000000..a87a36773
--- /dev/null
+++ b/id/oa/moa-id-oa.iml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
+  <component name="FacetManager">
+    <facet type="web" name="Web">
+      <configuration>
+        <descriptors>
+          <deploymentDescriptor name="web.xml" url="file://$MODULE_DIR$/src/main/webapp/WEB-INF/web.xml" />
+        </descriptors>
+        <webroots>
+          <root url="file://$MODULE_DIR$/src/main/webapp" relative="/" />
+        </webroots>
+      </configuration>
+    </facet>
+  </component>
+  <component name="NewModuleRootManager" inherit-compiler-output="false">
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+    <content url="file://$MODULE_DIR$">
+      <excludeFolder url="file://$MODULE_DIR$/target" />
+    </content>
+    <orderEntry type="inheritedJdk" />
+    <orderEntry type="sourceFolder" forTests="false" />
+  </component>
+</module>
+
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java
new file mode 100644
index 000000000..e69de29bb
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProcotol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProcotol.java
new file mode 100644
index 000000000..e69de29bb
diff --git a/id/templates/moa-id-templates.iml b/id/templates/moa-id-templates.iml
new file mode 100644
index 000000000..3b8b05541
--- /dev/null
+++ b/id/templates/moa-id-templates.iml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
+  <component name="FacetManager">
+    <facet type="web" name="Web">
+      <configuration>
+        <descriptors>
+          <deploymentDescriptor name="web.xml" url="file://$MODULE_DIR$/src/main/webapp/WEB-INF/web.xml" />
+        </descriptors>
+        <webroots>
+          <root url="file://$MODULE_DIR$/src/main/webapp" relative="/" />
+        </webroots>
+      </configuration>
+    </facet>
+  </component>
+  <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+    <content url="file://$MODULE_DIR$">
+      <excludeFolder url="file://$MODULE_DIR$/target" />
+    </content>
+    <orderEntry type="inheritedJdk" />
+    <orderEntry type="sourceFolder" forTests="false" />
+  </component>
+</module>
+
diff --git a/spss/spss.iml b/spss/spss.iml
new file mode 100644
index 000000000..c418d6693
--- /dev/null
+++ b/spss/spss.iml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
+  <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+    <content url="file://$MODULE_DIR$">
+      <excludeFolder url="file://$MODULE_DIR$/target" />
+    </content>
+    <orderEntry type="inheritedJdk" />
+    <orderEntry type="sourceFolder" forTests="false" />
+  </component>
+</module>
+
-- 
cgit v1.2.3


From b5cbffea611b603d2ae28ebb104128e8abbb7656 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Fri, 17 Jan 2014 17:32:48 +0100
Subject: copying old changes

---
 .../id/protocols/stork2/AuthenticationRequest.java | 160 +++++++++++++++++++++
 .../id/protocols/stork2/STORKAuthnRequestDEL.java  |  72 ++++++++++
 .../moa/id/protocols/stork2/STORKProcotol.java     | 127 ++++++++++++++++
 3 files changed, 359 insertions(+)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index e69de29bb..49b6bba8a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -0,0 +1,160 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.moduls.IAction;
+import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.logging.Logger;
+import eu.stork.mw.messages.saml.STORKAuthnRequest;
+import eu.stork.vidp.api.messages.StartAuthResponse;
+import eu.stork.vidp.messages.stork.SpInstitution;
+import eu.stork.vidp.messages.util.SAMLUtil;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
+import org.apache.velocity.runtime.RuntimeConstants;
+import org.opensaml.xml.util.Base64;
+import org.opensaml.xml.util.XMLHelper;
+
+import javax.servlet.ServletOutputStream;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.OutputStreamWriter;
+import java.io.Writer;
+import java.util.HashMap;
+
+/**
+ * @author bsuzic
+ *         Date: 12/3/13, Time: 2:08 PM
+ */
+
+public class AuthenticationRequest implements IAction {
+    /*
+    Second request step - after authentication of the user is done and moasession obtained,
+    process request and forward the user further to PEPS and/or other entities
+     */
+
+
+    private VelocityEngine velocityEngine;
+
+
+    public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {
+        Logger.debug("Starting AuthenticationRequest");
+        //AuthenticationServer.getInstance().startSTORKAuthentication(httpReq, httpResp, moasession);
+        Logger.debug("Http Response: " + httpResp.toString() + ", ");
+        Logger.debug("Moa session: " + moasession.toString() + " " + moasession.getOAURLRequested() + " " + moasession.getPublicOAURLPrefix() + " " + moasession.getAction() + " " + moasession.getIdentityLink().getName() + " " + moasession.getTarget());
+        httpResp.reset();
+        //httpResp.addHeader("Location", "http:/www.google.com");
+        if (req instanceof STORKAuthnRequestDEL) {
+            Logger.debug("STORK QAA 2 :" + ((STORKAuthnRequestDEL) req).getStorkAuthnRequest().getQAALevel());
+            StartAuthResponse startAuthResponse = getStartAuthResponse(((STORKAuthnRequestDEL) req).getStorkAuthnRequest());
+
+            HttpSession httpSession = httpReq.getSession();
+            httpSession.setAttribute("STORKSessionID", "12345");
+            httpResp.setStatus(startAuthResponse.getHttpStatusCode());
+            try {
+                ServletOutputStream os = httpResp.getOutputStream();
+                String html = new String(startAuthResponse.getContent());
+
+
+                if (html.contains("<![CDATA[")) {
+                    Logger.info("-------- content contains <![CDATA[-----------------");
+                    Logger.info("-------- content contains html -----------------");
+                    Logger.info("HTML : " + html);
+                    int beginIndex = html.indexOf("<![CDATA[");
+                    int endIndex = html.indexOf("]]>");
+                    html = html.substring(beginIndex + 9, endIndex);
+                    startAuthResponse.setContent(html.getBytes());
+
+                }
+                Logger.info("HTML : " + html);
+
+                os.write(startAuthResponse.getContent());
+                Logger.info("Response sent to client");
+            } catch (IOException e) {
+                Logger.error("ERROR MOA");
+                throw new MOAIDException("error response sending", new Object[]{});
+            }
+            //httpSession.setAttribute("CCC", ccc);
+        }
+
+
+        //httpResp.setStatus(200);
+        //VPEPSInboundPostHandler
+
+
+        return "12345"; // AssertionId
+    }
+
+    public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) {
+        return true;
+    }
+
+
+    public StartAuthResponse getStartAuthResponse(STORKAuthnRequest authnRequest) {
+
+        StartAuthResponse authResponse = new StartAuthResponse(500, null, new HashMap<String, String>());
+
+        if (authnRequest.getSPID() != null) {
+            Logger.debug("SP id: " + authnRequest.getSPID());
+        } else {
+            SpInstitution spInstitution = (SpInstitution)authnRequest.getExtensions().getUnknownXMLObjects(SpInstitution.DEFAULT_ELEMENT_NAME).get(0);
+            Logger.debug("SP institution: " + spInstitution.getValue());
+        }
+
+        Logger.debug("SPEPS issuer: " + authnRequest.getIssuer().getValue());
+        Logger.debug("SPEPS Consumer URL: " + authnRequest.getAssertionConsumerServiceURL());
+
+
+
+        try {
+
+            initVelocityEngine();
+            VelocityContext velocityContext = new VelocityContext();
+
+            velocityContext.put("action", authnRequest.getDestination());
+            if (authnRequest.getDOM() == null) {
+                SAMLUtil.marshallMessage(authnRequest);
+            }
+
+            String messageXML = XMLHelper.nodeToString(authnRequest.getDOM());
+            String encodedMessage = Base64.encodeBytes(messageXML.getBytes("UTF-8"), Base64.DONT_BREAK_LINES);
+            velocityContext.put("SAMLRequest", encodedMessage);
+            ByteArrayOutputStream outStream = new ByteArrayOutputStream();
+
+            Writer out = new OutputStreamWriter(outStream, "UTF-8");
+            velocityEngine.mergeTemplate("/templates/saml2-post-binding.vm", "UTF-8", velocityContext, out);
+            out.flush();
+            authResponse.setContent(outStream.toByteArray());
+
+            authResponse.addHeader("Content-Type", "text/html; charset=utf-8");
+            authResponse.addHeader("Cache-Control", "no-cache");
+            authResponse.setHttpStatusCode(200);
+
+        } catch (Exception e) {
+            Logger.error("ERROR");
+        }
+
+
+        return authResponse;
+    }
+
+    public String getDefaultActionName() {
+        return STORKProtocol.AUTHENTICATIONREQUEST;
+    }
+
+
+    private void initVelocityEngine() throws Exception {
+        velocityEngine = new VelocityEngine();
+        velocityEngine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
+        velocityEngine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
+        velocityEngine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath");
+        velocityEngine.setProperty("classpath.resource.loader.class",
+                "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader");
+
+        velocityEngine.init();
+    }
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java
index e69de29bb..9e3e7f53d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java
@@ -0,0 +1,72 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import at.gv.egovernment.moa.id.moduls.IRequest;
+import eu.stork.mw.messages.saml.STORKAuthnRequest;
+import eu.stork.vidp.messages.saml.impl.STORKAuthnRequestImpl;
+import org.opensaml.common.xml.SAMLConstants;
+
+/**
+ * @author bsuzic
+ *         Date: 12/4/13, Time: 6:31 PM
+ */
+//public class STORKAuthnRequestDEL extends STORKAuthnRequestImpl implements IRequest {
+
+public class STORKAuthnRequestDEL implements IRequest {
+    private String requestID;
+    private String target = null;
+    String module = null;
+    String action = null;
+    private STORKAuthnRequest storkAuthnRequest;
+
+    public void setSTORKAuthnRequest(STORKAuthnRequestImpl request) {
+        this.storkAuthnRequest = request;
+    }
+
+    public STORKAuthnRequest getStorkAuthnRequest() {
+        return this.storkAuthnRequest;
+    }
+
+    public String getOAURL() {
+        return "https://sp:8889/SP";  //
+    }
+
+    public boolean isPassiv() {
+        return false;  //
+    }
+
+    public boolean forceAuth() {
+        return false;  //
+    }
+
+    public boolean isSSOSupported() {
+        return false;  //
+    }
+
+    public String requestedModule() {
+        return this.module;  //
+    }
+
+    public String requestedAction() {
+        return action;  //
+    }
+
+    public void setModule(String module) {
+        this.module = module;
+    }
+
+    public void setAction(String action) {
+        this.action = action;
+    }
+
+    public String getTarget() {
+        return this.target;  //
+    }
+
+    public void setRequestID(String id) {
+        this.requestID = id;
+    }
+
+    public String getRequestID() {
+        return this.requestID;  //
+    }
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProcotol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProcotol.java
index e69de29bb..15096083e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProcotol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProcotol.java
@@ -0,0 +1,127 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.moduls.IAction;
+import at.gv.egovernment.moa.id.moduls.IModulInfo;
+import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare;
+import at.gv.egovernment.moa.logging.Logger;
+import eu.stork.mw.messages.saml.STORKAuthnRequest;
+import eu.stork.vidp.messages.saml.impl.STORKAuthnRequestImpl;
+import org.opensaml.common.binding.BasicSAMLMessageContext;
+import org.opensaml.saml2.binding.decoding.HTTPPostDecoder;
+import org.opensaml.ws.transport.http.HTTPInTransport;
+import org.opensaml.ws.transport.http.HTTPOutTransport;
+import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
+import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.Collections;
+import java.util.HashMap;
+
+/**
+ * Stork 2 Protocol Support
+ * Date: 11/29/13, Time: 12:32 PM
+ * @author bsuzic
+ */
+public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
+
+    public static final String NAME = STORKProtocol.class.getName();
+    public static final String PATH = "id_stork2";
+
+    public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest";
+
+    private static HashMap<String, IAction> actions = new HashMap<String, IAction>();
+
+    static {
+
+        actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest());
+
+        instance = new STORKProtocol();
+    }
+
+    private static STORKProtocol instance = null;
+
+
+    public String getName() {
+        return NAME;
+    }
+
+    public String getPath() {
+        return PATH;
+    }
+
+    public IAction getAction(String action) {
+        return actions.get(action);
+    }
+
+    /*
+    First request step - send it to BKU selection for user authentication. After the user credentials
+    and other info are obtained, in the second step the request will be processed and the user redirected
+     */
+    public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action) throws MOAIDException {
+        Logger.debug("Starting preprocessing");
+        Logger.debug("Got request: " + request.toString());
+        Logger.debug("Request method: " + request.getMethod());
+        for (Object o : Collections.list(request.getHeaderNames())) {
+            Logger.debug("Request header: " + o.toString() + ":::" + request.getHeader(o.toString()));
+        }
+        for (Object o : Collections.list(request.getParameterNames())) {
+            Logger.debug("Request parameter: " + o.toString() + "::::" + request.getParameter(o.toString()));
+        }
+
+        Logger.debug("Request content length: " + request.getContentLength());
+        Logger.debug("Request query: " + request.getQueryString());
+        Logger.debug("Response: " + response.toString());
+        Logger.debug("Action: " + action);
+
+        Logger.debug("Processing saml request");
+        String SAMLRequest = request.getParameter("SAMLRequest");
+
+        HTTPInTransport profileReq = new HttpServletRequestAdapter(request);
+        HTTPOutTransport profileResp = new HttpServletResponseAdapter(response, request.isSecure());
+
+
+        BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext();
+        samlMessageContext.setInboundMessageTransport(profileReq);
+
+        HTTPPostDecoder postDecoder = new HTTPPostDecoder();
+        postDecoder.setURIComparator(new MOAURICompare()); // TODO Abstract to use general comparator
+
+        try {
+            Logger.debug("Attempting to decode request...");
+            postDecoder.decode(samlMessageContext);
+        } catch (Exception e) {
+            Logger.error("Error decoding STORKAuthnRequest", e);
+        }
+
+        STORKAuthnRequestImpl ST2Req = (STORKAuthnRequestImpl)samlMessageContext.getInboundSAMLMessage();
+        //STORKAuthnRequestDEL STORK2Request = (STORKAuthnRequestDEL)samlMessageContext.getInboundSAMLMessage();
+        STORKAuthnRequestDEL STORK2Request = new STORKAuthnRequestDEL();
+        STORK2Request.setSTORKAuthnRequest(ST2Req);
+
+        Logger.debug("STORK2 Citizen code: " + ST2Req.getCitizenCountryCode());
+        Logger.debug("STORK2 QAA: " + ST2Req.getQAALevel());
+        Logger.debug("STORK2 ISSUER: " + ST2Req.getIssuer().toString());
+
+
+        return STORK2Request;
+    }
+
+    public IAction canHandleRequest(HttpServletRequest request, HttpServletResponse response) {
+        return null;
+    }
+
+    public boolean generateErrorMessage(Throwable e, HttpServletRequest request, HttpServletResponse response, IRequest protocolRequest) throws Throwable {
+        return false;
+    }
+
+    public boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending) {
+        return false;
+    }
+}
+
+
-- 
cgit v1.2.3


From dbc6bd6c792519467c490e536ff6f1af5175a796 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Fri, 17 Jan 2014 17:37:56 +0100
Subject: renaming

---
 .../moa/id/protocols/stork2/STORKProcotol.java     | 127 ---------------------
 .../moa/id/protocols/stork2/STORKProtocol.java     | 127 +++++++++++++++++++++
 2 files changed, 127 insertions(+), 127 deletions(-)
 delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProcotol.java
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProcotol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProcotol.java
deleted file mode 100644
index 15096083e..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProcotol.java
+++ /dev/null
@@ -1,127 +0,0 @@
-package at.gv.egovernment.moa.id.protocols.stork2;
-
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.moduls.IAction;
-import at.gv.egovernment.moa.id.moduls.IModulInfo;
-import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare;
-import at.gv.egovernment.moa.logging.Logger;
-import eu.stork.mw.messages.saml.STORKAuthnRequest;
-import eu.stork.vidp.messages.saml.impl.STORKAuthnRequestImpl;
-import org.opensaml.common.binding.BasicSAMLMessageContext;
-import org.opensaml.saml2.binding.decoding.HTTPPostDecoder;
-import org.opensaml.ws.transport.http.HTTPInTransport;
-import org.opensaml.ws.transport.http.HTTPOutTransport;
-import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
-import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.util.Collections;
-import java.util.HashMap;
-
-/**
- * Stork 2 Protocol Support
- * Date: 11/29/13, Time: 12:32 PM
- * @author bsuzic
- */
-public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
-
-    public static final String NAME = STORKProtocol.class.getName();
-    public static final String PATH = "id_stork2";
-
-    public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest";
-
-    private static HashMap<String, IAction> actions = new HashMap<String, IAction>();
-
-    static {
-
-        actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest());
-
-        instance = new STORKProtocol();
-    }
-
-    private static STORKProtocol instance = null;
-
-
-    public String getName() {
-        return NAME;
-    }
-
-    public String getPath() {
-        return PATH;
-    }
-
-    public IAction getAction(String action) {
-        return actions.get(action);
-    }
-
-    /*
-    First request step - send it to BKU selection for user authentication. After the user credentials
-    and other info are obtained, in the second step the request will be processed and the user redirected
-     */
-    public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action) throws MOAIDException {
-        Logger.debug("Starting preprocessing");
-        Logger.debug("Got request: " + request.toString());
-        Logger.debug("Request method: " + request.getMethod());
-        for (Object o : Collections.list(request.getHeaderNames())) {
-            Logger.debug("Request header: " + o.toString() + ":::" + request.getHeader(o.toString()));
-        }
-        for (Object o : Collections.list(request.getParameterNames())) {
-            Logger.debug("Request parameter: " + o.toString() + "::::" + request.getParameter(o.toString()));
-        }
-
-        Logger.debug("Request content length: " + request.getContentLength());
-        Logger.debug("Request query: " + request.getQueryString());
-        Logger.debug("Response: " + response.toString());
-        Logger.debug("Action: " + action);
-
-        Logger.debug("Processing saml request");
-        String SAMLRequest = request.getParameter("SAMLRequest");
-
-        HTTPInTransport profileReq = new HttpServletRequestAdapter(request);
-        HTTPOutTransport profileResp = new HttpServletResponseAdapter(response, request.isSecure());
-
-
-        BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext();
-        samlMessageContext.setInboundMessageTransport(profileReq);
-
-        HTTPPostDecoder postDecoder = new HTTPPostDecoder();
-        postDecoder.setURIComparator(new MOAURICompare()); // TODO Abstract to use general comparator
-
-        try {
-            Logger.debug("Attempting to decode request...");
-            postDecoder.decode(samlMessageContext);
-        } catch (Exception e) {
-            Logger.error("Error decoding STORKAuthnRequest", e);
-        }
-
-        STORKAuthnRequestImpl ST2Req = (STORKAuthnRequestImpl)samlMessageContext.getInboundSAMLMessage();
-        //STORKAuthnRequestDEL STORK2Request = (STORKAuthnRequestDEL)samlMessageContext.getInboundSAMLMessage();
-        STORKAuthnRequestDEL STORK2Request = new STORKAuthnRequestDEL();
-        STORK2Request.setSTORKAuthnRequest(ST2Req);
-
-        Logger.debug("STORK2 Citizen code: " + ST2Req.getCitizenCountryCode());
-        Logger.debug("STORK2 QAA: " + ST2Req.getQAALevel());
-        Logger.debug("STORK2 ISSUER: " + ST2Req.getIssuer().toString());
-
-
-        return STORK2Request;
-    }
-
-    public IAction canHandleRequest(HttpServletRequest request, HttpServletResponse response) {
-        return null;
-    }
-
-    public boolean generateErrorMessage(Throwable e, HttpServletRequest request, HttpServletResponse response, IRequest protocolRequest) throws Throwable {
-        return false;
-    }
-
-    public boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending) {
-        return false;
-    }
-}
-
-
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
new file mode 100644
index 000000000..15096083e
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -0,0 +1,127 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.moduls.IAction;
+import at.gv.egovernment.moa.id.moduls.IModulInfo;
+import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare;
+import at.gv.egovernment.moa.logging.Logger;
+import eu.stork.mw.messages.saml.STORKAuthnRequest;
+import eu.stork.vidp.messages.saml.impl.STORKAuthnRequestImpl;
+import org.opensaml.common.binding.BasicSAMLMessageContext;
+import org.opensaml.saml2.binding.decoding.HTTPPostDecoder;
+import org.opensaml.ws.transport.http.HTTPInTransport;
+import org.opensaml.ws.transport.http.HTTPOutTransport;
+import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
+import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.Collections;
+import java.util.HashMap;
+
+/**
+ * Stork 2 Protocol Support
+ * Date: 11/29/13, Time: 12:32 PM
+ * @author bsuzic
+ */
+public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
+
+    public static final String NAME = STORKProtocol.class.getName();
+    public static final String PATH = "id_stork2";
+
+    public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest";
+
+    private static HashMap<String, IAction> actions = new HashMap<String, IAction>();
+
+    static {
+
+        actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest());
+
+        instance = new STORKProtocol();
+    }
+
+    private static STORKProtocol instance = null;
+
+
+    public String getName() {
+        return NAME;
+    }
+
+    public String getPath() {
+        return PATH;
+    }
+
+    public IAction getAction(String action) {
+        return actions.get(action);
+    }
+
+    /*
+    First request step - send it to BKU selection for user authentication. After the user credentials
+    and other info are obtained, in the second step the request will be processed and the user redirected
+     */
+    public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action) throws MOAIDException {
+        Logger.debug("Starting preprocessing");
+        Logger.debug("Got request: " + request.toString());
+        Logger.debug("Request method: " + request.getMethod());
+        for (Object o : Collections.list(request.getHeaderNames())) {
+            Logger.debug("Request header: " + o.toString() + ":::" + request.getHeader(o.toString()));
+        }
+        for (Object o : Collections.list(request.getParameterNames())) {
+            Logger.debug("Request parameter: " + o.toString() + "::::" + request.getParameter(o.toString()));
+        }
+
+        Logger.debug("Request content length: " + request.getContentLength());
+        Logger.debug("Request query: " + request.getQueryString());
+        Logger.debug("Response: " + response.toString());
+        Logger.debug("Action: " + action);
+
+        Logger.debug("Processing saml request");
+        String SAMLRequest = request.getParameter("SAMLRequest");
+
+        HTTPInTransport profileReq = new HttpServletRequestAdapter(request);
+        HTTPOutTransport profileResp = new HttpServletResponseAdapter(response, request.isSecure());
+
+
+        BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext();
+        samlMessageContext.setInboundMessageTransport(profileReq);
+
+        HTTPPostDecoder postDecoder = new HTTPPostDecoder();
+        postDecoder.setURIComparator(new MOAURICompare()); // TODO Abstract to use general comparator
+
+        try {
+            Logger.debug("Attempting to decode request...");
+            postDecoder.decode(samlMessageContext);
+        } catch (Exception e) {
+            Logger.error("Error decoding STORKAuthnRequest", e);
+        }
+
+        STORKAuthnRequestImpl ST2Req = (STORKAuthnRequestImpl)samlMessageContext.getInboundSAMLMessage();
+        //STORKAuthnRequestDEL STORK2Request = (STORKAuthnRequestDEL)samlMessageContext.getInboundSAMLMessage();
+        STORKAuthnRequestDEL STORK2Request = new STORKAuthnRequestDEL();
+        STORK2Request.setSTORKAuthnRequest(ST2Req);
+
+        Logger.debug("STORK2 Citizen code: " + ST2Req.getCitizenCountryCode());
+        Logger.debug("STORK2 QAA: " + ST2Req.getQAALevel());
+        Logger.debug("STORK2 ISSUER: " + ST2Req.getIssuer().toString());
+
+
+        return STORK2Request;
+    }
+
+    public IAction canHandleRequest(HttpServletRequest request, HttpServletResponse response) {
+        return null;
+    }
+
+    public boolean generateErrorMessage(Throwable e, HttpServletRequest request, HttpServletResponse response, IRequest protocolRequest) throws Throwable {
+        return false;
+    }
+
+    public boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending) {
+        return false;
+    }
+}
+
+
-- 
cgit v1.2.3


From 1243688780cea8031c1aa33d7f4e43e7a834bae1 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Wed, 22 Jan 2014 12:35:57 +0100
Subject: disabling verification for test purposes

---
 .../auth/validator/VerifyXMLSignatureResponseValidator.java   | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
index 1a06ef2f4..2fe540af5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
@@ -101,11 +101,12 @@ public class VerifyXMLSignatureResponseValidator {
 				checkFailedReason = MOAIDMessageProvider.getInstance().getMessage("validator.24", null);
 			if (verifyXMLSignatureResponse.getCertificateCheckCode() == 5) 
 				checkFailedReason = MOAIDMessageProvider.getInstance().getMessage("validator.25", null);
-    
-      if (whatToCheck.equals(CHECK_IDENTITY_LINK)) 
-        throw new ValidateException("validator.07", new Object[] { checkFailedReason } );
-      else
-        throw new ValidateException("validator.19", new Object[] { checkFailedReason } );
+
+    // TEST CARDS
+    //  if (whatToCheck.equals(CHECK_IDENTITY_LINK))
+    //    throw new ValidateException("validator.07", new Object[] { checkFailedReason } );
+    //  else
+    //    throw new ValidateException("validator.19", new Object[] { checkFailedReason } );
     }
     
     if (ignoreManifestValidationResult) {
-- 
cgit v1.2.3


From 52dabc099bc80230128a621aa14f1010ba12221e Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Wed, 22 Jan 2014 18:26:58 +0100
Subject: peps saml engine adjustment

---
 id/ConfigWebTool/ConfigurationInterface.iml        | 13 ++--
 id/server/auth/moa-id-auth.iml                     | 13 ++--
 id/server/idserverlib/moa-id-lib.iml               | 15 +++--
 id/server/idserverlib/pom.xml                      | 12 ++++
 .../id/protocols/stork2/AuthenticationRequest.java |  1 +
 .../moa/id/protocols/stork2/STORKAuthnReq.java     | 73 ++++++++++++++++++++++
 .../id/protocols/stork2/STORKAuthnRequestDEL.java  |  4 +-
 id/server/proxy/moa-id-proxy.iml                   | 13 ++--
 8 files changed, 121 insertions(+), 23 deletions(-)
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/ConfigWebTool/ConfigurationInterface.iml b/id/ConfigWebTool/ConfigurationInterface.iml
index 3164e135f..eae19a059 100644
--- a/id/ConfigWebTool/ConfigurationInterface.iml
+++ b/id/ConfigWebTool/ConfigurationInterface.iml
@@ -38,7 +38,6 @@
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-log4j12:1.6.6" level="project" />
     <orderEntry type="library" name="Maven: eu.stork:saml-engine:1.1.0" level="project" />
     <orderEntry type="library" name="Maven: eu.stork:stork-commons:1.1.0" level="project" />
-    <orderEntry type="library" name="Maven: org.bouncycastle:bcprov-jdk16:1.46" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-simple:1.7.5" level="project" />
     <orderEntry type="library" scope="PROVIDED" name="Maven: javax.servlet:jstl:1.2" level="project" />
     <orderEntry type="library" scope="PROVIDED" name="Maven: javax.servlet:servlet-api:2.4" level="project" />
@@ -88,6 +87,14 @@
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-api:1.6.1" level="project" />
     <orderEntry type="library" name="Maven: log4j:log4j:1.2.14" level="project" />
     <orderEntry type="module" module-name="mw-messages-api" />
+    <orderEntry type="library" name="Maven: eu.stork:Commons:1.1.0" level="project" />
+    <orderEntry type="library" name="Maven: org.bouncycastle:bcprov-jdk16:1.46" level="project" />
+    <orderEntry type="library" name="Maven: eu.stork:SamlEngine:1.1.0" level="project" />
+    <orderEntry type="library" name="Maven: org.slf4j:slf4j-simple:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: org.slf4j:jcl-over-slf4j:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: commons-io:commons-io:2.0.1" level="project" />
     <orderEntry type="module" module-name="moa-spss-lib" />
     <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
     <orderEntry type="library" name="Maven: org.apache.axis:axis-jaxrpc:1.4" level="project" />
@@ -113,7 +120,6 @@
     <orderEntry type="library" name="Maven: org.xerial:sqlite-jdbc:3.7.8-SNAPSHOT" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_jsse:4.4" level="project" />
     <orderEntry type="library" name="Maven: commons-fileupload:commons-fileupload:1.1.1" level="project" />
-    <orderEntry type="library" name="Maven: commons-io:commons-io:2.0.1" level="project" />
     <orderEntry type="library" name="Maven: dav4j:dav4j:0.1" level="project" />
     <orderEntry type="library" name="Maven: httpsclient:httpsclient:JSSE-1.0" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_X509TrustManager:0.3" level="project" />
@@ -143,9 +149,6 @@
     <orderEntry type="library" scope="RUNTIME" name="Maven: org.apache.xerces:xml-apis:2.10.0" level="project" />
     <orderEntry type="library" scope="RUNTIME" name="Maven: org.apache.xerces:xercesImpl:2.10.0" level="project" />
     <orderEntry type="library" scope="RUNTIME" name="Maven: org.apache.xerces:serializer:2.10.0" level="project" />
-    <orderEntry type="library" name="Maven: org.slf4j:jcl-over-slf4j:1.7.5" level="project" />
-    <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.5" level="project" />
-    <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: regexp:regexp:1.3" level="project" />
     <orderEntry type="library" name="Maven: at.gv.util:egovutils:1.0.2" level="project" />
     <orderEntry type="library" name="Maven: com.sun:webservices-tools:2.0.1" level="project" />
diff --git a/id/server/auth/moa-id-auth.iml b/id/server/auth/moa-id-auth.iml
index 4c9b1f5b7..f581b8feb 100644
--- a/id/server/auth/moa-id-auth.iml
+++ b/id/server/auth/moa-id-auth.iml
@@ -26,7 +26,6 @@
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-log4j12:1.6.6" level="project" />
     <orderEntry type="library" name="Maven: eu.stork:saml-engine:1.1.0" level="project" />
     <orderEntry type="library" name="Maven: eu.stork:stork-commons:1.1.0" level="project" />
-    <orderEntry type="library" name="Maven: org.bouncycastle:bcprov-jdk16:1.46" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-simple:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: commons-io:commons-io:2.2" level="project" />
     <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
@@ -85,6 +84,14 @@
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-log4j12:1.6.4" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-api:1.7.5" level="project" />
     <orderEntry type="module" module-name="mw-messages-api" />
+    <orderEntry type="library" name="Maven: eu.stork:Commons:1.1.0" level="project" />
+    <orderEntry type="library" name="Maven: org.bouncycastle:bcprov-jdk16:1.46" level="project" />
+    <orderEntry type="library" name="Maven: eu.stork:SamlEngine:1.1.0" level="project" />
+    <orderEntry type="library" name="Maven: org.slf4j:slf4j-simple:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: org.slf4j:jcl-over-slf4j:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: commons-io:commons-io:2.2" level="project" />
     <orderEntry type="module" module-name="moa-id-commons" />
     <orderEntry type="library" name="Maven: org.hibernate:hibernate-core:4.2.1.Final" level="project" />
     <orderEntry type="library" name="Maven: antlr:antlr:2.7.7" level="project" />
@@ -102,7 +109,6 @@
     <orderEntry type="library" name="Maven: org.jvnet.jaxb2_commons:jaxb2-basics-runtime:0.6.2" level="project" />
     <orderEntry type="library" name="Maven: mysql:mysql-connector-java:5.1.25" level="project" />
     <orderEntry type="library" name="Maven: commons-fileupload:commons-fileupload:1.1.1" level="project" />
-    <orderEntry type="library" name="Maven: commons-io:commons-io:1.1" level="project" />
     <orderEntry type="library" name="Maven: dav4j:dav4j:0.1" level="project" />
     <orderEntry type="library" name="Maven: httpsclient:httpsclient:JSSE-1.0" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_X509TrustManager:0.3" level="project" />
@@ -132,9 +138,6 @@
     <orderEntry type="library" scope="RUNTIME" name="Maven: org.apache.xerces:xml-apis:2.10.0" level="project" />
     <orderEntry type="library" scope="RUNTIME" name="Maven: org.apache.xerces:xercesImpl:2.10.0" level="project" />
     <orderEntry type="library" scope="RUNTIME" name="Maven: org.apache.xerces:serializer:2.10.0" level="project" />
-    <orderEntry type="library" name="Maven: org.slf4j:jcl-over-slf4j:1.7.5" level="project" />
-    <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.5" level="project" />
-    <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: regexp:regexp:1.3" level="project" />
   </component>
 </module>
diff --git a/id/server/idserverlib/moa-id-lib.iml b/id/server/idserverlib/moa-id-lib.iml
index a871aed63..54043911b 100644
--- a/id/server/idserverlib/moa-id-lib.iml
+++ b/id/server/idserverlib/moa-id-lib.iml
@@ -17,7 +17,6 @@
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-log4j12:1.6.6" level="project" />
     <orderEntry type="library" name="Maven: eu.stork:saml-engine:1.1.0" level="project" />
     <orderEntry type="library" name="Maven: eu.stork:stork-commons:1.1.0" level="project" />
-    <orderEntry type="library" name="Maven: org.bouncycastle:bcprov-jdk16:1.46" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-simple:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: commons-io:commons-io:2.2" level="project" />
     <orderEntry type="module" module-name="stork-saml-engine" />
@@ -26,7 +25,7 @@
     <orderEntry type="library" name="Maven: org.opensaml:xmltooling:1.3.4" level="project" />
     <orderEntry type="library" name="Maven: org.bouncycastle:bcprov-jdk15:1.46" level="project" />
     <orderEntry type="library" name="Maven: commons-codec:commons-codec:1.2" level="project" />
-    <orderEntry type="library" name="Maven: joda-time:joda-time:1.6.2" level="project" />
+    <orderEntry type="library" name="Maven: joda-time:joda-time:2.3" level="project" />
     <orderEntry type="library" name="Maven: ca.juliusdavies:not-yet-commons-ssl:0.3.9" level="project" />
     <orderEntry type="library" name="Maven: commons-httpclient:commons-httpclient:3.1" level="project" />
     <orderEntry type="library" name="Maven: org.apache.santuario:xmlsec:1.4.5" level="project" />
@@ -44,6 +43,14 @@
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-api:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: log4j:log4j:1.2.14" level="project" />
     <orderEntry type="module" module-name="mw-messages-api" />
+    <orderEntry type="library" name="Maven: eu.stork:Commons:1.1.0" level="project" />
+    <orderEntry type="library" name="Maven: org.bouncycastle:bcprov-jdk16:1.46" level="project" />
+    <orderEntry type="library" name="Maven: eu.stork:SamlEngine:1.1.0" level="project" />
+    <orderEntry type="library" name="Maven: org.slf4j:slf4j-simple:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: org.slf4j:jcl-over-slf4j:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: commons-io:commons-io:2.2" level="project" />
     <orderEntry type="module" module-name="moa-id-commons" />
     <orderEntry type="library" name="Maven: org.hibernate:hibernate-core:4.2.1.Final" level="project" />
     <orderEntry type="library" name="Maven: antlr:antlr:2.7.7" level="project" />
@@ -93,7 +100,6 @@
     <orderEntry type="library" name="Maven: iaik.prod:iaik_jsse:4.4" level="project" />
     <orderEntry type="library" scope="TEST" name="Maven: junit:junit:3.8.1" level="project" />
     <orderEntry type="library" name="Maven: commons-fileupload:commons-fileupload:1.1.1" level="project" />
-    <orderEntry type="library" name="Maven: commons-io:commons-io:1.1" level="project" />
     <orderEntry type="library" name="Maven: dav4j:dav4j:0.1" level="project" />
     <orderEntry type="library" name="Maven: httpsclient:httpsclient:JSSE-1.0" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_X509TrustManager:0.3" level="project" />
@@ -123,9 +129,6 @@
     <orderEntry type="library" scope="RUNTIME" name="Maven: org.apache.xerces:xml-apis:2.10.0" level="project" />
     <orderEntry type="library" scope="RUNTIME" name="Maven: org.apache.xerces:xercesImpl:2.10.0" level="project" />
     <orderEntry type="library" scope="RUNTIME" name="Maven: org.apache.xerces:serializer:2.10.0" level="project" />
-    <orderEntry type="library" name="Maven: org.slf4j:jcl-over-slf4j:1.7.5" level="project" />
-    <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.5" level="project" />
-    <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: regexp:regexp:1.3" level="project" />
   </component>
 </module>
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index 765edf7c8..446440a11 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -34,6 +34,18 @@
             <artifactId>mw-messages-api</artifactId>
             <version>2.0</version>
         </dependency>
+
+        <dependency>
+            <groupId>eu.stork</groupId>
+            <artifactId>Commons</artifactId>
+            <version>1.1.0</version>
+        </dependency>
+        <dependency>
+            <groupId>eu.stork</groupId>
+            <artifactId>SamlEngine</artifactId>
+            <version>1.1.0</version>
+        </dependency>
+
     <dependency>
     		<groupId>MOA.id.server</groupId>
     		<artifactId>moa-id-commons</artifactId>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 49b6bba8a..d5430a358 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -24,6 +24,7 @@ import java.io.IOException;
 import java.io.OutputStreamWriter;
 import java.io.Writer;
 import java.util.HashMap;
+import eu.stork.peps.auth.engine.SAMLEngine;
 
 /**
  * @author bsuzic
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java
new file mode 100644
index 000000000..c79423ffc
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java
@@ -0,0 +1,73 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import at.gv.egovernment.moa.id.moduls.IRequest;
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
+
+
+
+/**
+ * @author bsuzic
+ *         Date: 1/22/14, Time: 5:30 PM
+ */
+public class STORKAuthnReq implements IRequest {
+    private String requestID;
+    private String target = null;
+    String module = null;
+    String action = null;
+    private STORKAuthnRequest storkAuthnRequest;
+
+    public void setSTORKAuthnRequest(STORKAuthnRequest request) {
+        this.storkAuthnRequest = request;
+    }
+
+    public STORKAuthnRequest getStorkAuthnRequest() {
+        return this.storkAuthnRequest;
+    }
+
+
+    public String getOAURL() {
+        return "https://sp:8889/SP";  //
+    }
+
+    public boolean isPassiv() {
+        return false;  //
+    }
+
+    public boolean forceAuth() {
+        return false;  //
+    }
+
+    public boolean isSSOSupported() {
+        return false;  //
+    }
+
+    public String requestedModule() {
+        return this.module;  //
+    }
+
+    public String requestedAction() {
+        return action;  //
+    }
+
+    public void setModule(String module) {
+        this.module = module;
+    }
+
+    public void setAction(String action) {
+        this.action = action;
+    }
+
+    public String getTarget() {
+        return this.target;  //
+    }
+
+    public void setRequestID(String id) {
+        this.requestID = id;
+    }
+
+    public String getRequestID() {
+        return this.requestID;  //
+    }
+
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java
index 9e3e7f53d..57dfad73f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java
@@ -16,13 +16,13 @@ public class STORKAuthnRequestDEL implements IRequest {
     private String target = null;
     String module = null;
     String action = null;
-    private STORKAuthnRequest storkAuthnRequest;
+    private eu.stork.mw.messages.saml.STORKAuthnRequest storkAuthnRequest;
 
     public void setSTORKAuthnRequest(STORKAuthnRequestImpl request) {
         this.storkAuthnRequest = request;
     }
 
-    public STORKAuthnRequest getStorkAuthnRequest() {
+    public eu.stork.mw.messages.saml.STORKAuthnRequest getStorkAuthnRequest() {
         return this.storkAuthnRequest;
     }
 
diff --git a/id/server/proxy/moa-id-proxy.iml b/id/server/proxy/moa-id-proxy.iml
index 5796eaa63..10a3ee912 100644
--- a/id/server/proxy/moa-id-proxy.iml
+++ b/id/server/proxy/moa-id-proxy.iml
@@ -24,7 +24,6 @@
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-log4j12:1.6.6" level="project" />
     <orderEntry type="library" name="Maven: eu.stork:saml-engine:1.1.0" level="project" />
     <orderEntry type="library" name="Maven: eu.stork:stork-commons:1.1.0" level="project" />
-    <orderEntry type="library" name="Maven: org.bouncycastle:bcprov-jdk16:1.46" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-simple:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: commons-io:commons-io:2.2" level="project" />
     <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
@@ -82,6 +81,14 @@
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-log4j12:1.6.4" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-api:1.7.5" level="project" />
     <orderEntry type="module" module-name="mw-messages-api" />
+    <orderEntry type="library" name="Maven: eu.stork:Commons:1.1.0" level="project" />
+    <orderEntry type="library" name="Maven: org.bouncycastle:bcprov-jdk16:1.46" level="project" />
+    <orderEntry type="library" name="Maven: eu.stork:SamlEngine:1.1.0" level="project" />
+    <orderEntry type="library" name="Maven: org.slf4j:slf4j-simple:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: org.slf4j:jcl-over-slf4j:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: commons-io:commons-io:2.2" level="project" />
     <orderEntry type="module" module-name="moa-id-commons" />
     <orderEntry type="library" name="Maven: org.hibernate:hibernate-core:4.2.1.Final" level="project" />
     <orderEntry type="library" name="Maven: antlr:antlr:2.7.7" level="project" />
@@ -99,7 +106,6 @@
     <orderEntry type="library" name="Maven: org.jvnet.jaxb2_commons:jaxb2-basics-runtime:0.6.2" level="project" />
     <orderEntry type="library" name="Maven: mysql:mysql-connector-java:5.1.25" level="project" />
     <orderEntry type="library" name="Maven: commons-fileupload:commons-fileupload:1.1.1" level="project" />
-    <orderEntry type="library" name="Maven: commons-io:commons-io:1.1" level="project" />
     <orderEntry type="library" name="Maven: dav4j:dav4j:0.1" level="project" />
     <orderEntry type="library" name="Maven: httpsclient:httpsclient:JSSE-1.0" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_X509TrustManager:0.3" level="project" />
@@ -129,9 +135,6 @@
     <orderEntry type="library" scope="RUNTIME" name="Maven: org.apache.xerces:xml-apis:2.10.0" level="project" />
     <orderEntry type="library" scope="RUNTIME" name="Maven: org.apache.xerces:xercesImpl:2.10.0" level="project" />
     <orderEntry type="library" scope="RUNTIME" name="Maven: org.apache.xerces:serializer:2.10.0" level="project" />
-    <orderEntry type="library" name="Maven: org.slf4j:jcl-over-slf4j:1.7.5" level="project" />
-    <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.5" level="project" />
-    <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: regexp:regexp:1.3" level="project" />
   </component>
 </module>
-- 
cgit v1.2.3


From ed9ad9b0c13ee0de3231bab038f35b01beeb0d0b Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Thu, 23 Jan 2014 12:34:14 +0100
Subject: saml peps engine changeS

---
 .../moa/id/protocols/stork2/STORKAuthnReq.java     | 32 +++++++++++++++++++++-
 .../moa/id/protocols/stork2/STORKProtocol.java     |  4 +++
 2 files changed, 35 insertions(+), 1 deletion(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java
index c79423ffc..9bf4ed0d1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java
@@ -1,8 +1,12 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
 import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare;
+import at.gv.egovernment.moa.logging.Logger;
 import eu.stork.peps.auth.commons.STORKAuthnRequest;
-
+import org.opensaml.common.binding.BasicSAMLMessageContext;
+import org.opensaml.saml2.binding.decoding.HTTPPostDecoder;
+import org.opensaml.ws.transport.http.HTTPInTransport;
 
 
 /**
@@ -24,6 +28,32 @@ public class STORKAuthnReq implements IRequest {
         return this.storkAuthnRequest;
     }
 
+    public void createStorkReq(HTTPInTransport profileReq) {
+        Logger.debug("Generate stork request test...");
+        storkAuthnRequest = new STORKAuthnRequest();
+
+        BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext();
+        samlMessageContext.setInboundMessageTransport(profileReq);
+
+        HTTPPostDecoder postDecoder = new HTTPPostDecoder();
+        postDecoder.setURIComparator(new MOAURICompare()); // TODO Abstract to use general comparator
+
+        try {
+            Logger.debug("Attempting to decode request...");
+            postDecoder.decode(samlMessageContext);
+        } catch (Exception e) {
+            Logger.error("Error decoding STORKAuthnRequest", e);
+        }
+
+
+        storkAuthnRequest = (STORKAuthnRequest)samlMessageContext.getInboundSAMLMessage();
+        samlMessageContext.getinbound
+        storkAuthnRequest.set
+
+    }
+
+
+
 
     public String getOAURL() {
         return "https://sp:8889/SP";  //
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index 15096083e..e99079191 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -108,6 +108,10 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         Logger.debug("STORK2 ISSUER: " + ST2Req.getIssuer().toString());
 
 
+        STORKAuthnReq storkAuthnReq = new STORKAuthnReq();
+
+
+
         return STORK2Request;
     }
 
-- 
cgit v1.2.3


From 65fb688c9323696fcc12e1c049a2b6a75d6ff1e5 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Tue, 4 Feb 2014 17:25:09 +0100
Subject: merging with other code

---
 id/ConfigWebTool/ConfigurationInterface.iml        | 38 +++++++++--
 id/server/auth/moa-id-auth.iml                     | 73 ++++++++++++++--------
 id/server/idserverlib/moa-id-lib.iml               | 33 ++++++++--
 id/server/idserverlib/pom.xml                      |  2 +-
 .../moa/id/auth/servlet/PEPSConnectorServlet.java  |  1 +
 .../moa/id/config/stork/STORKConfig.java           | 13 +++-
 id/server/moa-id-commons/moa-id-commons.iml        |  9 +--
 id/server/proxy/moa-id-proxy.iml                   | 73 ++++++++++++++--------
 .../clients/api/moa-spss-handbook-apiClient.iml    | 44 ++-----------
 .../handbook/clients/moa-spss-handbook-clients.iml |  2 +-
 .../moa-spss-handbook-referencedData.iml           |  2 +-
 .../moa-spss-handbook-webserviceClient.iml         | 44 ++-----------
 spss/handbook/moa-spss-handbook.iml                |  2 +-
 spss/server/moa-spss.iml                           |  8 +--
 spss/server/serverlib/moa-spss-lib.iml             |  3 +-
 spss/server/serverws/moa-spss-ws.iml               |  2 +-
 spss/server/tools/moa-spss-tools.iml               |  2 +-
 17 files changed, 188 insertions(+), 163 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/ConfigWebTool/ConfigurationInterface.iml b/id/ConfigWebTool/ConfigurationInterface.iml
index 18dc5586e..9c351185e 100644
--- a/id/ConfigWebTool/ConfigurationInterface.iml
+++ b/id/ConfigWebTool/ConfigurationInterface.iml
@@ -103,7 +103,7 @@
     <orderEntry type="library" name="Maven: mysql:mysql-connector-java:5.1.25" level="project" />
     <orderEntry type="module" module-name="moa-id-lib" />
     <orderEntry type="module" module-name="SamlEngine" />
-    <orderEntry type="library" name="Maven: eu.stork:Commons:1.1.0" level="project" />
+    <orderEntry type="library" name="Maven: eu.stork:Commons:1.2.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:opensaml:2.6.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:openws:1.5.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:xmltooling:1.4.0" level="project" />
@@ -138,16 +138,44 @@
     <orderEntry type="library" name="Maven: org.codehaus.woodstox:wstx-asl:3.2.3" level="project" />
     <orderEntry type="library" name="Maven: stax:stax-api:1.0.1" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet:mimepull:1.3" level="project" />
-    <orderEntry type="library" name="Maven: MOA.spss.server:moa-spss-lib:2.0.0" level="project" />
+    <orderEntry type="module" module-name="moa-spss-lib" />
     <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
+    <orderEntry type="library" name="Maven: org.apache.axis:axis-jaxrpc:1.4" level="project" />
+    <orderEntry type="library" name="Maven: org.apache.axis:axis-saaj:1.4" level="project" />
+    <orderEntry type="library" name="Maven: axis:axis-wsdl4j:1.5.1" level="project" />
+    <orderEntry type="library" name="Maven: commons-discovery:commons-discovery:0.2" level="project" />
+    <orderEntry type="library" name="Maven: javax.mail:mail:1.4" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: postgresql:postgresql:7.2" level="project" />
+    <orderEntry type="library" name="Maven: xalan-bin-dist:xalan:2.7.1" level="project" />
+    <orderEntry type="library" name="Maven: xalan:serializer:2.7.1" level="project" />
+    <orderEntry type="library" name="Maven: xml-apis:xml-apis:1.3.04" level="project" />
+    <orderEntry type="library" name="Maven: xerces:xercesImpl:2.9.0" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: xalan-bin-dist:xml-apis:2.7.1" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: xalan-bin-dist:serializer:2.7.1" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_ixsil:1.2.2.5" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: iaik.prod:iaik_ecc:2.19" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_cms:4.1_MOA" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: iaik.prod:iaik_Pkcs11Provider:1.2.4" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_Pkcs11Wrapper:1.2.17" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_tsl:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_xsect_eval:1.1709142" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_ecc_signed:2.19" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_jce_eval_signed:3.181" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_pki_module:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_javax_crypto:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_util:0.23" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_jsse:4.4" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_ssl:4.4" level="project" />
+    <orderEntry type="library" name="Maven: iaik:w3c_http:1.0" level="project" />
+    <orderEntry type="library" name="Maven: org.xerial:sqlite-jdbc:3.7.8-SNAPSHOT" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_util:0.23" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_xsect:1.1709142" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_jsse:4.4" level="project" />
     <orderEntry type="library" name="Maven: com.sun:webservices-tools:2.0.1" level="project" />
     <orderEntry type="library" name="Maven: com.sun:webservices-rt:2.0.1" level="project" />
-    <orderEntry type="library" name="Maven: javax.mail:mail:1.4" level="project" />
-    <orderEntry type="library" name="Maven: commons-discovery:commons-discovery:0.2" level="project" />
     <orderEntry type="library" name="Maven: commons-fileupload:commons-fileupload:1.1.1" level="project" />
     <orderEntry type="library" name="Maven: dav4j:dav4j:0.1" level="project" />
     <orderEntry type="library" name="Maven: httpsclient:httpsclient:JSSE-1.0" level="project" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_ixsil:1.2.2.5" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_X509TrustManager:0.3" level="project" />
     <orderEntry type="library" name="Maven: regexp:regexp:1.3" level="project" />
     <orderEntry type="library" name="Maven: com.googlecode.jsontoken:jsontoken:1.0" level="project" />
diff --git a/id/server/auth/moa-id-auth.iml b/id/server/auth/moa-id-auth.iml
index fe65bde29..d0aa970fc 100644
--- a/id/server/auth/moa-id-auth.iml
+++ b/id/server/auth/moa-id-auth.iml
@@ -25,12 +25,54 @@
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-log4j12:1.6.6" level="project" />
     <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
     <orderEntry type="library" name="Maven: org.tuckey:urlrewritefilter:4.0.3" level="project" />
-    <orderEntry type="library" name="Maven: MOA.spss.server:moa-spss-lib:2.0.0" level="project" />
+    <orderEntry type="module" module-name="moa-spss-lib" />
+    <orderEntry type="library" name="Maven: org.apache.axis:axis-jaxrpc:1.4" level="project" />
+    <orderEntry type="library" name="Maven: org.apache.axis:axis-saaj:1.4" level="project" />
+    <orderEntry type="library" name="Maven: axis:axis-wsdl4j:1.5.1" level="project" />
+    <orderEntry type="library" name="Maven: commons-discovery:commons-discovery:0.2" level="project" />
+    <orderEntry type="library" name="Maven: commons-logging:commons-logging:1.0.4" level="project" />
+    <orderEntry type="library" name="Maven: javax.activation:activation:1.1" level="project" />
+    <orderEntry type="library" name="Maven: javax.mail:mail:1.4" level="project" />
+    <orderEntry type="library" name="Maven: log4j:log4j:1.2.14" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: postgresql:postgresql:7.2" level="project" />
+    <orderEntry type="library" name="Maven: javax.servlet:servlet-api:2.4" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: xalan-bin-dist:xalan:2.7.1" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: xalan:serializer:2.7.1" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: xml-apis:xml-apis:1.3.04" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: xerces:xercesImpl:2.9.0" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: xalan-bin-dist:xml-apis:2.7.1" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: xalan-bin-dist:serializer:2.7.1" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_moa:1.5" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_ixsil:1.2.2.5" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: iaik.prod:iaik_jce_full:5.101" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: iaik.prod:iaik_ecc:2.19" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_cms:4.1_MOA" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: iaik.prod:iaik_Pkcs11Provider:1.2.4" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: iaik.prod:iaik_Pkcs11Wrapper:1.2.17" level="project" />
+    <orderEntry type="module" module-name="moa-common" />
+    <orderEntry type="library" name="Maven: jaxen:jaxen:1.0-FCS" level="project" />
+    <orderEntry type="library" name="Maven: saxpath:saxpath:1.0-FCS" level="project" />
+    <orderEntry type="library" name="Maven: joda-time:joda-time:1.6.2" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_tsl:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_xsect_eval:1.1709142" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_ecc_signed:2.19" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_jce_eval_signed:3.181" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_pki_module:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_javax_crypto:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_util:0.23" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_jsse:4.4" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_ssl:4.4" level="project" />
+    <orderEntry type="library" name="Maven: iaik:w3c_http:1.0" level="project" />
+    <orderEntry type="library" name="Maven: org.xerial:sqlite-jdbc:3.7.8-SNAPSHOT" level="project" />
+    <orderEntry type="library" name="Maven: stax:stax-api:1.0.1" level="project" />
+    <orderEntry type="library" name="Maven: javax.xml.bind:jaxb-api:2.2.6" level="project" />
+    <orderEntry type="library" name="Maven: com.sun.xml.bind:jaxb-impl:2.2.5" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_util:0.23" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_xsect:1.1709142" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_jsse:4.4" level="project" />
     <orderEntry type="module" module-name="moa-id-lib" />
     <orderEntry type="module" module-name="SamlEngine" />
-    <orderEntry type="library" name="Maven: eu.stork:Commons:1.1.0" level="project" />
-    <orderEntry type="library" name="Maven: joda-time:joda-time:2.3" level="project" />
-    <orderEntry type="library" name="Maven: log4j:log4j:1.2.14" level="project" />
+    <orderEntry type="library" name="Maven: eu.stork:Commons:1.2.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:opensaml:2.6.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:openws:1.5.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:xmltooling:1.4.0" level="project" />
@@ -59,16 +101,12 @@
     <orderEntry type="library" scope="TEST" name="Maven: junit:junit:3.8.1" level="project" />
     <orderEntry type="library" name="Maven: com.sun.xml.ws:jaxws-rt:2.1.7" level="project" />
     <orderEntry type="library" name="Maven: javax.xml.ws:jaxws-api:2.1" level="project" />
-    <orderEntry type="library" name="Maven: javax.xml.bind:jaxb-api:2.2.6" level="project" />
-    <orderEntry type="library" name="Maven: com.sun.xml.bind:jaxb-impl:2.2.5" level="project" />
     <orderEntry type="library" name="Maven: com.sun.xml.messaging.saaj:saaj-impl:1.3.3" level="project" />
     <orderEntry type="library" name="Maven: javax.xml.soap:saaj-api:1.3" level="project" />
-    <orderEntry type="library" name="Maven: javax.activation:activation:1.1" level="project" />
     <orderEntry type="library" name="Maven: com.sun.xml.stream.buffer:streambuffer:0.9" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.staxex:stax-ex:1.2" level="project" />
     <orderEntry type="library" name="Maven: javax.xml.stream:stax-api:1.0" level="project" />
     <orderEntry type="library" name="Maven: org.codehaus.woodstox:wstx-asl:3.2.3" level="project" />
-    <orderEntry type="library" name="Maven: stax:stax-api:1.0.1" level="project" />
     <orderEntry type="library" name="Maven: com.sun.org.apache.xml.internal:resolver:20050927" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet:mimepull:1.3" level="project" />
     <orderEntry type="module" module-name="moa-id-commons" />
@@ -84,12 +122,6 @@
     <orderEntry type="library" name="Maven: c3p0:c3p0:0.9.1" level="project" />
     <orderEntry type="library" name="Maven: org.hibernate:hibernate-entitymanager:4.2.1.Final" level="project" />
     <orderEntry type="library" name="Maven: org.apache.commons:commons-lang3:3.1" level="project" />
-    <orderEntry type="module" module-name="moa-common" />
-    <orderEntry type="library" name="Maven: commons-logging:commons-logging:1.0.4" level="project" />
-    <orderEntry type="library" scope="PROVIDED" name="Maven: iaik.prod:iaik_jce_full:5.101" level="project" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_moa:1.5" level="project" />
-    <orderEntry type="library" name="Maven: jaxen:jaxen:1.0-FCS" level="project" />
-    <orderEntry type="library" name="Maven: saxpath:saxpath:1.0-FCS" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-runtime:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.jaxb2_commons:jaxb2-basics-runtime:0.6.2" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:maven-hyperjaxb3-plugin:0.5.6" level="project" />
@@ -129,28 +161,15 @@
     <orderEntry type="library" name="Maven: mysql:mysql-connector-java:5.1.25" level="project" />
     <orderEntry type="library" name="Maven: com.sun:webservices-tools:2.0.1" level="project" />
     <orderEntry type="library" name="Maven: com.sun:webservices-rt:2.0.1" level="project" />
-    <orderEntry type="library" name="Maven: javax.mail:mail:1.4" level="project" />
-    <orderEntry type="library" name="Maven: commons-discovery:commons-discovery:0.2" level="project" />
     <orderEntry type="library" name="Maven: commons-fileupload:commons-fileupload:1.1.1" level="project" />
     <orderEntry type="library" name="Maven: dav4j:dav4j:0.1" level="project" />
     <orderEntry type="library" name="Maven: httpsclient:httpsclient:JSSE-1.0" level="project" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_ixsil:1.2.2.5" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_X509TrustManager:0.3" level="project" />
     <orderEntry type="library" name="Maven: regexp:regexp:1.3" level="project" />
     <orderEntry type="library" name="Maven: com.googlecode.jsontoken:jsontoken:1.0" level="project" />
     <orderEntry type="library" name="Maven: com.google.code.gson:gson:1.4" level="project" />
     <orderEntry type="library" name="Maven: com.google.collections:google-collections:1.0" level="project" />
-    <orderEntry type="library" name="Maven: javax.servlet:servlet-api:2.4" level="project" />
     <orderEntry type="library" name="Maven: org.apache.httpcomponents:httpcore:4.0.1" level="project" />
-    <orderEntry type="library" scope="PROVIDED" name="Maven: iaik.prod:iaik_ecc:2.19" level="project" />
-    <orderEntry type="library" scope="PROVIDED" name="Maven: iaik.prod:iaik_Pkcs11Provider:1.2.4" level="project" />
-    <orderEntry type="library" scope="PROVIDED" name="Maven: iaik.prod:iaik_Pkcs11Wrapper:1.2.17" level="project" />
-    <orderEntry type="library" scope="PROVIDED" name="Maven: xalan-bin-dist:xalan:2.7.1" level="project" />
-    <orderEntry type="library" scope="PROVIDED" name="Maven: xalan:serializer:2.7.1" level="project" />
-    <orderEntry type="library" scope="PROVIDED" name="Maven: xml-apis:xml-apis:1.3.04" level="project" />
-    <orderEntry type="library" scope="PROVIDED" name="Maven: xerces:xercesImpl:2.9.0" level="project" />
-    <orderEntry type="library" scope="PROVIDED" name="Maven: xalan-bin-dist:xml-apis:2.7.1" level="project" />
-    <orderEntry type="library" scope="PROVIDED" name="Maven: xalan-bin-dist:serializer:2.7.1" level="project" />
   </component>
 </module>
 
diff --git a/id/server/idserverlib/moa-id-lib.iml b/id/server/idserverlib/moa-id-lib.iml
index be1804f70..e79bae817 100644
--- a/id/server/idserverlib/moa-id-lib.iml
+++ b/id/server/idserverlib/moa-id-lib.iml
@@ -14,7 +14,7 @@
     <orderEntry type="library" name="Maven: eu.stork.mw.core:stork-saml-engine:2.0" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-log4j12:1.6.6" level="project" />
     <orderEntry type="module" module-name="SamlEngine" />
-    <orderEntry type="library" name="Maven: eu.stork:Commons:1.1.0" level="project" />
+    <orderEntry type="library" name="Maven: eu.stork:Commons:1.2.0" level="project" />
     <orderEntry type="library" name="Maven: joda-time:joda-time:2.3" level="project" />
     <orderEntry type="library" name="Maven: log4j:log4j:1.2.14" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:opensaml:2.6.0" level="project" />
@@ -114,11 +114,14 @@
     <orderEntry type="library" name="Maven: com.sun.xml.bind:jaxb-xjc:2.2.4-1" level="project" />
     <orderEntry type="library" name="Maven: mysql:mysql-connector-java:5.1.25" level="project" />
     <orderEntry type="module" module-name="moa-common" scope="TEST" production-on-test="" />
-    <orderEntry type="library" name="Maven: MOA.spss.server:moa-spss-lib:2.0.0" level="project" />
+    <orderEntry type="module" module-name="moa-spss-lib" />
     <orderEntry type="library" name="Maven: axis:axis:1.1" level="project" />
-    <orderEntry type="library" name="Maven: com.sun:webservices-tools:2.0.1" level="project" />
-    <orderEntry type="library" name="Maven: com.sun:webservices-rt:2.0.1" level="project" />
+    <orderEntry type="library" name="Maven: org.apache.axis:axis-jaxrpc:1.4" level="project" />
+    <orderEntry type="library" name="Maven: org.apache.axis:axis-saaj:1.4" level="project" />
+    <orderEntry type="library" name="Maven: axis:axis-wsdl4j:1.5.1" level="project" />
+    <orderEntry type="library" name="Maven: commons-discovery:commons-discovery:0.2" level="project" />
     <orderEntry type="library" name="Maven: javax.mail:mail:1.4" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: postgresql:postgresql:7.2" level="project" />
     <orderEntry type="library" scope="PROVIDED" name="Maven: javax.servlet:servlet-api:2.4" level="project" />
     <orderEntry type="library" scope="PROVIDED" name="Maven: xalan-bin-dist:xalan:2.7.1" level="project" />
     <orderEntry type="library" scope="PROVIDED" name="Maven: xalan:serializer:2.7.1" level="project" />
@@ -126,12 +129,30 @@
     <orderEntry type="library" scope="PROVIDED" name="Maven: xerces:xercesImpl:2.9.0" level="project" />
     <orderEntry type="library" scope="PROVIDED" name="Maven: xalan-bin-dist:xml-apis:2.7.1" level="project" />
     <orderEntry type="library" scope="PROVIDED" name="Maven: xalan-bin-dist:serializer:2.7.1" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_ixsil:1.2.2.5" level="project" />
     <orderEntry type="library" scope="PROVIDED" name="Maven: iaik.prod:iaik_ecc:2.19" level="project" />
-    <orderEntry type="library" name="Maven: commons-discovery:commons-discovery:0.2" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_cms:4.1_MOA" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: iaik.prod:iaik_Pkcs11Provider:1.2.4" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_Pkcs11Wrapper:1.2.17" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_tsl:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_xsect_eval:1.1709142" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_ecc_signed:2.19" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_jce_eval_signed:3.181" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_pki_module:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_javax_crypto:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_util:0.23" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_jsse:4.4" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_ssl:4.4" level="project" />
+    <orderEntry type="library" name="Maven: iaik:w3c_http:1.0" level="project" />
+    <orderEntry type="library" name="Maven: org.xerial:sqlite-jdbc:3.7.8-SNAPSHOT" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_util:0.23" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_xsect:1.1709142" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_jsse:4.4" level="project" />
+    <orderEntry type="library" name="Maven: com.sun:webservices-tools:2.0.1" level="project" />
+    <orderEntry type="library" name="Maven: com.sun:webservices-rt:2.0.1" level="project" />
     <orderEntry type="library" name="Maven: commons-fileupload:commons-fileupload:1.1.1" level="project" />
     <orderEntry type="library" name="Maven: dav4j:dav4j:0.1" level="project" />
     <orderEntry type="library" name="Maven: httpsclient:httpsclient:JSSE-1.0" level="project" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_ixsil:1.2.2.5" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_X509TrustManager:0.3" level="project" />
     <orderEntry type="library" name="Maven: regexp:regexp:1.3" level="project" />
     <orderEntry type="library" name="Maven: com.googlecode.jsontoken:jsontoken:1.0" level="project" />
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index 4528acfec..9896690f5 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -56,7 +56,7 @@
         <dependency>
             <groupId>eu.stork</groupId>
             <artifactId>Commons</artifactId>
-            <version>1.1.0</version>
+            <version>1.2.0</version>
         </dependency>
         <dependency>
             <groupId>eu.stork</groupId>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index b356c6f35..41be2c7e3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -331,6 +331,7 @@ public class PEPSConnectorServlet extends AuthServlet {
 			
 			//TODO: found better solution, but QAA Level in response could be not supported yet
 			try {
+
 				moasession.setQAALevel(authnResponse.getAssertions().get(0).
 						getAuthnStatements().get(0).getAuthnContext().
 						getAuthnContextClassRef().getAuthnContextClassRef());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
index 67638cafd..b340d2449 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
@@ -25,6 +25,7 @@
  */
 package at.gv.egovernment.moa.id.config.stork;
 
+import java.io.IOException;
 import java.net.MalformedURLException;
 import java.net.URL;
 import java.util.ArrayList;
@@ -33,10 +34,15 @@ import java.util.List;
 import java.util.Map;
 import java.util.Properties;
 
+import at.gv.egovernment.moa.id.commons.db.dao.config.SAMLSigningParameter;
 import at.gv.egovernment.moa.id.commons.db.dao.config.STORK;
 import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.StringUtils;
+import org.opensaml.ws.message.encoder.MessageEncodingException;
+import org.xml.sax.SAXException;
+
+import javax.xml.parsers.ParserConfigurationException;
 
 /**
  * Encapsulates several STORK configuration parameters according MOA configuration
@@ -73,7 +79,8 @@ public class STORKConfig {
 			} catch (MalformedURLException e) {
 				Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
 						+ cpep.getCountryCode() + " has an invalid URL and is ignored.");
-			} catch (ParserConfigurationException e) {
+			}
+            /*catch (ParserConfigurationException e) {
 				Logger.warn("Error in MOA-ID Configuration. CPEP entry for country " 
 						+ cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
 			} catch (SAXException e) {
@@ -85,7 +92,7 @@ public class STORKConfig {
 			} catch (MessageEncodingException e) {
 				Logger.warn("Error in MOA-ID Configuration. CPEP entry for country " 
 						+ cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
-			}
+			}*/
 		}
 		
 		SAMLSigningParameter samlsign = stork.getSAMLSigningParameter();   // TODO Fix nullpointerexception when nothing is configured
@@ -100,6 +107,8 @@ public class STORKConfig {
 
 	}
 
+    }
+
 	public SignatureCreationParameter getSignatureCreationParameter() {
 
 		return new SignatureCreationParameter(props, basedirectory);
diff --git a/id/server/moa-id-commons/moa-id-commons.iml b/id/server/moa-id-commons/moa-id-commons.iml
index 3dfcfd427..08d15d746 100644
--- a/id/server/moa-id-commons/moa-id-commons.iml
+++ b/id/server/moa-id-commons/moa-id-commons.iml
@@ -26,13 +26,14 @@
     </facet>
   </component>
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/target/classes" />
-    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+    <output url="file://$MODULE_DIR$/../../target/classes" />
+    <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
     <content url="file://$MODULE_DIR$">
-      <sourceFolder url="file://$MODULE_DIR$/target/generated-sources/xjc" isTestSource="false" generated="true" />
       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
       <sourceFolder url="file://$MODULE_DIR$/src/main/resources/config" type="java-resource" />
-      <excludeFolder url="file://$MODULE_DIR$/target" />
+      <sourceFolder url="file://$MODULE_DIR$/target/generated-sources/xjc" isTestSource="false" generated="true" />
+      <excludeFolder url="file://$MODULE_DIR$/target/apidocs" />
+      <excludeFolder url="file://$MODULE_DIR$/target/classes" />
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
diff --git a/id/server/proxy/moa-id-proxy.iml b/id/server/proxy/moa-id-proxy.iml
index 7d6378c87..fb1a16d2e 100644
--- a/id/server/proxy/moa-id-proxy.iml
+++ b/id/server/proxy/moa-id-proxy.iml
@@ -22,12 +22,54 @@
     <orderEntry type="sourceFolder" forTests="false" />
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-log4j12:1.6.6" level="project" />
     <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
-    <orderEntry type="library" name="Maven: MOA.spss.server:moa-spss-lib:2.0.0" level="project" />
+    <orderEntry type="module" module-name="moa-spss-lib" />
+    <orderEntry type="library" name="Maven: org.apache.axis:axis-jaxrpc:1.4" level="project" />
+    <orderEntry type="library" name="Maven: org.apache.axis:axis-saaj:1.4" level="project" />
+    <orderEntry type="library" name="Maven: axis:axis-wsdl4j:1.5.1" level="project" />
+    <orderEntry type="library" name="Maven: commons-discovery:commons-discovery:0.2" level="project" />
+    <orderEntry type="library" name="Maven: commons-logging:commons-logging:1.0.4" level="project" />
+    <orderEntry type="library" name="Maven: javax.activation:activation:1.1" level="project" />
+    <orderEntry type="library" name="Maven: javax.mail:mail:1.4" level="project" />
+    <orderEntry type="library" name="Maven: log4j:log4j:1.2.14" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: postgresql:postgresql:7.2" level="project" />
+    <orderEntry type="library" name="Maven: javax.servlet:servlet-api:2.4" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: xalan-bin-dist:xalan:2.7.1" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: xalan:serializer:2.7.1" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: xml-apis:xml-apis:1.3.04" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: xerces:xercesImpl:2.9.0" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: xalan-bin-dist:xml-apis:2.7.1" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: xalan-bin-dist:serializer:2.7.1" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_moa:1.5" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_ixsil:1.2.2.5" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: iaik.prod:iaik_jce_full:5.101" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: iaik.prod:iaik_ecc:2.19" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_cms:4.1_MOA" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: iaik.prod:iaik_Pkcs11Provider:1.2.4" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: iaik.prod:iaik_Pkcs11Wrapper:1.2.17" level="project" />
+    <orderEntry type="module" module-name="moa-common" />
+    <orderEntry type="library" name="Maven: jaxen:jaxen:1.0-FCS" level="project" />
+    <orderEntry type="library" name="Maven: saxpath:saxpath:1.0-FCS" level="project" />
+    <orderEntry type="library" name="Maven: joda-time:joda-time:1.6.2" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_tsl:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_xsect_eval:1.1709142" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_ecc_signed:2.19" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_jce_eval_signed:3.181" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_pki_module:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_javax_crypto:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_util:0.23" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_jsse:4.4" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_ssl:4.4" level="project" />
+    <orderEntry type="library" name="Maven: iaik:w3c_http:1.0" level="project" />
+    <orderEntry type="library" name="Maven: org.xerial:sqlite-jdbc:3.7.8-SNAPSHOT" level="project" />
+    <orderEntry type="library" name="Maven: stax:stax-api:1.0.1" level="project" />
+    <orderEntry type="library" name="Maven: javax.xml.bind:jaxb-api:2.2.6" level="project" />
+    <orderEntry type="library" name="Maven: com.sun.xml.bind:jaxb-impl:2.2.5" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_util:0.23" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_xsect:1.1709142" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_jsse:4.4" level="project" />
     <orderEntry type="module" module-name="moa-id-lib" />
     <orderEntry type="module" module-name="SamlEngine" />
-    <orderEntry type="library" name="Maven: eu.stork:Commons:1.1.0" level="project" />
-    <orderEntry type="library" name="Maven: joda-time:joda-time:2.3" level="project" />
-    <orderEntry type="library" name="Maven: log4j:log4j:1.2.14" level="project" />
+    <orderEntry type="library" name="Maven: eu.stork:Commons:1.2.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:opensaml:2.6.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:openws:1.5.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:xmltooling:1.4.0" level="project" />
@@ -56,16 +98,12 @@
     <orderEntry type="library" scope="TEST" name="Maven: junit:junit:3.8.1" level="project" />
     <orderEntry type="library" name="Maven: com.sun.xml.ws:jaxws-rt:2.1.7" level="project" />
     <orderEntry type="library" name="Maven: javax.xml.ws:jaxws-api:2.1" level="project" />
-    <orderEntry type="library" name="Maven: javax.xml.bind:jaxb-api:2.2.6" level="project" />
-    <orderEntry type="library" name="Maven: com.sun.xml.bind:jaxb-impl:2.2.5" level="project" />
     <orderEntry type="library" name="Maven: com.sun.xml.messaging.saaj:saaj-impl:1.3.3" level="project" />
     <orderEntry type="library" name="Maven: javax.xml.soap:saaj-api:1.3" level="project" />
-    <orderEntry type="library" name="Maven: javax.activation:activation:1.1" level="project" />
     <orderEntry type="library" name="Maven: com.sun.xml.stream.buffer:streambuffer:0.9" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.staxex:stax-ex:1.2" level="project" />
     <orderEntry type="library" name="Maven: javax.xml.stream:stax-api:1.0" level="project" />
     <orderEntry type="library" name="Maven: org.codehaus.woodstox:wstx-asl:3.2.3" level="project" />
-    <orderEntry type="library" name="Maven: stax:stax-api:1.0.1" level="project" />
     <orderEntry type="library" name="Maven: com.sun.org.apache.xml.internal:resolver:20050927" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet:mimepull:1.3" level="project" />
     <orderEntry type="module" module-name="moa-id-commons" />
@@ -81,12 +119,6 @@
     <orderEntry type="library" name="Maven: c3p0:c3p0:0.9.1" level="project" />
     <orderEntry type="library" name="Maven: org.hibernate:hibernate-entitymanager:4.2.1.Final" level="project" />
     <orderEntry type="library" name="Maven: org.apache.commons:commons-lang3:3.1" level="project" />
-    <orderEntry type="module" module-name="moa-common" />
-    <orderEntry type="library" name="Maven: commons-logging:commons-logging:1.0.4" level="project" />
-    <orderEntry type="library" scope="PROVIDED" name="Maven: iaik.prod:iaik_jce_full:5.101" level="project" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_moa:1.5" level="project" />
-    <orderEntry type="library" name="Maven: jaxen:jaxen:1.0-FCS" level="project" />
-    <orderEntry type="library" name="Maven: saxpath:saxpath:1.0-FCS" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-runtime:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.jaxb2_commons:jaxb2-basics-runtime:0.6.2" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:maven-hyperjaxb3-plugin:0.5.6" level="project" />
@@ -126,28 +158,15 @@
     <orderEntry type="library" name="Maven: mysql:mysql-connector-java:5.1.25" level="project" />
     <orderEntry type="library" name="Maven: com.sun:webservices-tools:2.0.1" level="project" />
     <orderEntry type="library" name="Maven: com.sun:webservices-rt:2.0.1" level="project" />
-    <orderEntry type="library" name="Maven: javax.mail:mail:1.4" level="project" />
-    <orderEntry type="library" name="Maven: commons-discovery:commons-discovery:0.2" level="project" />
     <orderEntry type="library" name="Maven: commons-fileupload:commons-fileupload:1.1.1" level="project" />
     <orderEntry type="library" name="Maven: dav4j:dav4j:0.1" level="project" />
     <orderEntry type="library" name="Maven: httpsclient:httpsclient:JSSE-1.0" level="project" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_ixsil:1.2.2.5" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_X509TrustManager:0.3" level="project" />
     <orderEntry type="library" name="Maven: regexp:regexp:1.3" level="project" />
     <orderEntry type="library" name="Maven: com.googlecode.jsontoken:jsontoken:1.0" level="project" />
     <orderEntry type="library" name="Maven: com.google.code.gson:gson:1.4" level="project" />
     <orderEntry type="library" name="Maven: com.google.collections:google-collections:1.0" level="project" />
-    <orderEntry type="library" name="Maven: javax.servlet:servlet-api:2.4" level="project" />
     <orderEntry type="library" name="Maven: org.apache.httpcomponents:httpcore:4.0.1" level="project" />
-    <orderEntry type="library" scope="PROVIDED" name="Maven: iaik.prod:iaik_ecc:2.19" level="project" />
-    <orderEntry type="library" scope="PROVIDED" name="Maven: iaik.prod:iaik_Pkcs11Provider:1.2.4" level="project" />
-    <orderEntry type="library" scope="PROVIDED" name="Maven: iaik.prod:iaik_Pkcs11Wrapper:1.2.17" level="project" />
-    <orderEntry type="library" scope="PROVIDED" name="Maven: xalan-bin-dist:xalan:2.7.1" level="project" />
-    <orderEntry type="library" scope="PROVIDED" name="Maven: xalan:serializer:2.7.1" level="project" />
-    <orderEntry type="library" scope="PROVIDED" name="Maven: xml-apis:xml-apis:1.3.04" level="project" />
-    <orderEntry type="library" scope="PROVIDED" name="Maven: xerces:xercesImpl:2.9.0" level="project" />
-    <orderEntry type="library" scope="PROVIDED" name="Maven: xalan-bin-dist:xml-apis:2.7.1" level="project" />
-    <orderEntry type="library" scope="PROVIDED" name="Maven: xalan-bin-dist:serializer:2.7.1" level="project" />
   </component>
 </module>
 
diff --git a/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml b/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml
index 0d3e3f954..9fb2e9fda 100644
--- a/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml
+++ b/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml
@@ -1,51 +1,15 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<module type="JAVA_MODULE" version="4">
-  <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/target/classes" />
-    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+<module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
+  <component name="NewModuleRootManager" inherit-compiler-output="false">
+    <output url="file://$MODULE_DIR$/../../../target/classes" />
+    <output-test url="file://$MODULE_DIR$/../../../target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
       <excludeFolder url="file://$MODULE_DIR$/target" />
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
-    <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
-    <orderEntry type="library" name="Maven: org.apache.axis:axis-jaxrpc:1.4" level="project" />
-    <orderEntry type="library" name="Maven: org.apache.axis:axis-saaj:1.4" level="project" />
-    <orderEntry type="library" name="Maven: axis:axis-wsdl4j:1.5.1" level="project" />
-    <orderEntry type="library" name="Maven: commons-discovery:commons-discovery:0.2" level="project" />
-    <orderEntry type="library" name="Maven: commons-logging:commons-logging:1.0.4" level="project" />
-    <orderEntry type="library" name="Maven: javax.activation:activation:1.1" level="project" />
-    <orderEntry type="library" name="Maven: javax.mail:mail:1.4" level="project" />
-    <orderEntry type="library" scope="TEST" name="Maven: junit:junit:3.8.1" level="project" />
-    <orderEntry type="library" name="Maven: log4j:log4j:1.2.14" level="project" />
-    <orderEntry type="library" scope="RUNTIME" name="Maven: postgresql:postgresql:7.2" level="project" />
-    <orderEntry type="library" name="Maven: javax.servlet:servlet-api:2.4" level="project" />
-    <orderEntry type="library" name="Maven: xalan-bin-dist:xalan:2.7.1" level="project" />
-    <orderEntry type="library" name="Maven: xalan:serializer:2.7.1" level="project" />
-    <orderEntry type="library" name="Maven: xml-apis:xml-apis:1.3.04" level="project" />
-    <orderEntry type="library" name="Maven: xerces:xercesImpl:2.9.0" level="project" />
-    <orderEntry type="library" scope="RUNTIME" name="Maven: xalan-bin-dist:xml-apis:2.7.1" level="project" />
-    <orderEntry type="library" scope="RUNTIME" name="Maven: xalan-bin-dist:serializer:2.7.1" level="project" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_moa:1.5" level="project" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_ixsil:1.2.2.5" level="project" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_jce_full:5.101" level="project" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_ecc:2.19" level="project" />
-    <orderEntry type="library" scope="RUNTIME" name="Maven: iaik.prod:iaik_cms:4.1_MOA" level="project" />
-    <orderEntry type="library" scope="RUNTIME" name="Maven: iaik.prod:iaik_Pkcs11Provider:1.2.4" level="project" />
-    <orderEntry type="library" scope="RUNTIME" name="Maven: iaik.prod:iaik_Pkcs11Wrapper:1.2.17" level="project" />
-    <orderEntry type="module" module-name="moa-common" />
-    <orderEntry type="library" name="Maven: jaxen:jaxen:1.0-FCS" level="project" />
-    <orderEntry type="library" name="Maven: saxpath:saxpath:1.0-FCS" level="project" />
-    <orderEntry type="library" name="Maven: joda-time:joda-time:1.6.2" level="project" />
     <orderEntry type="module" module-name="moa-spss-lib" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_tsl:1.0" level="project" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_util:0.23" level="project" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_xsect:1.1709142" level="project" />
-    <orderEntry type="library" name="Maven: javax.xml.bind:jaxb-api:2.2.6" level="project" />
-    <orderEntry type="library" name="Maven: com.sun.xml.bind:jaxb-impl:2.2.5" level="project" />
-    <orderEntry type="library" name="Maven: org.xerial:sqlite-jdbc:3.7.8-SNAPSHOT" level="project" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_jsse:4.4" level="project" />
   </component>
 </module>
 
diff --git a/spss/handbook/clients/moa-spss-handbook-clients.iml b/spss/handbook/clients/moa-spss-handbook-clients.iml
index acff675ab..04a6248a2 100644
--- a/spss/handbook/clients/moa-spss-handbook-clients.iml
+++ b/spss/handbook/clients/moa-spss-handbook-clients.iml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<module type="JAVA_MODULE" version="4">
+<module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
   <component name="NewModuleRootManager" inherit-compiler-output="false">
     <output url="file://$MODULE_DIR$/../../target/classes" />
     <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
diff --git a/spss/handbook/clients/referencedData/moa-spss-handbook-referencedData.iml b/spss/handbook/clients/referencedData/moa-spss-handbook-referencedData.iml
index d7e297421..29685104a 100644
--- a/spss/handbook/clients/referencedData/moa-spss-handbook-referencedData.iml
+++ b/spss/handbook/clients/referencedData/moa-spss-handbook-referencedData.iml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<module type="JAVA_MODULE" version="4">
+<module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
   <component name="FacetManager">
     <facet type="web" name="Web">
       <configuration>
diff --git a/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml b/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml
index 0d3e3f954..9fb2e9fda 100644
--- a/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml
+++ b/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml
@@ -1,51 +1,15 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<module type="JAVA_MODULE" version="4">
-  <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/target/classes" />
-    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+<module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
+  <component name="NewModuleRootManager" inherit-compiler-output="false">
+    <output url="file://$MODULE_DIR$/../../../target/classes" />
+    <output-test url="file://$MODULE_DIR$/../../../target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
       <excludeFolder url="file://$MODULE_DIR$/target" />
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
-    <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
-    <orderEntry type="library" name="Maven: org.apache.axis:axis-jaxrpc:1.4" level="project" />
-    <orderEntry type="library" name="Maven: org.apache.axis:axis-saaj:1.4" level="project" />
-    <orderEntry type="library" name="Maven: axis:axis-wsdl4j:1.5.1" level="project" />
-    <orderEntry type="library" name="Maven: commons-discovery:commons-discovery:0.2" level="project" />
-    <orderEntry type="library" name="Maven: commons-logging:commons-logging:1.0.4" level="project" />
-    <orderEntry type="library" name="Maven: javax.activation:activation:1.1" level="project" />
-    <orderEntry type="library" name="Maven: javax.mail:mail:1.4" level="project" />
-    <orderEntry type="library" scope="TEST" name="Maven: junit:junit:3.8.1" level="project" />
-    <orderEntry type="library" name="Maven: log4j:log4j:1.2.14" level="project" />
-    <orderEntry type="library" scope="RUNTIME" name="Maven: postgresql:postgresql:7.2" level="project" />
-    <orderEntry type="library" name="Maven: javax.servlet:servlet-api:2.4" level="project" />
-    <orderEntry type="library" name="Maven: xalan-bin-dist:xalan:2.7.1" level="project" />
-    <orderEntry type="library" name="Maven: xalan:serializer:2.7.1" level="project" />
-    <orderEntry type="library" name="Maven: xml-apis:xml-apis:1.3.04" level="project" />
-    <orderEntry type="library" name="Maven: xerces:xercesImpl:2.9.0" level="project" />
-    <orderEntry type="library" scope="RUNTIME" name="Maven: xalan-bin-dist:xml-apis:2.7.1" level="project" />
-    <orderEntry type="library" scope="RUNTIME" name="Maven: xalan-bin-dist:serializer:2.7.1" level="project" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_moa:1.5" level="project" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_ixsil:1.2.2.5" level="project" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_jce_full:5.101" level="project" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_ecc:2.19" level="project" />
-    <orderEntry type="library" scope="RUNTIME" name="Maven: iaik.prod:iaik_cms:4.1_MOA" level="project" />
-    <orderEntry type="library" scope="RUNTIME" name="Maven: iaik.prod:iaik_Pkcs11Provider:1.2.4" level="project" />
-    <orderEntry type="library" scope="RUNTIME" name="Maven: iaik.prod:iaik_Pkcs11Wrapper:1.2.17" level="project" />
-    <orderEntry type="module" module-name="moa-common" />
-    <orderEntry type="library" name="Maven: jaxen:jaxen:1.0-FCS" level="project" />
-    <orderEntry type="library" name="Maven: saxpath:saxpath:1.0-FCS" level="project" />
-    <orderEntry type="library" name="Maven: joda-time:joda-time:1.6.2" level="project" />
     <orderEntry type="module" module-name="moa-spss-lib" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_tsl:1.0" level="project" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_util:0.23" level="project" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_xsect:1.1709142" level="project" />
-    <orderEntry type="library" name="Maven: javax.xml.bind:jaxb-api:2.2.6" level="project" />
-    <orderEntry type="library" name="Maven: com.sun.xml.bind:jaxb-impl:2.2.5" level="project" />
-    <orderEntry type="library" name="Maven: org.xerial:sqlite-jdbc:3.7.8-SNAPSHOT" level="project" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_jsse:4.4" level="project" />
   </component>
 </module>
 
diff --git a/spss/handbook/moa-spss-handbook.iml b/spss/handbook/moa-spss-handbook.iml
index 11d5bfcc8..ce921cbeb 100644
--- a/spss/handbook/moa-spss-handbook.iml
+++ b/spss/handbook/moa-spss-handbook.iml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<module type="JAVA_MODULE" version="4">
+<module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
   <component name="FacetManager">
     <facet type="javaeeApplication" name="javaEEApplication">
       <configuration>
diff --git a/spss/server/moa-spss.iml b/spss/server/moa-spss.iml
index d86f7c4dc..4d170c8a3 100644
--- a/spss/server/moa-spss.iml
+++ b/spss/server/moa-spss.iml
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<module type="JAVA_MODULE" version="4">
-  <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/target/classes" />
-    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+<module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
+  <component name="NewModuleRootManager" inherit-compiler-output="false">
+    <output url="file://$MODULE_DIR$/../target/classes" />
+    <output-test url="file://$MODULE_DIR$/../target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <excludeFolder url="file://$MODULE_DIR$/target" />
     </content>
diff --git a/spss/server/serverlib/moa-spss-lib.iml b/spss/server/serverlib/moa-spss-lib.iml
index 0652af183..d36dae117 100644
--- a/spss/server/serverlib/moa-spss-lib.iml
+++ b/spss/server/serverlib/moa-spss-lib.iml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<module type="JAVA_MODULE" version="4">
+<module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
   <component name="FacetManager">
     <facet type="web" name="Web">
       <configuration>
@@ -55,7 +55,6 @@
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
-    <orderEntry type="library" scope="TEST" name="Maven: MOA:moa-common:test-jar:tests:2.0" level="project" />
   </component>
 </module>
 
diff --git a/spss/server/serverws/moa-spss-ws.iml b/spss/server/serverws/moa-spss-ws.iml
index b90669e54..80378b441 100644
--- a/spss/server/serverws/moa-spss-ws.iml
+++ b/spss/server/serverws/moa-spss-ws.iml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<module type="JAVA_MODULE" version="4">
+<module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
   <component name="FacetManager">
     <facet type="web" name="Web">
       <configuration>
diff --git a/spss/server/tools/moa-spss-tools.iml b/spss/server/tools/moa-spss-tools.iml
index c4d7825ea..40f81fa9a 100644
--- a/spss/server/tools/moa-spss-tools.iml
+++ b/spss/server/tools/moa-spss-tools.iml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<module type="JAVA_MODULE" version="4">
+<module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
   <component name="NewModuleRootManager" inherit-compiler-output="false">
     <output url="file://$MODULE_DIR$/../../target/classes" />
     <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
-- 
cgit v1.2.3


From c3745720650268de1f1b06e2b3dc891122ace9bb Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Wed, 5 Feb 2014 12:38:45 +0100
Subject: changing some stork parameters; adjusting spss maven config

---
 id/ConfigWebTool/ConfigurationInterface.iml        |  7 ++-
 id/server/idserverlib/moa-id-lib.iml               |  2 +-
 id/server/idserverlib/pom.xml                      |  4 +-
 .../moa/id/auth/AuthenticationServer.java          |  2 +-
 .../id/protocols/stork2/AuthenticationRequest.java | 12 +++--
 .../id/protocols/stork2/STORKAuthnRequestDEL.java  |  9 ++--
 .../moa/id/protocols/stork2/STORKProtocol.java     | 31 +++++++++++--
 .../clients/api/moa-spss-handbook-apiClient.iml    | 52 +++++++++++++++++++--
 .../moa-spss-handbook-webserviceClient.iml         | 52 +++++++++++++++++++--
 spss/server/serverlib/moa-spss-lib.iml             | 54 ++++++++++++++++++++--
 spss/server/serverlib/pom.xml                      |  2 +-
 .../at/gv/egovernment/moa/spss/MOAException.java   |  1 +
 spss/server/serverws/moa-spss-ws.iml               | 52 +++++++++++++++++++--
 spss/server/tools/moa-spss-tools.iml               | 13 ++++--
 spss/server/tools/pom.xml                          | 12 +++--
 15 files changed, 267 insertions(+), 38 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/ConfigWebTool/ConfigurationInterface.iml b/id/ConfigWebTool/ConfigurationInterface.iml
index 9c351185e..bb7e047b2 100644
--- a/id/ConfigWebTool/ConfigurationInterface.iml
+++ b/id/ConfigWebTool/ConfigurationInterface.iml
@@ -74,7 +74,7 @@
     <orderEntry type="library" name="Maven: xmlunit:xmlunit:1.0" level="project" />
     <orderEntry type="library" name="Maven: commons-io:commons-io:2.0.1" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-log4j12:1.6.1" level="project" />
-    <orderEntry type="library" name="Maven: org.slf4j:slf4j-api:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: org.slf4j:slf4j-api:1.6.1" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-schemas-persistence:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-schemas-customizations:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: org.springframework:spring:2.0.7" level="project" />
@@ -116,7 +116,7 @@
     <orderEntry type="library" scope="RUNTIME" name="Maven: org.apache.xerces:xercesImpl:2.10.0" level="project" />
     <orderEntry type="library" scope="RUNTIME" name="Maven: org.apache.xerces:serializer:2.10.0" level="project" />
     <orderEntry type="library" scope="RUNTIME" name="Maven: xml-resolver:xml-resolver:1.2" level="project" />
-    <orderEntry type="library" scope="RUNTIME" name="Maven: xalan:xalan:2.7.1" level="project" />
+    <orderEntry type="library" name="Maven: xalan:xalan:2.7.1" level="project" />
     <orderEntry type="library" name="Maven: commons-collections:commons-collections:3.2.1" level="project" />
     <orderEntry type="library" name="Maven: org.apache.velocity:velocity:1.7" level="project" />
     <orderEntry type="library" name="Maven: org.owasp.esapi:esapi:2.0.1" level="project" />
@@ -183,6 +183,9 @@
     <orderEntry type="library" name="Maven: com.google.collections:google-collections:1.0" level="project" />
     <orderEntry type="library" name="Maven: org.apache.httpcomponents:httpcore:4.0.1" level="project" />
     <orderEntry type="library" name="Maven: at.gv.util:egovutils:1.0.4" level="project" />
+    <orderEntry type="library" name="Maven: commons-validator:commons-validator:1.3.1" level="project" />
+    <orderEntry type="library" name="Maven: commons-digester:commons-digester:1.6" level="project" />
+    <orderEntry type="library" name="Maven: bouncycastle:bcprov-jdk16:140" level="project" />
     <orderEntry type="library" name="Maven: org.apache.struts:struts2-core:2.3.14.3" level="project" />
     <orderEntry type="library" name="Maven: org.apache.struts.xwork:xwork-core:2.3.14.3" level="project" />
     <orderEntry type="library" name="Maven: ognl:ognl:3.0.6" level="project" />
diff --git a/id/server/idserverlib/moa-id-lib.iml b/id/server/idserverlib/moa-id-lib.iml
index e79bae817..1c04295d7 100644
--- a/id/server/idserverlib/moa-id-lib.iml
+++ b/id/server/idserverlib/moa-id-lib.iml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
-  <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_6" inherit-compiler-output="false">
+  <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
     <output url="file://$MODULE_DIR$/target/classes" />
     <output-test url="file://$MODULE_DIR$/target/test-classes" />
     <content url="file://$MODULE_DIR$">
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index 9896690f5..c4d5310bf 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -277,8 +277,8 @@
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-compiler-plugin</artifactId>
 				<configuration>
-					<source>1.6</source>
-					<target>1.6</target>
+					<source>1.5</source>
+					<target>1.5</target>
 				</configuration>
 			</plugin>
 			<plugin>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 06d5b01bd..4b3995105 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -1862,7 +1862,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 
 		CPEPS cpeps = storkConfig.getCPEPS(moasession.getCcc());
 
-		Logger.debug("Preparing to assemble STORK AuthnRequest witt the following values:");
+		Logger.debug("Preparing to assemble STORK AuthnRequest with the following values:");
     	String destination = cpeps.getPepsURL().toExternalForm();
     	Logger.debug("C-PEPS URL: " + destination);
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 297c5f366..7e80273ca 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -5,16 +5,11 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.logging.Logger;
-import eu.stork.mw.messages.saml.STORKAuthnRequest;
-import eu.stork.vidp.api.messages.StartAuthResponse;
-import eu.stork.vidp.messages.stork.SpInstitution;
-import eu.stork.vidp.messages.util.SAMLUtil;
 import org.apache.velocity.VelocityContext;
 import org.apache.velocity.app.VelocityEngine;
 import org.apache.velocity.runtime.RuntimeConstants;
 import org.opensaml.xml.util.Base64;
 import org.opensaml.xml.util.XMLHelper;
-
 import javax.servlet.ServletOutputStream;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -49,6 +44,7 @@ public class AuthenticationRequest implements IAction {
         httpResp.reset();
         //httpResp.addHeader("Location", "http:/www.google.com");
         if (req instanceof STORKAuthnRequestDEL) {
+          /*
             Logger.debug("STORK QAA 2 :" + ((STORKAuthnRequestDEL) req).getStorkAuthnRequest().getQAALevel());
             StartAuthResponse startAuthResponse = getStartAuthResponse(((STORKAuthnRequestDEL) req).getStorkAuthnRequest());
 
@@ -78,6 +74,8 @@ public class AuthenticationRequest implements IAction {
                 throw new MOAIDException("error response sending", new Object[]{});
             }
             //httpSession.setAttribute("CCC", ccc);
+
+          */
         }
 
 
@@ -93,6 +91,8 @@ public class AuthenticationRequest implements IAction {
     }
 
 
+    /*
+
     public StartAuthResponse getStartAuthResponse(STORKAuthnRequest authnRequest) {
 
         StartAuthResponse authResponse = new StartAuthResponse(500, null, new HashMap<String, String>());
@@ -141,6 +141,8 @@ public class AuthenticationRequest implements IAction {
         return authResponse;
     }
 
+    */
+
     public String getDefaultActionName() {
         return STORKProtocol.AUTHENTICATIONREQUEST;
     }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java
index 57dfad73f..c8a5ac84d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java
@@ -1,8 +1,7 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
 import at.gv.egovernment.moa.id.moduls.IRequest;
-import eu.stork.mw.messages.saml.STORKAuthnRequest;
-import eu.stork.vidp.messages.saml.impl.STORKAuthnRequestImpl;
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
 import org.opensaml.common.xml.SAMLConstants;
 
 /**
@@ -16,13 +15,13 @@ public class STORKAuthnRequestDEL implements IRequest {
     private String target = null;
     String module = null;
     String action = null;
-    private eu.stork.mw.messages.saml.STORKAuthnRequest storkAuthnRequest;
+    private STORKAuthnRequest storkAuthnRequest;
 
-    public void setSTORKAuthnRequest(STORKAuthnRequestImpl request) {
+    public void setSTORKAuthnRequest(STORKAuthnRequest request) {
         this.storkAuthnRequest = request;
     }
 
-    public eu.stork.mw.messages.saml.STORKAuthnRequest getStorkAuthnRequest() {
+    public STORKAuthnRequest getStorkAuthnRequest() {
         return this.storkAuthnRequest;
     }
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index e99079191..2c47620e1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -8,14 +8,16 @@ import at.gv.egovernment.moa.id.moduls.IModulInfo;
 import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare;
 import at.gv.egovernment.moa.logging.Logger;
-import eu.stork.mw.messages.saml.STORKAuthnRequest;
-import eu.stork.vidp.messages.saml.impl.STORKAuthnRequestImpl;
+import eu.stork.peps.auth.commons.PEPSUtil;
+import eu.stork.peps.auth.commons.STORKAuthnResponse;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
 import org.opensaml.common.binding.BasicSAMLMessageContext;
 import org.opensaml.saml2.binding.decoding.HTTPPostDecoder;
 import org.opensaml.ws.transport.http.HTTPInTransport;
 import org.opensaml.ws.transport.http.HTTPOutTransport;
 import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
 import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -97,6 +99,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         } catch (Exception e) {
             Logger.error("Error decoding STORKAuthnRequest", e);
         }
+        /*
 
         STORKAuthnRequestImpl ST2Req = (STORKAuthnRequestImpl)samlMessageContext.getInboundSAMLMessage();
         //STORKAuthnRequestDEL STORK2Request = (STORKAuthnRequestDEL)samlMessageContext.getInboundSAMLMessage();
@@ -107,10 +110,32 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         Logger.debug("STORK2 QAA: " + ST2Req.getQAALevel());
         Logger.debug("STORK2 ISSUER: " + ST2Req.getIssuer().toString());
 
-
+        */
         STORKAuthnReq storkAuthnReq = new STORKAuthnReq();
 
 
+        STORKAuthnRequestDEL STORK2Request = new STORKAuthnRequestDEL();
+
+
+        //extract STORK Response from HTTP Request
+        //Decodes SAML Response
+
+        /*
+        byte[] decSamlToken;
+        try {
+            decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLResponse"));
+        } catch(NullPointerException e) {
+            Logger.error("Unable to retrieve STORK Response", e);
+            throw new MOAIDException("stork.04", null);
+        }
+
+        //Get SAMLEngine instance
+        STORKSAMLEngine engine = STORKSAMLEngine.getInstance("outgoing");
+
+        STORKAuthnResponse authnResponse = null;
+        PEPSUtil.decode
+        engine.validateSTORKAuthnRequest()
+        */
 
         return STORK2Request;
     }
diff --git a/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml b/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml
index 9fb2e9fda..26b212283 100644
--- a/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml
+++ b/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml
@@ -1,15 +1,61 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
-  <component name="NewModuleRootManager" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/../../../target/classes" />
-    <output-test url="file://$MODULE_DIR$/../../../target/test-classes" />
+  <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
       <excludeFolder url="file://$MODULE_DIR$/target" />
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
+    <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
+    <orderEntry type="library" name="Maven: org.apache.axis:axis-jaxrpc:1.4" level="project" />
+    <orderEntry type="library" name="Maven: org.apache.axis:axis-saaj:1.4" level="project" />
+    <orderEntry type="library" name="Maven: axis:axis-wsdl4j:1.5.1" level="project" />
+    <orderEntry type="library" name="Maven: commons-discovery:commons-discovery:0.2" level="project" />
+    <orderEntry type="library" name="Maven: commons-logging:commons-logging:1.0.4" level="project" />
+    <orderEntry type="library" name="Maven: javax.activation:activation:1.1" level="project" />
+    <orderEntry type="library" name="Maven: javax.mail:mail:1.4" level="project" />
+    <orderEntry type="library" scope="TEST" name="Maven: junit:junit:3.8.1" level="project" />
+    <orderEntry type="library" name="Maven: log4j:log4j:1.2.14" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: postgresql:postgresql:7.2" level="project" />
+    <orderEntry type="library" name="Maven: javax.servlet:servlet-api:2.4" level="project" />
+    <orderEntry type="library" name="Maven: xalan-bin-dist:xalan:2.7.1" level="project" />
+    <orderEntry type="library" name="Maven: xalan:serializer:2.7.1" level="project" />
+    <orderEntry type="library" name="Maven: xml-apis:xml-apis:1.3.04" level="project" />
+    <orderEntry type="library" name="Maven: xerces:xercesImpl:2.9.0" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: xalan-bin-dist:xml-apis:2.7.1" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: xalan-bin-dist:serializer:2.7.1" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_moa:1.5" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_ixsil:1.2.2.5" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_jce_full:5.101" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_ecc:2.19" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: iaik.prod:iaik_cms:4.1_MOA" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: iaik.prod:iaik_Pkcs11Provider:1.2.4" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: iaik.prod:iaik_Pkcs11Wrapper:1.2.17" level="project" />
+    <orderEntry type="module" module-name="moa-common" />
+    <orderEntry type="library" name="Maven: jaxen:jaxen:1.0-FCS" level="project" />
+    <orderEntry type="library" name="Maven: saxpath:saxpath:1.0-FCS" level="project" />
+    <orderEntry type="library" name="Maven: joda-time:joda-time:1.6.2" level="project" />
     <orderEntry type="module" module-name="moa-spss-lib" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_tsl:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_xsect_eval:1.1709142" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_ecc_signed:2.19" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_jce_eval_signed:3.181" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_pki_module:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_javax_crypto:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_util:0.23" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_jsse:4.4" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_ssl:4.4" level="project" />
+    <orderEntry type="library" name="Maven: iaik:w3c_http:1.0" level="project" />
+    <orderEntry type="library" name="Maven: org.xerial:sqlite-jdbc:3.7.8-SNAPSHOT" level="project" />
+    <orderEntry type="library" name="Maven: stax:stax-api:1.0.1" level="project" />
+    <orderEntry type="library" name="Maven: javax.xml.bind:jaxb-api:2.2.6" level="project" />
+    <orderEntry type="library" name="Maven: com.sun.xml.bind:jaxb-impl:2.2.5" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_util:0.23" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_xsect:1.1709142" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_jsse:4.4" level="project" />
   </component>
 </module>
 
diff --git a/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml b/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml
index 9fb2e9fda..26b212283 100644
--- a/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml
+++ b/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml
@@ -1,15 +1,61 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
-  <component name="NewModuleRootManager" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/../../../target/classes" />
-    <output-test url="file://$MODULE_DIR$/../../../target/test-classes" />
+  <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
       <excludeFolder url="file://$MODULE_DIR$/target" />
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
+    <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
+    <orderEntry type="library" name="Maven: org.apache.axis:axis-jaxrpc:1.4" level="project" />
+    <orderEntry type="library" name="Maven: org.apache.axis:axis-saaj:1.4" level="project" />
+    <orderEntry type="library" name="Maven: axis:axis-wsdl4j:1.5.1" level="project" />
+    <orderEntry type="library" name="Maven: commons-discovery:commons-discovery:0.2" level="project" />
+    <orderEntry type="library" name="Maven: commons-logging:commons-logging:1.0.4" level="project" />
+    <orderEntry type="library" name="Maven: javax.activation:activation:1.1" level="project" />
+    <orderEntry type="library" name="Maven: javax.mail:mail:1.4" level="project" />
+    <orderEntry type="library" scope="TEST" name="Maven: junit:junit:3.8.1" level="project" />
+    <orderEntry type="library" name="Maven: log4j:log4j:1.2.14" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: postgresql:postgresql:7.2" level="project" />
+    <orderEntry type="library" name="Maven: javax.servlet:servlet-api:2.4" level="project" />
+    <orderEntry type="library" name="Maven: xalan-bin-dist:xalan:2.7.1" level="project" />
+    <orderEntry type="library" name="Maven: xalan:serializer:2.7.1" level="project" />
+    <orderEntry type="library" name="Maven: xml-apis:xml-apis:1.3.04" level="project" />
+    <orderEntry type="library" name="Maven: xerces:xercesImpl:2.9.0" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: xalan-bin-dist:xml-apis:2.7.1" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: xalan-bin-dist:serializer:2.7.1" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_moa:1.5" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_ixsil:1.2.2.5" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_jce_full:5.101" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_ecc:2.19" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: iaik.prod:iaik_cms:4.1_MOA" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: iaik.prod:iaik_Pkcs11Provider:1.2.4" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: iaik.prod:iaik_Pkcs11Wrapper:1.2.17" level="project" />
+    <orderEntry type="module" module-name="moa-common" />
+    <orderEntry type="library" name="Maven: jaxen:jaxen:1.0-FCS" level="project" />
+    <orderEntry type="library" name="Maven: saxpath:saxpath:1.0-FCS" level="project" />
+    <orderEntry type="library" name="Maven: joda-time:joda-time:1.6.2" level="project" />
     <orderEntry type="module" module-name="moa-spss-lib" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_tsl:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_xsect_eval:1.1709142" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_ecc_signed:2.19" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_jce_eval_signed:3.181" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_pki_module:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_javax_crypto:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_util:0.23" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_jsse:4.4" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_ssl:4.4" level="project" />
+    <orderEntry type="library" name="Maven: iaik:w3c_http:1.0" level="project" />
+    <orderEntry type="library" name="Maven: org.xerial:sqlite-jdbc:3.7.8-SNAPSHOT" level="project" />
+    <orderEntry type="library" name="Maven: stax:stax-api:1.0.1" level="project" />
+    <orderEntry type="library" name="Maven: javax.xml.bind:jaxb-api:2.2.6" level="project" />
+    <orderEntry type="library" name="Maven: com.sun.xml.bind:jaxb-impl:2.2.5" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_util:0.23" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_xsect:1.1709142" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_jsse:4.4" level="project" />
   </component>
 </module>
 
diff --git a/spss/server/serverlib/moa-spss-lib.iml b/spss/server/serverlib/moa-spss-lib.iml
index d36dae117..11dc743a9 100644
--- a/spss/server/serverlib/moa-spss-lib.iml
+++ b/spss/server/serverlib/moa-spss-lib.iml
@@ -44,9 +44,9 @@
       </configuration>
     </facet>
   </component>
-  <component name="NewModuleRootManager" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/../../target/classes" />
-    <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
+  <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
       <sourceFolder url="file://$MODULE_DIR$/src/test/java" isTestSource="true" />
@@ -55,6 +55,54 @@
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
+    <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
+    <orderEntry type="library" name="Maven: org.apache.axis:axis-jaxrpc:1.4" level="project" />
+    <orderEntry type="library" name="Maven: org.apache.axis:axis-saaj:1.4" level="project" />
+    <orderEntry type="library" name="Maven: axis:axis-wsdl4j:1.5.1" level="project" />
+    <orderEntry type="library" name="Maven: commons-discovery:commons-discovery:0.2" level="project" />
+    <orderEntry type="library" name="Maven: commons-logging:commons-logging:1.0.4" level="project" />
+    <orderEntry type="library" name="Maven: javax.activation:activation:1.1" level="project" />
+    <orderEntry type="library" name="Maven: javax.mail:mail:1.4" level="project" />
+    <orderEntry type="library" scope="TEST" name="Maven: junit:junit:3.8.1" level="project" />
+    <orderEntry type="library" name="Maven: log4j:log4j:1.2.14" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: postgresql:postgresql:7.2" level="project" />
+    <orderEntry type="library" name="Maven: javax.servlet:servlet-api:2.4" level="project" />
+    <orderEntry type="library" name="Maven: xalan-bin-dist:xalan:2.7.1" level="project" />
+    <orderEntry type="library" name="Maven: xalan:serializer:2.7.1" level="project" />
+    <orderEntry type="library" name="Maven: xml-apis:xml-apis:1.3.04" level="project" />
+    <orderEntry type="library" name="Maven: xerces:xercesImpl:2.9.0" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: xalan-bin-dist:xml-apis:2.7.1" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: xalan-bin-dist:serializer:2.7.1" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_moa:1.5" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_ixsil:1.2.2.5" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_jce_full:5.101" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_ecc:2.19" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: iaik.prod:iaik_cms:4.1_MOA" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: iaik.prod:iaik_Pkcs11Provider:1.2.4" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: iaik.prod:iaik_Pkcs11Wrapper:1.2.17" level="project" />
+    <orderEntry type="module" module-name="moa-common" />
+    <orderEntry type="library" name="Maven: jaxen:jaxen:1.0-FCS" level="project" />
+    <orderEntry type="library" name="Maven: saxpath:saxpath:1.0-FCS" level="project" />
+    <orderEntry type="library" name="Maven: joda-time:joda-time:1.6.2" level="project" />
+    <orderEntry type="module" module-name="moa-common" scope="TEST" production-on-test="" />
+    <orderEntry type="module" module-name="moa-spss-tools" scope="TEST" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_tsl:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_xsect_eval:1.1709142" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_ecc_signed:2.19" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_jce_eval_signed:3.181" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_pki_module:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_javax_crypto:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_util:0.23" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_jsse:4.4" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_ssl:4.4" level="project" />
+    <orderEntry type="library" name="Maven: iaik:w3c_http:1.0" level="project" />
+    <orderEntry type="library" name="Maven: org.xerial:sqlite-jdbc:3.7.8-SNAPSHOT" level="project" />
+    <orderEntry type="library" name="Maven: stax:stax-api:1.0.1" level="project" />
+    <orderEntry type="library" name="Maven: javax.xml.bind:jaxb-api:2.2.6" level="project" />
+    <orderEntry type="library" name="Maven: com.sun.xml.bind:jaxb-impl:2.2.5" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_util:0.23" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_xsect:1.1709142" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_jsse:4.4" level="project" />
   </component>
 </module>
 
diff --git a/spss/server/serverlib/pom.xml b/spss/server/serverlib/pom.xml
index 1c756d4d4..5afc4b70c 100644
--- a/spss/server/serverlib/pom.xml
+++ b/spss/server/serverlib/pom.xml
@@ -260,7 +260,7 @@
 						<link>http://java.sun.com/j2se/1.5.0/docs/api/</link>
 						<link>http://logging.apache.org/log4j/docs/api/</link>
 					</links>
-					<target>1.4</target>
+					<target>1.5</target>
 				</configuration>
 				<executions>
 					<execution>
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/MOAException.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/MOAException.java
index 30eed7001..6cf46c50a 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/MOAException.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/MOAException.java
@@ -36,6 +36,7 @@ import org.w3c.dom.Element;
 
 import at.gv.egovernment.moa.util.Constants;
 
+
 import at.gv.egovernment.moa.spss.util.MessageProvider;
 
 /**
diff --git a/spss/server/serverws/moa-spss-ws.iml b/spss/server/serverws/moa-spss-ws.iml
index 80378b441..45ebf8969 100644
--- a/spss/server/serverws/moa-spss-ws.iml
+++ b/spss/server/serverws/moa-spss-ws.iml
@@ -14,14 +14,60 @@
       </configuration>
     </facet>
   </component>
-  <component name="NewModuleRootManager" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/../../target/classes" />
-    <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
+  <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <excludeFolder url="file://$MODULE_DIR$/target" />
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
+    <orderEntry type="module" module-name="moa-spss-lib" />
+    <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
+    <orderEntry type="library" name="Maven: org.apache.axis:axis-jaxrpc:1.4" level="project" />
+    <orderEntry type="library" name="Maven: org.apache.axis:axis-saaj:1.4" level="project" />
+    <orderEntry type="library" name="Maven: axis:axis-wsdl4j:1.5.1" level="project" />
+    <orderEntry type="library" name="Maven: commons-discovery:commons-discovery:0.2" level="project" />
+    <orderEntry type="library" name="Maven: commons-logging:commons-logging:1.0.4" level="project" />
+    <orderEntry type="library" name="Maven: javax.activation:activation:1.1" level="project" />
+    <orderEntry type="library" name="Maven: javax.mail:mail:1.4" level="project" />
+    <orderEntry type="library" name="Maven: log4j:log4j:1.2.14" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: postgresql:postgresql:7.2" level="project" />
+    <orderEntry type="library" name="Maven: javax.servlet:servlet-api:2.4" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: xalan-bin-dist:xalan:2.7.1" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: xalan:serializer:2.7.1" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: xml-apis:xml-apis:1.3.04" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: xerces:xercesImpl:2.9.0" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: xalan-bin-dist:xml-apis:2.7.1" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: xalan-bin-dist:serializer:2.7.1" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_moa:1.5" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_ixsil:1.2.2.5" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: iaik.prod:iaik_jce_full:5.101" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: iaik.prod:iaik_ecc:2.19" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_cms:4.1_MOA" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: iaik.prod:iaik_Pkcs11Provider:1.2.4" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: iaik.prod:iaik_Pkcs11Wrapper:1.2.17" level="project" />
+    <orderEntry type="module" module-name="moa-common" />
+    <orderEntry type="library" name="Maven: jaxen:jaxen:1.0-FCS" level="project" />
+    <orderEntry type="library" name="Maven: saxpath:saxpath:1.0-FCS" level="project" />
+    <orderEntry type="library" name="Maven: joda-time:joda-time:1.6.2" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_tsl:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_xsect_eval:1.1709142" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_ecc_signed:2.19" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_jce_eval_signed:3.181" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_pki_module:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_javax_crypto:1.0" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_util:0.23" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_jsse:4.4" level="project" />
+    <orderEntry type="library" name="Maven: iaik:iaik_ssl:4.4" level="project" />
+    <orderEntry type="library" name="Maven: iaik:w3c_http:1.0" level="project" />
+    <orderEntry type="library" name="Maven: org.xerial:sqlite-jdbc:3.7.8-SNAPSHOT" level="project" />
+    <orderEntry type="library" name="Maven: stax:stax-api:1.0.1" level="project" />
+    <orderEntry type="library" name="Maven: javax.xml.bind:jaxb-api:2.2.6" level="project" />
+    <orderEntry type="library" name="Maven: com.sun.xml.bind:jaxb-impl:2.2.5" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_util:0.23" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_xsect:1.1709142" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_jsse:4.4" level="project" />
   </component>
 </module>
 
diff --git a/spss/server/tools/moa-spss-tools.iml b/spss/server/tools/moa-spss-tools.iml
index 40f81fa9a..a0c44cf2c 100644
--- a/spss/server/tools/moa-spss-tools.iml
+++ b/spss/server/tools/moa-spss-tools.iml
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
-  <component name="NewModuleRootManager" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/../../target/classes" />
-    <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
+  <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
       <sourceFolder url="file://$MODULE_DIR$/src/main/resources" type="java-resource" />
@@ -10,6 +10,13 @@
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_moa:1.5" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_jce_full:5.101" level="project" />
+    <orderEntry type="library" name="Maven: iaik.prod:iaik_ecc:2.19" level="project" />
+    <orderEntry type="library" name="Maven: log4j:log4j:1.2.14" level="project" />
+    <orderEntry type="library" name="Maven: xalan-bin-dist:xalan:2.7.1" level="project" />
+    <orderEntry type="library" name="Maven: xalan:serializer:2.7.1" level="project" />
+    <orderEntry type="library" name="Maven: xml-apis:xml-apis:1.3.04" level="project" />
   </component>
 </module>
 
diff --git a/spss/server/tools/pom.xml b/spss/server/tools/pom.xml
index 61e7ffa6f..503c49545 100644
--- a/spss/server/tools/pom.xml
+++ b/spss/server/tools/pom.xml
@@ -71,10 +71,16 @@
           </archive>
         </configuration>
       </plugin>
+
+          <plugin>
+              <groupId>org.apache.maven.plugins</groupId>
+              <artifactId>maven-compiler-plugin</artifactId>
+              <configuration>
+                  <source>1.5</source>
+                  <target>1.5</target>
+              </configuration>
+          </plugin>
     </plugins>
   </build>
 
-
-
-
 </project>
-- 
cgit v1.2.3


From 5688777cebee5a6e7dd27c88aed5a8f98abd690f Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Wed, 5 Feb 2014 14:26:46 +0100
Subject: config changes; review and correct later, configuration missing

---
 .../moa/id/config/stork/STORKConfig.java           | 22 ++++++++++++++++------
 1 file changed, 16 insertions(+), 6 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
index b340d2449..659035337 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
@@ -65,8 +65,9 @@ public class STORKConfig {
 		this.props = props;
 
 		//create CPEPS map
-		List<at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS> cpeps = stork.getCPEPS();
-		
+		//List<at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS> cpeps = stork.getCPEPS();
+        List<at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS> cpeps = new ArrayList<at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS>();   // TODO Change this
+
 		cpepsMap = new HashMap<String, CPEPS>();
 
 		for(at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS cpep : cpeps) {
@@ -94,16 +95,25 @@ public class STORKConfig {
 						+ cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
 			}*/
 		}
-		
-		SAMLSigningParameter samlsign = stork.getSAMLSigningParameter();   // TODO Fix nullpointerexception when nothing is configured
-		
+
+        SAMLSigningParameter samlsign = null;
+        try {
+            samlsign = stork.getSAMLSigningParameter();   // TODO Fix nullpointerexception when nothing is configured
+        }
+        catch (Exception ex) {
+            Logger.warn("Error in MOA-ID Configuration. No STORK->SAMLSigningParameter configuration found.");
+        }
+
 		if (samlsign == null) {
 			Logger.warn("Error in MOA-ID Configuration. No STORK->SAMLSigningParameter configuration found.");
 
 		attr = new ArrayList<StorkAttribute>();
+        try {
 		for(StorkAttribute current : stork.getAttributes()) {
 			attr.add(current);
-		}
+		}    } catch (Exception ex) {                                                                  // TODO FIX FIX
+            Logger.warn("Error in MOA-ID Configuration. No STORK->Attributes found.");
+        }
 
 	}
 
-- 
cgit v1.2.3


From 337c5b67682f893e7907d018077e3fb55c6d5dd6 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Wed, 5 Feb 2014 17:49:06 +0100
Subject: saml changes

---
 .../data/deploy/conf/moa-id/stork/SamlEngine.xml   | 18 ++++++++++-
 .../moa/id/protocols/stork2/STORKProtocol.java     | 37 ++++++++++++++++------
 2 files changed, 44 insertions(+), 11 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml b/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml
index 563196604..e6a29ea18 100644
--- a/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml
+++ b/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml
@@ -17,5 +17,21 @@
 			<parameter name="fileConfiguration" value="SignModule_outgoing.xml" />
 		</configuration>
 	</instance>
+
+        <instance name="incoming">
+                <!-- Configurations parameters StorkSamlEngine  -->
+                <configuration name="SamlEngineConf">
+                        <parameter name="fileConfiguration" value="StorkSamlEngine_incoming.xml" />
+                </configuration>
+
+                <!-- Settings module signature-->
+                <configuration name="SignatureConf">
+                        <!-- Specific signature module -->
+                        <parameter name="class" value="eu.stork.peps.auth.engine.core.impl.SignSW" />
+                        <!-- Settings specific module -->
+                        <parameter name="fileConfiguration" value="SignModule_incoming.xml" />
+                </configuration>
+        </instance>
+
 	
-</instances>
\ No newline at end of file
+</instances>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index 2c47620e1..2e42a0d75 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -11,6 +11,7 @@ import at.gv.egovernment.moa.logging.Logger;
 import eu.stork.peps.auth.commons.PEPSUtil;
 import eu.stork.peps.auth.commons.STORKAuthnResponse;
 import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
 import org.opensaml.common.binding.BasicSAMLMessageContext;
 import org.opensaml.saml2.binding.decoding.HTTPPostDecoder;
 import org.opensaml.ws.transport.http.HTTPInTransport;
@@ -60,10 +61,14 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         return actions.get(action);
     }
 
+    public STORKProtocol() {
+        super();    //
+    }
+
     /*
-    First request step - send it to BKU selection for user authentication. After the user credentials
-    and other info are obtained, in the second step the request will be processed and the user redirected
-     */
+        First request step - send it to BKU selection for user authentication. After the user credentials
+        and other info are obtained, in the second step the request will be processed and the user redirected
+         */
     public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action) throws MOAIDException {
         Logger.debug("Starting preprocessing");
         Logger.debug("Got request: " + request.toString());
@@ -120,22 +125,34 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         //extract STORK Response from HTTP Request
         //Decodes SAML Response
 
-        /*
+
         byte[] decSamlToken;
         try {
-            decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLResponse"));
+            decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLRequest"));
         } catch(NullPointerException e) {
             Logger.error("Unable to retrieve STORK Response", e);
             throw new MOAIDException("stork.04", null);
         }
 
         //Get SAMLEngine instance
-        STORKSAMLEngine engine = STORKSAMLEngine.getInstance("outgoing");
+        STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming");
+
+        STORKAuthnRequest authnRequest = null;
+        Logger.error("decsamltoken" +decSamlToken.toString());
+
+        try {
+        authnRequest = engine.validateSTORKAuthnRequest(decSamlToken);
+        } catch (STORKSAMLEngineException ex) {
+            Logger.error("Unable to validate storkrkauthnreqeust" + ex.getMessage() );
+        }
+
+        Logger.error("acsu " + authnRequest.getAssertionConsumerServiceURL());
+        Logger.error("cc " + authnRequest.getCitizenCountryCode());
+        Logger.error("iss " + authnRequest.getIssuer());
+        Logger.error("spid " + authnRequest.getSPID());
+        Logger.error("spi " + authnRequest.getSpInstitution());
+
 
-        STORKAuthnResponse authnResponse = null;
-        PEPSUtil.decode
-        engine.validateSTORKAuthnRequest()
-        */
 
         return STORK2Request;
     }
-- 
cgit v1.2.3


From 4c104d5d8349195007d19a13ed54426f9fe7b49a Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Thu, 6 Feb 2014 18:29:23 +0100
Subject: iml

---
 id/ConfigWebTool/ConfigurationInterface.iml        |  2 +-
 id/oa/moa-id-oa.iml                                |  4 +-
 id/server/auth/moa-id-auth.iml                     |  4 +-
 id/server/idserverlib/moa-id-lib.iml               |  4 +-
 .../id/protocols/stork2/AuthenticationRequest.java | 99 +++++++++++++++++++++-
 .../moa/id/protocols/stork2/STORKProtocol.java     |  1 +
 id/server/proxy/moa-id-proxy.iml                   |  4 +-
 id/templates/moa-id-templates.iml                  |  4 +-
 .../clients/api/moa-spss-handbook-apiClient.iml    |  4 +-
 .../handbook/clients/moa-spss-handbook-clients.iml |  2 +-
 .../moa-spss-handbook-referencedData.iml           |  2 +-
 .../moa-spss-handbook-webserviceClient.iml         |  4 +-
 spss/handbook/moa-spss-handbook.iml                |  2 +-
 spss/server/moa-spss.iml                           |  2 +-
 spss/server/serverlib/moa-spss-lib.iml             |  4 +-
 spss/server/serverws/moa-spss-ws.iml               |  4 +-
 spss/server/tools/moa-spss-tools.iml               |  4 +-
 17 files changed, 121 insertions(+), 29 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/ConfigWebTool/ConfigurationInterface.iml b/id/ConfigWebTool/ConfigurationInterface.iml
index bb7e047b2..20f45337e 100644
--- a/id/ConfigWebTool/ConfigurationInterface.iml
+++ b/id/ConfigWebTool/ConfigurationInterface.iml
@@ -57,7 +57,7 @@
     <orderEntry type="library" name="Maven: iaik.prod:iaik_moa:1.5" level="project" />
     <orderEntry type="library" name="Maven: jaxen:jaxen:1.0-FCS" level="project" />
     <orderEntry type="library" name="Maven: saxpath:saxpath:1.0-FCS" level="project" />
-    <orderEntry type="library" name="Maven: joda-time:joda-time:1.6.2" level="project" />
+    <orderEntry type="library" name="Maven: joda-time:joda-time:2.2" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-runtime:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: commons-lang:commons-lang:2.6" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.jaxb2_commons:jaxb2-basics-runtime:0.6.2" level="project" />
diff --git a/id/oa/moa-id-oa.iml b/id/oa/moa-id-oa.iml
index 0b7bf00de..6d9905e25 100644
--- a/id/oa/moa-id-oa.iml
+++ b/id/oa/moa-id-oa.iml
@@ -13,8 +13,8 @@
     </facet>
   </component>
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/target/classes" />
-    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+    <output url="file://$MODULE_DIR$/../target/classes" />
+    <output-test url="file://$MODULE_DIR$/../target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
       <sourceFolder url="file://$MODULE_DIR$/src/main/resources" type="java-resource" />
diff --git a/id/server/auth/moa-id-auth.iml b/id/server/auth/moa-id-auth.iml
index d0aa970fc..f61dfa171 100644
--- a/id/server/auth/moa-id-auth.iml
+++ b/id/server/auth/moa-id-auth.iml
@@ -14,8 +14,8 @@
     </facet>
   </component>
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/target/classes" />
-    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+    <output url="file://$MODULE_DIR$/../../target/classes" />
+    <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/resources" type="java-resource" />
       <excludeFolder url="file://$MODULE_DIR$/target" />
diff --git a/id/server/idserverlib/moa-id-lib.iml b/id/server/idserverlib/moa-id-lib.iml
index 1c04295d7..cf1b34b4b 100644
--- a/id/server/idserverlib/moa-id-lib.iml
+++ b/id/server/idserverlib/moa-id-lib.iml
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/target/classes" />
-    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+    <output url="file://$MODULE_DIR$/../../target/classes" />
+    <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
       <sourceFolder url="file://$MODULE_DIR$/src/test/java" isTestSource="true" />
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 7e80273ca..1971fe12d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -2,9 +2,16 @@ package at.gv.egovernment.moa.id.protocols.stork2;
 
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
 import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.logging.Logger;
+import edu.emory.mathcs.backport.java.util.Collections;
+import eu.stork.peps.auth.commons.*;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
+import org.apache.commons.io.IOUtils;
+import org.apache.velocity.Template;
 import org.apache.velocity.VelocityContext;
 import org.apache.velocity.app.VelocityEngine;
 import org.apache.velocity.runtime.RuntimeConstants;
@@ -14,12 +21,11 @@ import javax.servlet.ServletOutputStream;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStreamWriter;
-import java.io.Writer;
+import java.io.*;
+import java.util.ArrayList;
 import java.util.HashMap;
 import eu.stork.peps.auth.engine.SAMLEngine;
+import sun.rmi.runtime.Log;
 
 /**
  * @author bsuzic
@@ -40,6 +46,7 @@ public class AuthenticationRequest implements IAction {
         Logger.debug("Starting AuthenticationRequest");
         //AuthenticationServer.getInstance().startSTORKAuthentication(httpReq, httpResp, moasession);
         Logger.debug("Http Response: " + httpResp.toString() + ", ");
+        Logger.debug("Remote user: " + httpReq.getRemoteAddr());
         Logger.debug("Moa session: " + moasession.toString() + " " + moasession.getOAURLRequested() + " " + moasession.getPublicOAURLPrefix() + " " + moasession.getAction() + " " + moasession.getIdentityLink().getName() + " " + moasession.getTarget());
         httpResp.reset();
         //httpResp.addHeader("Location", "http:/www.google.com");
@@ -82,6 +89,90 @@ public class AuthenticationRequest implements IAction {
         //httpResp.setStatus(200);
         //VPEPSInboundPostHandler
 
+        // - prepare attribute list
+        PersonalAttributeList attributeList = new PersonalAttributeList();
+
+        STORKAuthnResponse authnResponse = new STORKAuthnResponse();
+        authnResponse.setCountry("AT");
+
+
+        try {
+
+        IPersonalAttributeList moaAttrList =  moasession.getStorkAttributes();
+
+        for (PersonalAttribute personalAttribute : moaAttrList) {
+            Logger.info("Personal attribute found: " + personalAttribute.getName() + personalAttribute.getStatus());
+            if (personalAttribute.getValue().size() > 0) {
+                for (String value : personalAttribute.getValue()) {
+                    Logger.info("     Value found: " + value);
+                }
+            }
+        }
+
+        } catch (Exception e) {
+            Logger.error("Exception, attributes: " + e.getMessage());
+        }
+
+        PersonalAttribute newAttribute = new PersonalAttribute();
+        newAttribute.setName("eIdentifier");
+        newAttribute.setValue(new ArrayList<String>(Collections.singletonList("xxxxxxxxxxxxxxx")));
+        attributeList.add(newAttribute);
+        authnResponse.setPersonalAttributeList(attributeList);
+
+
+        try {
+            //Get SAMLEngine instance
+            STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming");
+            Logger.debug("Starting generation of SAML response");
+            authnResponse = engine.generateSTORKAuthnResponse(((STORKAuthnRequestDEL)req).getStorkAuthnRequest(),authnResponse,httpReq.getRemoteAddr(),false);
+            //generateSAML Token
+            Logger.info("SAML response succesfully generated!");
+        }catch(STORKSAMLEngineException e){
+            Logger.error("Failed to generate STORK SAML Response", e);
+            throw new MOAIDException("stork.05", null);
+        }
+
+        Logger.info("STORK SAML Response message succesfully generated ");
+        Logger.debug("STORK response: ");
+
+        Logger.debug("authn response string: " + authnResponse.toString());
+
+        String statusCodeValue = authnResponse.getStatusCode();
+        Logger.debug("authn status code value: " + statusCodeValue);
+
+        try {
+            Logger.debug("authn saml:" + IOUtils.toString(authnResponse.getTokenSaml()));
+
+        } catch (IOException e) {
+            e.printStackTrace();
+        }
+
+        try {
+            VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
+            Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html");
+            VelocityContext context = new VelocityContext();
+            //Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.decode(context.get("SAMLResponse").toString()));
+
+            context.put("SAMLResponse", IOUtils.toString(authnResponse.getTokenSaml()));
+            Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.decode(context.get("SAMLResponse").toString()));
+
+            Logger.info("Putting assertion consumer url as action: " + ((STORKAuthnRequestDEL)req).getStorkAuthnRequest().getAssertionConsumerServiceURL());
+            context.put("action", ((STORKAuthnRequestDEL) req).getStorkAuthnRequest().getAssertionConsumerServiceURL());
+            StringWriter writer = new StringWriter();
+            template.merge(context, writer);
+
+            httpResp.getOutputStream().write(writer.toString().getBytes());
+
+        } catch (Exception e) {
+            Logger.error("Velocity error: " + e.getMessage());
+        }
+
+        HttpSession httpSession = httpReq.getSession();
+        httpSession.setAttribute("STORKSessionID", "12345");
+        Logger.info("Status code: " + authnResponse.getStatusCode());
+
+
+
 
         return "12345"; // AssertionId
     }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index 2e42a0d75..9564afa27 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -153,6 +153,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         Logger.error("spi " + authnRequest.getSpInstitution());
 
 
+        STORK2Request.setSTORKAuthnRequest(authnRequest);
 
         return STORK2Request;
     }
diff --git a/id/server/proxy/moa-id-proxy.iml b/id/server/proxy/moa-id-proxy.iml
index fb1a16d2e..86fa1b292 100644
--- a/id/server/proxy/moa-id-proxy.iml
+++ b/id/server/proxy/moa-id-proxy.iml
@@ -13,8 +13,8 @@
     </facet>
   </component>
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/target/classes" />
-    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+    <output url="file://$MODULE_DIR$/../../target/classes" />
+    <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <excludeFolder url="file://$MODULE_DIR$/target" />
     </content>
diff --git a/id/templates/moa-id-templates.iml b/id/templates/moa-id-templates.iml
index 3b8b05541..0ecf962d0 100644
--- a/id/templates/moa-id-templates.iml
+++ b/id/templates/moa-id-templates.iml
@@ -13,8 +13,8 @@
     </facet>
   </component>
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/target/classes" />
-    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+    <output url="file://$MODULE_DIR$/../target/classes" />
+    <output-test url="file://$MODULE_DIR$/../target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <excludeFolder url="file://$MODULE_DIR$/target" />
     </content>
diff --git a/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml b/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml
index 26b212283..c9c03b243 100644
--- a/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml
+++ b/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/target/classes" />
-    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+    <output url="file://$MODULE_DIR$/../../../target/classes" />
+    <output-test url="file://$MODULE_DIR$/../../../target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
       <excludeFolder url="file://$MODULE_DIR$/target" />
diff --git a/spss/handbook/clients/moa-spss-handbook-clients.iml b/spss/handbook/clients/moa-spss-handbook-clients.iml
index 04a6248a2..3dda938d9 100644
--- a/spss/handbook/clients/moa-spss-handbook-clients.iml
+++ b/spss/handbook/clients/moa-spss-handbook-clients.iml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
-  <component name="NewModuleRootManager" inherit-compiler-output="false">
+  <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
     <output url="file://$MODULE_DIR$/../../target/classes" />
     <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
     <content url="file://$MODULE_DIR$">
diff --git a/spss/handbook/clients/referencedData/moa-spss-handbook-referencedData.iml b/spss/handbook/clients/referencedData/moa-spss-handbook-referencedData.iml
index 29685104a..678776d19 100644
--- a/spss/handbook/clients/referencedData/moa-spss-handbook-referencedData.iml
+++ b/spss/handbook/clients/referencedData/moa-spss-handbook-referencedData.iml
@@ -12,7 +12,7 @@
       </configuration>
     </facet>
   </component>
-  <component name="NewModuleRootManager" inherit-compiler-output="false">
+  <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
     <output url="file://$MODULE_DIR$/../../../target/classes" />
     <output-test url="file://$MODULE_DIR$/../../../target/test-classes" />
     <content url="file://$MODULE_DIR$">
diff --git a/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml b/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml
index 26b212283..c9c03b243 100644
--- a/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml
+++ b/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/target/classes" />
-    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+    <output url="file://$MODULE_DIR$/../../../target/classes" />
+    <output-test url="file://$MODULE_DIR$/../../../target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
       <excludeFolder url="file://$MODULE_DIR$/target" />
diff --git a/spss/handbook/moa-spss-handbook.iml b/spss/handbook/moa-spss-handbook.iml
index ce921cbeb..deed935ed 100644
--- a/spss/handbook/moa-spss-handbook.iml
+++ b/spss/handbook/moa-spss-handbook.iml
@@ -9,7 +9,7 @@
       </configuration>
     </facet>
   </component>
-  <component name="NewModuleRootManager" inherit-compiler-output="false">
+  <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
     <output url="file://$MODULE_DIR$/../target/classes" />
     <output-test url="file://$MODULE_DIR$/../target/test-classes" />
     <content url="file://$MODULE_DIR$">
diff --git a/spss/server/moa-spss.iml b/spss/server/moa-spss.iml
index 4d170c8a3..567359474 100644
--- a/spss/server/moa-spss.iml
+++ b/spss/server/moa-spss.iml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
-  <component name="NewModuleRootManager" inherit-compiler-output="false">
+  <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
     <output url="file://$MODULE_DIR$/../target/classes" />
     <output-test url="file://$MODULE_DIR$/../target/test-classes" />
     <content url="file://$MODULE_DIR$">
diff --git a/spss/server/serverlib/moa-spss-lib.iml b/spss/server/serverlib/moa-spss-lib.iml
index 11dc743a9..7864354f4 100644
--- a/spss/server/serverlib/moa-spss-lib.iml
+++ b/spss/server/serverlib/moa-spss-lib.iml
@@ -45,8 +45,8 @@
     </facet>
   </component>
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/target/classes" />
-    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+    <output url="file://$MODULE_DIR$/../../target/classes" />
+    <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
       <sourceFolder url="file://$MODULE_DIR$/src/test/java" isTestSource="true" />
diff --git a/spss/server/serverws/moa-spss-ws.iml b/spss/server/serverws/moa-spss-ws.iml
index 45ebf8969..60f6d1803 100644
--- a/spss/server/serverws/moa-spss-ws.iml
+++ b/spss/server/serverws/moa-spss-ws.iml
@@ -15,8 +15,8 @@
     </facet>
   </component>
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/target/classes" />
-    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+    <output url="file://$MODULE_DIR$/../../target/classes" />
+    <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <excludeFolder url="file://$MODULE_DIR$/target" />
     </content>
diff --git a/spss/server/tools/moa-spss-tools.iml b/spss/server/tools/moa-spss-tools.iml
index a0c44cf2c..a880f50ab 100644
--- a/spss/server/tools/moa-spss-tools.iml
+++ b/spss/server/tools/moa-spss-tools.iml
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/target/classes" />
-    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+    <output url="file://$MODULE_DIR$/../../target/classes" />
+    <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
       <sourceFolder url="file://$MODULE_DIR$/src/main/resources" type="java-resource" />
-- 
cgit v1.2.3


From 639017a14904323c0eb2cd5d8cccf65ad8f2a841 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Tue, 11 Feb 2014 10:33:48 +0100
Subject: sketched stork attribute provider framework

---
 .../id/protocols/stork2/AttributeCollector.java    | 70 +++++++++++++++++++
 .../moa/id/protocols/stork2/AttributeProvider.java | 32 +++++++++
 .../id/protocols/stork2/AuthenticationRequest.java | 19 +++++-
 .../moa/id/protocols/stork2/DataContainer.java     | 79 ++++++++++++++++++++++
 .../moa/id/protocols/stork2/STORKProtocol.java     |  1 +
 .../stork2/UnsupportedAttributeException.java      |  7 ++
 6 files changed, 205 insertions(+), 3 deletions(-)
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/UnsupportedAttributeException.java

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
new file mode 100644
index 000000000..fbc959cc4
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -0,0 +1,70 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.moduls.IAction;
+import at.gv.egovernment.moa.id.moduls.IRequest;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * the AttributeCollector Action tries to get all requested attributes from a set of {@link AttributeProvider} Plugins.
+ * The class is called whenever the {@link AuthenticationRequest} Action is invoked and checks for missing attributes.
+ * Furthermore, the class can handle direct posts. That is when the class triggers an attribute query which needs user
+ * interaction, redirect to another portal, etc. The redirect will hit here and the class can continue to fetch attributes.
+ * 
+ * TODO how do we treat mandatory and optional attributes?
+ * 
+ */
+public class AttributeCollector implements IAction {
+
+
+    /* (non-Javadoc)
+     * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.auth.data.AuthenticationSession)
+     */
+    public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {
+    	// check if we have a STORKAttributeResponse in the request
+    	// - no, how did we get here?
+    	// yes, we got a recent requested attribute
+    	// - find the attribute provider plugin that can handle the response
+    	// - fetch the container
+    	DataContainer container = new DataContainer();
+    	// - insert the embedded attribute(s) into the container
+    	
+    	// see if we need some more attributes
+    	return processRequest(container);
+    }
+    
+    /**
+     * Checks if there are missing attributes and tries to fetch them. If there are no more attribute to fetch,
+     * this very method creates and sends the protocol result to the asking S-PEPS.
+     *
+     * @param container the {@link DataContainer} representing the status of the overall query.
+     * @return the string
+     */
+    public String processRequest(DataContainer container) {
+    	// check if there are attributes we need to fetch
+    	// for each attribute still missing
+    	// - check if we can find a suitable AttributeProvider Plugin
+    	// - hand over control to the suitable plugin
+    	// - add the aquired attribute to the container
+    	// build response
+    	// done
+    	return "12345"; // AssertionId
+    }
+
+    /* (non-Javadoc)
+     * @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+     */
+    public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) {
+    	// this action does not need any authentication. The authentication is already done by the preceeding AuthenticationRequest-Action.
+        return false;
+    }
+
+    /* (non-Javadoc)
+     * @see at.gv.egovernment.moa.id.moduls.IAction#getDefaultActionName()
+     */
+    public String getDefaultActionName() {
+        return STORKProtocol.ATTRIBUTE_COLLECTOR;
+    }
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
new file mode 100644
index 000000000..2e4f2d8c5
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
@@ -0,0 +1,32 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import javax.activation.UnsupportedDataTypeException;
+import javax.servlet.http.HttpServletRequest;
+
+import eu.stork.peps.auth.commons.PersonalAttribute;
+
+/**
+ * An {@link AttributeProvider} can fetch a set of stork attributes. It might complete the query within one method call,
+ * but might also need to redirect to another webservice to accomplish its task.
+ */
+public interface AttributeProvider {
+	
+	/**
+	 * Acquire the specified attribute. Returns {@code null} when attribute retrieval is in progress, but requires for
+	 * for redirecting the user to an external service. Use {@link AttributeProvider#parse(HttpServletRequest)} to parse
+	 * the response.
+	 *
+	 * @param attributeName the attribute name
+	 * @return the personal attribute
+	 * @throws UnsupportedDataTypeException when the provider cannot acquire the specified attribute
+	 */
+	public PersonalAttribute acquire(String attributeName) throws UnsupportedAttributeException;
+
+	/**
+	 * Parses the response we got from the external attribute provider.
+	 *
+	 * @param httpReq the http req
+	 * @return the personal attribute
+	 */
+	public PersonalAttribute parse(HttpServletRequest httpReq);
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 7e80273ca..1f6ffaa9a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -4,6 +4,7 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.id.storage.AssertionStorage;
 import at.gv.egovernment.moa.logging.Logger;
 import org.apache.velocity.VelocityContext;
 import org.apache.velocity.app.VelocityEngine;
@@ -81,9 +82,21 @@ public class AuthenticationRequest implements IAction {
 
         //httpResp.setStatus(200);
         //VPEPSInboundPostHandler
-
-
-        return "12345"; // AssertionId
+        
+        // create fresh container
+        DataContainer container = new DataContainer();
+        
+        // - fill in the request we extracted above
+        container.setRequest(request);
+        
+        // - fill in the partial response created above
+        container.setResponse(response);
+        
+        // - memorize the target url were we have to return the result
+        container.setTarget(target);
+        
+        // see if we need to fetch further attributes
+        return (new AttributeCollector()).processRequest(container);
     }
 
     public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java
new file mode 100644
index 000000000..40c827ef8
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java
@@ -0,0 +1,79 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import java.io.Serializable;
+
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
+import eu.stork.peps.auth.commons.STORKAuthnResponse;
+
+// TODO: Auto-generated Javadoc
+/**
+ * Holds info about an ongoing but yet incomplete stork authnrequest process.
+ */
+public class DataContainer implements Serializable {
+	
+	/** The Constant serialVersionUID. */
+	private static final long serialVersionUID = -8765997480582363012L;
+
+	/** The incoming request. */
+	private STORKAuthnRequest request;
+	
+	/** The yet incomplete response. */
+	private STORKAuthnResponse response;
+	
+	/** The target. */
+	private String target;
+	
+	/**
+	 * Gets the request.
+	 *
+	 * @return the request
+	 */
+	public STORKAuthnRequest getRequest() {
+		return request;
+	}
+
+	/**
+	 * Sets the request.
+	 *
+	 * @param request the new request
+	 */
+	public void setRequest(STORKAuthnRequest request) {
+		this.request = request;
+	}
+
+	/**
+	 * Gets the response.
+	 *
+	 * @return the response
+	 */
+	public STORKAuthnResponse getResponse() {
+		return response;
+	}
+
+	/**
+	 * Sets the response.
+	 *
+	 * @param response the new response
+	 */
+	public void setResponse(STORKAuthnResponse response) {
+		this.response = response;
+	}
+
+	/**
+	 * Gets the target.
+	 *
+	 * @return the target
+	 */
+	public String getTarget() {
+		return target;
+	}
+
+	/**
+	 * Sets the target.
+	 *
+	 * @param target the new target
+	 */
+	public void setTarget(String target) {
+		this.target = target;
+	}
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index 2e42a0d75..323d9ba8e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -36,6 +36,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
     public static final String PATH = "id_stork2";
 
     public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest";
+	public static final String ATTRIBUTE_COLLECTOR = "AttributeCollector";
 
     private static HashMap<String, IAction> actions = new HashMap<String, IAction>();
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/UnsupportedAttributeException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/UnsupportedAttributeException.java
new file mode 100644
index 000000000..9447c079f
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/UnsupportedAttributeException.java
@@ -0,0 +1,7 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+public class UnsupportedAttributeException extends Exception {
+
+	private static final long serialVersionUID = -7720066381435378111L;
+
+}
-- 
cgit v1.2.3


From 95ea36e8b84de119165ce8c14fc5c1e9facd797f Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Tue, 11 Feb 2014 11:01:32 +0100
Subject: added ap logic #1

---
 .../id/protocols/stork2/AttributeCollector.java    | 38 +++++++++++++++++++---
 .../stork2/DemoNoRedirectAttributeProvider.java    | 32 ++++++++++++++++++
 2 files changed, 66 insertions(+), 4 deletions(-)
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index fbc959cc4..b93b31b49 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -1,12 +1,19 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
+import java.util.ArrayList;
+import java.util.List;
+
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.id.moduls.IRequest;
+
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+
 /**
  * the AttributeCollector Action tries to get all requested attributes from a set of {@link AttributeProvider} Plugins.
  * The class is called whenever the {@link AuthenticationRequest} Action is invoked and checks for missing attributes.
@@ -17,6 +24,14 @@ import javax.servlet.http.HttpServletResponse;
  * 
  */
 public class AttributeCollector implements IAction {
+	
+	private ArrayList<AttributeProvider> attributeProviders;
+
+	public AttributeCollector() {
+		// TODO generate from config
+		attributeProviders = new ArrayList<AttributeProvider>();
+		attributeProviders.add(new DemoNoRedirectAttributeProvider());
+	}
 
 
     /* (non-Javadoc)
@@ -44,10 +59,25 @@ public class AttributeCollector implements IAction {
      */
     public String processRequest(DataContainer container) {
     	// check if there are attributes we need to fetch
-    	// for each attribute still missing
-    	// - check if we can find a suitable AttributeProvider Plugin
-    	// - hand over control to the suitable plugin
-    	// - add the aquired attribute to the container
+    	List<String> missingAttributes = new ArrayList<String>();
+    	try {
+	    	// for each attribute still missing
+    	
+	    	for(String currentAttribute : missingAttributes) {
+	    	// - check if we can find a suitable AttributeProvider Plugin
+	    		for(AttributeProvider currentProvider : attributeProviders) {
+	    			// - hand over control to the suitable plugin
+	    			PersonalAttribute aquiredAttribute = currentProvider.acquire(currentAttribute);
+	
+	    			// - add the aquired attribute to the container
+	    			container.getResponse().getPersonalAttributeList().add(aquiredAttribute);
+	    		}
+	    	}
+    	} catch(UnsupportedAttributeException e) {
+    		// TODO
+    		// memorize the container again
+    		return "12345"; // TODO what to do here?
+    	}
     	// build response
     	// done
     	return "12345"; // AssertionId
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
new file mode 100644
index 000000000..23afc2544
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
@@ -0,0 +1,32 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import java.util.ArrayList;
+
+import javax.servlet.http.HttpServletRequest;
+
+import eu.stork.peps.auth.commons.PersonalAttribute;
+
+/**
+ * Just a simple demoprovider who can fetch any attribute you ask him.
+ */
+public class DemoNoRedirectAttributeProvider implements AttributeProvider {
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String)
+	 */
+	@Override
+	public PersonalAttribute acquire(String attributeName)
+			throws UnsupportedAttributeException {
+		return new PersonalAttribute("sepp", true, new ArrayList<String>(), "");
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest)
+	 */
+	@Override
+	public PersonalAttribute parse(HttpServletRequest httpReq) {
+		// TODO Auto-generated method stub
+		return null;
+	}
+
+}
-- 
cgit v1.2.3


From 366d0f285e0e1a2fa89e512d91f349488cbc82d9 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Tue, 11 Feb 2014 13:15:14 +0100
Subject: find missing attributes

---
 .../gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index b93b31b49..e74cf4e8b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -59,10 +59,15 @@ public class AttributeCollector implements IAction {
      */
     public String processRequest(DataContainer container) {
     	// check if there are attributes we need to fetch
+    	IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList();
+    	IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList();
     	List<String> missingAttributes = new ArrayList<String>();
+    	for(PersonalAttribute current : requestAttributeList)
+    		if(!responseAttributeList.containsKey(current))
+    			missingAttributes.add(current.getName());
+    	
     	try {
 	    	// for each attribute still missing
-    	
 	    	for(String currentAttribute : missingAttributes) {
 	    	// - check if we can find a suitable AttributeProvider Plugin
 	    		for(AttributeProvider currentProvider : attributeProviders) {
-- 
cgit v1.2.3


From d8302a2f7f3aae63593cd55bf0d5d4a4f9e5f55a Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Wed, 12 Feb 2014 11:37:06 +0100
Subject: sketched redirecting ap plugin

---
 .../id/protocols/stork2/AttributeCollector.java    | 46 +++++++++++++++++-----
 .../moa/id/protocols/stork2/AttributeProvider.java |  2 +-
 .../stork2/AttributeRequestOngoingException.java   |  5 +++
 .../stork2/DemoRedirectAttributeProvider.java      | 31 +++++++++++++++
 .../resources/properties/id_messages_de.properties |  1 +
 5 files changed, 74 insertions(+), 11 deletions(-)
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index e74cf4e8b..93204f2ab 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -7,10 +7,14 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.id.storage.AssertionStorage;
+import at.gv.egovernment.moa.logging.Logger;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
+
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.PersonalAttribute;
 
@@ -30,6 +34,7 @@ public class AttributeCollector implements IAction {
 	public AttributeCollector() {
 		// TODO generate from config
 		attributeProviders = new ArrayList<AttributeProvider>();
+		attributeProviders.add(new DemoRedirectAttributeProvider());
 		attributeProviders.add(new DemoNoRedirectAttributeProvider());
 	}
 
@@ -56,8 +61,9 @@ public class AttributeCollector implements IAction {
      *
      * @param container the {@link DataContainer} representing the status of the overall query.
      * @return the string
+     * @throws MOAIDException 
      */
-    public String processRequest(DataContainer container) {
+    public String processRequest(DataContainer container) throws MOAIDException {
     	// check if there are attributes we need to fetch
     	IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList();
     	IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList();
@@ -71,18 +77,38 @@ public class AttributeCollector implements IAction {
 	    	for(String currentAttribute : missingAttributes) {
 	    	// - check if we can find a suitable AttributeProvider Plugin
 	    		for(AttributeProvider currentProvider : attributeProviders) {
-	    			// - hand over control to the suitable plugin
-	    			PersonalAttribute aquiredAttribute = currentProvider.acquire(currentAttribute);
+					try {
+						// - hand over control to the suitable plugin
+						PersonalAttribute aquiredAttribute = currentProvider.acquire(currentAttribute);
+
+						// - add the aquired attribute to the container
+						container.getResponse().getPersonalAttributeList().add(aquiredAttribute);
+					} catch(UnsupportedAttributeException e) {
+						// ok, try the next attributeprovider
+					}
 	
-	    			// - add the aquired attribute to the container
-	    			container.getResponse().getPersonalAttributeList().add(aquiredAttribute);
 	    		}
 	    	}
-    	} catch(UnsupportedAttributeException e) {
-    		// TODO
-    		// memorize the container again
-    		return "12345"; // TODO what to do here?
-    	}
+		} catch (AttributeRequestOngoingException e) {
+			// the attribute request is ongoing and requires an external service.
+			try {
+				// memorize the container again
+				// - generate new key
+				String newArtifactId = new SecureRandomIdentifierGenerator()
+						.generateIdentifier();
+
+				// - put container in temporary store.
+				AssertionStorage.getInstance().put(newArtifactId, container);
+
+				// TODO - add container-key to httpresponse
+			} catch (Exception e1) {
+				// TODO should we return the response as is to the PEPS?
+				Logger.error("Error putting incomplete Stork response into temporary storage", e);
+				throw new MOAIDException("stork.11", null);
+			}
+
+			return "12345"; // TODO what to do here?
+		}
     	// build response
     	// done
     	return "12345"; // AssertionId
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
index 2e4f2d8c5..fd35b0c71 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
@@ -20,7 +20,7 @@ public interface AttributeProvider {
 	 * @return the personal attribute
 	 * @throws UnsupportedDataTypeException when the provider cannot acquire the specified attribute
 	 */
-	public PersonalAttribute acquire(String attributeName) throws UnsupportedAttributeException;
+	public PersonalAttribute acquire(String attributeName) throws UnsupportedAttributeException, AttributeRequestOngoingException;
 
 	/**
 	 * Parses the response we got from the external attribute provider.
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java
new file mode 100644
index 000000000..be5a53f34
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java
@@ -0,0 +1,5 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+public class AttributeRequestOngoingException extends Exception {
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
new file mode 100644
index 000000000..f44fbed07
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
@@ -0,0 +1,31 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import java.util.ArrayList;
+
+import javax.servlet.http.HttpServletRequest;
+
+import eu.stork.peps.auth.commons.PersonalAttribute;
+
+/**
+ * Just a simple demoprovider who can fetch any attribute you ask him.
+ */
+public class DemoRedirectAttributeProvider implements AttributeProvider {
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String)
+	 */
+	@Override
+	public PersonalAttribute acquire(String attributeName)
+			throws UnsupportedAttributeException, AttributeRequestOngoingException {
+		throw new AttributeRequestOngoingException();
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest)
+	 */
+	@Override
+	public PersonalAttribute parse(HttpServletRequest httpReq) {
+		return new PersonalAttribute("sepp", true, new ArrayList<String>(), "");
+	}
+
+}
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
index a6c0601e4..d6995a98e 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
@@ -202,6 +202,7 @@ stork.07=Es existiert kein STORK AuthnRequest f\u00FCr diese STORK Response
 stork.08=STORK SAML Assertion Validierung fehlgeschlagen
 stork.09=Fehler beim \u00FCberpr\u00FCfen der STORK B\u00FCrgerInnen Signatur
 stork.10=Fehler in der Verbindung zum SZR-Gateway
+stork.11=Fehler beim Sammeln von StorkAttributen
 
 pvp2.00={0} ist kein gueltiger consumer service index
 pvp2.01=Fehler beim kodieren der PVP2 Antwort
-- 
cgit v1.2.3


From a330b17e3ddc93181c8142b7c0ae871af528157f Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 13 Feb 2014 17:47:53 +0100
Subject: added ap logic #2

---
 .../moa/id/protocols/stork2/AttributeCollector.java        |  6 ++++--
 .../moa/id/protocols/stork2/AttributeProvider.java         | 14 +++++++++++---
 .../protocols/stork2/AttributeRequestOngoingException.java |  5 -----
 .../protocols/stork2/DemoNoRedirectAttributeProvider.java  |  5 +++++
 .../id/protocols/stork2/DemoRedirectAttributeProvider.java | 13 +++++++++++--
 .../stork2/ExternalAttributeRequestRequiredException.java  | 14 ++++++++++++++
 6 files changed, 45 insertions(+), 12 deletions(-)
 delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 93204f2ab..30f7d3df2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -89,7 +89,7 @@ public class AttributeCollector implements IAction {
 	
 	    		}
 	    	}
-		} catch (AttributeRequestOngoingException e) {
+		} catch (ExternalAttributeRequestRequiredException e) {
 			// the attribute request is ongoing and requires an external service.
 			try {
 				// memorize the container again
@@ -100,7 +100,9 @@ public class AttributeCollector implements IAction {
 				// - put container in temporary store.
 				AssertionStorage.getInstance().put(newArtifactId, container);
 
-				// TODO - add container-key to httpresponse
+				// add container-key to redirect embedded within the return URL
+				// TODO find correct returnURL
+				e.getAp().performRedirect("returnURL");
 			} catch (Exception e1) {
 				// TODO should we return the response as is to the PEPS?
 				Logger.error("Error putting incomplete Stork response into temporary storage", e);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
index fd35b0c71..2c024e822 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
@@ -1,6 +1,5 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
-import javax.activation.UnsupportedDataTypeException;
 import javax.servlet.http.HttpServletRequest;
 
 import eu.stork.peps.auth.commons.PersonalAttribute;
@@ -18,10 +17,18 @@ public interface AttributeProvider {
 	 *
 	 * @param attributeName the attribute name
 	 * @return the personal attribute
-	 * @throws UnsupportedDataTypeException when the provider cannot acquire the specified attribute
+	 * @throws UnsupportedAttributeException the unsupported attribute exception
+	 * @throws ExternalAttributeRequestRequiredException an attribute request to an external service has to be done
 	 */
-	public PersonalAttribute acquire(String attributeName) throws UnsupportedAttributeException, AttributeRequestOngoingException;
+	public PersonalAttribute acquire(String attributeName) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException;
 
+	/**
+	 * Perform redirect.
+	 *
+	 * @param url the return URL ending with ?artifactId=...
+	 */
+	public void performRedirect(String url);
+	
 	/**
 	 * Parses the response we got from the external attribute provider.
 	 *
@@ -29,4 +36,5 @@ public interface AttributeProvider {
 	 * @return the personal attribute
 	 */
 	public PersonalAttribute parse(HttpServletRequest httpReq);
+
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java
deleted file mode 100644
index be5a53f34..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java
+++ /dev/null
@@ -1,5 +0,0 @@
-package at.gv.egovernment.moa.id.protocols.stork2;
-
-public class AttributeRequestOngoingException extends Exception {
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
index 23afc2544..978fa635c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
@@ -29,4 +29,9 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider {
 		return null;
 	}
 
+	@Override
+	public void performRedirect(String url) {
+		// we should not get here
+	}
+
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
index f44fbed07..13b113711 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
@@ -16,8 +16,8 @@ public class DemoRedirectAttributeProvider implements AttributeProvider {
 	 */
 	@Override
 	public PersonalAttribute acquire(String attributeName)
-			throws UnsupportedAttributeException, AttributeRequestOngoingException {
-		throw new AttributeRequestOngoingException();
+			throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException {
+		throw new ExternalAttributeRequestRequiredException(this);
 	}
 
 	/* (non-Javadoc)
@@ -28,4 +28,13 @@ public class DemoRedirectAttributeProvider implements AttributeProvider {
 		return new PersonalAttribute("sepp", true, new ArrayList<String>(), "");
 	}
 
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String)
+	 */
+	@Override
+	public void performRedirect(String url) {
+		// TODO Auto-generated method stub
+		
+	}
+
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java
new file mode 100644
index 000000000..29b09487b
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java
@@ -0,0 +1,14 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+public class ExternalAttributeRequestRequiredException extends Exception {
+	private AttributeProvider ap;
+
+	public ExternalAttributeRequestRequiredException(AttributeProvider provider) {
+		ap = provider;
+	}
+
+	public AttributeProvider getAp() {
+		return ap;
+	}
+
+}
-- 
cgit v1.2.3


From dcb3a469f10ef2d30d34c50983224db9d9fd85c6 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 13 Feb 2014 17:55:17 +0100
Subject: refactor magic strings to constants

---
 .../moa/id/protocols/stork2/AttributeCollector.java          | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 30f7d3df2..0025307dd 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -29,8 +29,15 @@ import eu.stork.peps.auth.commons.PersonalAttribute;
  */
 public class AttributeCollector implements IAction {
 	
+	/** The Constant ARTIFACT_ID. */
+	private static final String ARTIFACT_ID = "artifactId";
+	
 	private ArrayList<AttributeProvider> attributeProviders;
 
+	/** The return url. */
+	// TODO find correct return URL
+	private String returnUrl = "findCorrectReturnURL";
+
 	public AttributeCollector() {
 		// TODO generate from config
 		attributeProviders = new ArrayList<AttributeProvider>();
@@ -101,8 +108,7 @@ public class AttributeCollector implements IAction {
 				AssertionStorage.getInstance().put(newArtifactId, container);
 
 				// add container-key to redirect embedded within the return URL
-				// TODO find correct returnURL
-				e.getAp().performRedirect("returnURL");
+				e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId);
 			} catch (Exception e1) {
 				// TODO should we return the response as is to the PEPS?
 				Logger.error("Error putting incomplete Stork response into temporary storage", e);
@@ -120,7 +126,7 @@ public class AttributeCollector implements IAction {
      * @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
      */
     public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) {
-    	// this action does not need any authentication. The authentication is already done by the preceeding AuthenticationRequest-Action.
+    	// this action does not need any authentication. The authentication is already done by the preceding AuthenticationRequest-Action.
         return false;
     }
 
-- 
cgit v1.2.3


From f3149ae480fac3e12f9a98cba07d11e297cf39f0 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 13 Feb 2014 18:01:30 +0100
Subject: fetch DataContainer from AssertionStore

---
 .../moa/id/protocols/stork2/AttributeCollector.java            | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 0025307dd..b333fb4fe 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -5,6 +5,7 @@ import java.util.List;
 
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.storage.AssertionStorage;
@@ -55,7 +56,14 @@ public class AttributeCollector implements IAction {
     	// yes, we got a recent requested attribute
     	// - find the attribute provider plugin that can handle the response
     	// - fetch the container
-    	DataContainer container = new DataContainer();
+		String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID);
+		DataContainer container;
+		try {
+			container = AssertionStorage.getInstance().get(artifactId, DataContainer.class);
+		} catch (MOADatabaseException e) {
+			Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e);
+			throw new MOAIDException("stork.11", null);
+		}
     	// - insert the embedded attribute(s) into the container
     	
     	// see if we need some more attributes
-- 
cgit v1.2.3


From d3099d4ec685e68c25a9198760f8d1661678a85f Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 13 Feb 2014 19:05:48 +0100
Subject: hand AP response to plugin and add result to assertion

---
 .../moa/id/protocols/stork2/AttributeCollector.java   | 19 +++++++++++++++++++
 .../moa/id/protocols/stork2/AttributeProvider.java    |  3 ++-
 2 files changed, 21 insertions(+), 1 deletion(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index b333fb4fe..91b09795f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -55,6 +55,23 @@ public class AttributeCollector implements IAction {
     	// - no, how did we get here?
     	// yes, we got a recent requested attribute
     	// - find the attribute provider plugin that can handle the response
+		PersonalAttribute newAttribute = null;
+		for (AttributeProvider current : attributeProviders)
+			try {
+				newAttribute = current.parse(httpReq);
+			} catch (UnsupportedAttributeException e1) {
+				// the current provider cannot find anything familiar within the
+				// provided httpreq. Try the next one.
+			}
+
+		if (null == newAttribute) {
+			// we do not have a provider which is capable of fetching something
+			// from the received httpreq.
+			// TODO should we continue with the next attribute?
+			Logger.error("No attribute could be retrieved from the response the attribute provider gave us.");
+			throw new MOAIDException("stork.11", null);
+		}
+
     	// - fetch the container
 		String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID);
 		DataContainer container;
@@ -64,7 +81,9 @@ public class AttributeCollector implements IAction {
 			Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e);
 			throw new MOAIDException("stork.11", null);
 		}
+
     	// - insert the embedded attribute(s) into the container
+		container.getResponse().getPersonalAttributeList().add(newAttribute);
     	
     	// see if we need some more attributes
     	return processRequest(container);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
index 2c024e822..c554485ee 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
@@ -34,7 +34,8 @@ public interface AttributeProvider {
 	 *
 	 * @param httpReq the http req
 	 * @return the personal attribute
+	 * @throws UnsupportedAttributeException if the provider cannot find anything familiar in the provided httpReq
 	 */
-	public PersonalAttribute parse(HttpServletRequest httpReq);
+	public PersonalAttribute parse(HttpServletRequest httpReq) throws UnsupportedAttributeException;
 
 }
-- 
cgit v1.2.3


From de54a0683a626679df1c110253c8b5ff986ecb71 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 13 Feb 2014 20:24:46 +0100
Subject: added http request and responses to attributeprovider methods

---
 .../egovernment/moa/id/protocols/stork2/AttributeCollector.java  | 6 +++---
 .../egovernment/moa/id/protocols/stork2/AttributeProvider.java   | 9 +++++++--
 .../moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java | 3 ++-
 .../moa/id/protocols/stork2/DemoRedirectAttributeProvider.java   | 3 ++-
 4 files changed, 14 insertions(+), 7 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 91b09795f..810b4ae7a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -86,7 +86,7 @@ public class AttributeCollector implements IAction {
 		container.getResponse().getPersonalAttributeList().add(newAttribute);
     	
     	// see if we need some more attributes
-    	return processRequest(container);
+    	return processRequest(container, httpResp);
     }
     
     /**
@@ -97,7 +97,7 @@ public class AttributeCollector implements IAction {
      * @return the string
      * @throws MOAIDException 
      */
-    public String processRequest(DataContainer container) throws MOAIDException {
+    public String processRequest(DataContainer container, HttpServletResponse response) throws MOAIDException {
     	// check if there are attributes we need to fetch
     	IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList();
     	IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList();
@@ -135,7 +135,7 @@ public class AttributeCollector implements IAction {
 				AssertionStorage.getInstance().put(newArtifactId, container);
 
 				// add container-key to redirect embedded within the return URL
-				e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId);
+				e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId, response);
 			} catch (Exception e1) {
 				// TODO should we return the response as is to the PEPS?
 				Logger.error("Error putting incomplete Stork response into temporary storage", e);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
index c554485ee..5ca3bd7e1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
@@ -1,6 +1,9 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 
 import eu.stork.peps.auth.commons.PersonalAttribute;
 
@@ -26,8 +29,9 @@ public interface AttributeProvider {
 	 * Perform redirect.
 	 *
 	 * @param url the return URL ending with ?artifactId=...
+	 * @param resp the response to the preceding request
 	 */
-	public void performRedirect(String url);
+	public void performRedirect(String url, HttpServletResponse resp);
 	
 	/**
 	 * Parses the response we got from the external attribute provider.
@@ -35,7 +39,8 @@ public interface AttributeProvider {
 	 * @param httpReq the http req
 	 * @return the personal attribute
 	 * @throws UnsupportedAttributeException if the provider cannot find anything familiar in the provided httpReq
+	 * @throws MOAIDException if something went wrong
 	 */
-	public PersonalAttribute parse(HttpServletRequest httpReq) throws UnsupportedAttributeException;
+	public PersonalAttribute parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException;
 
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
index 978fa635c..51663ed38 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
@@ -3,6 +3,7 @@ package at.gv.egovernment.moa.id.protocols.stork2;
 import java.util.ArrayList;
 
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 
 import eu.stork.peps.auth.commons.PersonalAttribute;
 
@@ -30,7 +31,7 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider {
 	}
 
 	@Override
-	public void performRedirect(String url) {
+	public void performRedirect(String url, HttpServletResponse response) {
 		// we should not get here
 	}
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
index 13b113711..fad049763 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
@@ -3,6 +3,7 @@ package at.gv.egovernment.moa.id.protocols.stork2;
 import java.util.ArrayList;
 
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 
 import eu.stork.peps.auth.commons.PersonalAttribute;
 
@@ -32,7 +33,7 @@ public class DemoRedirectAttributeProvider implements AttributeProvider {
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String)
 	 */
 	@Override
-	public void performRedirect(String url) {
+	public void performRedirect(String url, HttpServletResponse response) {
 		// TODO Auto-generated method stub
 		
 	}
-- 
cgit v1.2.3


From c51df468a54912264b0774396ab622f9fa092cf4 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 13 Feb 2014 20:44:00 +0100
Subject: APprovider can return multiple attributes

---
 .../moa/id/protocols/stork2/AttributeCollector.java  | 20 +++++++++++---------
 .../moa/id/protocols/stork2/AttributeProvider.java   | 11 +++++++----
 .../stork2/DemoNoRedirectAttributeProvider.java      | 10 +++++++---
 .../stork2/DemoRedirectAttributeProvider.java        | 10 +++++++---
 4 files changed, 32 insertions(+), 19 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 810b4ae7a..2e9072f0d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -55,16 +55,16 @@ public class AttributeCollector implements IAction {
     	// - no, how did we get here?
     	// yes, we got a recent requested attribute
     	// - find the attribute provider plugin that can handle the response
-		PersonalAttribute newAttribute = null;
+		IPersonalAttributeList newAttributes = null;
 		for (AttributeProvider current : attributeProviders)
 			try {
-				newAttribute = current.parse(httpReq);
+				newAttributes = current.parse(httpReq);
 			} catch (UnsupportedAttributeException e1) {
 				// the current provider cannot find anything familiar within the
 				// provided httpreq. Try the next one.
 			}
 
-		if (null == newAttribute) {
+		if (null == newAttributes) {
 			// we do not have a provider which is capable of fetching something
 			// from the received httpreq.
 			// TODO should we continue with the next attribute?
@@ -83,7 +83,8 @@ public class AttributeCollector implements IAction {
 		}
 
     	// - insert the embedded attribute(s) into the container
-		container.getResponse().getPersonalAttributeList().add(newAttribute);
+		for(PersonalAttribute current : newAttributes)
+			container.getResponse().getPersonalAttributeList().add(current);
     	
     	// see if we need some more attributes
     	return processRequest(container, httpResp);
@@ -101,22 +102,23 @@ public class AttributeCollector implements IAction {
     	// check if there are attributes we need to fetch
     	IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList();
     	IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList();
-    	List<String> missingAttributes = new ArrayList<String>();
+    	List<PersonalAttribute> missingAttributes = new ArrayList<PersonalAttribute>();
     	for(PersonalAttribute current : requestAttributeList)
     		if(!responseAttributeList.containsKey(current))
-    			missingAttributes.add(current.getName());
+    			missingAttributes.add(current);
     	
     	try {
 	    	// for each attribute still missing
-	    	for(String currentAttribute : missingAttributes) {
+	    	for(PersonalAttribute currentAttribute : missingAttributes) {
 	    	// - check if we can find a suitable AttributeProvider Plugin
 	    		for(AttributeProvider currentProvider : attributeProviders) {
 					try {
 						// - hand over control to the suitable plugin
-						PersonalAttribute aquiredAttribute = currentProvider.acquire(currentAttribute);
+						IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute);
 
 						// - add the aquired attribute to the container
-						container.getResponse().getPersonalAttributeList().add(aquiredAttribute);
+						for(PersonalAttribute current : aquiredAttributes)
+							container.getResponse().getPersonalAttributeList().add(current);
 					} catch(UnsupportedAttributeException e) {
 						// ok, try the next attributeprovider
 					}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
index 5ca3bd7e1..e1f5620a8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
@@ -1,10 +1,13 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
+import java.util.List;
+
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.PersonalAttribute;
 
 /**
@@ -18,12 +21,12 @@ public interface AttributeProvider {
 	 * for redirecting the user to an external service. Use {@link AttributeProvider#parse(HttpServletRequest)} to parse
 	 * the response.
 	 *
-	 * @param attributeName the attribute name
+	 * @param attributes the list of attributes to be acquired
 	 * @return the personal attribute
 	 * @throws UnsupportedAttributeException the unsupported attribute exception
 	 * @throws ExternalAttributeRequestRequiredException an attribute request to an external service has to be done
 	 */
-	public PersonalAttribute acquire(String attributeName) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException;
+	public IPersonalAttributeList acquire(PersonalAttribute attributes) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException;
 
 	/**
 	 * Perform redirect.
@@ -37,10 +40,10 @@ public interface AttributeProvider {
 	 * Parses the response we got from the external attribute provider.
 	 *
 	 * @param httpReq the http req
-	 * @return the personal attribute
+	 * @return a list of attributes
 	 * @throws UnsupportedAttributeException if the provider cannot find anything familiar in the provided httpReq
 	 * @throws MOAIDException if something went wrong
 	 */
-	public PersonalAttribute parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException;
+	public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException;
 
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
index 51663ed38..a38cfed96 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
@@ -5,7 +5,9 @@ import java.util.ArrayList;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
 
 /**
  * Just a simple demoprovider who can fetch any attribute you ask him.
@@ -16,16 +18,18 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider {
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String)
 	 */
 	@Override
-	public PersonalAttribute acquire(String attributeName)
+	public IPersonalAttributeList acquire(PersonalAttribute attributeName)
 			throws UnsupportedAttributeException {
-		return new PersonalAttribute("sepp", true, new ArrayList<String>(), "");
+		PersonalAttributeList requestedAttributes = new PersonalAttributeList(1);
+		requestedAttributes.add(new PersonalAttribute("sepp", true, new ArrayList<String>(), ""));
+		return requestedAttributes;
 	}
 
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest)
 	 */
 	@Override
-	public PersonalAttribute parse(HttpServletRequest httpReq) {
+	public IPersonalAttributeList parse(HttpServletRequest httpReq) {
 		// TODO Auto-generated method stub
 		return null;
 	}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
index fad049763..a9e2cf358 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
@@ -5,7 +5,9 @@ import java.util.ArrayList;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
 
 /**
  * Just a simple demoprovider who can fetch any attribute you ask him.
@@ -16,7 +18,7 @@ public class DemoRedirectAttributeProvider implements AttributeProvider {
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String)
 	 */
 	@Override
-	public PersonalAttribute acquire(String attributeName)
+	public IPersonalAttributeList acquire(PersonalAttribute attributeName)
 			throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException {
 		throw new ExternalAttributeRequestRequiredException(this);
 	}
@@ -25,8 +27,10 @@ public class DemoRedirectAttributeProvider implements AttributeProvider {
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest)
 	 */
 	@Override
-	public PersonalAttribute parse(HttpServletRequest httpReq) {
-		return new PersonalAttribute("sepp", true, new ArrayList<String>(), "");
+	public IPersonalAttributeList parse(HttpServletRequest httpReq) {
+		PersonalAttributeList requestedAttributes = new PersonalAttributeList(1);
+		requestedAttributes.add(new PersonalAttribute("sepp", true, new ArrayList<String>(), ""));
+		return requestedAttributes;
 	}
 
 	/* (non-Javadoc)
-- 
cgit v1.2.3


From f9889e63f9263c2d1fc24c9103025d16ee471a79 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 13 Feb 2014 20:51:15 +0100
Subject: added Stork AttributeQuery APProvider

---
 .../id/protocols/stork2/AttributeCollector.java    |  2 +
 .../stork2/StorkAttributeRequestProvider.java      | 45 ++++++++++++++++++++++
 2 files changed, 47 insertions(+)
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 2e9072f0d..4eb874d8f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -37,11 +37,13 @@ public class AttributeCollector implements IAction {
 
 	/** The return url. */
 	// TODO find correct return URL
+	// HTTPUtils.getBaseURL(req);
 	private String returnUrl = "findCorrectReturnURL";
 
 	public AttributeCollector() {
 		// TODO generate from config
 		attributeProviders = new ArrayList<AttributeProvider>();
+		attributeProviders.add(new StorkAttributeRequestProvider());
 		attributeProviders.add(new DemoRedirectAttributeProvider());
 		attributeProviders.add(new DemoNoRedirectAttributeProvider());
 	}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
new file mode 100644
index 000000000..1862bdbe9
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
@@ -0,0 +1,45 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+
+/**
+ * creates a STORK attribute request for a configurable set of attributes
+ */
+public class StorkAttributeRequestProvider implements AttributeProvider {
+
+	private PersonalAttributeList requestedAttributes;
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String)
+	 */
+	@Override
+	public IPersonalAttributeList acquire(PersonalAttribute attribute)
+			throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException {
+		requestedAttributes = new PersonalAttributeList(1);
+		requestedAttributes.add(attribute);
+		throw new ExternalAttributeRequestRequiredException(this);
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest)
+	 */
+	@Override
+	public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException {
+		return null;
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String)
+	 */
+	@Override
+	public void performRedirect(String url, HttpServletResponse resp) {
+
+	}
+
+}
-- 
cgit v1.2.3


From 6ac37f0acfb232d64607d685c0ad7f11fe581df0 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 13 Feb 2014 20:52:19 +0100
Subject: StorkAPprovider can parse a stork response

---
 .../stork2/StorkAttributeRequestProvider.java      | 33 +++++++++++++++++++++-
 1 file changed, 32 insertions(+), 1 deletion(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
index 1862bdbe9..fbb430362 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
@@ -4,9 +4,14 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.logging.Logger;
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PEPSUtil;
 import eu.stork.peps.auth.commons.PersonalAttribute;
 import eu.stork.peps.auth.commons.PersonalAttributeList;
+import eu.stork.peps.auth.commons.STORKAttrQueryResponse;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
 
 /**
  * creates a STORK attribute request for a configurable set of attributes
@@ -31,7 +36,33 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 	 */
 	@Override
 	public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException {
-		return null;
+		Logger.debug("Beginning to extract SAMLResponse out of HTTP Request");
+		
+		//extract STORK Response from HTTP Request
+		//Decodes SAML Response
+		byte[] decSamlToken;
+		try {
+			decSamlToken = PEPSUtil.decodeSAMLToken(httpReq.getParameter("SAMLResponse"));
+		} catch(NullPointerException e) {
+			Logger.error("Unable to retrieve STORK Response", e);
+			throw new MOAIDException("stork.04", null);
+		}
+
+		//Get SAMLEngine instance
+		STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
+
+		STORKAttrQueryResponse attrResponse = null;
+		try {
+			//validate SAML Token
+			Logger.debug("Starting validation of SAML response");
+			attrResponse = engine.validateSTORKAttrQueryResponse(decSamlToken, (String) httpReq.getRemoteHost());
+			Logger.info("SAML response succesfully verified!");
+		}catch(STORKSAMLEngineException e){
+			Logger.error("Failed to verify STORK SAML Response", e);
+			throw new MOAIDException("stork.05", null);
+		}
+		
+		return attrResponse.getPersonalAttributeList();
 	}
 
 	/* (non-Javadoc)
-- 
cgit v1.2.3


From ab303539da5d60a2e12c07b30b997c010155d0b6 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 13 Feb 2014 20:56:37 +0100
Subject: parse reports unsupported data properly now

---
 .../moa/id/protocols/stork2/StorkAttributeRequestProvider.java       | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
index fbb430362..32b0bb334 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
@@ -35,7 +35,7 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest)
 	 */
 	@Override
-	public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException {
+	public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException, UnsupportedAttributeException {
 		Logger.debug("Beginning to extract SAMLResponse out of HTTP Request");
 		
 		//extract STORK Response from HTTP Request
@@ -44,8 +44,7 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 		try {
 			decSamlToken = PEPSUtil.decodeSAMLToken(httpReq.getParameter("SAMLResponse"));
 		} catch(NullPointerException e) {
-			Logger.error("Unable to retrieve STORK Response", e);
-			throw new MOAIDException("stork.04", null);
+			throw new UnsupportedAttributeException();
 		}
 
 		//Get SAMLEngine instance
-- 
cgit v1.2.3


From 6e4f150c26b55cb2a0771e4d6c9b65cbc760c0f2 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Fri, 14 Feb 2014 16:11:09 +0100
Subject: logging

---
 id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml              | 6 +++++-
 .../egovernment/moa/id/protocols/stork2/AuthenticationRequest.java | 7 +++++--
 2 files changed, 10 insertions(+), 3 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
index f8fdcaffc..b63d413d0 100644
--- a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
+++ b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
@@ -60,9 +60,13 @@
         <from>^/stork2/SendPEPSAuthnRequest$</from>
         <to type="forward">/dispatcher?mod=id_stork2&amp;action=AuthenticationRequest&amp;%{query-string}</to>
     </rule>
+    <rule match-type="regex">
+        <from>^/moa-id-auth/SendPEPSAuthnRequest$</from>
+        <to type="forward">/dispatcher?mod=id_stork2&amp;action=AuthenticationRequest&amp;%{query-string}</to>
+    </rule>
 
 
-	<rule match-type="regex">
+    <rule match-type="regex">
 		<from>^/oauth2/auth\\?(.*)$</from>
 		<to type="forward">/dispatcher?mod=id_oauth20&amp;action=AUTH&amp;%{query-string}</to>
 	</rule>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 1971fe12d..1fa88e0a2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -156,11 +156,14 @@ public class AuthenticationRequest implements IAction {
             context.put("SAMLResponse", IOUtils.toString(authnResponse.getTokenSaml()));
             Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.decode(context.get("SAMLResponse").toString()));
 
-            Logger.info("Putting assertion consumer url as action: " + ((STORKAuthnRequestDEL)req).getStorkAuthnRequest().getAssertionConsumerServiceURL());
+            Logger.debug("Putting assertion consumer url as action: " + ((STORKAuthnRequestDEL)req).getStorkAuthnRequest().getAssertionConsumerServiceURL());
             context.put("action", ((STORKAuthnRequestDEL) req).getStorkAuthnRequest().getAssertionConsumerServiceURL());
+            Logger.debug("Starting template merge");
             StringWriter writer = new StringWriter();
+            Logger.debug("Doing template merge");
             template.merge(context, writer);
-
+            Logger.debug("Template merge done");
+            Logger.debug("Sending html content: " + writer.toString().getBytes());
             httpResp.getOutputStream().write(writer.toString().getBytes());
 
         } catch (Exception e) {
-- 
cgit v1.2.3


From efa960b616d81e762905b531814560616b98eab4 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Tue, 18 Feb 2014 16:26:11 +0100
Subject: saml point

---
 .../id/protocols/stork2/AuthenticationRequest.java | 22 +++++++++++++++++-----
 1 file changed, 17 insertions(+), 5 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 1fa88e0a2..55d5f3626 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -27,6 +27,7 @@ import java.util.HashMap;
 import eu.stork.peps.auth.engine.SAMLEngine;
 import sun.rmi.runtime.Log;
 
+
 /**
  * @author bsuzic
  *         Date: 12/3/13, Time: 2:08 PM
@@ -142,6 +143,7 @@ public class AuthenticationRequest implements IAction {
 
         try {
             Logger.debug("authn saml:" + IOUtils.toString(authnResponse.getTokenSaml()));
+            Logger.debug("authn saml encodedx: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes())));
 
         } catch (IOException e) {
             e.printStackTrace();
@@ -153,18 +155,28 @@ public class AuthenticationRequest implements IAction {
             VelocityContext context = new VelocityContext();
             //Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.decode(context.get("SAMLResponse").toString()));
 
-            context.put("SAMLResponse", IOUtils.toString(authnResponse.getTokenSaml()));
-            Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.decode(context.get("SAMLResponse").toString()));
+            //context.put("SAMLResponse", IOUtils.toString(authnResponse.getTokenSaml()));
+
+            context.put("SAMLResponse", new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes())));
+            Logger.debug("SAMLResponse original: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes())));
+            //Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.encode(context.get("SAMLResponse").toString().getBytes()));
 
             Logger.debug("Putting assertion consumer url as action: " + ((STORKAuthnRequestDEL)req).getStorkAuthnRequest().getAssertionConsumerServiceURL());
             context.put("action", ((STORKAuthnRequestDEL) req).getStorkAuthnRequest().getAssertionConsumerServiceURL());
             Logger.debug("Starting template merge");
             StringWriter writer = new StringWriter();
+            //PrintWriter pwriter = new StringWriter();
+
             Logger.debug("Doing template merge");
             template.merge(context, writer);
             Logger.debug("Template merge done");
-            Logger.debug("Sending html content: " + writer.toString().getBytes());
-            httpResp.getOutputStream().write(writer.toString().getBytes());
+
+            Logger.debug("Sending html content: " + writer.getBuffer().toString());
+            Logger.debug("Sending html content2  : " + new String(writer.getBuffer()));
+
+
+
+            httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes());
 
         } catch (Exception e) {
             Logger.error("Velocity error: " + e.getMessage());
@@ -172,7 +184,7 @@ public class AuthenticationRequest implements IAction {
 
         HttpSession httpSession = httpReq.getSession();
         httpSession.setAttribute("STORKSessionID", "12345");
-        Logger.info("Status code: " + authnResponse.getStatusCode());
+        Logger.info("Status code again: " + authnResponse.getStatusCode());
 
 
 
-- 
cgit v1.2.3


From ad0a0adca1ab94f42ed65d9ccf2c68e283a728aa Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Tue, 18 Feb 2014 18:13:19 +0100
Subject: saml point

---
 .../id/protocols/stork2/AuthenticationRequest.java | 26 +++++++++++++++++++---
 1 file changed, 23 insertions(+), 3 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 55d5f3626..2debe7452 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -97,11 +97,30 @@ public class AuthenticationRequest implements IAction {
         authnResponse.setCountry("AT");
 
 
+        IPersonalAttributeList attrLst = ((STORKAuthnRequestDEL)req).getStorkAuthnRequest().getPersonalAttributeList();
+        Logger.info("Found number of authnreq personal attributes: " + attrLst.size());
+
+        try {
+        for (PersonalAttribute personalAttribute : attrLst) {
+            Logger.info("Personal authnreq attribute found: " + personalAttribute.getName() + " status: " + personalAttribute.getStatus() + " isrequired: " + personalAttribute.isRequired() + " type: " + personalAttribute.getType());
+
+            if (personalAttribute.getValue().size() > 0) {
+                for (String value : personalAttribute.getValue()) {
+                    Logger.info("     Value found: " + value);
+                }
+            }
+        }
+        }  catch (Exception e) {
+            Logger.error("Exception, attributes: " + e.getMessage());
+        }
+
+
         try {
+            IPersonalAttributeList moaAttrList =  moasession.getStorkAttributes();
+            Logger.info("Found number of moa personal attributes: " + moasession.getStorkAttributes().size());
 
-        IPersonalAttributeList moaAttrList =  moasession.getStorkAttributes();
 
-        for (PersonalAttribute personalAttribute : moaAttrList) {
+            for (PersonalAttribute personalAttribute : moaAttrList) {
             Logger.info("Personal attribute found: " + personalAttribute.getName() + personalAttribute.getStatus());
             if (personalAttribute.getValue().size() > 0) {
                 for (String value : personalAttribute.getValue()) {
@@ -142,7 +161,8 @@ public class AuthenticationRequest implements IAction {
         Logger.debug("authn status code value: " + statusCodeValue);
 
         try {
-            Logger.debug("authn saml:" + IOUtils.toString(authnResponse.getTokenSaml()));
+            Logger.debug("authn saml plain:" + authnResponse.getTokenSaml());
+            Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); // radi
             Logger.debug("authn saml encodedx: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes())));
 
         } catch (IOException e) {
-- 
cgit v1.2.3


From 17eb279fb70ec2e1057db7b4377f34b6ad6c844b Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Wed, 19 Feb 2014 15:48:32 +0100
Subject: refactoring names

---
 .../id/protocols/stork2/AuthenticationRequest.java |  21 ++---
 .../id/protocols/stork2/MOASTORKAuthnRequest.java  |  71 ++++++++++++++
 .../moa/id/protocols/stork2/STORKAuthnReq.java     | 105 ---------------------
 .../id/protocols/stork2/STORKAuthnRequestDEL.java  |  71 --------------
 .../moa/id/protocols/stork2/STORKProtocol.java     |  10 +-
 5 files changed, 83 insertions(+), 195 deletions(-)
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java
 delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java
 delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 2debe7452..0724b744f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -15,17 +15,12 @@ import org.apache.velocity.Template;
 import org.apache.velocity.VelocityContext;
 import org.apache.velocity.app.VelocityEngine;
 import org.apache.velocity.runtime.RuntimeConstants;
-import org.opensaml.xml.util.Base64;
-import org.opensaml.xml.util.XMLHelper;
-import javax.servlet.ServletOutputStream;
+
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 import java.io.*;
 import java.util.ArrayList;
-import java.util.HashMap;
-import eu.stork.peps.auth.engine.SAMLEngine;
-import sun.rmi.runtime.Log;
 
 
 /**
@@ -51,10 +46,10 @@ public class AuthenticationRequest implements IAction {
         Logger.debug("Moa session: " + moasession.toString() + " " + moasession.getOAURLRequested() + " " + moasession.getPublicOAURLPrefix() + " " + moasession.getAction() + " " + moasession.getIdentityLink().getName() + " " + moasession.getTarget());
         httpResp.reset();
         //httpResp.addHeader("Location", "http:/www.google.com");
-        if (req instanceof STORKAuthnRequestDEL) {
+        if (req instanceof MOASTORKAuthnRequest) {
           /*
-            Logger.debug("STORK QAA 2 :" + ((STORKAuthnRequestDEL) req).getStorkAuthnRequest().getQAALevel());
-            StartAuthResponse startAuthResponse = getStartAuthResponse(((STORKAuthnRequestDEL) req).getStorkAuthnRequest());
+            Logger.debug("STORK QAA 2 :" + ((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getQAALevel());
+            StartAuthResponse startAuthResponse = getStartAuthResponse(((MOASTORKAuthnRequest) req).getStorkAuthnRequest());
 
             HttpSession httpSession = httpReq.getSession();
             httpSession.setAttribute("STORKSessionID", "12345");
@@ -97,7 +92,7 @@ public class AuthenticationRequest implements IAction {
         authnResponse.setCountry("AT");
 
 
-        IPersonalAttributeList attrLst = ((STORKAuthnRequestDEL)req).getStorkAuthnRequest().getPersonalAttributeList();
+        IPersonalAttributeList attrLst = ((MOASTORKAuthnRequest)req).getStorkAuthnRequest().getPersonalAttributeList();
         Logger.info("Found number of authnreq personal attributes: " + attrLst.size());
 
         try {
@@ -144,7 +139,7 @@ public class AuthenticationRequest implements IAction {
             //Get SAMLEngine instance
             STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming");
             Logger.debug("Starting generation of SAML response");
-            authnResponse = engine.generateSTORKAuthnResponse(((STORKAuthnRequestDEL)req).getStorkAuthnRequest(),authnResponse,httpReq.getRemoteAddr(),false);
+            authnResponse = engine.generateSTORKAuthnResponse(((MOASTORKAuthnRequest)req).getStorkAuthnRequest(),authnResponse,httpReq.getRemoteAddr(),false);
             //generateSAML Token
             Logger.info("SAML response succesfully generated!");
         }catch(STORKSAMLEngineException e){
@@ -181,8 +176,8 @@ public class AuthenticationRequest implements IAction {
             Logger.debug("SAMLResponse original: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes())));
             //Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.encode(context.get("SAMLResponse").toString().getBytes()));
 
-            Logger.debug("Putting assertion consumer url as action: " + ((STORKAuthnRequestDEL)req).getStorkAuthnRequest().getAssertionConsumerServiceURL());
-            context.put("action", ((STORKAuthnRequestDEL) req).getStorkAuthnRequest().getAssertionConsumerServiceURL());
+            Logger.debug("Putting assertion consumer url as action: " + ((MOASTORKAuthnRequest)req).getStorkAuthnRequest().getAssertionConsumerServiceURL());
+            context.put("action", ((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL());
             Logger.debug("Starting template merge");
             StringWriter writer = new StringWriter();
             //PrintWriter pwriter = new StringWriter();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java
new file mode 100644
index 000000000..7c88e25d6
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java
@@ -0,0 +1,71 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import at.gv.egovernment.moa.id.moduls.IRequest;
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
+import org.opensaml.common.xml.SAMLConstants;
+
+/**
+ * @author bsuzic
+ *         Date: 12/4/13, Time: 6:31 PM
+ */
+//public class MOASTORKAuthnRequest extends STORKAuthnRequestImpl implements IRequest {
+
+public class MOASTORKAuthnRequest implements IRequest {
+    private String requestID;
+    private String target = null;
+    String module = null;
+    String action = null;
+    private STORKAuthnRequest storkAuthnRequest;
+
+    public void setSTORKAuthnRequest(STORKAuthnRequest request) {
+        this.storkAuthnRequest = request;
+    }
+
+    public STORKAuthnRequest getStorkAuthnRequest() {
+        return this.storkAuthnRequest;
+    }
+
+    public String getOAURL() {
+        return "https://sp:8889/SP";  //
+    }
+
+    public boolean isPassiv() {
+        return false;  //
+    }
+
+    public boolean forceAuth() {
+        return false;  //
+    }
+
+    public boolean isSSOSupported() {
+        return false;  //
+    }
+
+    public String requestedModule() {
+        return this.module;  //
+    }
+
+    public String requestedAction() {
+        return action;  //
+    }
+
+    public void setModule(String module) {
+        this.module = module;
+    }
+
+    public void setAction(String action) {
+        this.action = action;
+    }
+
+    public String getTarget() {
+        return this.target;  //
+    }
+
+    public void setRequestID(String id) {
+        this.requestID = id;
+    }
+
+    public String getRequestID() {
+        return this.requestID;  //
+    }
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java
deleted file mode 100644
index 54072b6a3..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java
+++ /dev/null
@@ -1,105 +0,0 @@
-package at.gv.egovernment.moa.id.protocols.stork2;
-
-import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare;
-import at.gv.egovernment.moa.logging.Logger;
-import eu.stork.peps.auth.commons.STORKAuthnRequest;
-import org.opensaml.common.binding.BasicSAMLMessageContext;
-import org.opensaml.saml2.binding.decoding.HTTPPostDecoder;
-import org.opensaml.ws.transport.http.HTTPInTransport;
-
-
-/**
- * @author bsuzic
- *         Date: 1/22/14, Time: 5:30 PM
- */
-public class STORKAuthnReq implements IRequest {
-    private String requestID;
-    private String target = null;
-    String module = null;
-    String action = null;
-    private STORKAuthnRequest storkAuthnRequest;
-
-    public void setSTORKAuthnRequest(STORKAuthnRequest request) {
-        this.storkAuthnRequest = request;
-    }
-
-    public STORKAuthnRequest getStorkAuthnRequest() {
-        return this.storkAuthnRequest;
-    }
-
-    public void createStorkReq(HTTPInTransport profileReq) {
-        Logger.debug("Generate stork request test...");
-        storkAuthnRequest = new STORKAuthnRequest();
-
-        BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext();
-        samlMessageContext.setInboundMessageTransport(profileReq);
-
-        HTTPPostDecoder postDecoder = new HTTPPostDecoder();
-        postDecoder.setURIComparator(new MOAURICompare()); // TODO Abstract to use general comparator
-
-        try {
-            Logger.debug("Attempting to decode request...");
-            postDecoder.decode(samlMessageContext);
-        } catch (Exception e) {
-            Logger.error("Error decoding STORKAuthnRequest", e);
-        }
-
-
-
-        //storkAuthnRequest = (STORKAuthnRequest)samlMessageContext.getInboundSAMLMessage();
-        //samlMessageContext.getinbound
-        //storkAuthnRequest.set
-
-
-
-    }
-
-
-
-    public String getOAURL() {
-        return "https://sp:8889/SP";  //
-    }
-
-    public boolean isPassiv() {
-        return false;  //
-    }
-
-    public boolean forceAuth() {
-        return false;  //
-    }
-
-    public boolean isSSOSupported() {
-        return false;  //
-    }
-
-    public String requestedModule() {
-        return this.module;  //
-    }
-
-    public String requestedAction() {
-        return action;  //
-    }
-
-    public void setModule(String module) {
-        this.module = module;
-    }
-
-    public void setAction(String action) {
-        this.action = action;
-    }
-
-    public String getTarget() {
-        return this.target;  //
-    }
-
-    public void setRequestID(String id) {
-        this.requestID = id;
-    }
-
-    public String getRequestID() {
-        return this.requestID;  //
-    }
-
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java
deleted file mode 100644
index c8a5ac84d..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java
+++ /dev/null
@@ -1,71 +0,0 @@
-package at.gv.egovernment.moa.id.protocols.stork2;
-
-import at.gv.egovernment.moa.id.moduls.IRequest;
-import eu.stork.peps.auth.commons.STORKAuthnRequest;
-import org.opensaml.common.xml.SAMLConstants;
-
-/**
- * @author bsuzic
- *         Date: 12/4/13, Time: 6:31 PM
- */
-//public class STORKAuthnRequestDEL extends STORKAuthnRequestImpl implements IRequest {
-
-public class STORKAuthnRequestDEL implements IRequest {
-    private String requestID;
-    private String target = null;
-    String module = null;
-    String action = null;
-    private STORKAuthnRequest storkAuthnRequest;
-
-    public void setSTORKAuthnRequest(STORKAuthnRequest request) {
-        this.storkAuthnRequest = request;
-    }
-
-    public STORKAuthnRequest getStorkAuthnRequest() {
-        return this.storkAuthnRequest;
-    }
-
-    public String getOAURL() {
-        return "https://sp:8889/SP";  //
-    }
-
-    public boolean isPassiv() {
-        return false;  //
-    }
-
-    public boolean forceAuth() {
-        return false;  //
-    }
-
-    public boolean isSSOSupported() {
-        return false;  //
-    }
-
-    public String requestedModule() {
-        return this.module;  //
-    }
-
-    public String requestedAction() {
-        return action;  //
-    }
-
-    public void setModule(String module) {
-        this.module = module;
-    }
-
-    public void setAction(String action) {
-        this.action = action;
-    }
-
-    public String getTarget() {
-        return this.target;  //
-    }
-
-    public void setRequestID(String id) {
-        this.requestID = id;
-    }
-
-    public String getRequestID() {
-        return this.requestID;  //
-    }
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index 9564afa27..5611c9269 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -1,6 +1,5 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
 import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.moduls.IAction;
@@ -9,7 +8,6 @@ import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare;
 import at.gv.egovernment.moa.logging.Logger;
 import eu.stork.peps.auth.commons.PEPSUtil;
-import eu.stork.peps.auth.commons.STORKAuthnResponse;
 import eu.stork.peps.auth.engine.STORKSAMLEngine;
 import eu.stork.peps.exceptions.STORKSAMLEngineException;
 import org.opensaml.common.binding.BasicSAMLMessageContext;
@@ -107,8 +105,8 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         /*
 
         STORKAuthnRequestImpl ST2Req = (STORKAuthnRequestImpl)samlMessageContext.getInboundSAMLMessage();
-        //STORKAuthnRequestDEL STORK2Request = (STORKAuthnRequestDEL)samlMessageContext.getInboundSAMLMessage();
-        STORKAuthnRequestDEL STORK2Request = new STORKAuthnRequestDEL();
+        //MOASTORKAuthnRequest STORK2Request = (MOASTORKAuthnRequest)samlMessageContext.getInboundSAMLMessage();
+        MOASTORKAuthnRequest STORK2Request = new MOASTORKAuthnRequest();
         STORK2Request.setSTORKAuthnRequest(ST2Req);
 
         Logger.debug("STORK2 Citizen code: " + ST2Req.getCitizenCountryCode());
@@ -116,10 +114,10 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         Logger.debug("STORK2 ISSUER: " + ST2Req.getIssuer().toString());
 
         */
-        STORKAuthnReq storkAuthnReq = new STORKAuthnReq();
+        //STORKAuthnReq storkAuthnReq = new STORKAuthnReq();
 
 
-        STORKAuthnRequestDEL STORK2Request = new STORKAuthnRequestDEL();
+        MOASTORKAuthnRequest STORK2Request = new MOASTORKAuthnRequest();
 
 
         //extract STORK Response from HTTP Request
-- 
cgit v1.2.3


From 7db3b698532a4f10f66ee388571fac102e8bcf11 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Wed, 19 Feb 2014 16:11:19 +0100
Subject: remove old code

---
 .../id/protocols/stork2/AuthenticationRequest.java | 50 ----------------------
 .../id/protocols/stork2/MOASTORKAuthnRequest.java  |  1 -
 .../moa/id/protocols/stork2/STORKProtocol.java     |  5 +++
 3 files changed, 5 insertions(+), 51 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 0724b744f..52db1c240 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -212,57 +212,7 @@ public class AuthenticationRequest implements IAction {
     }
 
 
-    /*
-
-    public StartAuthResponse getStartAuthResponse(STORKAuthnRequest authnRequest) {
-
-        StartAuthResponse authResponse = new StartAuthResponse(500, null, new HashMap<String, String>());
-
-        if (authnRequest.getSPID() != null) {
-            Logger.debug("SP id: " + authnRequest.getSPID());
-        } else {
-            SpInstitution spInstitution = (SpInstitution)authnRequest.getExtensions().getUnknownXMLObjects(SpInstitution.DEFAULT_ELEMENT_NAME).get(0);
-            Logger.debug("SP institution: " + spInstitution.getValue());
-        }
-
-        Logger.debug("SPEPS issuer: " + authnRequest.getIssuer().getValue());
-        Logger.debug("SPEPS Consumer URL: " + authnRequest.getAssertionConsumerServiceURL());
-
-
-
-        try {
-
-            initVelocityEngine();
-            VelocityContext velocityContext = new VelocityContext();
-
-            velocityContext.put("action", authnRequest.getDestination());
-            if (authnRequest.getDOM() == null) {
-                SAMLUtil.marshallMessage(authnRequest);
-            }
-
-            String messageXML = XMLHelper.nodeToString(authnRequest.getDOM());
-            String encodedMessage = Base64.encodeBytes(messageXML.getBytes("UTF-8"), Base64.DONT_BREAK_LINES);
-            velocityContext.put("SAMLRequest", encodedMessage);
-            ByteArrayOutputStream outStream = new ByteArrayOutputStream();
-
-            Writer out = new OutputStreamWriter(outStream, "UTF-8");
-            velocityEngine.mergeTemplate("/templates/saml2-post-binding.vm", "UTF-8", velocityContext, out);
-            out.flush();
-            authResponse.setContent(outStream.toByteArray());
-
-            authResponse.addHeader("Content-Type", "text/html; charset=utf-8");
-            authResponse.addHeader("Cache-Control", "no-cache");
-            authResponse.setHttpStatusCode(200);
-
-        } catch (Exception e) {
-            Logger.error("ERROR");
-        }
-
-
-        return authResponse;
-    }
 
-    */
 
     public String getDefaultActionName() {
         return STORKProtocol.AUTHENTICATIONREQUEST;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java
index 7c88e25d6..c9fb136c9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java
@@ -8,7 +8,6 @@ import org.opensaml.common.xml.SAMLConstants;
  * @author bsuzic
  *         Date: 12/4/13, Time: 6:31 PM
  */
-//public class MOASTORKAuthnRequest extends STORKAuthnRequestImpl implements IRequest {
 
 public class MOASTORKAuthnRequest implements IRequest {
     private String requestID;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index 5611c9269..33d2040eb 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -167,6 +167,11 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
     public boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending) {
         return false;
     }
+
+    public void checkPersonalAttributes() {
+
+
+    }
 }
 
 
-- 
cgit v1.2.3


From 51e9d604381d6be35bbe2dd0df9cb75af3152d96 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Wed, 19 Feb 2014 19:38:00 +0100
Subject: attrs

---
 .../id/protocols/stork2/AuthenticationRequest.java | 82 ++++++++++++++++------
 .../id/protocols/stork2/MOAAttributeProvider.java  | 69 ++++++++++++++++++
 .../moa/id/protocols/stork2/STORKProtocol.java     |  1 +
 3 files changed, 129 insertions(+), 23 deletions(-)
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 52db1c240..a537a7708 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -36,9 +36,15 @@ public class AuthenticationRequest implements IAction {
 
 
     private VelocityEngine velocityEngine;
+    private AuthenticationSession moaSession;
+    private MOASTORKAuthnRequest moaStorkAuthnRequest;
 
 
     public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {
+
+        this.moaSession = moasession;
+        this.moaStorkAuthnRequest = (MOASTORKAuthnRequest)req;
+
         Logger.debug("Starting AuthenticationRequest");
         //AuthenticationServer.getInstance().startSTORKAuthentication(httpReq, httpResp, moasession);
         Logger.debug("Http Response: " + httpResp.toString() + ", ");
@@ -85,29 +91,12 @@ public class AuthenticationRequest implements IAction {
         //httpResp.setStatus(200);
         //VPEPSInboundPostHandler
 
-        // - prepare attribute list
-        PersonalAttributeList attributeList = new PersonalAttributeList();
 
         STORKAuthnResponse authnResponse = new STORKAuthnResponse();
         authnResponse.setCountry("AT");
 
 
-        IPersonalAttributeList attrLst = ((MOASTORKAuthnRequest)req).getStorkAuthnRequest().getPersonalAttributeList();
-        Logger.info("Found number of authnreq personal attributes: " + attrLst.size());
-
-        try {
-        for (PersonalAttribute personalAttribute : attrLst) {
-            Logger.info("Personal authnreq attribute found: " + personalAttribute.getName() + " status: " + personalAttribute.getStatus() + " isrequired: " + personalAttribute.isRequired() + " type: " + personalAttribute.getType());
 
-            if (personalAttribute.getValue().size() > 0) {
-                for (String value : personalAttribute.getValue()) {
-                    Logger.info("     Value found: " + value);
-                }
-            }
-        }
-        }  catch (Exception e) {
-            Logger.error("Exception, attributes: " + e.getMessage());
-        }
 
 
         try {
@@ -128,12 +117,7 @@ public class AuthenticationRequest implements IAction {
             Logger.error("Exception, attributes: " + e.getMessage());
         }
 
-        PersonalAttribute newAttribute = new PersonalAttribute();
-        newAttribute.setName("eIdentifier");
-        newAttribute.setValue(new ArrayList<String>(Collections.singletonList("xxxxxxxxxxxxxxx")));
-        attributeList.add(newAttribute);
-        authnResponse.setPersonalAttributeList(attributeList);
-
+        authnResponse.setPersonalAttributeList(populateAttributes());
 
         try {
             //Get SAMLEngine instance
@@ -212,7 +196,59 @@ public class AuthenticationRequest implements IAction {
     }
 
 
+    public PersonalAttributeList populateAttributes() {
 
+        IPersonalAttributeList attrLst = moaStorkAuthnRequest.getStorkAuthnRequest().getPersonalAttributeList();
+        Logger.info("Found " + attrLst.size() + " personal attributes in the request." );
+
+        // Define attribute list to be populated
+        PersonalAttributeList attributeList = new PersonalAttributeList();
+        MOAAttributeProvider moaAttributeProvider = new MOAAttributeProvider(moaSession.getIdentityLink());
+
+        try {
+            for (PersonalAttribute personalAttribute : attrLst) {
+                Logger.debug("Personal attribute found: " + personalAttribute.getName() + " status: " + personalAttribute.getStatus() + " isrequired: " + personalAttribute.isRequired() + " type: " + personalAttribute.getType());
+
+                if ("givenName".equals(personalAttribute.getName())) {
+                    Logger.debug("Providing new attribute: " + personalAttribute.getName());
+                    PersonalAttribute newAttribute = new PersonalAttribute();
+                    newAttribute.setName("givenName");
+                    newAttribute.setValue(new ArrayList<String>(Collections.singletonList(moaSession.getIdentityLink().getGivenName())));
+                    attributeList.add(newAttribute);
+                }
+
+                if (personalAttribute.getValue().size() > 0) {
+                    for (String value : personalAttribute.getValue()) {
+                        Logger.info("     Value found: " + value);
+                    }
+                }
+            }
+        }  catch (Exception e) {
+            Logger.error("Exception, attributes: " + e.getMessage());
+        }
+
+
+        Logger.debug("AUTHBLOCK " + moaSession.getAuthBlock());
+        Logger.debug("TARGET " + moaSession.getTarget() + " " + moaSession.getTargetFriendlyName());
+
+
+        Logger.debug("SESSION IDENTIFIER " + moaSession.getCcc() + " " + moaSession.getDomainIdentifier());
+
+
+        Logger.debug("AUTHBLOCKTOKKEN" + moaSession.getAuthBlockTokken());
+
+        // moaAttributeProvider.populateAttribute(attributeList, personalAttribute.getName());
+
+        moaAttributeProvider.populateAttribute(attributeList, "givenName");
+
+        moaAttributeProvider.populateAttribute(attributeList, "surname");
+
+        moaAttributeProvider.populateAttribute(attributeList, "xxname");
+
+        moaAttributeProvider.populateAttribute(attributeList, "dateOfBirth");
+
+        return attributeList;
+    }
 
     public String getDefaultActionName() {
         return STORKProtocol.AUTHENTICATIONREQUEST;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
new file mode 100644
index 000000000..33c1ffcd2
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
@@ -0,0 +1,69 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import at.gv.egovernment.moa.id.auth.data.IdentityLink;
+import at.gv.egovernment.moa.logging.Logger;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * @author bsuzic
+ *         Date: 2/19/14, Time: 4:42 PM
+ */
+public class MOAAttributeProvider {
+    private final IdentityLink identityLink;
+    private static final Map<String, String> storkAttributeMapping;
+
+    static {
+        Map<String, String> tempMap = new HashMap<String, String>();
+        tempMap.put("givenName", "getGivenName");
+        tempMap.put("surname", "getFamilyName");
+        tempMap.put("dateOfBirth", "getDateOfBirth");
+        storkAttributeMapping = Collections.unmodifiableMap(tempMap);
+    }
+
+
+    public MOAAttributeProvider(IdentityLink identityLink) {
+        this.identityLink = identityLink;
+        Logger.debug("identity " + identityLink.getIdentificationType() + " " + identityLink.getIdentificationValue());
+    }
+
+    public void populateAttribute(PersonalAttributeList attributeList, String storkAttribute) {
+
+        if (storkAttributeMapping.containsKey(storkAttribute)) {
+            Method method = null;
+            Logger.debug("Trying to get value for attribute: " + storkAttribute);
+
+            try {
+                method = identityLink.getClass().getDeclaredMethod(storkAttributeMapping.get(storkAttribute));
+                String attributeValue = method.invoke(identityLink, new Class[]{}).toString();
+                PersonalAttribute newAttribute = new PersonalAttribute();
+                newAttribute.setName(storkAttribute);
+                Logger.debug("Got attribute value: " + attributeValue);
+                newAttribute.setValue(new ArrayList<String>(edu.emory.mathcs.backport.java.util.Collections.singletonList(attributeValue)));
+                attributeList.add(newAttribute);
+            } catch (NoSuchMethodException e) {
+                Logger.error("Could not found MOA extraction method while getting attribute: " + storkAttribute);
+                e.printStackTrace();
+            } catch (InvocationTargetException e) {
+                Logger.error("Invocation target expcetiion while getting attribute: " + storkAttribute);
+                e.printStackTrace();
+            } catch (IllegalAccessException e) {
+                Logger.error("Illegal access exception while getting attribute: " + storkAttribute);
+                e.printStackTrace();
+            }
+
+        } else {
+            Logger.debug("MOA method for extraction of attribute " + storkAttribute + " not defined.");
+        }
+
+    }
+
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index 33d2040eb..3d7852c4b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -153,6 +153,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
 
         STORK2Request.setSTORKAuthnRequest(authnRequest);
 
+
         return STORK2Request;
     }
 
-- 
cgit v1.2.3


From 4e840ada79ad862494115374406b1ecb0b4a55ef Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Thu, 20 Feb 2014 16:58:47 +0100
Subject: attribute changes

---
 .../id/protocols/stork2/AuthenticationRequest.java | 33 +++++-----
 .../id/protocols/stork2/MOAAttributeProvider.java  | 74 ++++++++++++++--------
 2 files changed, 64 insertions(+), 43 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index a537a7708..446d942ab 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -207,21 +207,18 @@ public class AuthenticationRequest implements IAction {
 
         try {
             for (PersonalAttribute personalAttribute : attrLst) {
-                Logger.debug("Personal attribute found: " + personalAttribute.getName() + " status: " + personalAttribute.getStatus() + " isrequired: " + personalAttribute.isRequired() + " type: " + personalAttribute.getType());
-
-                if ("givenName".equals(personalAttribute.getName())) {
-                    Logger.debug("Providing new attribute: " + personalAttribute.getName());
-                    PersonalAttribute newAttribute = new PersonalAttribute();
-                    newAttribute.setName("givenName");
-                    newAttribute.setValue(new ArrayList<String>(Collections.singletonList(moaSession.getIdentityLink().getGivenName())));
-                    attributeList.add(newAttribute);
-                }
+                Logger.debug("Personal attribute found in request: " + personalAttribute.getName() + " isRequired: " + personalAttribute.isRequired());
+
+                moaAttributeProvider.populateAttribute(attributeList, personalAttribute);
+
+     //           if ("givenName".equals(personalAttribute.getName())) {
+     //               Logger.debug("Providing new attribute: " + personalAttribute.getName());
+     //               PersonalAttribute newAttribute = new PersonalAttribute();
+     //               newAttribute.setName("givenName");
+     //               newAttribute.setValue(new ArrayList<String>(Collections.singletonList(moaSession.getIdentityLink().getGivenName())));
+     //               attributeList.add(newAttribute);
+    //            }
 
-                if (personalAttribute.getValue().size() > 0) {
-                    for (String value : personalAttribute.getValue()) {
-                        Logger.info("     Value found: " + value);
-                    }
-                }
             }
         }  catch (Exception e) {
             Logger.error("Exception, attributes: " + e.getMessage());
@@ -239,13 +236,13 @@ public class AuthenticationRequest implements IAction {
 
         // moaAttributeProvider.populateAttribute(attributeList, personalAttribute.getName());
 
-        moaAttributeProvider.populateAttribute(attributeList, "givenName");
+    //    moaAttributeProvider.populateAttribute(attributeList, "givenName");
 
-        moaAttributeProvider.populateAttribute(attributeList, "surname");
+    //    moaAttributeProvider.populateAttribute(attributeList, "surname");
 
-        moaAttributeProvider.populateAttribute(attributeList, "xxname");
+    //    moaAttributeProvider.populateAttribute(attributeList, "xxname");
 
-        moaAttributeProvider.populateAttribute(attributeList, "dateOfBirth");
+    //    moaAttributeProvider.populateAttribute(attributeList, "dateOfBirth");
 
         return attributeList;
     }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
index 33c1ffcd2..cde902e4d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
@@ -18,52 +18,76 @@ import java.util.Map;
  */
 public class MOAAttributeProvider {
     private final IdentityLink identityLink;
-    private static final Map<String, String> storkAttributeMapping;
+    private static final Map<String, String> storkAttributeSimpleMapping;
+    private static final Map<String, String> storkAttributeFunctionMapping;
 
     static {
-        Map<String, String> tempMap = new HashMap<String, String>();
-        tempMap.put("givenName", "getGivenName");
-        tempMap.put("surname", "getFamilyName");
-        tempMap.put("dateOfBirth", "getDateOfBirth");
-        storkAttributeMapping = Collections.unmodifiableMap(tempMap);
+        Map<String, String> tempSimpleMap = new HashMap<String, String>();
+        tempSimpleMap.put("givenName", "getGivenName");
+        tempSimpleMap.put("surname", "getFamilyName");
+        tempSimpleMap.put("dateOfBirth", "getDateOfBirth");
+        storkAttributeSimpleMapping = Collections.unmodifiableMap(tempSimpleMap);
+        Map<String, String> tempFunctionMap = new HashMap<String, String>();
+        tempFunctionMap.put("eIdentifier", "geteIdentifier");
+        storkAttributeFunctionMapping = Collections.unmodifiableMap(tempFunctionMap);
     }
 
-
     public MOAAttributeProvider(IdentityLink identityLink) {
         this.identityLink = identityLink;
         Logger.debug("identity " + identityLink.getIdentificationType() + " " + identityLink.getIdentificationValue());
     }
 
-    public void populateAttribute(PersonalAttributeList attributeList, String storkAttribute) {
-
-        if (storkAttributeMapping.containsKey(storkAttribute)) {
-            Method method = null;
-            Logger.debug("Trying to get value for attribute: " + storkAttribute);
+    public void populateAttribute(PersonalAttributeList attributeList, PersonalAttribute requestedAttribute ) {
+        String storkAttribute = requestedAttribute.getName();
 
+        if (storkAttributeSimpleMapping.containsKey(storkAttribute)) {
+            Logger.debug("Trying to get value for attribute using simple mapping [" + storkAttribute + "]");
             try {
-                method = identityLink.getClass().getDeclaredMethod(storkAttributeMapping.get(storkAttribute));
-                String attributeValue = method.invoke(identityLink, new Class[]{}).toString();
-                PersonalAttribute newAttribute = new PersonalAttribute();
-                newAttribute.setName(storkAttribute);
-                Logger.debug("Got attribute value: " + attributeValue);
-                newAttribute.setValue(new ArrayList<String>(edu.emory.mathcs.backport.java.util.Collections.singletonList(attributeValue)));
-                attributeList.add(newAttribute);
+                Method method = identityLink.getClass().getDeclaredMethod(storkAttributeSimpleMapping.get(storkAttribute));
+                populateAttributeWithMethod(method, identityLink, attributeList, storkAttribute, requestedAttribute.isRequired());
             } catch (NoSuchMethodException e) {
                 Logger.error("Could not found MOA extraction method while getting attribute: " + storkAttribute);
                 e.printStackTrace();
-            } catch (InvocationTargetException e) {
-                Logger.error("Invocation target expcetiion while getting attribute: " + storkAttribute);
-                e.printStackTrace();
-            } catch (IllegalAccessException e) {
-                Logger.error("Illegal access exception while getting attribute: " + storkAttribute);
-                e.printStackTrace();
             }
 
+        } else if (storkAttributeFunctionMapping.containsKey(storkAttribute)) {
+
+            Logger.debug("Trying to get value for attribute using function mapping [" + storkAttribute + "]");
+            try {
+                Method method = this.getClass().getDeclaredMethod(storkAttributeFunctionMapping.get(storkAttribute));
+                populateAttributeWithMethod(method, this, attributeList, storkAttribute, requestedAttribute.isRequired());
+            } catch (NoSuchMethodException e) {
+                Logger.error("Could not found MOA extraction method while getting attribute: " + storkAttribute);
+                e.printStackTrace();
+            }
         } else {
             Logger.debug("MOA method for extraction of attribute " + storkAttribute + " not defined.");
         }
+    }
 
+    private String geteIdentifier() {
+        return "askdlaskdlaskdsds";
+    }
+
+    private void populateAttributeWithMethod(Method method, Object object, PersonalAttributeList attributeList, String storkAttribute, Boolean isRequired) {
+        try {
+            String attributeValue = method.invoke(object, new Class[]{}).toString();
+            PersonalAttribute newAttribute = new PersonalAttribute();
+            newAttribute.setName(storkAttribute);
+            newAttribute.setStatus("Available");
+            newAttribute.setIsRequired(isRequired);
+            Logger.debug("Got attribute value: " + attributeValue);
+            newAttribute.setValue(new ArrayList<String>(edu.emory.mathcs.backport.java.util.Collections.singletonList(attributeValue)));
+            attributeList.add(newAttribute);
+        } catch (InvocationTargetException e) {
+            Logger.error("Invocation target exception while getting attribute: " + storkAttribute);
+            e.printStackTrace();
+        } catch (IllegalAccessException e) {
+            Logger.error("Illegal access exception while getting attribute: " + storkAttribute);
+            e.printStackTrace();
+        }
     }
 
 
 }
+
-- 
cgit v1.2.3


From 69475d1ca29ac530df84153635119adf908cbb53 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Thu, 20 Feb 2014 18:07:42 +0100
Subject: handling errors when configuration entries are non existent

---
 .../egovernment/moa/id/config/stork/STORKConfig.java   | 18 +++++++++++++++---
 .../moa/id/protocols/stork2/MOASTORKAuthnRequest.java  |  1 +
 2 files changed, 16 insertions(+), 3 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
index ff481b825..f79fd6e17 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
@@ -59,8 +59,14 @@ public class STORKConfig {
 		this.props = props;
 
 		//create CPEPS map
-		List<at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS> cpeps = stork.getCPEPS();
-		
+		List<at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS> cpeps = null;
+
+        try {
+            cpeps = stork.getCPEPS();
+        }   catch (NullPointerException ex) {
+            Logger.error("CPEPS not configured!");
+        }
+
 		cpepsMap = new HashMap<String, CPEPS>();
 
 		if (cpeps != null) {
@@ -79,11 +85,17 @@ public class STORKConfig {
 		}
 
 		attr = new ArrayList<StorkAttribute>();
-		if (stork.getAttributes() != null) {
+
+        try {
+        if (stork.getAttributes() != null) {
 			for(StorkAttribute current : stork.getAttributes()) {
 				attr.add(current);
 			}
 		}
+        } catch (NullPointerException ex) {
+            Logger.error("Attributes not configured!");
+
+        }
 
 	}
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java
index c9fb136c9..cee64e16e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java
@@ -25,6 +25,7 @@ public class MOASTORKAuthnRequest implements IRequest {
     }
 
     public String getOAURL() {
+
         return "https://sp:8889/SP";  //
     }
 
-- 
cgit v1.2.3


From 0e19ab212b9c652401937ba3a2a4b415c010eeb4 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 20 Feb 2014 11:23:42 +0100
Subject: StorkAPProvider can issue an attribute query draft

---
 .../id/protocols/stork2/AttributeCollector.java    |  6 +-
 .../moa/id/protocols/stork2/AttributeProvider.java |  6 +-
 .../stork2/StorkAttributeRequestProvider.java      | 71 +++++++++++++++++++++-
 3 files changed, 76 insertions(+), 7 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 4eb874d8f..8ccaa35de 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -89,7 +89,7 @@ public class AttributeCollector implements IAction {
 			container.getResponse().getPersonalAttributeList().add(current);
     	
     	// see if we need some more attributes
-    	return processRequest(container, httpResp);
+    	return processRequest(container, httpReq, httpResp);
     }
     
     /**
@@ -100,7 +100,7 @@ public class AttributeCollector implements IAction {
      * @return the string
      * @throws MOAIDException 
      */
-    public String processRequest(DataContainer container, HttpServletResponse response) throws MOAIDException {
+    public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response) throws MOAIDException {
     	// check if there are attributes we need to fetch
     	IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList();
     	IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList();
@@ -139,7 +139,7 @@ public class AttributeCollector implements IAction {
 				AssertionStorage.getInstance().put(newArtifactId, container);
 
 				// add container-key to redirect embedded within the return URL
-				e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId, response);
+				e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response);
 			} catch (Exception e1) {
 				// TODO should we return the response as is to the PEPS?
 				Logger.error("Error putting incomplete Stork response into temporary storage", e);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
index e1f5620a8..117a1f6b4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
@@ -1,7 +1,5 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
-import java.util.List;
-
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
@@ -32,9 +30,11 @@ public interface AttributeProvider {
 	 * Perform redirect.
 	 *
 	 * @param url the return URL ending with ?artifactId=...
+	 * @param citizenCountyCode the citizen county code
+	 * @param req the request we got from the S-PEPS and for which we have to ask our APs
 	 * @param resp the response to the preceding request
 	 */
-	public void performRedirect(String url, HttpServletResponse resp);
+	public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp);
 	
 	/**
 	 * Parses the response we got from the external attribute provider.
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
index 32b0bb334..90b1a0180 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
@@ -1,15 +1,31 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
+import java.io.StringWriter;
+import java.util.ArrayList;
+
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.apache.velocity.Template;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
+
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
+import at.gv.egovernment.moa.id.config.OAParameter;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.util.HTTPUtils;
 import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.StringUtils;
+
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.PEPSUtil;
 import eu.stork.peps.auth.commons.PersonalAttribute;
 import eu.stork.peps.auth.commons.PersonalAttributeList;
+import eu.stork.peps.auth.commons.STORKAttrQueryRequest;
 import eu.stork.peps.auth.commons.STORKAttrQueryResponse;
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
+import eu.stork.peps.auth.commons.STORKAuthnResponse;
 import eu.stork.peps.auth.engine.STORKSAMLEngine;
 import eu.stork.peps.exceptions.STORKSAMLEngineException;
 
@@ -19,6 +35,9 @@ import eu.stork.peps.exceptions.STORKSAMLEngineException;
 public class StorkAttributeRequestProvider implements AttributeProvider {
 
 	private PersonalAttributeList requestedAttributes;
+	
+	/** The destination. */
+	private String destination;
 
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String)
@@ -68,8 +87,58 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String)
 	 */
 	@Override
-	public void performRedirect(String url, HttpServletResponse resp) {
+	public void performRedirect(String url, String citizenCountryCode, HttpServletRequest req, HttpServletResponse resp) {
+		OAAuthParameter oaParam;
+		
+    	String spSector = StringUtils.isEmpty(moasession.getTarget()) ? "Business" : moasession.getTarget();
+    	String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName();
+    	String spApplication = spInstitution;
+    	String spCountry = "AT";
+
+    	//generate AuthnRquest
+    	STORKAttrQueryRequest attributeRequest = new STORKAttrQueryRequest();
+    	attributeRequest.setDestination(destination);
+    	attributeRequest.setAssertionConsumerServiceURL(url);
+    	attributeRequest.setIssuer(HTTPUtils.getBaseURL(req));
+    	attributeRequest.setQaa(oaParam.getQaaLevel());
+    	attributeRequest.setSpInstitution(spInstitution);
+    	attributeRequest.setCountry(spCountry);
+    	attributeRequest.setSpApplication(spApplication);
+    	attributeRequest.setSpSector(spSector);
+    	attributeRequest.setPersonalAttributeList(requestedAttributes);
+
+    	attributeRequest.setCitizenCountryCode(citizenCountryCode);
+
+
+    	Logger.debug("STORK AttrRequest succesfully assembled.");
 
+    	STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("VIDP");
+    	try {
+    		attributeRequest = samlEngine.generateSTORKAttrQueryRequest(attributeRequest);
+    	} catch (STORKSAMLEngineException e) {
+			Logger.error("Could not sign STORK SAML AttrRequest.", e);
+			throw new MOAIDException("stork.00", null);
+		}
+
+		Logger.info("STORK AttrRequest successfully signed!");
+		
+		try {
+			Logger.trace("Initialize VelocityEngine...");
+
+			VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
+			Template template = velocityEngine.getTemplate("/resources/templates/saml2-post-binding-moa.vm");
+			VelocityContext context = new VelocityContext();
+			context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(attributeRequest.getTokenSaml()));
+			context.put("action", destination);
+
+			StringWriter writer = new StringWriter();
+			template.merge(context, writer);
+
+			resp.getOutputStream().write(writer.toString().getBytes());
+		} catch (Exception e) {
+			Logger.error("Error sending STORK SAML AttrRequest.", e);
+			throw new MOAIDException("stork.11", null);
+		}
 	}
 
 }
-- 
cgit v1.2.3


From 3f388c8862a4543d8c7f791e5ff47090d533aa0c Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 20 Feb 2014 14:55:17 +0100
Subject: added attribute collector action to protocol and urlrewrite

---
 id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml                 | 4 ++++
 .../java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java | 1 +
 2 files changed, 5 insertions(+)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
index f8fdcaffc..563ee04dd 100644
--- a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
+++ b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
@@ -56,6 +56,10 @@
         <from>^/stork2/StartAuthentication$</from>
         <to type="forward">/dispatcher?mod=id_stork2&amp;action=AuthenticationRequest&amp;%{query-string}</to>
     </rule>
+    <rule match-type="regex">
+        <from>^/stork2/ResumeAuthentication$</from>
+        <to type="forward">/dispatcher?mod=id_stork2&amp;action=AttributeCollector&amp;%{query-string}</to>
+    </rule>
     <rule match-type="regex">
         <from>^/stork2/SendPEPSAuthnRequest$</from>
         <to type="forward">/dispatcher?mod=id_stork2&amp;action=AuthenticationRequest&amp;%{query-string}</to>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index 323d9ba8e..318a8fc9c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -43,6 +43,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
     static {
 
         actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest());
+        actions.put(ATTRIBUTE_COLLECTOR, new AttributeCollector());
 
         instance = new STORKProtocol();
     }
-- 
cgit v1.2.3


From 4c2406224be2df8b09050178630cdcff979c5ebf Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Mon, 24 Feb 2014 11:42:44 +0100
Subject: introduced attributeproviderfactory

---
 .../id/configuration/data/oa/OASTORKConfig.java    |  7 +--
 .../moa/id/config/auth/OAAuthParameter.java        |  6 ++-
 .../id/protocols/stork2/AttributeCollector.java    | 33 ++++++-------
 .../protocols/stork2/AttributeProviderFactory.java | 57 ++++++++++++++++++++++
 .../stork2/DemoNoRedirectAttributeProvider.java    |  6 ++-
 .../stork2/DemoRedirectAttributeProvider.java      |  9 ++--
 .../stork2/StorkAttributeRequestProvider.java      |  9 ++++
 .../resources/properties/id_messages_de.properties |  1 +
 8 files changed, 98 insertions(+), 30 deletions(-)
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
index 72fc6e3a1..430bafbf5 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
@@ -24,7 +24,6 @@ package at.gv.egovernment.moa.id.configuration.data.oa;
 
 import java.util.ArrayList;
 import java.util.List;
-
 import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
 import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin;
 import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
@@ -32,6 +31,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.OASTORK;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
 import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
+import at.gv.egovernment.moa.id.protocols.stork2.AttributeProviderFactory;
 
 public class OASTORKConfig {
 
@@ -146,10 +146,7 @@ public class OASTORKConfig {
 	private List<AttributeProviderPlugin> attributeProviderPlugins;
 
 	public List<String> getAvailableAttributeProviderPlugins() {
-		List<String> result = new ArrayList<String>();
-		result.add(new AttributeProviderPlugin().getPlugin().getSimpleName());
-		
-		return result;
+		return AttributeProviderFactory.getAvailablePlugins();
 	}
 	
 	public List<AttributeProviderPlugin> getAttributeProviderPlugins() {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
index 7a38e2afd..c3943d816 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
@@ -51,6 +51,7 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
+import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin;
 import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
 import at.gv.egovernment.moa.id.commons.db.dao.config.BKUSelectionCustomizationType;
 import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS;
@@ -66,6 +67,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;
 import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
 import at.gv.egovernment.moa.id.config.ConfigurationUtils;
 import at.gv.egovernment.moa.id.config.OAParameter;
+import at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider;
 import at.gv.egovernment.moa.id.util.FormBuildUtils;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
@@ -342,7 +344,9 @@ public List<OAStorkAttribute> getRequestedAttributes() {
 	return oa_auth.getOASTORK().getOAAttributes();
 }
 
-
+public List<AttributeProviderPlugin> getStorkAPs() {
+	return oa_auth.getOASTORK().getAttributeProviders();
+}
   
     
   
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 8ccaa35de..32a8cb9c5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -4,8 +4,11 @@ import java.util.ArrayList;
 import java.util.List;
 
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.storage.AssertionStorage;
@@ -33,32 +36,24 @@ public class AttributeCollector implements IAction {
 	/** The Constant ARTIFACT_ID. */
 	private static final String ARTIFACT_ID = "artifactId";
 	
-	private ArrayList<AttributeProvider> attributeProviders;
-
 	/** The return url. */
 	// TODO find correct return URL
 	// HTTPUtils.getBaseURL(req);
 	private String returnUrl = "findCorrectReturnURL";
 
-	public AttributeCollector() {
-		// TODO generate from config
-		attributeProviders = new ArrayList<AttributeProvider>();
-		attributeProviders.add(new StorkAttributeRequestProvider());
-		attributeProviders.add(new DemoRedirectAttributeProvider());
-		attributeProviders.add(new DemoNoRedirectAttributeProvider());
-	}
-
-
     /* (non-Javadoc)
      * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.auth.data.AuthenticationSession)
      */
     public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {
-    	// check if we have a STORKAttributeResponse in the request
-    	// - no, how did we get here?
-    	// yes, we got a recent requested attribute
-    	// - find the attribute provider plugin that can handle the response
+
+		// read configuration parameters of OA
+		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
+		if (oaParam == null)
+			throw new AuthenticationException("stork.12", new Object[] { moasession.getPublicOAURLPrefix() });
+
+    	// find the attribute provider plugin that can handle the response
 		IPersonalAttributeList newAttributes = null;
-		for (AttributeProvider current : attributeProviders)
+		for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs()))
 			try {
 				newAttributes = current.parse(httpReq);
 			} catch (UnsupportedAttributeException e1) {
@@ -89,7 +84,7 @@ public class AttributeCollector implements IAction {
 			container.getResponse().getPersonalAttributeList().add(current);
     	
     	// see if we need some more attributes
-    	return processRequest(container, httpReq, httpResp);
+    	return processRequest(container, httpReq, httpResp, oaParam);
     }
     
     /**
@@ -100,7 +95,7 @@ public class AttributeCollector implements IAction {
      * @return the string
      * @throws MOAIDException 
      */
-    public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response) throws MOAIDException {
+    public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, OAAuthParameter oaParam) throws MOAIDException {
     	// check if there are attributes we need to fetch
     	IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList();
     	IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList();
@@ -113,7 +108,7 @@ public class AttributeCollector implements IAction {
 	    	// for each attribute still missing
 	    	for(PersonalAttribute currentAttribute : missingAttributes) {
 	    	// - check if we can find a suitable AttributeProvider Plugin
-	    		for(AttributeProvider currentProvider : attributeProviders) {
+				for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) {
 					try {
 						// - hand over control to the suitable plugin
 						IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
new file mode 100644
index 000000000..98d354e8a
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
@@ -0,0 +1,57 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin;
+
+/**
+ * A factory for creating AttributeProvider objects.
+ */
+public class AttributeProviderFactory {
+
+	/**
+	 * Gets the available plugins.
+	 * 
+	 * @return the available plugins
+	 */
+	public static List<String> getAvailablePlugins() {
+		List<String> result = new ArrayList<String>();
+		result.add("StorkAttributeRequestProvider");
+
+		return result;
+	}
+
+	/**
+	 * Creates an AttributeProvider object for the given shortname. Returns
+	 * {@code null} if there is no such provider available.
+	 * 
+	 * @param shortname
+	 *            the simpleName for the providers class
+	 * @return the attribute provider
+	 */
+	public static AttributeProvider create(String shortname, String url) {
+		switch (shortname) {
+		case "StorkAttributeRequestProvider":
+			return new StorkAttributeRequestProvider(url);
+		default:
+			return null;
+		}
+	}
+
+	/**
+	 * Gets fresh instances of the configured plugins.
+	 *
+	 * @param configuredAPs the configured a ps
+	 * @return the configured plugins
+	 */
+	public static List<AttributeProvider> getConfiguredPlugins(
+			List<AttributeProviderPlugin> configuredAPs) {
+		
+		List<AttributeProvider> result = new ArrayList<AttributeProvider>();
+		for(AttributeProviderPlugin current : configuredAPs)
+			result.add(create(current.getName(), current.getUrl()));
+		
+		return result;
+	}
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
index a38cfed96..52ff0a85a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
@@ -34,8 +34,12 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider {
 		return null;
 	}
 
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+	 */
 	@Override
-	public void performRedirect(String url, HttpServletResponse response) {
+	public void performRedirect(String url, String citizenCountyCode,
+			HttpServletRequest req, HttpServletResponse resp) {
 		// we should not get here
 	}
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
index a9e2cf358..6dc0a30cc 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
@@ -34,12 +34,13 @@ public class DemoRedirectAttributeProvider implements AttributeProvider {
 	}
 
 	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String)
+	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
 	 */
 	@Override
-	public void performRedirect(String url, HttpServletResponse response) {
-		// TODO Auto-generated method stub
-		
+	public void performRedirect(String url, String citizenCountyCode,
+			HttpServletRequest req, HttpServletResponse resp) {
+		// we should not get here
+
 	}
 
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
index 90b1a0180..dd34d0d42 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
@@ -38,6 +38,15 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 	
 	/** The destination. */
 	private String destination;
+	
+	/**
+	 * Instantiates a new stork attribute request provider.
+	 *
+	 * @param apUrl the AP location
+	 */
+	public StorkAttributeRequestProvider(String apUrl) {
+		destination = apUrl;
+	}
 
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String)
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
index d6995a98e..e5fdb5ca7 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
@@ -203,6 +203,7 @@ stork.08=STORK SAML Assertion Validierung fehlgeschlagen
 stork.09=Fehler beim \u00FCberpr\u00FCfen der STORK B\u00FCrgerInnen Signatur
 stork.10=Fehler in der Verbindung zum SZR-Gateway
 stork.11=Fehler beim Sammeln von StorkAttributen
+stork.12=Konnte keine VIDP Konfiguration finden
 
 pvp2.00={0} ist kein gueltiger consumer service index
 pvp2.01=Fehler beim kodieren der PVP2 Antwort
-- 
cgit v1.2.3


From e352ed4ac809c333ebbba3421f8cb1857850535b Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Mon, 24 Feb 2014 19:18:30 +0100
Subject: correcting certstore directory configyration

---
 .../id/iaik/config/CertStoreConfigurationImpl.java | 188 ++++++++++++---------
 .../id/protocols/stork2/MOAAttributeProvider.java  |   1 +
 2 files changed, 106 insertions(+), 83 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/iaik/config/CertStoreConfigurationImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/iaik/config/CertStoreConfigurationImpl.java
index 65634bed3..b6fe20a61 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/iaik/config/CertStoreConfigurationImpl.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/iaik/config/CertStoreConfigurationImpl.java
@@ -2,19 +2,19 @@
  * Copyright 2014 Federal Chancellery Austria
  * MOA-ID has been developed in a cooperation between BRZ, the Federal
  * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- * 
+ *
  * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
  * the European Commission - subsequent versions of the EUPL (the "Licence");
  * You may not use this work except in compliance with the Licence.
  * You may obtain a copy of the Licence at:
  * http://www.osor.eu/eupl/
- * 
+ *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the Licence is distributed on an "AS IS" basis,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the Licence for the specific language governing permissions and
  * limitations under the Licence.
- * 
+ *
  * This product combines work with different licenses. See the "NOTICE" text
  * file for details on the various modules and licenses.
  * The "NOTICE" text file is part of the distribution. Any derivative works
@@ -46,98 +46,120 @@
 
 package at.gv.egovernment.moa.id.iaik.config;
 
-import java.io.File;
-
 import at.gv.egovernment.moa.id.config.ConfigurationException;
 import at.gv.egovernment.moa.id.config.ConfigurationProvider;
 import at.gv.egovernment.moa.id.iaik.servertools.observer.ObservableImpl;
-import at.gv.egovernment.moa.util.FileUtils;
+import at.gv.egovernment.moa.logging.Logger;
 import iaik.pki.store.certstore.CertStoreConfiguration;
 import iaik.pki.store.certstore.CertStoreParameters;
 import iaik.pki.store.certstore.CertStoreTypes;
 import iaik.pki.store.certstore.directory.DirectoryCertStoreParameters;
 
+import java.io.File;
+
 /**
  * Implementation of interface needed to initialize an IAIK JSSE <code>TrustManager</code>
+ *
  * @author Paul Ivancsics
  * @version $Id$
  */
-public class CertStoreConfigurationImpl extends ObservableImpl 
-  implements CertStoreConfiguration, DirectoryCertStoreParameters {
-  /** identifies the rootDirectory */
-  private String rootDirectory;
-  /** ConfigurationProvider */
-  private ConfigurationProvider conf;
-  /** Array for storing all CertStoreParameters */
-  private CertStoreParameters[] parameters;
-
-  /**
-   * Create a new <code>CertStoreConfigurationImpl</code>.
-   * 
-   * @param conf The MOA configuration from which the configuration data is
-   * @throws ConfigurationException an any config-error
-   * being read.
-   */
-  public CertStoreConfigurationImpl(ConfigurationProvider conf) throws ConfigurationException {
-    this.conf=conf;
-    
-    String certStoreRootDirParam = conf.getCertstoreDirectory();
-    
-    if (certStoreRootDirParam == null)
-      throw new ConfigurationException(
-        "config.08", new Object[] {"CertStoreDirectory"});
-
-		rootDirectory = FileUtils.makeAbsoluteURL(certStoreRootDirParam, conf.getRootConfigFileDir());
-		if(rootDirectory.startsWith("file:")) rootDirectory = rootDirectory.substring(6);
-		File f = new File(rootDirectory);
-				if (!f.isDirectory())
-					throw new ConfigurationException(
-						"config.05", new Object[] {"CertStoreDirectory"});
-    
-    parameters = new CertStoreParameters[] { this };
-  }
-
-  /**
-   * @see iaik.pki.store.certstore.CertStoreConfiguration#getParameters()
-   */
-  public CertStoreParameters[] getParameters() {
-    return parameters;
-  }
-
-  /**
-   * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#getRootDirectory()
-   */
-  public String getRootDirectory() {
-    return rootDirectory;
-  }
-
-  /**
-   * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#createNew()
-   */
-  public boolean createNew() {
-    return false;
-  }
-
-  /**
-   * @see iaik.pki.store.certstore.CertStoreParameters#getId()
-   */
-  public String getId() {
-    return "MOA ID Directory CertStore";
-  }
-
-  /**
-   * @see iaik.pki.store.certstore.CertStoreParameters#isReadOnly()
-   */
-  public boolean isReadOnly() {
-    return false;
-  }
-
-  /**
-   * @return <code>CertStoreTypes.DIRECTORY</code>
-   * @see iaik.pki.store.certstore.CertStoreParameters#getType()
-   */
-  public String getType() {
-    return CertStoreTypes.DIRECTORY;
-  }
+public class CertStoreConfigurationImpl extends ObservableImpl
+        implements CertStoreConfiguration, DirectoryCertStoreParameters {
+    /**
+     * identifies the rootDirectory
+     */
+    private String rootDirectory;
+    /**
+     * ConfigurationProvider
+     */
+    private ConfigurationProvider conf;
+    /**
+     * Array for storing all CertStoreParameters
+     */
+    private CertStoreParameters[] parameters;
+
+    /**
+     * Create a new <code>CertStoreConfigurationImpl</code>.
+     *
+     * @param conf The MOA configuration from which the configuration data is
+     * @throws ConfigurationException an any config-error
+     *                                being read.
+     */
+    public CertStoreConfigurationImpl(ConfigurationProvider conf) throws ConfigurationException {
+        this.conf = conf;
+
+        String certStoreRootDirParam = conf.getCertstoreDirectory();
+
+        if (certStoreRootDirParam == null)
+            throw new ConfigurationException(
+                    "config.08", new Object[]{"CertStoreDirectory"});
+
+        //rootDirectory = FileUtils.makeAbsoluteURL(certStoreRootDirParam, conf.getRootConfigFileDir());
+        rootDirectory = certStoreRootDirParam;
+        Logger.error("Using file: " + rootDirectory);
+        if (rootDirectory.startsWith("file:")) rootDirectory = rootDirectory.substring(5);
+        Logger.error("Using file2: " + rootDirectory);
+
+        File f = new File(rootDirectory);
+        //Logger.error("Using file: " + certStoreRootDirParam + " param: " + conf.getRootConfigFileDir());
+
+        if (!f.exists()) {
+            Logger.error("File does not exists: " + f.getAbsolutePath());
+            throw new ConfigurationException(
+                    "config.05", new Object[]{"CertStoreDirectory"});
+        }
+
+        if (!f.isDirectory()) {
+            Logger.error("File is not a directory: " + f.getAbsolutePath());
+            throw new ConfigurationException(
+                    "config.05", new Object[]{"CertStoreDirectory"});
+        }
+
+
+        parameters = new CertStoreParameters[]{this};
+    }
+
+    /**
+     * @see iaik.pki.store.certstore.CertStoreConfiguration#getParameters()
+     */
+    public CertStoreParameters[] getParameters() {
+        return parameters;
+    }
+
+    /**
+     * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#getRootDirectory()
+     */
+    public String getRootDirectory() {
+        return rootDirectory;
+    }
+
+    /**
+     * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#createNew()
+     */
+    public boolean createNew() {
+        return false;
+    }
+
+    /**
+     * @see iaik.pki.store.certstore.CertStoreParameters#getId()
+     */
+    public String getId() {
+        return "MOA ID Directory CertStore";
+    }
+
+    /**
+     * @see iaik.pki.store.certstore.CertStoreParameters#isReadOnly()
+     */
+    public boolean isReadOnly() {
+        return false;
+    }
+
+    /**
+     * @return <code>CertStoreTypes.DIRECTORY</code>
+     * @see iaik.pki.store.certstore.CertStoreParameters#getType()
+     */
+    public String getType() {
+        return CertStoreTypes.DIRECTORY;
+    }
 
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
index cde902e4d..414e383fa 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
@@ -74,6 +74,7 @@ public class MOAAttributeProvider {
             String attributeValue = method.invoke(object, new Class[]{}).toString();
             PersonalAttribute newAttribute = new PersonalAttribute();
             newAttribute.setName(storkAttribute);
+
             newAttribute.setStatus("Available");
             newAttribute.setIsRequired(isRequired);
             Logger.debug("Got attribute value: " + attributeValue);
-- 
cgit v1.2.3


From a48a02cf22ae3c021fd81d0d8050018bb535218e Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Mon, 24 Feb 2014 15:58:43 +0100
Subject: oaparams available in applugins

---
 .../moa/id/protocols/stork2/AttributeCollector.java            |  2 +-
 .../egovernment/moa/id/protocols/stork2/AttributeProvider.java |  5 ++++-
 .../id/protocols/stork2/DemoNoRedirectAttributeProvider.java   |  4 +++-
 .../moa/id/protocols/stork2/DemoRedirectAttributeProvider.java |  4 +++-
 .../moa/id/protocols/stork2/StorkAttributeRequestProvider.java | 10 ++--------
 5 files changed, 13 insertions(+), 12 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 32a8cb9c5..c1a61904d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -134,7 +134,7 @@ public class AttributeCollector implements IAction {
 				AssertionStorage.getInstance().put(newArtifactId, container);
 
 				// add container-key to redirect embedded within the return URL
-				e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response);
+				e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam);
 			} catch (Exception e1) {
 				// TODO should we return the response as is to the PEPS?
 				Logger.error("Error putting incomplete Stork response into temporary storage", e);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
index 117a1f6b4..adf57d77b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
@@ -4,6 +4,7 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.PersonalAttribute;
@@ -33,8 +34,10 @@ public interface AttributeProvider {
 	 * @param citizenCountyCode the citizen county code
 	 * @param req the request we got from the S-PEPS and for which we have to ask our APs
 	 * @param resp the response to the preceding request
+	 * @param oaParam the oa param
+	 * @throws MOAIDException 
 	 */
-	public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp);
+	public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException;
 	
 	/**
 	 * Parses the response we got from the external attribute provider.
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
index 52ff0a85a..e6f340c77 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
@@ -5,6 +5,8 @@ import java.util.ArrayList;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.PersonalAttribute;
 import eu.stork.peps.auth.commons.PersonalAttributeList;
@@ -39,7 +41,7 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider {
 	 */
 	@Override
 	public void performRedirect(String url, String citizenCountyCode,
-			HttpServletRequest req, HttpServletResponse resp) {
+			HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) {
 		// we should not get here
 	}
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
index 6dc0a30cc..5d4336149 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
@@ -5,6 +5,8 @@ import java.util.ArrayList;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.PersonalAttribute;
 import eu.stork.peps.auth.commons.PersonalAttributeList;
@@ -38,7 +40,7 @@ public class DemoRedirectAttributeProvider implements AttributeProvider {
 	 */
 	@Override
 	public void performRedirect(String url, String citizenCountyCode,
-			HttpServletRequest req, HttpServletResponse resp) {
+			HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) {
 		// we should not get here
 
 	}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
index dd34d0d42..3c689cac9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
@@ -1,8 +1,6 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
 import java.io.StringWriter;
-import java.util.ArrayList;
-
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
@@ -12,7 +10,6 @@ import org.apache.velocity.app.VelocityEngine;
 
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
-import at.gv.egovernment.moa.id.config.OAParameter;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.util.HTTPUtils;
 import at.gv.egovernment.moa.logging.Logger;
@@ -24,8 +21,6 @@ import eu.stork.peps.auth.commons.PersonalAttribute;
 import eu.stork.peps.auth.commons.PersonalAttributeList;
 import eu.stork.peps.auth.commons.STORKAttrQueryRequest;
 import eu.stork.peps.auth.commons.STORKAttrQueryResponse;
-import eu.stork.peps.auth.commons.STORKAuthnRequest;
-import eu.stork.peps.auth.commons.STORKAuthnResponse;
 import eu.stork.peps.auth.engine.STORKSAMLEngine;
 import eu.stork.peps.exceptions.STORKSAMLEngineException;
 
@@ -96,10 +91,9 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String)
 	 */
 	@Override
-	public void performRedirect(String url, String citizenCountryCode, HttpServletRequest req, HttpServletResponse resp) {
-		OAAuthParameter oaParam;
+	public void performRedirect(String url, String citizenCountryCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException {
 		
-    	String spSector = StringUtils.isEmpty(moasession.getTarget()) ? "Business" : moasession.getTarget();
+    	String spSector = "Business";
     	String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName();
     	String spApplication = spInstitution;
     	String spCountry = "AT";
-- 
cgit v1.2.3


From 5ae5bb1ca7ffda1d4c3f864625c569e6b4b8d6de Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Tue, 25 Feb 2014 09:14:17 +0100
Subject: fixed merge issues

---
 .../main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java | 1 +
 .../main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java    | 2 --
 2 files changed, 1 insertion(+), 2 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
index 881d3bb2a..d1de20c4d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
@@ -352,6 +352,7 @@ public List<OAStorkAttribute> getRequestedAttributes() {
 
 public List<AttributeProviderPlugin> getStorkAPs() {
 	return oa_auth.getOASTORK().getAttributeProviders();
+}
 
 public byte[] getBKUSelectionTemplate() {
 	
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
index ab106e3c0..d655dc7f2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
@@ -106,8 +106,6 @@ public class STORKConfig {
 
 	}
 
-    }
-
 	public SignatureCreationParameter getSignatureCreationParameter() {
 
 		return new SignatureCreationParameter(props, basedirectory);
-- 
cgit v1.2.3


From 3640475187ba8f2bfd4b72b2e6b7fa105432f889 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Tue, 25 Feb 2014 09:20:42 +0100
Subject: reentry url is set

---
 .../gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index c1a61904d..937f6da74 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -36,11 +36,6 @@ public class AttributeCollector implements IAction {
 	/** The Constant ARTIFACT_ID. */
 	private static final String ARTIFACT_ID = "artifactId";
 	
-	/** The return url. */
-	// TODO find correct return URL
-	// HTTPUtils.getBaseURL(req);
-	private String returnUrl = "findCorrectReturnURL";
-
     /* (non-Javadoc)
      * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.auth.data.AuthenticationSession)
      */
@@ -134,7 +129,7 @@ public class AttributeCollector implements IAction {
 				AssertionStorage.getInstance().put(newArtifactId, container);
 
 				// add container-key to redirect embedded within the return URL
-				e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam);
+				e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam);
 			} catch (Exception e1) {
 				// TODO should we return the response as is to the PEPS?
 				Logger.error("Error putting incomplete Stork response into temporary storage", e);
-- 
cgit v1.2.3


From 26404cedff0e60969c98d7a7cab30f8e7eda9ea6 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Tue, 25 Feb 2014 16:55:24 +0100
Subject: attr nothing

---
 id/oa/moa-id-oa.iml                                |  4 +--
 .../id/protocols/stork2/AttributeCollector.java    | 38 +++++++++++++++++++++-
 id/templates/moa-id-templates.iml                  |  4 +--
 3 files changed, 41 insertions(+), 5 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/oa/moa-id-oa.iml b/id/oa/moa-id-oa.iml
index 0b7bf00de..6d9905e25 100644
--- a/id/oa/moa-id-oa.iml
+++ b/id/oa/moa-id-oa.iml
@@ -13,8 +13,8 @@
     </facet>
   </component>
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/target/classes" />
-    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+    <output url="file://$MODULE_DIR$/../target/classes" />
+    <output-test url="file://$MODULE_DIR$/../target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
       <sourceFolder url="file://$MODULE_DIR$/src/main/resources" type="java-resource" />
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 937f6da74..08244ab38 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -123,7 +123,43 @@ public class AttributeCollector implements IAction {
 				// memorize the container again
 				// - generate new key
 				String newArtifactId = new SecureRandomIdentifierGenerator()
-						.generateIdentifier();
+						.generateIdentifier();                                       /*
+            Logger.debug("STORK QAA 2 :" + ((STORKAuthnRequestDEL) req).getStorkAuthnRequest().getQAALevel());
+            StartAuthResponse startAuthResponse = getStartAuthResponse(((STORKAuthnRequestDEL) req).getStorkAuthnRequest());
+
+            HttpSession httpSession = httpReq.getSession();
+            httpSession.setAttribute("STORKSessionID", "12345");
+            httpResp.setStatus(startAuthResponse.getHttpStatusCode());
+            try {
+                ServletOutputStream os = httpResp.getOutputStream();
+                String html = new String(startAuthResponse.getContent());
+
+
+                if (html.contains("<![CDATA[")) {
+                    Logger.info("-------- content contains <![CDATA[-----------------");
+                    Logger.info("-------- content contains html -----------------");
+                    Logger.info("HTML : " + html);
+                    int beginIndex = html.indexOf("<![CDATA[");
+                    int endIndex = html.indexOf("]]>");
+                    html = html.substring(beginIndex + 9, endIndex);
+                    startAuthResponse.setContent(html.getBytes());
+                }
+                Logger.info("HTML : " + html);
+
+                os.write(startAuthResponse.getContent());
+                Logger.info("Response sent to client");
+            } catch (IOException e) {
+                Logger.error("ERROR MOA");
+                throw new MOAIDException("error response sending", new Object[]{});
+            }
+            //httpSession.setAttribute("CCC", ccc);
+
+          */
+        }
+
+
+        //httpResp.setStatus(200);
+        //VPEPSInboundPostHandler
 
 				// - put container in temporary store.
 				AssertionStorage.getInstance().put(newArtifactId, container);
diff --git a/id/templates/moa-id-templates.iml b/id/templates/moa-id-templates.iml
index 3b8b05541..0ecf962d0 100644
--- a/id/templates/moa-id-templates.iml
+++ b/id/templates/moa-id-templates.iml
@@ -13,8 +13,8 @@
     </facet>
   </component>
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/target/classes" />
-    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+    <output url="file://$MODULE_DIR$/../target/classes" />
+    <output-test url="file://$MODULE_DIR$/../target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <excludeFolder url="file://$MODULE_DIR$/target" />
     </content>
-- 
cgit v1.2.3


From f51b28c24ac466b5e25d3047975beac8f14d2c15 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Tue, 25 Feb 2014 20:34:44 +0100
Subject: attrcollector

---
 .../id/configuration/data/oa/OASTORKConfig.java    |  2 +-
 .../id/protocols/stork2/AttributeCollector.java    | 13 +-------
 .../protocols/stork2/AttributeProviderFactory.java | 17 ++++++----
 .../id/protocols/stork2/AuthenticationRequest.java | 38 ++++++++++++++--------
 4 files changed, 38 insertions(+), 32 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
index 9f1e9cfd8..5fdbe1f77 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
@@ -92,7 +92,7 @@ public class OASTORKConfig {
 				// Sorry.
 				if (attributeProviderPlugins.isEmpty())
 					attributeProviderPlugins.add(new AttributeProviderPlugin());
-				}  } catch (NullPointerException ex) {
+				} catch (NullPointerException ex) {
                     Logger.error("Nullpointerexception encountered in Configurationinterface");
                 }
 			}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 08244ab38..cc0f8569e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -155,18 +155,7 @@ public class AttributeCollector implements IAction {
             //httpSession.setAttribute("CCC", ccc);
 
           */
-        }
-
-
-        //httpResp.setStatus(200);
-        //VPEPSInboundPostHandler
-
-				// - put container in temporary store.
-				AssertionStorage.getInstance().put(newArtifactId, container);
-
-				// add container-key to redirect embedded within the return URL
-				e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam);
-			} catch (Exception e1) {
+        }  catch (Exception e1) {
 				// TODO should we return the response as is to the PEPS?
 				Logger.error("Error putting incomplete Stork response into temporary storage", e);
 				throw new MOAIDException("stork.11", null);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
index 98d354e8a..9a4c1f59b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
@@ -31,12 +31,17 @@ public class AttributeProviderFactory {
 	 * @return the attribute provider
 	 */
 	public static AttributeProvider create(String shortname, String url) {
-		switch (shortname) {
-		case "StorkAttributeRequestProvider":
-			return new StorkAttributeRequestProvider(url);
-		default:
-			return null;
-		}
+		//switch (shortname) {
+		//case "StorkAttributeRequestProvider":
+		//	return new StorkAttributeRequestProvider(url);
+		//default:
+		//	return null;
+		//}
+        if (shortname.equals("StorkAttributeRequestProvider"))  {
+            return new StorkAttributeRequestProvider(url);
+        }       else {
+            return null;
+        }
 	}
 
 	/**
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index d742d72ef..6ef85d7ae 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -1,8 +1,11 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.storage.AssertionStorage;
@@ -22,10 +25,7 @@ import javax.servlet.ServletOutputStream;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStreamWriter;
-import java.io.Writer;
+import java.io.*;
 import java.util.HashMap;
 import eu.stork.peps.auth.engine.SAMLEngine;
 
@@ -94,6 +94,13 @@ public class AuthenticationRequest implements IAction {
           */
         }
 
+        STORKAuthnResponse authnResponse = new STORKAuthnResponse();
+        authnResponse.setCountry("AT");
+
+        OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
+        if (oaParam == null)
+            throw new AuthenticationException("stork.12", new Object[] { moasession.getPublicOAURLPrefix() });
+
 
         //httpResp.setStatus(200);
         //VPEPSInboundPostHandler
@@ -102,20 +109,23 @@ public class AuthenticationRequest implements IAction {
         DataContainer container = new DataContainer();
         
         // - fill in the request we extracted above
-        container.setRequest(request);
+        container.setRequest(((MOASTORKAuthnRequest) req).getStorkAuthnRequest());
         
         // - fill in the partial response created above
-        container.setResponse(response);
+        container.setResponse(authnResponse);
         
         // - memorize the target url were we have to return the result
-        container.setTarget(target);
-        
+        container.setTarget(((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL());
+
+
+
+
+        if (1==1) // test
         // see if we need to fetch further attributes
-        return (new AttributeCollector()).processRequest(container);
+        return (new AttributeCollector()).processRequest(container, httpReq, httpResp, oaParam);
+
 
 
-        STORKAuthnResponse authnResponse = new STORKAuthnResponse();
-        authnResponse.setCountry("AT");
 
 
 
@@ -163,13 +173,15 @@ public class AuthenticationRequest implements IAction {
 
         try {
             Logger.debug("authn saml plain:" + authnResponse.getTokenSaml());
-            Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); // radi
+            Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); // works
             Logger.debug("authn saml encodedx: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes())));
 
         } catch (IOException e) {
             e.printStackTrace();
         }
 
+        // preparing redirection for the client
+
         try {
             VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
             Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html");
@@ -266,7 +278,7 @@ public class AuthenticationRequest implements IAction {
 
     //    moaAttributeProvider.populateAttribute(attributeList, "dateOfBirth");
 
-        return authResponse;
+        return attributeList;
     }
 
     public String getDefaultActionName() {
-- 
cgit v1.2.3


From 1aa6fd1a5b007a9c234e096e6d145cb0235cfd70 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Wed, 26 Feb 2014 09:34:59 +0100
Subject: init eHvd AP Plugin

---
 .../protocols/stork2/AttributeProviderFactory.java |  8 ++--
 .../stork2/EHvdAttributeProviderPlugin.java        | 50 ++++++++++++++++++++++
 2 files changed, 55 insertions(+), 3 deletions(-)
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
index 98d354e8a..23edf69f9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
@@ -18,6 +18,7 @@ public class AttributeProviderFactory {
 	public static List<String> getAvailablePlugins() {
 		List<String> result = new ArrayList<String>();
 		result.add("StorkAttributeRequestProvider");
+		result.add("EHvdAttributeProvider");
 
 		return result;
 	}
@@ -31,10 +32,11 @@ public class AttributeProviderFactory {
 	 * @return the attribute provider
 	 */
 	public static AttributeProvider create(String shortname, String url) {
-		switch (shortname) {
-		case "StorkAttributeRequestProvider":
+        	if (shortname.equals("StorkAttributeRequestProvider"))  {
 			return new StorkAttributeRequestProvider(url);
-		default:
+		} else if(shortname.equals("EHvdAttributeProvider")) {
+			return new EHvdAttributeProviderPlugin(url);
+		}       else {
 			return null;
 		}
 	}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
new file mode 100644
index 000000000..8783026c2
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
@@ -0,0 +1,50 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+
+/**
+ * Fetches the attribute IsHealthcareProfessional from the BAGDAD SOAP service
+ */
+public class EHvdAttributeProviderPlugin implements AttributeProvider {
+	
+	public EHvdAttributeProviderPlugin(String url) {
+		// TODO Auto-generated constructor stub
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(eu.stork.peps.auth.commons.PersonalAttribute)
+	 */
+	@Override
+	public IPersonalAttributeList acquire(PersonalAttribute attributes)
+			throws UnsupportedAttributeException,
+			ExternalAttributeRequestRequiredException {
+		// TODO Auto-generated method stub
+		return null;
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.config.auth.OAAuthParameter)
+	 */
+	@Override
+	public void performRedirect(String url, String citizenCountyCode,
+			HttpServletRequest req, HttpServletResponse resp,
+			OAAuthParameter oaParam) throws MOAIDException {
+		// there is no redirect required
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest)
+	 */
+	@Override
+	public IPersonalAttributeList parse(HttpServletRequest httpReq)
+			throws UnsupportedAttributeException, MOAIDException {
+		// TODO Auto-generated method stub
+		return null;
+	}
+}
-- 
cgit v1.2.3


From 2b655368aa6bfb7a0250589a23b2ac328b25c5aa Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Wed, 26 Feb 2014 09:36:39 +0100
Subject: disable parse and redirect functionality of eHVD ap plugin

---
 .../moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java          | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
index 8783026c2..8813ec8dc 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
@@ -44,7 +44,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 	@Override
 	public IPersonalAttributeList parse(HttpServletRequest httpReq)
 			throws UnsupportedAttributeException, MOAIDException {
-		// TODO Auto-generated method stub
-		return null;
+		// there is no redirect required, so we throw an exception when someone asks us to parse a response
+		throw new UnsupportedAttributeException();
 	}
 }
-- 
cgit v1.2.3


From b7a64411283c5a5496383164ced201ef42eb3d63 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Wed, 26 Feb 2014 09:46:41 +0100
Subject: sketched communication process

---
 .../stork2/EHvdAttributeProviderPlugin.java        | 25 ++++++++++++++++++++--
 1 file changed, 23 insertions(+), 2 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
index 8813ec8dc..28f5b23a3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
@@ -7,6 +7,7 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
 
 /**
  * Fetches the attribute IsHealthcareProfessional from the BAGDAD SOAP service
@@ -24,8 +25,28 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 	public IPersonalAttributeList acquire(PersonalAttribute attributes)
 			throws UnsupportedAttributeException,
 			ExternalAttributeRequestRequiredException {
-		// TODO Auto-generated method stub
-		return null;
+		
+		try {
+			// create SOAP connection
+			
+			// assemble SOAP request
+			
+			// perform SOAP call
+			
+			// parse SOAP response
+			
+			// assemble attribute
+			PersonalAttribute acquiredAttribute = new PersonalAttribute();
+			
+			// pack and return the result
+			PersonalAttributeList result = new PersonalAttributeList();
+			result.add(acquiredAttribute);
+			
+			return result;
+		} catch (Exception e) {
+			// TODO in case of an error, we might want to inform someone somehow different than by just saying nothing
+			return null;
+		}
 	}
 
 	/* (non-Javadoc)
-- 
cgit v1.2.3


From 2f4f739506a1f054c0fbb3f28e97e1c13f798758 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Wed, 26 Feb 2014 10:02:16 +0100
Subject: report an attribute request that is not supported by eHVD AP plugin

---
 .../moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java          | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
index 28f5b23a3..7dc4b8ac1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
@@ -26,6 +26,10 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 			throws UnsupportedAttributeException,
 			ExternalAttributeRequestRequiredException {
 		
+		// break when we cannot handle the requested attribute
+		if(!attributes.getFriendlyName().equals("isHealthcareProfessional"))
+			throw new UnsupportedAttributeException();
+		
 		try {
 			// create SOAP connection
 			
-- 
cgit v1.2.3


From 001161aec7e42825c21fc969cac45f77da31fb86 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Wed, 26 Feb 2014 12:09:52 +0100
Subject: raise the SOAP request

---
 .../stork2/EHvdAttributeProviderPlugin.java        | 60 +++++++++++++++++++++-
 1 file changed, 58 insertions(+), 2 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
index 7dc4b8ac1..42652464b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
@@ -1,7 +1,22 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
+import java.util.ArrayList;
+
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.xml.namespace.QName;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.soap.MessageFactory;
+import javax.xml.soap.SOAPBody;
+import javax.xml.soap.SOAPConnection;
+import javax.xml.soap.SOAPConnectionFactory;
+import javax.xml.soap.SOAPElement;
+import javax.xml.soap.SOAPEnvelope;
+import javax.xml.soap.SOAPMessage;
+import javax.xml.soap.SOAPPart;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
 
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
@@ -14,8 +29,16 @@ import eu.stork.peps.auth.commons.PersonalAttributeList;
  */
 public class EHvdAttributeProviderPlugin implements AttributeProvider {
 	
+	/** The destination. */
+	private Object destination;
+
+	/**
+	 * Instantiates a new e hvd attribute provider plugin.
+	 *
+	 * @param url the service url
+	 */
 	public EHvdAttributeProviderPlugin(String url) {
-		// TODO Auto-generated constructor stub
+		destination = url;
 	}
 
 	/* (non-Javadoc)
@@ -27,15 +50,48 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 			ExternalAttributeRequestRequiredException {
 		
 		// break when we cannot handle the requested attribute
-		if(!attributes.getFriendlyName().equals("isHealthcareProfessional"))
+		if(!attributes.getFriendlyName().equals("isHCP"))
 			throw new UnsupportedAttributeException();
 		
 		try {
 			// create SOAP connection
+			SOAPConnection soapConnection = SOAPConnectionFactory.newInstance().createConnection();
 			
 			// assemble SOAP request
+            MessageFactory messageFactory = MessageFactory.newInstance();
+            SOAPMessage requestMessage = messageFactory.createMessage();
+            SOAPPart requestPart = requestMessage.getSOAPPart();
+            
+            // (soap 1.1 relevant part. could not find a solution to use soap 1.2 in time.
+            requestMessage.getMimeHeaders().setHeader("SOAPAction", "http://gesundheit.gv.at/BAGDAD/DataAccessService/IsHealthcareProfessional");
+            
+            /*
+            Construct SOAP Request Message:
+			<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
+			  <soap:Body>
+			    <IsHealthcareProfessional xmlns="http://gesundheit.gv.at/BAGDAD/DataAccessService">
+			      <bPK>string</bPK>
+			    </IsHealthcareProfessional>
+			  </soap:Body>
+			</soap:Envelope>
 			
+			see https://stork.ehealth.gv.at/GDAService.asmx?op=IsHealthcareProfessional
+             */
+
+            // SOAP Envelope
+            SOAPEnvelope envelope = requestPart.getEnvelope();
+
+            // SOAP Body
+            SOAPBody requestBody = envelope.getBody();
+            SOAPElement requestBodyElem = requestBody.addChildElement("IsHealthcareProfessional");
+            SOAPElement requestBodyElem1 = requestBodyElem.addChildElement("bPK");
+            // TODO fetch bpk_gh from somewhere
+            requestBodyElem1.addTextNode("bpk_gh");
+
+            requestMessage.saveChanges();
+            
 			// perform SOAP call
+            SOAPMessage responseMessage = soapConnection.call(requestMessage, destination);
 			
 			// parse SOAP response
 			
-- 
cgit v1.2.3


From 5dd5959e9ddd730452d0007fbf2c091d2c2506e1 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Wed, 26 Feb 2014 13:54:44 +0100
Subject: parse the SOAP response

---
 .../stork2/EHvdAttributeProviderPlugin.java        | 143 +++++++++++++++++----
 1 file changed, 117 insertions(+), 26 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
index 42652464b..fdf0806b8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
@@ -1,10 +1,13 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
+import java.io.StringWriter;
 import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import javax.xml.namespace.QName;
 import javax.xml.parsers.DocumentBuilderFactory;
 import javax.xml.soap.MessageFactory;
 import javax.xml.soap.SOAPBody;
@@ -14,6 +17,12 @@ import javax.xml.soap.SOAPElement;
 import javax.xml.soap.SOAPEnvelope;
 import javax.xml.soap.SOAPMessage;
 import javax.xml.soap.SOAPPart;
+import javax.xml.transform.Result;
+import javax.xml.transform.Source;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.transform.stream.StreamResult;
 
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
@@ -58,13 +67,13 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 			SOAPConnection soapConnection = SOAPConnectionFactory.newInstance().createConnection();
 			
 			// assemble SOAP request
-            MessageFactory messageFactory = MessageFactory.newInstance();
-            SOAPMessage requestMessage = messageFactory.createMessage();
-            SOAPPart requestPart = requestMessage.getSOAPPart();
-            
-            // (soap 1.1 relevant part. could not find a solution to use soap 1.2 in time.
-            requestMessage.getMimeHeaders().setHeader("SOAPAction", "http://gesundheit.gv.at/BAGDAD/DataAccessService/IsHealthcareProfessional");
-            
+			MessageFactory messageFactory = MessageFactory.newInstance();
+			SOAPMessage requestMessage = messageFactory.createMessage();
+			SOAPPart requestPart = requestMessage.getSOAPPart();
+
+			// (soap 1.1 relevant part. could not find a solution to use soap 1.2 in time.
+			requestMessage.getMimeHeaders().setHeader("SOAPAction", "http://gesundheit.gv.at/BAGDAD/DataAccessService/IsHealthcareProfessional");
+
             /*
             Construct SOAP Request Message:
 			<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
@@ -74,34 +83,116 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 			    </IsHealthcareProfessional>
 			  </soap:Body>
 			</soap:Envelope>
-			
+
 			see https://stork.ehealth.gv.at/GDAService.asmx?op=IsHealthcareProfessional
              */
 
-            // SOAP Envelope
-            SOAPEnvelope envelope = requestPart.getEnvelope();
+			// SOAP Envelope
+			SOAPEnvelope envelope = requestPart.getEnvelope();
+
+			// SOAP Body
+			SOAPBody requestBody = envelope.getBody();
+			SOAPElement requestBodyElem = requestBody.addChildElement("IsHealthcareProfessional");
+			SOAPElement requestBodyElem1 = requestBodyElem.addChildElement("bPK");
+			// TODO fetch bpk_gh from somewhere
+			requestBodyElem1.addTextNode("bpk_gh");
 
-            // SOAP Body
-            SOAPBody requestBody = envelope.getBody();
-            SOAPElement requestBodyElem = requestBody.addChildElement("IsHealthcareProfessional");
-            SOAPElement requestBodyElem1 = requestBodyElem.addChildElement("bPK");
-            // TODO fetch bpk_gh from somewhere
-            requestBodyElem1.addTextNode("bpk_gh");
+			requestMessage.saveChanges();
 
-            requestMessage.saveChanges();
-            
 			// perform SOAP call
-            SOAPMessage responseMessage = soapConnection.call(requestMessage, destination);
-			
+			SOAPMessage responseMessage = soapConnection.call(requestMessage, destination);
+
 			// parse SOAP response
-			
-			// assemble attribute
-			PersonalAttribute acquiredAttribute = new PersonalAttribute();
-			
+
+            /*
+			<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
+			  <soap:Body>
+			    <IsHealthcareProfessionalResponse xmlns="http://gesundheit.gv.at/BAGDAD/DataAccessService">
+			      <IsHealthcareProfessionalResult>
+			        <RequestOK>boolean</RequestOK>
+			        <Message>string</Message>
+			        <IsHealthcareProfessional>boolean</IsHealthcareProfessional>
+			        <NameOfOrganisation>string</NameOfOrganisation>
+			        <Type>string</Type>
+			        <Specialization>string</Specialization>
+			      </IsHealthcareProfessionalResult>
+			    </IsHealthcareProfessionalResponse>
+			  </soap:Body>
+			</soap:Envelope>
+
+			see https://stork.ehealth.gv.at/GDAService.asmx?op=IsHealthcareProfessional
+             */
+			SOAPBody responseBody = responseMessage.getSOAPBody();
+
+			// iterate through tree
+			SOAPElement responseElement = (SOAPElement) responseBody.getChildElements().next();
+			SOAPElement resultElement = (SOAPElement) responseElement.getChildElements().next();
+			SOAPElement tmp;
+
+			// collect all info in a map
+			Iterator it = resultElement.getChildElements();
+			Map<String, String> collection = new HashMap<String, String>();
+			while (it.hasNext()) {
+				SOAPElement current = (SOAPElement) it.next();
+
+				collection.put(current.getNodeName(), current.getTextContent());
+
+			}
+
+			// check if there is anything valid in the map
+			if (collection.isEmpty() || collection.size() != 6) {
+				// TODO report error
+			}
+
+			// - fetch request validity
+			if (collection.get("RequestOK").equals("false")) {
+				// TODO report error
+			}
+
+			PersonalAttribute acquiredAttribute = null;
+
+			if (collection.get("IsHealthcareProfessional").equals("false")) {
+				// the citizen is no HCP
+				acquiredAttribute = new PersonalAttribute("isHCP", false, new ArrayList<String>(), "NotAvailable");
+			} else {
+				// go on and parse the data
+
+				Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument();
+
+				Element orgname = doc.createElement("nameOfOrganisation");
+				orgname.appendChild(doc.createTextNode(collection.get("NameOfOrganization")));
+				doc.appendChild(orgname);
+
+				Element type = doc.createElement("HCP");
+				// TODO fix value mapping
+				if (collection.get("Type").equals("Medical Doctors"))
+					type.appendChild(doc.createTextNode("D"));
+				doc.appendChild(type);
+
+				Element specialization = doc.createElement("specialisation");
+				// TODO fix value mapping
+				specialization.appendChild(doc.createTextNode(collection.get("Specialization").substring(0, 2)));
+				doc.appendChild(specialization);
+
+				// get string from dom tree
+				Source source = new DOMSource(doc);
+				StringWriter out = new StringWriter();
+				Result result = new StreamResult(out);
+
+				TransformerFactory tFactory = TransformerFactory.newInstance();
+				Transformer transformer = tFactory.newTransformer();
+				transformer.transform(source, result);
+
+				ArrayList<String> value = new ArrayList<String>();
+				value.add(out.toString());
+
+				acquiredAttribute = new PersonalAttribute("isHCP", false, value, "Available");
+			}
+
 			// pack and return the result
 			PersonalAttributeList result = new PersonalAttributeList();
 			result.add(acquiredAttribute);
-			
+
 			return result;
 		} catch (Exception e) {
 			// TODO in case of an error, we might want to inform someone somehow different than by just saying nothing
-- 
cgit v1.2.3


From 02800dff9580924a9b912ca9f2ff56c9a40d2152 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Wed, 26 Feb 2014 14:06:36 +0100
Subject: error handling

---
 .../moa/id/protocols/stork2/AttributeCollector.java       |  3 +++
 .../moa/id/protocols/stork2/AttributeProvider.java        |  2 +-
 .../id/protocols/stork2/EHvdAttributeProviderPlugin.java  | 15 ++++++++-------
 .../resources/properties/id_messages_de.properties        |  1 +
 4 files changed, 13 insertions(+), 8 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 937f6da74..f36232eb9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -113,6 +113,9 @@ public class AttributeCollector implements IAction {
 							container.getResponse().getPersonalAttributeList().add(current);
 					} catch(UnsupportedAttributeException e) {
 						// ok, try the next attributeprovider
+					} catch(MOAIDException e) {
+						// the current plugin had an error. Try the next one.
+						// TODO we might want to add the non-fetchable attribute as "NotAvailable" to prevent an infinite loop
 					}
 	
 	    		}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
index adf57d77b..9e6cba923 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
@@ -25,7 +25,7 @@ public interface AttributeProvider {
 	 * @throws UnsupportedAttributeException the unsupported attribute exception
 	 * @throws ExternalAttributeRequestRequiredException an attribute request to an external service has to be done
 	 */
-	public IPersonalAttributeList acquire(PersonalAttribute attributes) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException;
+	public IPersonalAttributeList acquire(PersonalAttribute attributes) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException;
 
 	/**
 	 * Perform redirect.
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
index fdf0806b8..474dcb8fa 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
@@ -29,6 +29,7 @@ import org.w3c.dom.Element;
 
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.logging.Logger;
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.PersonalAttribute;
 import eu.stork.peps.auth.commons.PersonalAttributeList;
@@ -56,8 +57,8 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 	@Override
 	public IPersonalAttributeList acquire(PersonalAttribute attributes)
 			throws UnsupportedAttributeException,
-			ExternalAttributeRequestRequiredException {
-		
+			ExternalAttributeRequestRequiredException, MOAIDException {
+
 		// break when we cannot handle the requested attribute
 		if(!attributes.getFriendlyName().equals("isHCP"))
 			throw new UnsupportedAttributeException();
@@ -136,17 +137,18 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 				SOAPElement current = (SOAPElement) it.next();
 
 				collection.put(current.getNodeName(), current.getTextContent());
-
 			}
 
 			// check if there is anything valid in the map
 			if (collection.isEmpty() || collection.size() != 6) {
-				// TODO report error
+				Logger.warn("eHVD returned an unexpected count of values. Expected 6 got " + collection.size());
+				throw new IndexOutOfBoundsException("response attributes not like specified");
 			}
 
 			// - fetch request validity
 			if (collection.get("RequestOK").equals("false")) {
-				// TODO report error
+				Logger.warn("eHVD reported an invalid request. The error message is: " + collection.get("Message"));
+				throw new Exception("eHVD reported an invalid request");
 			}
 
 			PersonalAttribute acquiredAttribute = null;
@@ -195,8 +197,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 
 			return result;
 		} catch (Exception e) {
-			// TODO in case of an error, we might want to inform someone somehow different than by just saying nothing
-			return null;
+			throw new MOAIDException("stork.13", new Object[] { e });
 		}
 	}
 
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
index 0e252e981..4007eacdc 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
@@ -207,6 +207,7 @@ stork.09=Fehler beim \u00FCberpr\u00FCfen der STORK B\u00FCrgerInnen Signatur
 stork.10=Fehler in der Verbindung zum SZR-Gateway
 stork.11=Fehler beim Sammeln von StorkAttributen
 stork.12=Konnte keine VIDP Konfiguration finden
+stork.13=Fehler beim Sammeln eines Attributes in einem AttributProviderPlugin
 
 pvp2.00={0} ist kein gueltiger consumer service index
 pvp2.01=Fehler beim kodieren der PVP2 Antwort
-- 
cgit v1.2.3


From 03952b60036874105f8d5575ca2d06594e70c759 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Wed, 26 Feb 2014 15:05:27 +0100
Subject: use appropriate PK in eHVD AP plugin

---
 .../gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java | 6 +++---
 .../gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java  | 5 ++++-
 .../moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java   | 3 ++-
 .../moa/id/protocols/stork2/DemoRedirectAttributeProvider.java     | 3 ++-
 .../moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java       | 7 +++----
 .../moa/id/protocols/stork2/StorkAttributeRequestProvider.java     | 3 ++-
 6 files changed, 16 insertions(+), 11 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index f36232eb9..b7fa37757 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -79,7 +79,7 @@ public class AttributeCollector implements IAction {
 			container.getResponse().getPersonalAttributeList().add(current);
     	
     	// see if we need some more attributes
-    	return processRequest(container, httpReq, httpResp, oaParam);
+    	return processRequest(container, httpReq, httpResp, moasession, oaParam);
     }
     
     /**
@@ -90,7 +90,7 @@ public class AttributeCollector implements IAction {
      * @return the string
      * @throws MOAIDException 
      */
-    public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, OAAuthParameter oaParam) throws MOAIDException {
+    public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, AuthenticationSession moasession, OAAuthParameter oaParam) throws MOAIDException {
     	// check if there are attributes we need to fetch
     	IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList();
     	IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList();
@@ -106,7 +106,7 @@ public class AttributeCollector implements IAction {
 				for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) {
 					try {
 						// - hand over control to the suitable plugin
-						IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute);
+						IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute, moasession);
 
 						// - add the aquired attribute to the container
 						for(PersonalAttribute current : aquiredAttributes)
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
index 9e6cba923..59376fef6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
@@ -3,6 +3,7 @@ package at.gv.egovernment.moa.id.protocols.stork2;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 
@@ -21,11 +22,13 @@ public interface AttributeProvider {
 	 * the response.
 	 *
 	 * @param attributes the list of attributes to be acquired
+	 * @param moasession the moasession
 	 * @return the personal attribute
 	 * @throws UnsupportedAttributeException the unsupported attribute exception
 	 * @throws ExternalAttributeRequestRequiredException an attribute request to an external service has to be done
+	 * @throws MOAIDException the mOAID exception
 	 */
-	public IPersonalAttributeList acquire(PersonalAttribute attributes) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException;
+	public IPersonalAttributeList acquire(PersonalAttribute attributes, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException;
 
 	/**
 	 * Perform redirect.
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
index e6f340c77..669a9389b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
@@ -5,6 +5,7 @@ import java.util.ArrayList;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
@@ -20,7 +21,7 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider {
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String)
 	 */
 	@Override
-	public IPersonalAttributeList acquire(PersonalAttribute attributeName)
+	public IPersonalAttributeList acquire(PersonalAttribute attributeName, AuthenticationSession moasession)
 			throws UnsupportedAttributeException {
 		PersonalAttributeList requestedAttributes = new PersonalAttributeList(1);
 		requestedAttributes.add(new PersonalAttribute("sepp", true, new ArrayList<String>(), ""));
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
index 5d4336149..2f6b69075 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
@@ -5,6 +5,7 @@ import java.util.ArrayList;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
@@ -20,7 +21,7 @@ public class DemoRedirectAttributeProvider implements AttributeProvider {
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String)
 	 */
 	@Override
-	public IPersonalAttributeList acquire(PersonalAttribute attributeName)
+	public IPersonalAttributeList acquire(PersonalAttribute attributeName, AuthenticationSession moasession)
 			throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException {
 		throw new ExternalAttributeRequestRequiredException(this);
 	}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
index 474dcb8fa..8b96e0d10 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
@@ -27,6 +27,7 @@ import javax.xml.transform.stream.StreamResult;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.logging.Logger;
@@ -55,7 +56,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(eu.stork.peps.auth.commons.PersonalAttribute)
 	 */
 	@Override
-	public IPersonalAttributeList acquire(PersonalAttribute attributes)
+	public IPersonalAttributeList acquire(PersonalAttribute attributes, AuthenticationSession moasession)
 			throws UnsupportedAttributeException,
 			ExternalAttributeRequestRequiredException, MOAIDException {
 
@@ -95,8 +96,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 			SOAPBody requestBody = envelope.getBody();
 			SOAPElement requestBodyElem = requestBody.addChildElement("IsHealthcareProfessional");
 			SOAPElement requestBodyElem1 = requestBodyElem.addChildElement("bPK");
-			// TODO fetch bpk_gh from somewhere
-			requestBodyElem1.addTextNode("bpk_gh");
+			requestBodyElem1.addTextNode(moasession.getIdentityLink().getIdentificationValue());
 
 			requestMessage.saveChanges();
 
@@ -128,7 +128,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 			// iterate through tree
 			SOAPElement responseElement = (SOAPElement) responseBody.getChildElements().next();
 			SOAPElement resultElement = (SOAPElement) responseElement.getChildElements().next();
-			SOAPElement tmp;
 
 			// collect all info in a map
 			Iterator it = resultElement.getChildElements();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
index 3c689cac9..bd6f192dc 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
@@ -8,6 +8,7 @@ import org.apache.velocity.Template;
 import org.apache.velocity.VelocityContext;
 import org.apache.velocity.app.VelocityEngine;
 
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
@@ -47,7 +48,7 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String)
 	 */
 	@Override
-	public IPersonalAttributeList acquire(PersonalAttribute attribute)
+	public IPersonalAttributeList acquire(PersonalAttribute attribute, AuthenticationSession moasession)
 			throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException {
 		requestedAttributes = new PersonalAttributeList(1);
 		requestedAttributes.add(attribute);
-- 
cgit v1.2.3


From caee81b311e93720d4c1fe2b3de22cdcbb0fe74d Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Wed, 26 Feb 2014 16:32:48 +0100
Subject: config

---
 .../id/protocols/stork2/AuthenticationRequest.java |  55 +-
 .../moa/id/commons/db/ConfigurationDBRead.java     | 706 ++++++++++-----------
 2 files changed, 384 insertions(+), 377 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 6ef85d7ae..db3e12f43 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -4,6 +4,7 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
+import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.moduls.IAction;
@@ -64,7 +65,7 @@ public class AuthenticationRequest implements IAction {
             Logger.debug("STORK QAA 2 :" + ((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getQAALevel());
             StartAuthResponse startAuthResponse = getStartAuthResponse(((MOASTORKAuthnRequest) req).getStorkAuthnRequest());
 
-            HttpSession httpSession = httpReq.getSession();
+            HttpSession httpSession = httpReq.getSession();                                       performRed
             httpSession.setAttribute("STORKSessionID", "12345");
             httpResp.setStatus(startAuthResponse.getHttpStatusCode());
             try {
@@ -102,12 +103,37 @@ public class AuthenticationRequest implements IAction {
             throw new AuthenticationException("stork.12", new Object[] { moasession.getPublicOAURLPrefix() });
 
 
+        // Prepare basic AT attributes
+        try {
+            IPersonalAttributeList moaAttrList =  moasession.getStorkAttributes();
+            Logger.info("Found number of moa personal attributes: " + moasession.getStorkAttributes().size());
+
+
+            for (PersonalAttribute personalAttribute : moaAttrList) {
+                Logger.info("Personal attribute found: " + personalAttribute.getName() + personalAttribute.getStatus());
+                if (personalAttribute.getValue().size() > 0) {
+                    for (String value : personalAttribute.getValue()) {
+                        Logger.info("     Value found: " + value);
+                    }
+                }
+            }
+
+        } catch (Exception e) {
+            Logger.error("Exception, attributes: " + e.getMessage());
+        }
+
+        authnResponse.setPersonalAttributeList(populateAttributes());
+
+        // Prepare extended attributes
+        Logger.debug("Preparing data container");
+
         //httpResp.setStatus(200);
         //VPEPSInboundPostHandler
         
         // create fresh container
         DataContainer container = new DataContainer();
-        
+
+
         // - fill in the request we extracted above
         container.setRequest(((MOASTORKAuthnRequest) req).getStorkAuthnRequest());
         
@@ -118,39 +144,20 @@ public class AuthenticationRequest implements IAction {
         container.setTarget(((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL());
 
 
+        Logger.debug("Data container prepared");
 
 
-        if (1==1) // test
+        if (1==0) // test
         // see if we need to fetch further attributes
         return (new AttributeCollector()).processRequest(container, httpReq, httpResp, oaParam);
 
+        Logger.debug("Finished sending data container");
 
 
 
 
 
 
-
-        try {
-            IPersonalAttributeList moaAttrList =  moasession.getStorkAttributes();
-            Logger.info("Found number of moa personal attributes: " + moasession.getStorkAttributes().size());
-
-
-            for (PersonalAttribute personalAttribute : moaAttrList) {
-            Logger.info("Personal attribute found: " + personalAttribute.getName() + personalAttribute.getStatus());
-            if (personalAttribute.getValue().size() > 0) {
-                for (String value : personalAttribute.getValue()) {
-                    Logger.info("     Value found: " + value);
-                }
-            }
-        }
-
-        } catch (Exception e) {
-            Logger.error("Exception, attributes: " + e.getMessage());
-        }
-
-        authnResponse.setPersonalAttributeList(populateAttributes());
-
         try {
             //Get SAMLEngine instance
             STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming");
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java
index e4e4ce98a..88220cded 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java
@@ -22,366 +22,366 @@
  *******************************************************************************/
 package at.gv.egovernment.moa.id.commons.db;
 
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import javax.persistence.EntityManager;
-
-import org.apache.commons.lang.StringEscapeUtils;
-
 import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
 import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
-
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
+import org.apache.commons.lang.StringEscapeUtils;
+
+import javax.persistence.EntityManager;
+import javax.persistence.PersistenceException;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
 
 @SuppressWarnings("rawtypes")
 public class ConfigurationDBRead {
 
-      private static Map<String, String> QUERIES = new HashMap<String, String>();    	
-      static {
-    	  QUERIES.put("getActiveOnlineApplicationWithID", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.publicURLPrefix = SUBSTRING(:id, 1, LENGTH(onlineapplication.publicURLPrefix)) and  onlineapplication.isActive = '1'");
-    	  QUERIES.put("getOnlineApplicationWithID", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.publicURLPrefix = SUBSTRING(:id, 1, LENGTH(onlineapplication.publicURLPrefix))");
-    	  QUERIES.put("getOnlineApplicationWithDBID", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.hjid = :id");
-    	  QUERIES.put("getAllOnlineApplications", "select onlineapplication from OnlineApplication onlineapplication");
-    	  QUERIES.put("getAllActiveOnlineApplications", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.isActive = '1'");
-    	  QUERIES.put("getAllNewOnlineApplications", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.isActive = '0' and onlineapplication.isAdminRequired = '1'");
-    	  QUERIES.put("getMOAIDConfiguration", "select moaidconfiguration from MOAIDConfiguration moaidconfiguration");
-    	  QUERIES.put("getUserWithUserID", "select userdatabase from UserDatabase userdatabase where userdatabase.hjid = :id");
-    	  QUERIES.put("getNewUserWithUserTokken", "select userdatabase from UserDatabase userdatabase where userdatabase.userRequestTokken = :tokken");
-    	  QUERIES.put("getAllNewUsers", "select userdatabase from UserDatabase userdatabase where userdatabase.userRequestTokken is null and userdatabase.isAdminRequest = '1' and userdatabase.isMailAddressVerified = '1'");
-    	  QUERIES.put("getAllOpenUsersRequests", "select userdatabase from UserDatabase userdatabase where userdatabase.userRequestTokken is not null and userdatabase.isAdminRequest = '1' and userdatabase.isMailAddressVerified = '0'");
-    	  QUERIES.put("getUserWithUserBPKWBPK", "select userdatabase from UserDatabase userdatabase where userdatabase.bpk = :bpk");
-    	  QUERIES.put("getUserWithUserUsername", "select userdatabase from UserDatabase userdatabase where userdatabase.username = :username");
-    	  QUERIES.put("getAllUsers", "select userdatabase from UserDatabase userdatabase");
-    	  QUERIES.put("getUsersWithOADBID", "select userdatabase from UserDatabase userdatabase inner join userdatabase.onlineApplication oa where oa.hjid = :id");
-    	  QUERIES.put("searchOnlineApplicationsWithID", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.friendlyName like :id");      }
-      
-	  public static OnlineApplication getActiveOnlineApplication(String id) {
-	  	MiscUtil.assertNotNull(id, "OnlineApplictionID");
-		Logger.trace("Getting OnlineApplication with ID " + id + " from database.");
-		
-		List result;
-  		EntityManager session = ConfigurationDBUtils.getCurrentSession();
-	  	
-  		javax.persistence.Query query = session.createQuery(QUERIES.get("getActiveOnlineApplicationWithID"));  	
-  		//query.setParameter("id", id+"%");
-  		query.setParameter("id", StringEscapeUtils.escapeHtml(id));
-  		result = query.getResultList();
-  	
-  		Logger.trace("Found entries: " + result.size());
-    
-  		if (result.size() == 0) {
-  			Logger.debug("No entries found.");
-  			return null;
-  		} 
-  		
-  		if (result.size() > 1) {
-  			Logger.warn("OAIdentifier match to more then one DB-entry!");
-  			return null;
-  		}
-  		  		
-  		return (OnlineApplication) result.get(0);
-	  }
-	
-	  public static OnlineApplication getOnlineApplication(String id) {
-	  	MiscUtil.assertNotNull(id, "OnlineApplictionID");
-		Logger.trace("Getting OnlineApplication with ID " + id + " from database.");
-		
-		List result;
-  		EntityManager session = ConfigurationDBUtils.getCurrentSession();
-	  	
-  		javax.persistence.Query query = session.createQuery(QUERIES.get("getOnlineApplicationWithID"));  	
-  		//query.setParameter("id", id+"%");
-  		query.setParameter("id", id);
-  		result = query.getResultList();
-  	
-  		Logger.trace("Found entries: " + result.size());
-    
-  		if (result.size() == 0) {
-  			Logger.trace("No entries found.");
-  			return null;
-  		}
-  		
-  		if (result.size() > 1) {
-  			Logger.warn("OAIdentifier match to more then one DB-entry!");
-  			return null;
-  		}
-  		
-  		return (OnlineApplication) result.get(0);
-	  }
-	  
-	  public static OnlineApplication getOnlineApplication(long dbid) {
-	  	MiscUtil.assertNotNull(dbid, "OnlineApplictionID");
-		Logger.trace("Getting OnlineApplication with DBID " + dbid + " from database.");
-		
-		List result;
-  		EntityManager session = ConfigurationDBUtils.getCurrentSession();
-	  	
-  		javax.persistence.Query query = session.createQuery(QUERIES.get("getOnlineApplicationWithDBID"));  	
-  		//query.setParameter("id", id+"%");
-  		query.setParameter("id", dbid);
-  		result = query.getResultList();
-  	
-  		Logger.trace("Found entries: " + result.size());
-    
-  		if (result.size() == 0) {
-  			Logger.trace("No entries found.");
-  			return null;
-  		}
-  		  		
-  		return (OnlineApplication) result.get(0);
-	  }
-	  
-	public static MOAIDConfiguration getMOAIDConfiguration() {
-		  Logger.trace("Load MOAID Configuration from database.");
-			
-			List<MOAIDConfiguration> result;
-		  	EntityManager session = ConfigurationDBUtils.getCurrentSession();
-		
-		  	javax.persistence.Query query = session.createQuery(QUERIES.get("getMOAIDConfiguration"));
-			result = query.getResultList();
-		  	
-		    Logger.trace("Found entries: " + result.size());
-		    
-		    if (result.size() == 0) {
-		    	Logger.trace("No entries found.");
-		    	return null;
-		    }
-		    		    
-		    return (MOAIDConfiguration) result.get(0);
-	  }
-	  
-	  public static List<OnlineApplication> getAllOnlineApplications() {
-			Logger.trace("Get All OnlineApplications from database.");
-			
-			List<OnlineApplication> result;
-		  	EntityManager session = ConfigurationDBUtils.getCurrentSession();
-			  	
-		  	javax.persistence.Query query = session.createQuery(QUERIES.get("getAllOnlineApplications"));  	
-			result = query.getResultList();
-		  	
-		    Logger.trace("Found entries: " + result.size());
-		    
-		    if (result.size() == 0) {
-		    	Logger.trace("No entries found.");
-		    	return null;
-		    }
-		    return result;
-	  }
-	  
-	  public static List<OnlineApplication> getAllNewOnlineApplications() {
-			Logger.trace("Get All OnlineApplications from database.");
-			
-			List<OnlineApplication> result;
-		  	EntityManager session = ConfigurationDBUtils.getCurrentSession();
-			  	
-		  	javax.persistence.Query query = session.createQuery(QUERIES.get("getAllNewOnlineApplications"));  	
-			result = query.getResultList();
-		  	
-		    Logger.trace("Found entries: " + result.size());
-		    
-		    if (result.size() == 0) {
-		    	Logger.trace("No entries found.");
-		    	return null;
-		    }
-		    return result;
-	  }
-	  
-	  public static List<UserDatabase> getAllUsers() {
-			Logger.trace("Get All OnlineApplications from database.");
-			
-			List<UserDatabase> result;
-		  	EntityManager session = ConfigurationDBUtils.getCurrentSession();
-			  	
-		  	javax.persistence.Query query = session.createQuery(QUERIES.get("getAllUsers"));  	
-			result = query.getResultList();
-		  	
-		    Logger.trace("Found entries: " + result.size());
-		    
-		    if (result.size() == 0) {
-		    	Logger.trace("No entries found.");
-		    	return null;
-		    }
-		    return result;
-	  }
-	  
-	  public static List<OnlineApplication> getAllActiveOnlineApplications() {
-			Logger.trace("Get All active OnlineApplications from database.");
-			
-			List<OnlineApplication> result;
-		  	EntityManager session = ConfigurationDBUtils.getCurrentSession();
-			  	
-		  	javax.persistence.Query query = session.createQuery(QUERIES.get("getAllActiveOnlineApplications"));  	
-			result = query.getResultList();
-		  	
-		    Logger.trace("Found entries: " + result.size());
-		    
-		    if (result.size() == 0) {
-		    	Logger.trace("No entries found.");
-		    	return null;
-		    }
-		    return result;
-	  }
-	  
-	  @SuppressWarnings("rawtypes")
-	  public static List<OnlineApplication> searchOnlineApplications(String id) {
-	  	MiscUtil.assertNotNull(id, "OnlineApplictionID");
-		Logger.trace("Getting OnlineApplication with ID " + id + " from database.");
-		
-		List<OnlineApplication> result;
-  		EntityManager session = ConfigurationDBUtils.getCurrentSession();
-	  	
-  		javax.persistence.Query query = session.createQuery(QUERIES.get("searchOnlineApplicationsWithID"));  	
-  		query.setParameter("id", "%"+id+"%");
-  		
-  		result = query.getResultList();
-  	
-  		Logger.trace("Found entries: " + result.size());
-    
-  		if (result.size() == 0) {
-  			Logger.trace("No entries found.");
-  			return null;
-  		}
-  		  		
-  		return result;
-	  }
-	  	  
-	  public static UserDatabase getUserWithID(long id) {
-		  	MiscUtil.assertNotNull(id, "UserID");
-			Logger.trace("Getting Userinformation with ID " + id + " from database.");
-			
-			List<UserDatabase> result;
-		  	EntityManager session = ConfigurationDBUtils.getCurrentSession();
-			  	
-		  	javax.persistence.Query query = session.createQuery(QUERIES.get("getUserWithUserID"));  	
-		  	query.setParameter("id", id);
-			result = query.getResultList();
-		  	
-		    Logger.trace("Found entries: " + result.size());
-		    
-		    if (result.size() == 0) {
-		    	Logger.trace("No entries found.");
-		    	return null;
-		    }
-		    return (UserDatabase) result.get(0);
-	  }
-	  
-	  public static UserDatabase getUsersWithOADBID(long id) {
-		  	MiscUtil.assertNotNull(id, "OADBID");
-			Logger.trace("Getting Userinformation with OADBID " + id + " from database.");
-			
-			List<UserDatabase> result;
-		  	EntityManager session = ConfigurationDBUtils.getCurrentSession();
-			  	
-		  	javax.persistence.Query query = session.createQuery(QUERIES.get("getUsersWithOADBID"));  	
-		  	query.setParameter("id", id);
-			result = query.getResultList();
-		  	
-		    Logger.trace("Found entries: " + result.size());
-		    
-		    if (result.size() == 0) {
-		    	Logger.trace("No entries found.");
-		    	return null;
-		    }
-		    return (UserDatabase) result.get(0);
-	  } 
-	  
-	  public static UserDatabase getUserWithUserName(String username) {
-		  	MiscUtil.assertNotNull(username, "UserName");
-			Logger.trace("Getting Userinformation with ID " + username + " from database.");
-			
-			List<UserDatabase> result;
-		  	EntityManager session = ConfigurationDBUtils.getCurrentSession();
-			  	
-		  	javax.persistence.Query query = session.createQuery(QUERIES.get("getUserWithUserUsername"));  	
-		  	query.setParameter("username", username);
-			result = query.getResultList();
-		  	
-		    Logger.trace("Found entries: " + result.size());
-		    
-		    if (result.size() == 0) {
-		    	Logger.trace("No entries found.");
-		    	return null;
-		    }
-		    return (UserDatabase) result.get(0);
-	  }
-
-	  public static UserDatabase getUserWithUserBPKWBPK(String bpkwbpk) {
-		  	MiscUtil.assertNotNull(bpkwbpk, "bpk/wbpk");
-			Logger.trace("Getting Userinformation with ID " +  bpkwbpk + " from database.");
-			
-			List<UserDatabase> result;
-		  	EntityManager session = ConfigurationDBUtils.getCurrentSession();
-			  	
-		  	javax.persistence.Query query = session.createQuery(QUERIES.get("getUserWithUserBPKWBPK"));  	
-		  	query.setParameter("bpk",  bpkwbpk);
-			result = query.getResultList();
-		  	
-		    Logger.trace("Found entries: " + result.size());
-		    
-		    if (result.size() == 0) {
-		    	Logger.trace("No entries found.");
-		    	return null;
-		    }
-		    return (UserDatabase) result.get(0);
-	  }
-	  
-	  public static UserDatabase getNewUserWithTokken(String tokken) {
-		  	MiscUtil.assertNotNull(tokken, "bpk/wbpk");
-			Logger.trace("Getting Userinformation with Tokken " +  tokken + " from database.");
-			
-			List<UserDatabase> result;
-		  	EntityManager session = ConfigurationDBUtils.getCurrentSession();
-			  	
-		  	javax.persistence.Query query = session.createQuery(QUERIES.get("getNewUserWithUserTokken"));  	
-		  	query.setParameter("tokken",  tokken);
-			result = query.getResultList();
-		  	
-		    Logger.trace("Found entries: " + result.size());
-		    
-		    if (result.size() == 0) {
-		    	Logger.trace("No entries found.");
-		    	return null;
-		    }
-		    return (UserDatabase) result.get(0);
-	  }
-	  
-	  public static List<UserDatabase> getAllNewUsers() {
-			Logger.trace("Get all new Users from Database");
-			
-			List<UserDatabase> result;
-		  	EntityManager session = ConfigurationDBUtils.getCurrentSession();
-			  	
-		  	javax.persistence.Query query = session.createQuery(QUERIES.get("getAllNewUsers"));  	
-			result = query.getResultList();
-		  	
-		    Logger.trace("Found entries: " + result.size());
-		    
-		    if (result.size() == 0) {
-		    	Logger.trace("No entries found.");
-		    	return null;
-		    }
-		    return result;
-	  }
-	  
-	  public static List<UserDatabase> getAllOpenUsersRequests() {
-			Logger.trace("Get all new Users from Database");
-			
-			List<UserDatabase> result;
-		  	EntityManager session = ConfigurationDBUtils.getCurrentSession();
-			  	
-		  	javax.persistence.Query query = session.createQuery(QUERIES.get("getAllOpenUsersRequests"));  	
-			result = query.getResultList();
-		  	
-		    Logger.trace("Found entries: " + result.size());
-		    
-		    if (result.size() == 0) {
-		    	Logger.trace("No entries found.");
-		    	return null;
-		    }
-		    return result;
-	  }
+    private static Map<String, String> QUERIES = new HashMap<String, String>();
+
+    static {
+        QUERIES.put("getActiveOnlineApplicationWithID", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.publicURLPrefix = SUBSTRING(:id, 1, LENGTH(onlineapplication.publicURLPrefix)) and  onlineapplication.isActive = '1'");
+        QUERIES.put("getOnlineApplicationWithID", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.publicURLPrefix = SUBSTRING(:id, 1, LENGTH(onlineapplication.publicURLPrefix))");
+        QUERIES.put("getOnlineApplicationWithDBID", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.hjid = :id");
+        QUERIES.put("getAllOnlineApplications", "select onlineapplication from OnlineApplication onlineapplication");
+        QUERIES.put("getAllActiveOnlineApplications", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.isActive = '1'");
+        QUERIES.put("getAllNewOnlineApplications", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.isActive = '0' and onlineapplication.isAdminRequired = '1'");
+        QUERIES.put("getMOAIDConfiguration", "select moaidconfiguration from MOAIDConfiguration moaidconfiguration");
+        QUERIES.put("getUserWithUserID", "select userdatabase from UserDatabase userdatabase where userdatabase.hjid = :id");
+        QUERIES.put("getNewUserWithUserTokken", "select userdatabase from UserDatabase userdatabase where userdatabase.userRequestTokken = :tokken");
+        QUERIES.put("getAllNewUsers", "select userdatabase from UserDatabase userdatabase where userdatabase.userRequestTokken is null and userdatabase.isAdminRequest = '1' and userdatabase.isMailAddressVerified = '1'");
+        QUERIES.put("getAllOpenUsersRequests", "select userdatabase from UserDatabase userdatabase where userdatabase.userRequestTokken is not null and userdatabase.isAdminRequest = '1' and userdatabase.isMailAddressVerified = '0'");
+        QUERIES.put("getUserWithUserBPKWBPK", "select userdatabase from UserDatabase userdatabase where userdatabase.bpk = :bpk");
+        QUERIES.put("getUserWithUserUsername", "select userdatabase from UserDatabase userdatabase where userdatabase.username = :username");
+        QUERIES.put("getAllUsers", "select userdatabase from UserDatabase userdatabase");
+        QUERIES.put("getUsersWithOADBID", "select userdatabase from UserDatabase userdatabase inner join userdatabase.onlineApplication oa where oa.hjid = :id");
+        QUERIES.put("searchOnlineApplicationsWithID", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.friendlyName like :id");
+    }
+
+    public static OnlineApplication getActiveOnlineApplication(String id) {
+        MiscUtil.assertNotNull(id, "OnlineApplictionID");
+        Logger.trace("Getting OnlineApplication with ID " + id + " from database.");
+
+        List result;
+        EntityManager session = ConfigurationDBUtils.getCurrentSession();
+
+        javax.persistence.Query query = session.createQuery(QUERIES.get("getActiveOnlineApplicationWithID"));
+        //query.setParameter("id", id+"%");
+        query.setParameter("id", StringEscapeUtils.escapeHtml(id));
+        result = query.getResultList();
+
+        Logger.trace("Found entries: " + result.size());
+
+        if (result.size() == 0) {
+            Logger.debug("No entries found.");
+            return null;
+        }
+
+        if (result.size() > 1) {
+            Logger.warn("OAIdentifier match to more then one DB-entry!");
+            return null;
+        }
+
+        return (OnlineApplication) result.get(0);
+    }
+
+    public static OnlineApplication getOnlineApplication(String id) {
+        MiscUtil.assertNotNull(id, "OnlineApplictionID");
+        Logger.trace("Getting OnlineApplication with ID " + id + " from database.");
+
+        List result;
+        EntityManager session = ConfigurationDBUtils.getCurrentSession();
+
+        javax.persistence.Query query = session.createQuery(QUERIES.get("getOnlineApplicationWithID"));
+        //query.setParameter("id", id+"%");
+        query.setParameter("id", id);
+        result = query.getResultList();
+
+        Logger.trace("Found entries: " + result.size());
+
+        if (result.size() == 0) {
+            Logger.trace("No entries found.");
+            return null;
+        }
+
+        if (result.size() > 1) {
+            Logger.warn("OAIdentifier match to more then one DB-entry!");
+            return null;
+        }
+
+        return (OnlineApplication) result.get(0);
+    }
+
+    public static OnlineApplication getOnlineApplication(long dbid) {
+        MiscUtil.assertNotNull(dbid, "OnlineApplictionID");
+        Logger.trace("Getting OnlineApplication with DBID " + dbid + " from database.");
+
+        List result;
+        EntityManager session = ConfigurationDBUtils.getCurrentSession();
+
+        javax.persistence.Query query = session.createQuery(QUERIES.get("getOnlineApplicationWithDBID"));
+        //query.setParameter("id", id+"%");
+        query.setParameter("id", dbid);
+        result = query.getResultList();
+
+        Logger.trace("Found entries: " + result.size());
+
+        if (result.size() == 0) {
+            Logger.trace("No entries found.");
+            return null;
+        }
+
+        return (OnlineApplication) result.get(0);
+    }
+
+    public static MOAIDConfiguration getMOAIDConfiguration() {
+        Logger.trace("Load MOAID Configuration from database.");
+
+        List<MOAIDConfiguration> result;
+        EntityManager session = ConfigurationDBUtils.getCurrentSession();
+
+        javax.persistence.Query query = session.createQuery(QUERIES.get("getMOAIDConfiguration"));
+        result = query.getResultList();
+
+        Logger.trace("Found entries: " + result.size());
+
+        if (result.size() == 0) {
+            Logger.trace("No entries found.");
+            return null;
+        }
+
+        return (MOAIDConfiguration) result.get(0);
+    }
+
+    public static List<OnlineApplication> getAllOnlineApplications() {
+        Logger.trace("Get All OnlineApplications from database.");
+
+        List<OnlineApplication> result = null;
+        EntityManager session = ConfigurationDBUtils.getCurrentSession();
+
+        javax.persistence.Query query = session.createQuery(QUERIES.get("getAllOnlineApplications"));
+        result = query.getResultList();
+
+        Logger.trace("Found entries: " + result.size());
+
+        if (result.size() == 0) {
+            Logger.trace("No entries found.");
+            return null;
+        }
+        return result;
+    }
+
+    public static List<OnlineApplication> getAllNewOnlineApplications() {
+        Logger.trace("Get All OnlineApplications from database.");
+
+        List<OnlineApplication> result;
+        EntityManager session = ConfigurationDBUtils.getCurrentSession();
+
+        javax.persistence.Query query = session.createQuery(QUERIES.get("getAllNewOnlineApplications"));
+        result = query.getResultList();
+
+        Logger.trace("Found entries: " + result.size());
+
+        if (result.size() == 0) {
+            Logger.trace("No entries found.");
+            return null;
+        }
+        return result;
+    }
+
+    public static List<UserDatabase> getAllUsers() {
+        Logger.trace("Get All OnlineApplications from database.");
+
+        List<UserDatabase> result;
+        EntityManager session = ConfigurationDBUtils.getCurrentSession();
+
+        javax.persistence.Query query = session.createQuery(QUERIES.get("getAllUsers"));
+        result = query.getResultList();
+
+        Logger.trace("Found entries: " + result.size());
+
+        if (result.size() == 0) {
+            Logger.trace("No entries found.");
+            return null;
+        }
+        return result;
+    }
+
+    public static List<OnlineApplication> getAllActiveOnlineApplications() {
+        Logger.trace("Get All active OnlineApplications from database.");
+
+        List<OnlineApplication> result;
+        EntityManager session = ConfigurationDBUtils.getCurrentSession();
+
+        javax.persistence.Query query = session.createQuery(QUERIES.get("getAllActiveOnlineApplications"));
+        result = query.getResultList();
+
+        Logger.trace("Found entries: " + result.size());
+
+        if (result.size() == 0) {
+            Logger.trace("No entries found.");
+            return null;
+        }
+        return result;
+    }
+
+    @SuppressWarnings("rawtypes")
+    public static List<OnlineApplication> searchOnlineApplications(String id) {
+        MiscUtil.assertNotNull(id, "OnlineApplictionID");
+        Logger.trace("Getting OnlineApplication with ID " + id + " from database.");
+
+        List<OnlineApplication> result;
+        EntityManager session = ConfigurationDBUtils.getCurrentSession();
+
+        javax.persistence.Query query = session.createQuery(QUERIES.get("searchOnlineApplicationsWithID"));
+        query.setParameter("id", "%" + id + "%");
+
+        result = query.getResultList();
+
+        Logger.trace("Found entries: " + result.size());
+
+        if (result.size() == 0) {
+            Logger.trace("No entries found.");
+            return null;
+        }
+
+        return result;
+    }
+
+    public static UserDatabase getUserWithID(long id) {
+        MiscUtil.assertNotNull(id, "UserID");
+        Logger.trace("Getting Userinformation with ID " + id + " from database.");
+
+        List<UserDatabase> result;
+        EntityManager session = ConfigurationDBUtils.getCurrentSession();
+
+        javax.persistence.Query query = session.createQuery(QUERIES.get("getUserWithUserID"));
+        query.setParameter("id", id);
+        result = query.getResultList();
+
+        Logger.trace("Found entries: " + result.size());
+
+        if (result.size() == 0) {
+            Logger.trace("No entries found.");
+            return null;
+        }
+        return (UserDatabase) result.get(0);
+    }
+
+    public static UserDatabase getUsersWithOADBID(long id) {
+        MiscUtil.assertNotNull(id, "OADBID");
+        Logger.trace("Getting Userinformation with OADBID " + id + " from database.");
+
+        List<UserDatabase> result;
+        EntityManager session = ConfigurationDBUtils.getCurrentSession();
+
+        javax.persistence.Query query = session.createQuery(QUERIES.get("getUsersWithOADBID"));
+        query.setParameter("id", id);
+        result = query.getResultList();
+
+        Logger.trace("Found entries: " + result.size());
+
+        if (result.size() == 0) {
+            Logger.trace("No entries found.");
+            return null;
+        }
+        return (UserDatabase) result.get(0);
+    }
+
+    public static UserDatabase getUserWithUserName(String username) {
+        MiscUtil.assertNotNull(username, "UserName");
+        Logger.trace("Getting Userinformation with ID " + username + " from database.");
+
+        List<UserDatabase> result;
+        EntityManager session = ConfigurationDBUtils.getCurrentSession();
+
+        javax.persistence.Query query = session.createQuery(QUERIES.get("getUserWithUserUsername"));
+        query.setParameter("username", username);
+        result = query.getResultList();
+
+        Logger.trace("Found entries: " + result.size());
+
+        if (result.size() == 0) {
+            Logger.trace("No entries found.");
+            return null;
+        }
+        return (UserDatabase) result.get(0);
+    }
+
+    public static UserDatabase getUserWithUserBPKWBPK(String bpkwbpk) {
+        MiscUtil.assertNotNull(bpkwbpk, "bpk/wbpk");
+        Logger.trace("Getting Userinformation with ID " + bpkwbpk + " from database.");
+
+        List<UserDatabase> result;
+        EntityManager session = ConfigurationDBUtils.getCurrentSession();
+
+        javax.persistence.Query query = session.createQuery(QUERIES.get("getUserWithUserBPKWBPK"));
+        query.setParameter("bpk", bpkwbpk);
+        result = query.getResultList();
+
+        Logger.trace("Found entries: " + result.size());
+
+        if (result.size() == 0) {
+            Logger.trace("No entries found.");
+            return null;
+        }
+        return (UserDatabase) result.get(0);
+    }
+
+    public static UserDatabase getNewUserWithTokken(String tokken) {
+        MiscUtil.assertNotNull(tokken, "bpk/wbpk");
+        Logger.trace("Getting Userinformation with Tokken " + tokken + " from database.");
+
+        List<UserDatabase> result;
+        EntityManager session = ConfigurationDBUtils.getCurrentSession();
+
+        javax.persistence.Query query = session.createQuery(QUERIES.get("getNewUserWithUserTokken"));
+        query.setParameter("tokken", tokken);
+        result = query.getResultList();
+
+        Logger.trace("Found entries: " + result.size());
+
+        if (result.size() == 0) {
+            Logger.trace("No entries found.");
+            return null;
+        }
+        return (UserDatabase) result.get(0);
+    }
+
+    public static List<UserDatabase> getAllNewUsers() {
+        Logger.trace("Get all new Users from Database");
+
+        List<UserDatabase> result;
+        EntityManager session = ConfigurationDBUtils.getCurrentSession();
+
+        javax.persistence.Query query = session.createQuery(QUERIES.get("getAllNewUsers"));
+        result = query.getResultList();
+
+        Logger.trace("Found entries: " + result.size());
+
+        if (result.size() == 0) {
+            Logger.trace("No entries found.");
+            return null;
+        }
+        return result;
+    }
+
+    public static List<UserDatabase> getAllOpenUsersRequests() {
+        Logger.trace("Get all new Users from Database");
+
+        List<UserDatabase> result;
+        EntityManager session = ConfigurationDBUtils.getCurrentSession();
+
+        javax.persistence.Query query = session.createQuery(QUERIES.get("getAllOpenUsersRequests"));
+        result = query.getResultList();
+
+        Logger.trace("Found entries: " + result.size());
+
+        if (result.size() == 0) {
+            Logger.trace("No entries found.");
+            return null;
+        }
+        return result;
+    }
 }
-- 
cgit v1.2.3


From 11e26b97a643704f17f34e7424269325ed51472d Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Wed, 26 Feb 2014 17:21:59 +0100
Subject: adjusting attribute collector

---
 .../id/protocols/stork2/AttributeCollector.java    | 333 +++++++++++++--------
 .../id/protocols/stork2/AuthenticationRequest.java | 149 +--------
 .../moa/id/protocols/stork2/DataContainer.java     |  14 +-
 .../stork2/StorkAttributeRequestProvider.java      |   3 -
 4 files changed, 215 insertions(+), 284 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index fcef1487e..bc5a0c0c6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -1,11 +1,9 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
-import java.util.ArrayList;
-import java.util.List;
-
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
@@ -13,169 +11,240 @@ import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.storage.AssertionStorage;
 import at.gv.egovernment.moa.logging.Logger;
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
+import eu.stork.peps.auth.commons.STORKAuthnResponse;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
+import org.apache.commons.io.IOUtils;
+import org.apache.velocity.Template;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
+import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-
-import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
-
-import eu.stork.peps.auth.commons.IPersonalAttributeList;
-import eu.stork.peps.auth.commons.PersonalAttribute;
+import javax.servlet.http.HttpSession;
+import java.io.IOException;
+import java.io.StringWriter;
+import java.util.ArrayList;
+import java.util.List;
 
 /**
  * the AttributeCollector Action tries to get all requested attributes from a set of {@link AttributeProvider} Plugins.
  * The class is called whenever the {@link AuthenticationRequest} Action is invoked and checks for missing attributes.
  * Furthermore, the class can handle direct posts. That is when the class triggers an attribute query which needs user
  * interaction, redirect to another portal, etc. The redirect will hit here and the class can continue to fetch attributes.
- * 
+ * <p/>
  * TODO how do we treat mandatory and optional attributes?
- * 
  */
 public class AttributeCollector implements IAction {
-	
-	/** The Constant ARTIFACT_ID. */
-	private static final String ARTIFACT_ID = "artifactId";
-	
+
+    /**
+     * The Constant ARTIFACT_ID.
+     */
+    private static final String ARTIFACT_ID = "artifactId";
+    private DataContainer container;
+    private HttpServletResponse httpResp;
+
+
     /* (non-Javadoc)
      * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.auth.data.AuthenticationSession)
      */
     public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {
 
-		// read configuration parameters of OA
-		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
-		if (oaParam == null)
-			throw new AuthenticationException("stork.12", new Object[] { moasession.getPublicOAURLPrefix() });
-
-    	// find the attribute provider plugin that can handle the response
-		IPersonalAttributeList newAttributes = null;
-		for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs()))
-			try {
-				newAttributes = current.parse(httpReq);
-			} catch (UnsupportedAttributeException e1) {
-				// the current provider cannot find anything familiar within the
-				// provided httpreq. Try the next one.
-			}
-
-		if (null == newAttributes) {
-			// we do not have a provider which is capable of fetching something
-			// from the received httpreq.
-			// TODO should we continue with the next attribute?
-			Logger.error("No attribute could be retrieved from the response the attribute provider gave us.");
-			throw new MOAIDException("stork.11", null);
-		}
-
-    	// - fetch the container
-		String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID);
-		DataContainer container;
-		try {
-			container = AssertionStorage.getInstance().get(artifactId, DataContainer.class);
-		} catch (MOADatabaseException e) {
-			Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e);
-			throw new MOAIDException("stork.11", null);
-		}
-
-    	// - insert the embedded attribute(s) into the container
-		for(PersonalAttribute current : newAttributes)
-			container.getResponse().getPersonalAttributeList().add(current);
-    	
-    	// see if we need some more attributes
-    	return processRequest(container, httpReq, httpResp, moasession, oaParam);
+        this.httpResp = httpResp;
+
+        // read configuration parameters of OA
+        OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
+        if (oaParam == null)
+            throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()});
+
+        // find the attribute provider plugin that can handle the response
+        IPersonalAttributeList newAttributes = null;
+        for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs()))
+            try {
+                newAttributes = current.parse(httpReq);
+            } catch (UnsupportedAttributeException e1) {
+                // the current provider cannot find anything familiar within the
+                // provided httpreq. Try the next one.
+            }
+
+        if (null == newAttributes) {
+            // we do not have a provider which is capable of fetching something
+            // from the received httpreq.
+            // TODO should we continue with the next attribute?
+            Logger.error("No attribute could be retrieved from the response the attribute provider gave us.");
+            throw new MOAIDException("stork.11", null);
+        }
+
+        // - fetch the container
+        String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID);
+        DataContainer container;
+        try {
+            container = AssertionStorage.getInstance().get(artifactId, DataContainer.class);
+        } catch (MOADatabaseException e) {
+            Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e);
+            throw new MOAIDException("stork.11", null);
+        }
+
+        // - insert the embedded attribute(s) into the container
+        for (PersonalAttribute current : newAttributes)
+            container.getResponse().getPersonalAttributeList().add(current);
+
+        // see if we need some more attributes
+        return processRequest(container, httpReq, httpResp, moasession, oaParam);
     }
-    
+
     /**
      * Checks if there are missing attributes and tries to fetch them. If there are no more attribute to fetch,
      * this very method creates and sends the protocol result to the asking S-PEPS.
      *
      * @param container the {@link DataContainer} representing the status of the overall query.
      * @return the string
-     * @throws MOAIDException 
+     * @throws MOAIDException
      */
     public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, AuthenticationSession moasession, OAAuthParameter oaParam) throws MOAIDException {
-    	// check if there are attributes we need to fetch
-    	IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList();
-    	IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList();
-    	List<PersonalAttribute> missingAttributes = new ArrayList<PersonalAttribute>();
-    	for(PersonalAttribute current : requestAttributeList)
-    		if(!responseAttributeList.containsKey(current))
-    			missingAttributes.add(current);
-    	
-    	try {
-	    	// for each attribute still missing
-	    	for(PersonalAttribute currentAttribute : missingAttributes) {
-	    	// - check if we can find a suitable AttributeProvider Plugin
-				for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) {
-					try {
-						// - hand over control to the suitable plugin
-						IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute, moasession);
-
-						// - add the aquired attribute to the container
-						for(PersonalAttribute current : aquiredAttributes)
-							container.getResponse().getPersonalAttributeList().add(current);
-					} catch(UnsupportedAttributeException e) {
-						// ok, try the next attributeprovider
-					} catch(MOAIDException e) {
-						// the current plugin had an error. Try the next one.
-						// TODO we might want to add the non-fetchable attribute as "NotAvailable" to prevent an infinite loop
-					}
-	
-	    		}
-	    	}
-		} catch (ExternalAttributeRequestRequiredException e) {
-			// the attribute request is ongoing and requires an external service.
-			try {
-				// memorize the container again
-				// - generate new key
-				String newArtifactId = new SecureRandomIdentifierGenerator()
-						.generateIdentifier();                                       /*
-            Logger.debug("STORK QAA 2 :" + ((STORKAuthnRequestDEL) req).getStorkAuthnRequest().getQAALevel());
-            StartAuthResponse startAuthResponse = getStartAuthResponse(((STORKAuthnRequestDEL) req).getStorkAuthnRequest());
-
-            HttpSession httpSession = httpReq.getSession();
-            httpSession.setAttribute("STORKSessionID", "12345");
-            httpResp.setStatus(startAuthResponse.getHttpStatusCode());
-            try {
-                ServletOutputStream os = httpResp.getOutputStream();
-                String html = new String(startAuthResponse.getContent());
-
-
-                if (html.contains("<![CDATA[")) {
-                    Logger.info("-------- content contains <![CDATA[-----------------");
-                    Logger.info("-------- content contains html -----------------");
-                    Logger.info("HTML : " + html);
-                    int beginIndex = html.indexOf("<![CDATA[");
-                    int endIndex = html.indexOf("]]>");
-                    html = html.substring(beginIndex + 9, endIndex);
-                    startAuthResponse.setContent(html.getBytes());
-                }
-                Logger.info("HTML : " + html);
+        // check if there are attributes we need to fetch
+        this.httpResp = response;
+        this.container = container;
+
+        IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList();
+        IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList();
+        List<PersonalAttribute> missingAttributes = new ArrayList<PersonalAttribute>();
+        for (PersonalAttribute current : requestAttributeList)
+            if (!responseAttributeList.containsKey(current))
+                missingAttributes.add(current);
+
+        try {
+            // for each attribute still missing
+            for (PersonalAttribute currentAttribute : missingAttributes) {
+                // - check if we can find a suitable AttributeProvider Plugin
+                for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) {
+                    try {
+                        // - hand over control to the suitable plugin
+                        IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute, moasession);
+
+                        // - add the aquired attribute to the container
+                        for (PersonalAttribute current : aquiredAttributes)
+                            container.getResponse().getPersonalAttributeList().add(current);
+                    } catch (UnsupportedAttributeException e) {
+                        // ok, try the next attributeprovider
+                    } catch (MOAIDException e) {
+                        // the current plugin had an error. Try the next one.
+                        // TODO we might want to add the non-fetchable attribute as "NotAvailable" to prevent an infinite loop
+                    }
 
-                os.write(startAuthResponse.getContent());
-                Logger.info("Response sent to client");
-            } catch (IOException e) {
-                Logger.error("ERROR MOA");
-                throw new MOAIDException("error response sending", new Object[]{});
+                }
+            }
+        } catch (ExternalAttributeRequestRequiredException e) {
+            // the attribute request is ongoing and requires an external service.
+            try {
+                // memorize the container again
+                // - generate new key
+                String newArtifactId = new SecureRandomIdentifierGenerator()
+                        .generateIdentifier();
+            } catch (Exception e1) {
+                // TODO should we return the response as is to the PEPS?
+                Logger.error("Error putting incomplete Stork response into temporary storage", e);
+                throw new MOAIDException("stork.11", null);
             }
-            //httpSession.setAttribute("CCC", ccc);
-
-          */
-        }  catch (Exception e1) {
-				// TODO should we return the response as is to the PEPS?
-				Logger.error("Error putting incomplete Stork response into temporary storage", e);
-				throw new MOAIDException("stork.11", null);
-			}
-
-			return "12345"; // TODO what to do here?
-		}
-    	// build response
-    	// done
-    	return "12345"; // AssertionId
+
+            return "12345"; // TODO what to do here?
+        }
+
+        // build response
+        generateSTORKResponse();
+
+        // set new http response
+        generateRedirectResponse();
+        response = httpResp;
+
+        return "12345"; // AssertionId
+    }
+
+
+    private void generateSTORKResponse() throws MOAIDException {
+        STORKAuthnResponse authnResponse = container.getResponse();
+        STORKAuthnRequest authnRequest = container.getRequest();
+
+        try {
+            //Get SAMLEngine instance
+            STORKSAMLEngine engine = STORKSAMLEngine.getInstance("vidp");
+            Logger.debug("Starting generation of SAML response");
+            authnResponse = engine.generateSTORKAuthnResponse(authnRequest, authnResponse, container.getRemoteAddress(), false);
+
+            //generateSAML Token
+            Logger.info("SAML response succesfully generated!");
+        } catch (STORKSAMLEngineException e) {
+            Logger.error("Failed to generate STORK SAML Response", e);
+            throw new MOAIDException("stork.05", null);
+        }
+
+        Logger.info("STORK SAML Response message succesfully generated ");
+        String statusCodeValue = authnResponse.getStatusCode();
+
+        try {
+            Logger.debug("authn saml plain:" + authnResponse.getTokenSaml());
+            Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); // works
+            Logger.debug("authn saml encodedx: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes())));
+
+        } catch (IOException e) {
+            e.printStackTrace();
+        }
+
+        container.setResponse(authnResponse);
+
+    }
+
+
+    private void generateRedirectResponse() {
+        STORKAuthnResponse authnResponse = container.getResponse();
+        STORKAuthnRequest authnRequest = container.getRequest();
+
+
+        // preparing redirection for the client
+
+        try {
+            VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
+            Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html");
+            VelocityContext context = new VelocityContext();
+
+            context.put("SAMLResponse", new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes())));
+            Logger.debug("SAMLResponse original: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes())));
+
+            Logger.debug("Putting assertion consumer url as action: " + authnRequest.getAssertionConsumerServiceURL());
+            context.put("action", authnRequest.getAssertionConsumerServiceURL());
+            Logger.debug("Starting template merge");
+            StringWriter writer = new StringWriter();
+
+            Logger.debug("Doing template merge");
+            template.merge(context, writer);
+            Logger.debug("Template merge done");
+
+            Logger.debug("Sending html content: " + writer.getBuffer().toString());
+            Logger.debug("Sending html content2  : " + new String(writer.getBuffer()));
+
+
+            httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes());
+
+        } catch (Exception e) {
+            Logger.error("Velocity error: " + e.getMessage());
+        }
+
+        //HttpSession httpSession = this.httpResp.getSession();
+        //httpSession.setAttribute("STORKSessionID", "12345");
+        //Logger.info("Status code again: " + authnResponse.getStatusCode());
+
+        //return "12345"; // AssertionId
     }
 
     /* (non-Javadoc)
      * @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
      */
     public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) {
-    	// this action does not need any authentication. The authentication is already done by the preceding AuthenticationRequest-Action.
+        // this action does not need any authentication. The authentication is already done by the preceding AuthenticationRequest-Action.
         return false;
     }
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index db3e12f43..b3f009ae2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -59,41 +59,6 @@ public class AuthenticationRequest implements IAction {
         Logger.debug("Remote user: " + httpReq.getRemoteAddr());
         Logger.debug("Moa session: " + moasession.toString() + " " + moasession.getOAURLRequested() + " " + moasession.getPublicOAURLPrefix() + " " + moasession.getAction() + " " + moasession.getIdentityLink().getName() + " " + moasession.getTarget());
         httpResp.reset();
-        //httpResp.addHeader("Location", "http:/www.google.com");
-        if (req instanceof MOASTORKAuthnRequest) {
-          /*
-            Logger.debug("STORK QAA 2 :" + ((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getQAALevel());
-            StartAuthResponse startAuthResponse = getStartAuthResponse(((MOASTORKAuthnRequest) req).getStorkAuthnRequest());
-
-            HttpSession httpSession = httpReq.getSession();                                       performRed
-            httpSession.setAttribute("STORKSessionID", "12345");
-            httpResp.setStatus(startAuthResponse.getHttpStatusCode());
-            try {
-                ServletOutputStream os = httpResp.getOutputStream();
-                String html = new String(startAuthResponse.getContent());
-
-
-                if (html.contains("<![CDATA[")) {
-                    Logger.info("-------- content contains <![CDATA[-----------------");
-                    Logger.info("-------- content contains html -----------------");
-                    Logger.info("HTML : " + html);
-                    int beginIndex = html.indexOf("<![CDATA[");
-                    int endIndex = html.indexOf("]]>");
-                    html = html.substring(beginIndex + 9, endIndex);
-                    startAuthResponse.setContent(html.getBytes());
-                }
-                Logger.info("HTML : " + html);
-
-                os.write(startAuthResponse.getContent());
-                Logger.info("Response sent to client");
-            } catch (IOException e) {
-                Logger.error("ERROR MOA");
-                throw new MOAIDException("error response sending", new Object[]{});
-            }
-            //httpSession.setAttribute("CCC", ccc);
-
-          */
-        }
 
         STORKAuthnResponse authnResponse = new STORKAuthnResponse();
         authnResponse.setCountry("AT");
@@ -122,18 +87,15 @@ public class AuthenticationRequest implements IAction {
             Logger.error("Exception, attributes: " + e.getMessage());
         }
 
+        // Get personal attributtes from MOA/IdentityLink
         authnResponse.setPersonalAttributeList(populateAttributes());
 
         // Prepare extended attributes
         Logger.debug("Preparing data container");
 
-        //httpResp.setStatus(200);
-        //VPEPSInboundPostHandler
-        
         // create fresh container
         DataContainer container = new DataContainer();
 
-
         // - fill in the request we extracted above
         container.setRequest(((MOASTORKAuthnRequest) req).getStorkAuthnRequest());
         
@@ -146,90 +108,8 @@ public class AuthenticationRequest implements IAction {
 
         Logger.debug("Data container prepared");
 
+        return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam);
 
-        if (1==0) // test
-        // see if we need to fetch further attributes
-        return (new AttributeCollector()).processRequest(container, httpReq, httpResp, oaParam);
-
-        Logger.debug("Finished sending data container");
-
-
-
-
-
-
-        try {
-            //Get SAMLEngine instance
-            STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming");
-            Logger.debug("Starting generation of SAML response");
-            authnResponse = engine.generateSTORKAuthnResponse(((MOASTORKAuthnRequest)req).getStorkAuthnRequest(),authnResponse,httpReq.getRemoteAddr(),false);
-            //generateSAML Token
-            Logger.info("SAML response succesfully generated!");
-        }catch(STORKSAMLEngineException e){
-            Logger.error("Failed to generate STORK SAML Response", e);
-            throw new MOAIDException("stork.05", null);
-        }
-
-        Logger.info("STORK SAML Response message succesfully generated ");
-        Logger.debug("STORK response: ");
-
-        Logger.debug("authn response string: " + authnResponse.toString());
-
-        String statusCodeValue = authnResponse.getStatusCode();
-        Logger.debug("authn status code value: " + statusCodeValue);
-
-        try {
-            Logger.debug("authn saml plain:" + authnResponse.getTokenSaml());
-            Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); // works
-            Logger.debug("authn saml encodedx: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes())));
-
-        } catch (IOException e) {
-            e.printStackTrace();
-        }
-
-        // preparing redirection for the client
-
-        try {
-            VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
-            Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html");
-            VelocityContext context = new VelocityContext();
-            //Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.decode(context.get("SAMLResponse").toString()));
-
-            //context.put("SAMLResponse", IOUtils.toString(authnResponse.getTokenSaml()));
-
-            context.put("SAMLResponse", new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes())));
-            Logger.debug("SAMLResponse original: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes())));
-            //Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.encode(context.get("SAMLResponse").toString().getBytes()));
-
-            Logger.debug("Putting assertion consumer url as action: " + ((MOASTORKAuthnRequest)req).getStorkAuthnRequest().getAssertionConsumerServiceURL());
-            context.put("action", ((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL());
-            Logger.debug("Starting template merge");
-            StringWriter writer = new StringWriter();
-            //PrintWriter pwriter = new StringWriter();
-
-            Logger.debug("Doing template merge");
-            template.merge(context, writer);
-            Logger.debug("Template merge done");
-
-            Logger.debug("Sending html content: " + writer.getBuffer().toString());
-            Logger.debug("Sending html content2  : " + new String(writer.getBuffer()));
-
-
-
-            httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes());
-
-        } catch (Exception e) {
-            Logger.error("Velocity error: " + e.getMessage());
-        }
-
-        HttpSession httpSession = httpReq.getSession();
-        httpSession.setAttribute("STORKSessionID", "12345");
-        Logger.info("Status code again: " + authnResponse.getStatusCode());
-
-
-
-
-        return "12345"; // AssertionId
     }
 
     public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) {
@@ -249,42 +129,17 @@ public class AuthenticationRequest implements IAction {
         try {
             for (PersonalAttribute personalAttribute : attrLst) {
                 Logger.debug("Personal attribute found in request: " + personalAttribute.getName() + " isRequired: " + personalAttribute.isRequired());
-
                 moaAttributeProvider.populateAttribute(attributeList, personalAttribute);
-
-     //           if ("givenName".equals(personalAttribute.getName())) {
-     //               Logger.debug("Providing new attribute: " + personalAttribute.getName());
-     //               PersonalAttribute newAttribute = new PersonalAttribute();
-     //               newAttribute.setName("givenName");
-     //               newAttribute.setValue(new ArrayList<String>(Collections.singletonList(moaSession.getIdentityLink().getGivenName())));
-     //               attributeList.add(newAttribute);
-    //            }
-
             }
         }  catch (Exception e) {
             Logger.error("Exception, attributes: " + e.getMessage());
         }
 
-
         Logger.debug("AUTHBLOCK " + moaSession.getAuthBlock());
         Logger.debug("TARGET " + moaSession.getTarget() + " " + moaSession.getTargetFriendlyName());
-
-
         Logger.debug("SESSION IDENTIFIER " + moaSession.getCcc() + " " + moaSession.getDomainIdentifier());
-
-
         Logger.debug("AUTHBLOCKTOKKEN" + moaSession.getAuthBlockTokken());
 
-        // moaAttributeProvider.populateAttribute(attributeList, personalAttribute.getName());
-
-    //    moaAttributeProvider.populateAttribute(attributeList, "givenName");
-
-    //    moaAttributeProvider.populateAttribute(attributeList, "surname");
-
-    //    moaAttributeProvider.populateAttribute(attributeList, "xxname");
-
-    //    moaAttributeProvider.populateAttribute(attributeList, "dateOfBirth");
-
         return attributeList;
     }
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java
index 40c827ef8..44ad0000a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java
@@ -22,8 +22,9 @@ public class DataContainer implements Serializable {
 	
 	/** The target. */
 	private String target;
-	
-	/**
+    private String remoteAddress;
+
+    /**
 	 * Gets the request.
 	 *
 	 * @return the request
@@ -76,4 +77,13 @@ public class DataContainer implements Serializable {
 	public void setTarget(String target) {
 		this.target = target;
 	}
+    
+    /*
+     Sets IP address
+     */
+    public void setRemoteAddress(String address) { this.remoteAddress = address; }
+    public String getRemoteAddress() {
+        return this.remoteAddress;
+    }
+    
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
index bd6f192dc..4314e666e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
@@ -47,7 +47,6 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String)
 	 */
-	@Override
 	public IPersonalAttributeList acquire(PersonalAttribute attribute, AuthenticationSession moasession)
 			throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException {
 		requestedAttributes = new PersonalAttributeList(1);
@@ -58,7 +57,6 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest)
 	 */
-	@Override
 	public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException, UnsupportedAttributeException {
 		Logger.debug("Beginning to extract SAMLResponse out of HTTP Request");
 		
@@ -91,7 +89,6 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String)
 	 */
-	@Override
 	public void performRedirect(String url, String citizenCountryCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException {
 		
     	String spSector = "Business";
-- 
cgit v1.2.3


From 27b4ca05aeac39b0a180a13e44ed354e80fb47dd Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Wed, 26 Feb 2014 19:28:55 +0100
Subject: attribute collector

---
 .../data/deploy/conf/moa-id/stork/SamlEngine.xml   | 16 ++++
 .../conf/moa-id/stork/StorkSamlEngine_VIDP.xml     | 93 ++++++++++++++++++++++
 .../id/protocols/stork2/AttributeCollector.java    | 30 +++++--
 .../id/protocols/stork2/AuthenticationRequest.java |  2 +
 4 files changed, 133 insertions(+), 8 deletions(-)
 create mode 100644 id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_VIDP.xml

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml b/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml
index e6a29ea18..75245d8f0 100644
--- a/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml
+++ b/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml
@@ -33,5 +33,21 @@
                 </configuration>
         </instance>
 
+        <instance name="VIDP">
+                <!-- Configurations parameters StorkSamlEngine  -->
+                <configuration name="SamlEngineConf">
+                        <parameter name="fileConfiguration" value="StorkSamlEngine_VIDP.xml" />
+                </configuration>
+
+                <!-- Settings module signature-->
+                <configuration name="SignatureConf">
+                        <!-- Specific signature module -->
+                        <parameter name="class" value="eu.stork.peps.auth.engine.core.impl.SignSW" />
+                        <!-- Settings specific module -->
+                        <parameter name="fileConfiguration" value="SignModule_incoming.xml" />
+                </configuration>
+        </instance>
+
+
 	
 </instances>
diff --git a/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_VIDP.xml b/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_VIDP.xml
new file mode 100644
index 000000000..fb786529a
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_VIDP.xml
@@ -0,0 +1,93 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+	<comment>SAML constants for AuthnRequests and Responses.</comment>
+
+	<!--
+		Types of consent obtained from the user for this authentication and
+		data transfer.
+		Allow values: 'unspecified'.
+	-->
+	<entry key="consentAuthnRequest">unspecified</entry>
+	
+	<!--
+	Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'.
+	-->
+	<entry key="consentAuthnResponse">obtained</entry>
+
+	<!--URI representing the classification of the identifier
+		Allow values: 'entity'.
+	-->
+	<entry key="formatEntity">entity</entry>
+
+	<!--Only HTTP-POST binding is only supported for inter PEPS-->
+	<!--The SOAP binding is only supported for direct communication between SP-MW and VIdP-->
+	<entry key="protocolBinding">HTTP-POST</entry>
+	
+	
+	
+	
+	<!--URI representing the classification of the identifier
+		Allow values: 'entity'.
+		<entry key="eIDSectorShare">true</entry>
+		<entry key="eIDCrossSectorShare">true</entry>
+		<entry key="eIDCrossBorderShare">true</entry>
+	-->
+	
+	
+	
+	<!-- A friendly name for the attribute that can be displayed to a user -->
+	<entry key="friendlyName">false</entry>
+	
+	<!-- A friendly name for the attribute that can be displayed to a user -->
+	<entry key="isRequired">true</entry>
+	
+	<!--PEPS in the Service Provider's country-->
+	<entry key="requester">http://S-PEPS.gov.xx</entry>
+
+	<!--PEPS in the citizen's origin country-->
+	<entry key="responder">http://C-PEPS.gov.xx</entry>
+
+	<!--Subject cannot be confirmed on or after this seconds time (positive number)-->
+	<entry key="timeNotOnOrAfter">300</entry>
+	
+	<!--Validation IP of the response-->
+	<entry key="ipAddrValidation">false</entry>
+	
+	
+	<!--Subject Attribute Definitions-->
+	<entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
+	<entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
+	<entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
+	<entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
+	<entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
+	<entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
+	<entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
+	<entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
+	<entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
+	<entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
+	<entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
+	<entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
+	<entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
+	<entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
+	<entry key="age">http://www.stork.gov.eu/1.0/age</entry>
+	<entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
+
+	<entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
+	<entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
+
+	<entry key="title">http://www.stork.gov.eu/1.0/title</entry>
+	<entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
+
+	<entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
+	<entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry>
+	
+	<entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
+	<entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
+	<entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+	<entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry>
+	<entry key="representative">http://www.stork.gov.eu/1.0/representative</entry>
+	<entry key="represented">http://www.stork.gov.eu/1.0/represented</entry>
+	
+</properties>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index bc5a0c0c6..57c68e94c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -69,6 +69,7 @@ public class AttributeCollector implements IAction {
             } catch (UnsupportedAttributeException e1) {
                 // the current provider cannot find anything familiar within the
                 // provided httpreq. Try the next one.
+                // TODO check the loop
             }
 
         if (null == newAttributes) {
@@ -89,6 +90,8 @@ public class AttributeCollector implements IAction {
             throw new MOAIDException("stork.11", null);
         }
 
+
+
         // - insert the embedded attribute(s) into the container
         for (PersonalAttribute current : newAttributes)
             container.getResponse().getPersonalAttributeList().add(current);
@@ -117,6 +120,7 @@ public class AttributeCollector implements IAction {
             if (!responseAttributeList.containsKey(current))
                 missingAttributes.add(current);
 
+        // Try to get all missing attributes
         try {
             // for each attribute still missing
             for (PersonalAttribute currentAttribute : missingAttributes) {
@@ -138,6 +142,16 @@ public class AttributeCollector implements IAction {
 
                 }
             }
+
+            // build response
+            generateSTORKResponse();
+
+            // set new http response
+            generateRedirectResponse();
+            response = httpResp;
+
+            return "12345"; // AssertionId
+
         } catch (ExternalAttributeRequestRequiredException e) {
             // the attribute request is ongoing and requires an external service.
             try {
@@ -145,6 +159,13 @@ public class AttributeCollector implements IAction {
                 // - generate new key
                 String newArtifactId = new SecureRandomIdentifierGenerator()
                         .generateIdentifier();
+                // - put container in temporary store.
+                AssertionStorage.getInstance().put(newArtifactId, container);
+
+                // add container-key to redirect embedded within the return URL
+                e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam);
+
+
             } catch (Exception e1) {
                 // TODO should we return the response as is to the PEPS?
                 Logger.error("Error putting incomplete Stork response into temporary storage", e);
@@ -154,14 +175,7 @@ public class AttributeCollector implements IAction {
             return "12345"; // TODO what to do here?
         }
 
-        // build response
-        generateSTORKResponse();
-
-        // set new http response
-        generateRedirectResponse();
-        response = httpResp;
 
-        return "12345"; // AssertionId
     }
 
 
@@ -171,7 +185,7 @@ public class AttributeCollector implements IAction {
 
         try {
             //Get SAMLEngine instance
-            STORKSAMLEngine engine = STORKSAMLEngine.getInstance("vidp");
+            STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
             Logger.debug("Starting generation of SAML response");
             authnResponse = engine.generateSTORKAuthnResponse(authnRequest, authnResponse, container.getRemoteAddress(), false);
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index b3f009ae2..d4996c26a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -105,6 +105,8 @@ public class AuthenticationRequest implements IAction {
         // - memorize the target url were we have to return the result
         container.setTarget(((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL());
 
+        container.setRemoteAddress(httpReq.getRemoteAddr());
+
 
         Logger.debug("Data container prepared");
 
-- 
cgit v1.2.3


From ce0962d20a720e6c16adfd89ee8d71639d65dd52 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Thu, 27 Feb 2014 14:32:30 +0100
Subject: build stork euid

---
 .../java/at/gv/egovernment/moa/util/Constants.java |   5 +-
 .../moa/id/auth/builder/BPKBuilder.java            | 196 +++++++++++++--------
 .../id/protocols/stork2/AuthenticationRequest.java |  13 +-
 3 files changed, 140 insertions(+), 74 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/common/src/main/java/at/gv/egovernment/moa/util/Constants.java b/common/src/main/java/at/gv/egovernment/moa/util/Constants.java
index 213eb6242..ed75768ba 100644
--- a/common/src/main/java/at/gv/egovernment/moa/util/Constants.java
+++ b/common/src/main/java/at/gv/egovernment/moa/util/Constants.java
@@ -429,7 +429,10 @@ public interface Constants {
   
   /** URN prefix for context dependent id (wbPK). */
   public static final String URN_PREFIX_WBPK = URN_PREFIX + ":wbpk";
-  
+
+  /** URN prefix for context dependent id (stork). */
+  public static final String URN_PREFIX_STORK = URN_PREFIX + ":storkid";
+
   /** URN prefix for context dependent id. */
   public static final String URN_PREFIX_BASEID = URN_PREFIX + ":baseid";
   
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
index bd87737ed..fd8f3f875 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
@@ -2,19 +2,19 @@
  * Copyright 2014 Federal Chancellery Austria
  * MOA-ID has been developed in a cooperation between BRZ, the Federal
  * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- * 
+ *
  * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
  * the European Commission - subsequent versions of the EUPL (the "Licence");
  * You may not use this work except in compliance with the Licence.
  * You may obtain a copy of the Licence at:
  * http://www.osor.eu/eupl/
- * 
+ *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the Licence is distributed on an "AS IS" basis,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the Licence for the specific language governing permissions and
  * limitations under the Licence.
- * 
+ *
  * This product combines work with different licenses. See the "NOTICE" text
  * file for details on the various modules and licenses.
  * The "NOTICE" text file is part of the distribution. Any derivative works
@@ -46,91 +46,143 @@
 
 package at.gv.egovernment.moa.id.auth.builder;
 
-import java.security.MessageDigest;
-
 import at.gv.egovernment.moa.id.auth.exception.BuildException;
 import at.gv.egovernment.moa.util.Base64Utils;
 import at.gv.egovernment.moa.util.Constants;
 
+import java.security.MessageDigest;
+
 /**
  * Builder for the bPK, as defined in
  * <code>&quot;Ableitung f&uml;r die bereichsspezifische Personenkennzeichnung&quot;</code>
  * version <code>1.0.1</code> from <code>&quot;reference.e-government.gv.at&quot;</code>.
- *  
+ *
  * @author Paul Schamberger
  * @version $Id$
  */
 public class BPKBuilder {
 
-  /**
-   * Builds the bPK from the given parameters. 
-   * @param identificationValue Base64 encoded "Stammzahl" 
-   * @param target "Bereich lt. Verordnung des BKA"
-   * @return bPK in a BASE64 encoding
-   * @throws BuildException if an error occurs on building the bPK
-   */
-  public String buildBPK(String identificationValue, String target) 
-    throws BuildException {
-    
-    if ((identificationValue == null || 
-         identificationValue.length() == 0 ||
-    		 target == null || 
-         target.length() == 0)) 
-    {
-      throw new BuildException("builder.00", 
-      		                     new Object[] {"BPK", "Unvollständige Parameterangaben: identificationValue=" + 
-                                             identificationValue + ",target=" + target});
+    /**
+     * Builds the bPK from the given parameters.
+     *
+     * @param identificationValue Base64 encoded "Stammzahl"
+     * @param target              "Bereich lt. Verordnung des BKA"
+     * @return bPK in a BASE64 encoding
+     * @throws BuildException if an error occurs on building the bPK
+     */
+    public String buildBPK(String identificationValue, String target)
+            throws BuildException {
+
+        if ((identificationValue == null ||
+                identificationValue.length() == 0 ||
+                target == null ||
+                target.length() == 0)) {
+            throw new BuildException("builder.00",
+                    new Object[]{"BPK", "Unvollständige Parameterangaben: identificationValue=" +
+                            identificationValue + ",target=" + target});
+        }
+        String basisbegriff;
+        if (target.startsWith(Constants.URN_PREFIX_CDID + "+"))
+            basisbegriff = identificationValue + "+" + target;
+        else
+            basisbegriff = identificationValue + "+" + Constants.URN_PREFIX_CDID + "+" + target;
+
+        try {
+            MessageDigest md = MessageDigest.getInstance("SHA-1");
+            byte[] hash = md.digest(basisbegriff.getBytes("ISO-8859-1"));
+            String hashBase64 = Base64Utils.encode(hash);
+            return hashBase64;
+        } catch (Exception ex) {
+            throw new BuildException("builder.00", new Object[]{"bPK", ex.toString()}, ex);
+        }
     }
-    String basisbegriff;
-	if (target.startsWith(Constants.URN_PREFIX_CDID + "+"))
-		basisbegriff = identificationValue + "+" + target;
-	else
-		basisbegriff = identificationValue + "+" + Constants.URN_PREFIX_CDID + "+" + target;
-	
-    try {
-      MessageDigest md = MessageDigest.getInstance("SHA-1");
-      byte[] hash = md.digest(basisbegriff.getBytes("ISO-8859-1"));
-      String hashBase64 = Base64Utils.encode(hash);
-      return hashBase64;
-    } catch (Exception ex) {
-      throw new BuildException("builder.00", new Object[] {"bPK", ex.toString()}, ex);
+
+    /**
+     * Builds the wbPK from the given parameters.
+     *
+     * @param identificationValue Base64 encoded "Stammzahl"
+     * @param registerAndOrdNr    type of register + "+" + number in register.
+     * @return wbPK in a BASE64 encoding
+     * @throws BuildException if an error occurs on building the wbPK
+     */
+    public String buildWBPK(String identificationValue, String registerAndOrdNr)
+            throws BuildException {
+
+        if ((identificationValue == null ||
+                identificationValue.length() == 0 ||
+                registerAndOrdNr == null ||
+                registerAndOrdNr.length() == 0)) {
+            throw new BuildException("builder.00",
+                    new Object[]{"wbPK", "Unvollständige Parameterangaben: identificationValue=" +
+                            identificationValue + ",Register+Registernummer=" + registerAndOrdNr});
+        }
+
+        String basisbegriff;
+        if (registerAndOrdNr.startsWith(Constants.URN_PREFIX_WBPK + "+"))
+            basisbegriff = identificationValue + "+" + registerAndOrdNr;
+        else
+            basisbegriff = identificationValue + "+" + Constants.URN_PREFIX_WBPK + "+" + registerAndOrdNr;
+
+        try {
+            MessageDigest md = MessageDigest.getInstance("SHA-1");
+            byte[] hash = md.digest(basisbegriff.getBytes("ISO-8859-1"));
+            String hashBase64 = Base64Utils.encode(hash);
+            return hashBase64;
+        } catch (Exception ex) {
+            throw new BuildException("builder.00", new Object[]{"wbPK", ex.toString()}, ex);
+        }
     }
-  }
-
-  /**
-   * Builds the wbPK from the given parameters. 
-   * @param identificationValue Base64 encoded "Stammzahl" 
-   * @param registerAndOrdNr type of register + "+" + number in register.
-   * @return wbPK in a BASE64 encoding
-   * @throws BuildException if an error occurs on building the wbPK
-   */
-  public String buildWBPK(String identificationValue, String registerAndOrdNr) 
-    throws BuildException {
-    
-    if ((identificationValue == null || 
-         identificationValue.length() == 0 ||
-         registerAndOrdNr == null || 
-         registerAndOrdNr.length() == 0)) 
-    {
-      throw new BuildException("builder.00", 
-          new Object[] {"wbPK", "Unvollständige Parameterangaben: identificationValue=" + 
-                        identificationValue + ",Register+Registernummer=" + registerAndOrdNr});
+
+    /**
+     * Builds the wbPK from the given parameters.
+     *
+     * @param identificationValue Base64 encoded "Stammzahl"
+     * @param destinationCountry  destination country code (2 chars)
+     * @return storkid in a BASE64 encoding
+     * @throws BuildException if an error occurs on building the wbPK
+     */
+    public String buildStorkPK(String identificationValue, String destinationCountry)
+            throws BuildException {
+        return buildStorkPK(identificationValue, "AT", destinationCountry);
     }
-     
-    String basisbegriff;
-    if (registerAndOrdNr.startsWith(Constants.URN_PREFIX_WBPK + "+" ))
-    	basisbegriff = identificationValue + "+" + registerAndOrdNr;
-    else
-    	basisbegriff = identificationValue + "+" + Constants.URN_PREFIX_WBPK + "+" + registerAndOrdNr;
-    
-    try {
-      MessageDigest md = MessageDigest.getInstance("SHA-1");
-      byte[] hash = md.digest(basisbegriff.getBytes("ISO-8859-1"));
-      String hashBase64 = Base64Utils.encode(hash);
-      return hashBase64;
-    } catch (Exception ex) {
-      throw new BuildException("builder.00", new Object[] {"wbPK", ex.toString()}, ex);
+
+
+    /**
+     * Builds the wbPK from the given parameters.
+     *
+     * @param identificationValue Base64 encoded "Stammzahl"
+     * @param sourceCountry       source country code (2 chars)
+     * @param destinationCountry  destination country code (2 chars)
+     * @return storkid in a BASE64 encoding
+     * @throws BuildException if an error occurs on building the wbPK
+     */
+    public String buildStorkPK(String identificationValue, String sourceCountry, String destinationCountry)
+            throws BuildException {
+
+        if ((identificationValue == null ||
+                identificationValue.length() == 0 ||
+                destinationCountry == null ||
+                destinationCountry.length() == 0 ||
+                destinationCountry.length() != 2 ||
+                sourceCountry == null ||
+                sourceCountry.length() == 0 ||
+                sourceCountry.length() != 2)) {
+            throw new BuildException("builder.00",
+                    new Object[]{"storkid", "Unvollständige Parameterangaben: identificationValue=" +
+                            identificationValue + ", Zielland=" + destinationCountry + ", Ursprungsland=" + sourceCountry});
+        }
+
+        String basisbegriff = identificationValue + "+" + Constants.URN_PREFIX_STORK + "+" + sourceCountry + "+" + destinationCountry;
+
+        try {
+            MessageDigest md = MessageDigest.getInstance("SHA-1");
+            byte[] hash = md.digest(basisbegriff.getBytes("ISO-8859-1"));
+            String hashBase64 = Base64Utils.encode(hash);
+            return hashBase64;
+        } catch (Exception ex) {
+            throw new BuildException("builder.00", new Object[]{"storkid", ex.toString()}, ex);
+        }
     }
-  }
+
 
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index d4996c26a..3288e064f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -10,6 +10,7 @@ import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.storage.AssertionStorage;
+import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate;
 import at.gv.egovernment.moa.logging.Logger;
 import edu.emory.mathcs.backport.java.util.Collections;
 import eu.stork.peps.auth.commons.*;
@@ -29,6 +30,7 @@ import javax.servlet.http.HttpSession;
 import java.io.*;
 import java.util.HashMap;
 import eu.stork.peps.auth.engine.SAMLEngine;
+import org.w3c.dom.Element;
 
 
 /**
@@ -52,6 +54,15 @@ public class AuthenticationRequest implements IAction {
 
         this.moaSession = moasession;
         this.moaStorkAuthnRequest = (MOASTORKAuthnRequest)req;
+        MISMandate mandate = moasession.getMISMandate();
+        String owbpk = mandate.getOWbPK();
+        byte[] mand = mandate.getMandate();
+        String profprep = mandate.getProfRep();
+        //String textdesc = mandate.getTextualDescriptionOfOID();
+        Element mndt = moasession.getMandate();
+
+
+        Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand)));
 
         Logger.debug("Starting AuthenticationRequest");
         //AuthenticationServer.getInstance().startSTORKAuthentication(httpReq, httpResp, moasession);
@@ -61,7 +72,7 @@ public class AuthenticationRequest implements IAction {
         httpResp.reset();
 
         STORKAuthnResponse authnResponse = new STORKAuthnResponse();
-        authnResponse.setCountry("AT");
+        authnResponse.setCountry("EU");
 
         OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
         if (oaParam == null)
-- 
cgit v1.2.3


From 433e76b8b63b20a1d28f876f32a04f14342a9092 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Thu, 27 Feb 2014 15:14:32 +0100
Subject: integrating stork eidattribute

---
 .../at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java | 10 ++++------
 .../moa/id/protocols/stork2/AuthenticationRequest.java    |  8 ++++++--
 .../moa/id/protocols/stork2/MOAAttributeProvider.java     | 15 +++++++++++++--
 3 files changed, 23 insertions(+), 10 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
index fd8f3f875..fc43d25e5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
@@ -141,9 +141,9 @@ public class BPKBuilder {
      * @return storkid in a BASE64 encoding
      * @throws BuildException if an error occurs on building the wbPK
      */
-    public String buildStorkPK(String identificationValue, String destinationCountry)
+    public String buildStorkbPK(String identificationValue, String destinationCountry)
             throws BuildException {
-        return buildStorkPK(identificationValue, "AT", destinationCountry);
+        return buildStorkbPK(identificationValue, "AT", destinationCountry);
     }
 
 
@@ -156,17 +156,15 @@ public class BPKBuilder {
      * @return storkid in a BASE64 encoding
      * @throws BuildException if an error occurs on building the wbPK
      */
-    public String buildStorkPK(String identificationValue, String sourceCountry, String destinationCountry)
+    public String buildStorkbPK(String identificationValue, String sourceCountry, String destinationCountry)
             throws BuildException {
 
         if ((identificationValue == null ||
                 identificationValue.length() == 0 ||
                 destinationCountry == null ||
                 destinationCountry.length() == 0 ||
-                destinationCountry.length() != 2 ||
                 sourceCountry == null ||
-                sourceCountry.length() == 0 ||
-                sourceCountry.length() != 2)) {
+                sourceCountry.length() == 0)) {
             throw new BuildException("builder.00",
                     new Object[]{"storkid", "Unvollständige Parameterangaben: identificationValue=" +
                             identificationValue + ", Zielland=" + destinationCountry + ", Ursprungsland=" + sourceCountry});
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 3288e064f..6a2fe3bfc 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -54,6 +54,7 @@ public class AuthenticationRequest implements IAction {
 
         this.moaSession = moasession;
         this.moaStorkAuthnRequest = (MOASTORKAuthnRequest)req;
+        try{
         MISMandate mandate = moasession.getMISMandate();
         String owbpk = mandate.getOWbPK();
         byte[] mand = mandate.getMandate();
@@ -63,6 +64,7 @@ public class AuthenticationRequest implements IAction {
 
 
         Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand)));
+} catch (Exception x) {}
 
         Logger.debug("Starting AuthenticationRequest");
         //AuthenticationServer.getInstance().startSTORKAuthentication(httpReq, httpResp, moasession);
@@ -72,7 +74,9 @@ public class AuthenticationRequest implements IAction {
         httpResp.reset();
 
         STORKAuthnResponse authnResponse = new STORKAuthnResponse();
-        authnResponse.setCountry("EU");
+        authnResponse.setCountry(((MOASTORKAuthnRequest)req).getStorkAuthnRequest().getSpCountry());
+
+
 
         OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
         if (oaParam == null)
@@ -137,7 +141,7 @@ public class AuthenticationRequest implements IAction {
 
         // Define attribute list to be populated
         PersonalAttributeList attributeList = new PersonalAttributeList();
-        MOAAttributeProvider moaAttributeProvider = new MOAAttributeProvider(moaSession.getIdentityLink());
+        MOAAttributeProvider moaAttributeProvider = new MOAAttributeProvider(moaSession.getIdentityLink(), moaStorkAuthnRequest);
 
         try {
             for (PersonalAttribute personalAttribute : attrLst) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
index 414e383fa..190a0d27c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
@@ -1,6 +1,8 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
+import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
 import at.gv.egovernment.moa.id.auth.data.IdentityLink;
+import at.gv.egovernment.moa.id.auth.exception.BuildException;
 import at.gv.egovernment.moa.logging.Logger;
 import eu.stork.peps.auth.commons.PersonalAttribute;
 import eu.stork.peps.auth.commons.PersonalAttributeList;
@@ -20,6 +22,7 @@ public class MOAAttributeProvider {
     private final IdentityLink identityLink;
     private static final Map<String, String> storkAttributeSimpleMapping;
     private static final Map<String, String> storkAttributeFunctionMapping;
+    private final MOASTORKAuthnRequest moastorkAuthnRequest;
 
     static {
         Map<String, String> tempSimpleMap = new HashMap<String, String>();
@@ -32,8 +35,9 @@ public class MOAAttributeProvider {
         storkAttributeFunctionMapping = Collections.unmodifiableMap(tempFunctionMap);
     }
 
-    public MOAAttributeProvider(IdentityLink identityLink) {
+    public MOAAttributeProvider(IdentityLink identityLink, MOASTORKAuthnRequest moastorkAuthnRequest) {
         this.identityLink = identityLink;
+        this.moastorkAuthnRequest = moastorkAuthnRequest;
         Logger.debug("identity " + identityLink.getIdentificationType() + " " + identityLink.getIdentificationValue());
     }
 
@@ -66,9 +70,16 @@ public class MOAAttributeProvider {
     }
 
     private String geteIdentifier() {
-        return "askdlaskdlaskdsds";
+        Logger.debug("Using base urn for identification value: " + identityLink.getIdentificationType() + " and target country: " + moastorkAuthnRequest.getStorkAuthnRequest().getSpCountry());
+        try {
+            return new BPKBuilder().buildStorkbPK(identityLink.getIdentificationValue(), moastorkAuthnRequest.getStorkAuthnRequest().getSpCountry());
+        } catch (BuildException be) {
+            Logger.error("Stork eid could not be constructed; " + be.getMessage());
+            return null; // TODO error
+        }
     }
 
+
     private void populateAttributeWithMethod(Method method, Object object, PersonalAttributeList attributeList, String storkAttribute, Boolean isRequired) {
         try {
             String attributeValue = method.invoke(object, new Class[]{}).toString();
-- 
cgit v1.2.3


From 550177c54ce258715177a28f2d2d78812bf745fd Mon Sep 17 00:00:00 2001
From: Andreas Reiter <andreas.reiter@iaik.tugraz.at>
Date: Thu, 27 Feb 2014 18:31:06 +0100
Subject: Added signeddoc attribute provider plugin

---
 .../moa/id/auth/AuthenticationServer.java          |   2 +-
 .../id/protocols/stork2/AttributeCollector.java    |   2 +
 .../stork2/DemoNoRedirectAttributeProvider.java    |   3 -
 .../stork2/DemoRedirectAttributeProvider.java      |   3 -
 .../stork2/EHvdAttributeProviderPlugin.java        |   3 -
 .../stork2/SignedDocAttributeRequestProvider.java  | 129 +++++++++++++++++++++
 .../templates/oasis_dss_webform_binding.vm         |  36 ++++++
 id/server/mw-messages-api/.classpath               |   5 -
 .../stork/peps/auth/engine/core/impl/SignSW.java   |  20 ++--
 9 files changed, 178 insertions(+), 25 deletions(-)
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java
 create mode 100644 id/server/idserverlib/src/main/resources/resources/templates/oasis_dss_webform_binding.vm

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index ce5aa15c3..6f6d9611a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -125,7 +125,7 @@ import at.gv.util.xsd.srzgw.MISType;
 import at.gv.util.xsd.srzgw.MISType.Filters;
 import eu.stork.oasisdss.api.AdditionalProfiles;
 import eu.stork.oasisdss.api.ApiUtils;
-import eu.stork.oasisdss.api.ApiUtilsException;
+import eu.stork.oasisdss.api.exceptions.ApiUtilsException;
 import eu.stork.oasisdss.api.Profiles;
 import eu.stork.oasisdss.api.QualityLevels;
 import eu.stork.oasisdss.api.SignatureTypes;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 57c68e94c..288e71f58 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -133,6 +133,8 @@ public class AttributeCollector implements IAction {
                         // - add the aquired attribute to the container
                         for (PersonalAttribute current : aquiredAttributes)
                             container.getResponse().getPersonalAttributeList().add(current);
+                        //TODO: return after first AP 
+                        
                     } catch (UnsupportedAttributeException e) {
                         // ok, try the next attributeprovider
                     } catch (MOAIDException e) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
index 669a9389b..9c0869d97 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
@@ -20,7 +20,6 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String)
 	 */
-	@Override
 	public IPersonalAttributeList acquire(PersonalAttribute attributeName, AuthenticationSession moasession)
 			throws UnsupportedAttributeException {
 		PersonalAttributeList requestedAttributes = new PersonalAttributeList(1);
@@ -31,7 +30,6 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest)
 	 */
-	@Override
 	public IPersonalAttributeList parse(HttpServletRequest httpReq) {
 		// TODO Auto-generated method stub
 		return null;
@@ -40,7 +38,6 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
 	 */
-	@Override
 	public void performRedirect(String url, String citizenCountyCode,
 			HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) {
 		// we should not get here
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
index 2f6b69075..26fc00406 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
@@ -20,7 +20,6 @@ public class DemoRedirectAttributeProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String)
 	 */
-	@Override
 	public IPersonalAttributeList acquire(PersonalAttribute attributeName, AuthenticationSession moasession)
 			throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException {
 		throw new ExternalAttributeRequestRequiredException(this);
@@ -29,7 +28,6 @@ public class DemoRedirectAttributeProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest)
 	 */
-	@Override
 	public IPersonalAttributeList parse(HttpServletRequest httpReq) {
 		PersonalAttributeList requestedAttributes = new PersonalAttributeList(1);
 		requestedAttributes.add(new PersonalAttribute("sepp", true, new ArrayList<String>(), ""));
@@ -39,7 +37,6 @@ public class DemoRedirectAttributeProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
 	 */
-	@Override
 	public void performRedirect(String url, String citizenCountyCode,
 			HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) {
 		// we should not get here
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
index 8b96e0d10..758b70f2d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
@@ -55,7 +55,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(eu.stork.peps.auth.commons.PersonalAttribute)
 	 */
-	@Override
 	public IPersonalAttributeList acquire(PersonalAttribute attributes, AuthenticationSession moasession)
 			throws UnsupportedAttributeException,
 			ExternalAttributeRequestRequiredException, MOAIDException {
@@ -203,7 +202,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.config.auth.OAAuthParameter)
 	 */
-	@Override
 	public void performRedirect(String url, String citizenCountyCode,
 			HttpServletRequest req, HttpServletResponse resp,
 			OAAuthParameter oaParam) throws MOAIDException {
@@ -213,7 +211,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest)
 	 */
-	@Override
 	public IPersonalAttributeList parse(HttpServletRequest httpReq)
 			throws UnsupportedAttributeException, MOAIDException {
 		// there is no redirect required, so we throw an exception when someone asks us to parse a response
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java
new file mode 100644
index 000000000..e7cd87e85
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java
@@ -0,0 +1,129 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import java.io.StringWriter;
+import java.io.UnsupportedEncodingException;
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.codec.binary.Base64;
+import org.apache.velocity.Template;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
+
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.util.HTTPUtils;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.StringUtils;
+
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PEPSUtil;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+import eu.stork.peps.auth.commons.STORKAttrQueryRequest;
+import eu.stork.peps.auth.commons.STORKAttrQueryResponse;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
+
+/**
+ * Forwards a signedDoc attribute request to the oasis-dss service instance
+ */
+public class SignedDocAttributeRequestProvider implements AttributeProvider {
+
+	private PersonalAttribute requestedAttribute;
+
+	/**
+	 * The URL of the service listening for the oasis dss webform post request
+	 */
+	private String oasisDssWebFormURL;
+
+	/**
+	 * Instantiates a new signed doc attribute request provider.
+	 * 
+	 * @param oasisDssWebFormURL
+	 *            the AP location
+	 */
+	public SignedDocAttributeRequestProvider(String oasisDssWebFormURL) {
+		this.oasisDssWebFormURL = oasisDssWebFormURL;
+	}
+
+	/*
+	 * (non-Javadoc)
+	 * 
+	 * @see
+	 * at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java
+	 * .lang.String)
+	 */
+	public IPersonalAttributeList acquire(PersonalAttribute attribute, AuthenticationSession moasession) throws UnsupportedAttributeException,
+			ExternalAttributeRequestRequiredException {
+		requestedAttribute = attribute;
+
+		throw new ExternalAttributeRequestRequiredException(this);
+	}
+
+	/*
+	 * (non-Javadoc)
+	 * 
+	 * @see
+	 * at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax
+	 * .servlet.http.HttpServletRequest)
+	 */
+	public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException, UnsupportedAttributeException {
+		Logger.debug("Beginning to extract OASIS-DSS response out of HTTP Request");
+
+
+		STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
+		try {
+			String signResponse = new String(Base64.decodeBase64(httpReq.getParameter("signresponse")), "UTF8");
+			List<String> values = new ArrayList<String>();
+			values.add(signResponse);
+
+			Logger.debug("Assembling signedDoc attribute");
+			PersonalAttribute signedDocAttribute = new PersonalAttribute(requestedAttribute.getName(), requestedAttribute.isRequired(), values,
+					"Available");
+
+			// pack and return the result
+			PersonalAttributeList result = new PersonalAttributeList();
+			result.add(signedDocAttribute);
+			return result;
+		} catch (UnsupportedEncodingException e) {
+			Logger.error("Failed to assemble signedDoc attribute");
+			throw new MOAIDException("stork.05", null);
+		}
+	}
+
+	/*
+	 * (non-Javadoc)
+	 * 
+	 * @see
+	 * at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect
+	 * (java.lang.String)
+	 */
+	public void performRedirect(String url, String citizenCountryCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam)
+			throws MOAIDException {
+
+		try {
+			Logger.trace("Initialize VelocityEngine...");
+
+			VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
+			Template template = velocityEngine.getTemplate("/resources/templates/oasis_dss_webform_binding.vm");
+			VelocityContext context = new VelocityContext();
+			context.put("signrequest", Base64.encodeBase64String(requestedAttribute.getValue().get(0).getBytes("UTF8")));
+			context.put("action", oasisDssWebFormURL);
+
+			StringWriter writer = new StringWriter();
+			template.merge(context, writer);
+
+			resp.getOutputStream().write(writer.toString().getBytes());
+		} catch (Exception e) {
+			Logger.error("Error sending STORK SAML AttrRequest.", e);
+			throw new MOAIDException("stork.11", null);
+		}
+	}
+
+}
diff --git a/id/server/idserverlib/src/main/resources/resources/templates/oasis_dss_webform_binding.vm b/id/server/idserverlib/src/main/resources/resources/templates/oasis_dss_webform_binding.vm
new file mode 100644
index 000000000..7fcc1bb36
--- /dev/null
+++ b/id/server/idserverlib/src/main/resources/resources/templates/oasis_dss_webform_binding.vm
@@ -0,0 +1,36 @@
+##
+## Velocity Template for OASIS WEBFORM BINDING
+##
+## Velocity context may contain the following properties
+## action - String - the action URL for the form
+## signresponse - String - the Base64 encoded SAML Request
+## verifyresponse - String - the Base64 encoded SAML Response
+## clienturl - String - URL where the USer gets redirected after the signature process
+
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
+
+    <body onload="document.forms[0].submit()">
+        <noscript>
+            <p>
+                <strong>Note:</strong> Since your browser does not support JavaScript,
+                you must press the Continue button once to proceed.
+            </p>
+        </noscript>
+        
+        <form action="${action}" method="post">
+            <div>
+                #if($signrequest)<input type="hidden" name="signrequest" value="${signrequest}"/>#end
+                
+                #if($verifyrequest)<input type="hidden" name="verifyrequest" value="${verifyrequest}"/>#end
+                #if($clienturl)<input type="hidden" name="clienturl" value="${clienturl}"/>#end
+                
+            </div>
+            <noscript>
+                <div>
+                    <input type="submit" value="Continue"/>
+                </div>
+            </noscript>
+        </form>
+        
+    </body>
+</html>
\ No newline at end of file
diff --git a/id/server/mw-messages-api/.classpath b/id/server/mw-messages-api/.classpath
index 8b5a9fa96..c15838fd0 100644
--- a/id/server/mw-messages-api/.classpath
+++ b/id/server/mw-messages-api/.classpath
@@ -6,11 +6,6 @@
 			<attribute name="maven.pomderived" value="true"/>
 		</attributes>
 	</classpathentry>
-	<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources">
-		<attributes>
-			<attribute name="maven.pomderived" value="true"/>
-		</attributes>
-	</classpathentry>
 	<classpathentry kind="src" output="target/test-classes" path="src/test/java">
 		<attributes>
 			<attribute name="optional" value="true"/>
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java
index 4554a9586..6652560bd 100644
--- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java
@@ -426,16 +426,16 @@ public class SignSW implements SAMLEngineSignI {
 	    final BasicX509Credential entityX509Cred = new BasicX509Credential();
 	    entityX509Cred.setEntityCertificate(cert);	    
 	    
-	    try {
-			cert.checkValidity();
-		} 
-	    catch (CertificateExpiredException exp) {
-			throw new SAMLEngineException("Certificate expired.");
-		}
-		catch (CertificateNotYetValidException exp) {
-			throw new SAMLEngineException("Certificate not yet valid.");
-		}		
-		
+//	    try {
+//			cert.checkValidity();
+//		} 
+//	    catch (CertificateExpiredException exp) {
+//			throw new SAMLEngineException("Certificate expired.");
+//		}
+//		catch (CertificateNotYetValidException exp) {
+//			throw new SAMLEngineException("Certificate not yet valid.");
+//		}		
+//		
 		boolean trusted = false;
 		
 		for (final Enumeration<String> e = storkOwnKeyStore.aliases(); e.hasMoreElements();) 
-- 
cgit v1.2.3


From a949aceb20f55adad0dc797eba42c00f8d026fe1 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Thu, 27 Feb 2014 18:53:42 +0100
Subject: auth

---
 .../moa/id/auth/builder/BPKBuilder.java            |  4 ++--
 .../id/protocols/stork2/AuthenticationRequest.java | 28 +++++++++++++++-------
 2 files changed, 21 insertions(+), 11 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
index fc43d25e5..226d05520 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
@@ -134,7 +134,7 @@ public class BPKBuilder {
     }
 
     /**
-     * Builds the wbPK from the given parameters.
+     * Builds the storkeid from the given parameters.
      *
      * @param identificationValue Base64 encoded "Stammzahl"
      * @param destinationCountry  destination country code (2 chars)
@@ -148,7 +148,7 @@ public class BPKBuilder {
 
 
     /**
-     * Builds the wbPK from the given parameters.
+     * Builds the storkeid from the given parameters.
      *
      * @param identificationValue Base64 encoded "Stammzahl"
      * @param sourceCountry       source country code (2 chars)
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 6a2fe3bfc..e10c4d9d9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -31,6 +31,7 @@ import java.io.*;
 import java.util.HashMap;
 import eu.stork.peps.auth.engine.SAMLEngine;
 import org.w3c.dom.Element;
+import org.w3c.dom.NamedNodeMap;
 
 
 /**
@@ -54,17 +55,18 @@ public class AuthenticationRequest implements IAction {
 
         this.moaSession = moasession;
         this.moaStorkAuthnRequest = (MOASTORKAuthnRequest)req;
-        try{
-        MISMandate mandate = moasession.getMISMandate();
-        String owbpk = mandate.getOWbPK();
-        byte[] mand = mandate.getMandate();
-        String profprep = mandate.getProfRep();
-        //String textdesc = mandate.getTextualDescriptionOfOID();
-        Element mndt = moasession.getMandate();
 
+        try {
+            MISMandate mandate = moasession.getMISMandate();
+            String owbpk = mandate.getOWbPK();
+            byte[] mand = mandate.getMandate();
+            String profprep = mandate.getProfRep();
+            //String textdesc = mandate.getTextualDescriptionOfOID();
+            Element mndt = moasession.getMandate();
 
-        Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand)));
-} catch (Exception x) {}
+            iterate(mndt.getAttributes());
+            Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand)));
+        } catch (Exception x) {}
 
         Logger.debug("Starting AuthenticationRequest");
         //AuthenticationServer.getInstance().startSTORKAuthentication(httpReq, httpResp, moasession);
@@ -134,6 +136,14 @@ public class AuthenticationRequest implements IAction {
     }
 
 
+    private void iterate(NamedNodeMap attributesList) {
+        for (int j = 0; j < attributesList.getLength(); j++) {
+            Logger.debug("--Attribute: "
+                    + attributesList.item(j).getNodeName() + " = "
+                    + attributesList.item(j).getNodeValue());
+        }                    }
+
+
     public PersonalAttributeList populateAttributes() {
 
         IPersonalAttributeList attrLst = moaStorkAuthnRequest.getStorkAuthnRequest().getPersonalAttributeList();
-- 
cgit v1.2.3


From a04189917f59dcc532e088ad366da67e31f62ffd Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Fri, 28 Feb 2014 12:03:28 +0100
Subject: url fix, attribute comparison fix, samlengine profile fix

---
 .../id/protocols/stork2/AttributeCollector.java    | 194 +++++++++++++++------
 .../moa/id/protocols/stork2/STORKProtocol.java     |   2 +-
 2 files changed, 143 insertions(+), 53 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index b7fa37757..7801f9a54 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -91,59 +91,149 @@ public class AttributeCollector implements IAction {
      * @throws MOAIDException 
      */
     public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, AuthenticationSession moasession, OAAuthParameter oaParam) throws MOAIDException {
-    	// check if there are attributes we need to fetch
-    	IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList();
-    	IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList();
-    	List<PersonalAttribute> missingAttributes = new ArrayList<PersonalAttribute>();
-    	for(PersonalAttribute current : requestAttributeList)
-    		if(!responseAttributeList.containsKey(current))
-    			missingAttributes.add(current);
-    	
-    	try {
-	    	// for each attribute still missing
-	    	for(PersonalAttribute currentAttribute : missingAttributes) {
-	    	// - check if we can find a suitable AttributeProvider Plugin
-				for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) {
-					try {
-						// - hand over control to the suitable plugin
-						IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute, moasession);
-
-						// - add the aquired attribute to the container
-						for(PersonalAttribute current : aquiredAttributes)
-							container.getResponse().getPersonalAttributeList().add(current);
-					} catch(UnsupportedAttributeException e) {
-						// ok, try the next attributeprovider
-					} catch(MOAIDException e) {
-						// the current plugin had an error. Try the next one.
-						// TODO we might want to add the non-fetchable attribute as "NotAvailable" to prevent an infinite loop
-					}
-	
-	    		}
-	    	}
-		} catch (ExternalAttributeRequestRequiredException e) {
-			// the attribute request is ongoing and requires an external service.
-			try {
-				// memorize the container again
-				// - generate new key
-				String newArtifactId = new SecureRandomIdentifierGenerator()
-						.generateIdentifier();
-
-				// - put container in temporary store.
-				AssertionStorage.getInstance().put(newArtifactId, container);
-
-				// add container-key to redirect embedded within the return URL
-				e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam);
-			} catch (Exception e1) {
-				// TODO should we return the response as is to the PEPS?
-				Logger.error("Error putting incomplete Stork response into temporary storage", e);
-				throw new MOAIDException("stork.11", null);
-			}
+        // check if there are attributes we need to fetch
+        this.httpResp = response;
+        this.container = container;
+
+        IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList();
+        IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList();
+        List<PersonalAttribute> missingAttributes = new ArrayList<PersonalAttribute>();
+        for (PersonalAttribute current : requestAttributeList)
+            if (!responseAttributeList.containsKey(current.getName()))
+                missingAttributes.add(current);
+
+        // Try to get all missing attributes
+        try {
+            // for each attribute still missing
+            for (PersonalAttribute currentAttribute : missingAttributes) {
+                // - check if we can find a suitable AttributeProvider Plugin
+                for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) {
+                    try {
+                        // - hand over control to the suitable plugin
+                        IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute, moasession);
+
+                        // - add the aquired attribute to the container
+                        for (PersonalAttribute current : aquiredAttributes)
+                            container.getResponse().getPersonalAttributeList().add(current);
+                    } catch (UnsupportedAttributeException e) {
+                        // ok, try the next attributeprovider
+                    } catch (MOAIDException e) {
+                        // the current plugin had an error. Try the next one.
+                        // TODO we might want to add the non-fetchable attribute as "NotAvailable" to prevent an infinite loop
+                    }
+
+                }
+            }
+
+            // build response
+            generateSTORKResponse();
+
+            // set new http response
+            generateRedirectResponse();
+            response = httpResp;
+
+            return "12345"; // AssertionId
+
+        } catch (ExternalAttributeRequestRequiredException e) {
+            // the attribute request is ongoing and requires an external service.
+            try {
+                // memorize the container again
+                // - generate new key
+                String newArtifactId = new SecureRandomIdentifierGenerator()
+                        .generateIdentifier();
+                // - put container in temporary store.
+                AssertionStorage.getInstance().put(newArtifactId, container);
+
+                // add container-key to redirect embedded within the return URL
+                e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/dispatcher?mod=id_stork2&action=AttributeCollector&" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam);
+
+
+            } catch (Exception e1) {
+                // TODO should we return the response as is to the PEPS?
+                Logger.error("Error putting incomplete Stork response into temporary storage", e);
+                throw new MOAIDException("stork.11", null);
+            }
+
+            return "12345"; // TODO what to do here?
+        }
 
-			return "12345"; // TODO what to do here?
-		}
-    	// build response
-    	// done
-    	return "12345"; // AssertionId
+
+    }
+
+
+    private void generateSTORKResponse() throws MOAIDException {
+        STORKAuthnResponse authnResponse = container.getResponse();
+        STORKAuthnRequest authnRequest = container.getRequest();
+
+        try {
+            //Get SAMLEngine instance
+            STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
+            Logger.debug("Starting generation of SAML response");
+            authnResponse = engine.generateSTORKAuthnResponse(authnRequest, authnResponse, container.getRemoteAddress(), false);
+
+            //generateSAML Token
+            Logger.info("SAML response succesfully generated!");
+        } catch (STORKSAMLEngineException e) {
+            Logger.error("Failed to generate STORK SAML Response", e);
+            throw new MOAIDException("stork.05", null);
+        }
+
+        Logger.info("STORK SAML Response message succesfully generated ");
+        String statusCodeValue = authnResponse.getStatusCode();
+
+        try {
+            Logger.debug("authn saml plain:" + authnResponse.getTokenSaml());
+            Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); // works
+            Logger.debug("authn saml encodedx: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes())));
+
+        } catch (IOException e) {
+            e.printStackTrace();
+        }
+
+        container.setResponse(authnResponse);
+
+    }
+
+
+    private void generateRedirectResponse() {
+        STORKAuthnResponse authnResponse = container.getResponse();
+        STORKAuthnRequest authnRequest = container.getRequest();
+
+
+        // preparing redirection for the client
+
+        try {
+            VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
+            Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html");
+            VelocityContext context = new VelocityContext();
+
+            context.put("SAMLResponse", new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes())));
+            Logger.debug("SAMLResponse original: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes())));
+
+            Logger.debug("Putting assertion consumer url as action: " + authnRequest.getAssertionConsumerServiceURL());
+            context.put("action", authnRequest.getAssertionConsumerServiceURL());
+            Logger.debug("Starting template merge");
+            StringWriter writer = new StringWriter();
+
+            Logger.debug("Doing template merge");
+            template.merge(context, writer);
+            Logger.debug("Template merge done");
+
+            Logger.debug("Sending html content: " + writer.getBuffer().toString());
+            Logger.debug("Sending html content2  : " + new String(writer.getBuffer()));
+
+
+            httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes());
+
+        } catch (Exception e) {
+            Logger.error("Velocity error: " + e.getMessage());
+        }
+
+        //HttpSession httpSession = this.httpResp.getSession();
+        //httpSession.setAttribute("STORKSessionID", "12345");
+        //Logger.info("Status code again: " + authnResponse.getStatusCode());
+
+        //return "12345"; // AssertionId
     }
 
     /* (non-Javadoc)
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index 318a8fc9c..01f0079ca 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -137,7 +137,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         }
 
         //Get SAMLEngine instance
-        STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming");
+        STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
 
         STORKAuthnRequest authnRequest = null;
         Logger.error("decsamltoken" +decSamlToken.toString());
-- 
cgit v1.2.3


From 0499a41a86a6b44092eb6ad356858cd36a3d19c0 Mon Sep 17 00:00:00 2001
From: Andreas Reiter <andreas.reiter@iaik.tugraz.at>
Date: Fri, 28 Feb 2014 16:05:13 +0100
Subject: Use LightweightSourceResolver in PEPSConnector to get the DataSource

---
 .../moa/id/auth/servlet/PEPSConnectorServlet.java   | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index 41be2c7e3..f98e5c97b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -30,6 +30,7 @@ import java.net.URL;
 import java.util.ArrayList;
 import java.util.List;
 
+import javax.activation.DataSource;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
@@ -66,6 +67,8 @@ import at.gv.egovernment.moa.util.StringUtils;
 import at.gv.util.xsd.xmldsig.SignatureType;
 import at.gv.util.xsd.xmldsig.X509DataType;
 import eu.stork.oasisdss.api.ApiUtils;
+import eu.stork.oasisdss.api.LightweightSourceResolver;
+import eu.stork.oasisdss.api.exceptions.ApiUtilsException;
 import eu.stork.oasisdss.profile.DocumentWithSignature;
 import eu.stork.oasisdss.profile.SignResponse;
 import eu.stork.peps.auth.commons.PEPSUtil;
@@ -202,17 +205,15 @@ public class PEPSConnectorServlet extends AuthServlet {
 				String signatureInfo = authnResponse.getPersonalAttributeList().get("signedDoc").getValue().get(0);
 				SignResponse dssSignResponse = (SignResponse) ApiUtils.unmarshal(new StreamSource(new java.io.StringReader(signatureInfo)));
 				
-				List<DocumentWithSignature> doclocations = ApiUtils.findNamedElement(dssSignResponse.getOptionalOutputs(), DocumentWithSignature.class.getSimpleName(), DocumentWithSignature.class);
-				// TODO handle multiple docs?
-				Logger.debug("trying first doclocation");
-				String docUrl = doclocations.get(0).getDocument().getDocumentURL();
-				Logger.debug("trying first doclocation successful");
-				
 				// fetch signed doc
-				URL url = new URL(docUrl);
-				InputStream incomming = url.openStream();
-				citizenSignature = IOUtils.toString(incomming);
-				incomming.close();
+				DataSource ds = LightweightSourceResolver.getDataSource(dssSignResponse);
+				if(ds == null){
+					throw new ApiUtilsException("No datasource found in response");
+				}				
+				
+				InputStream incoming  = ds.getInputStream();
+				citizenSignature = IOUtils.toString(incoming);
+				incoming.close();
 				
 				JAXBContext ctx = JAXBContext.newInstance(SignatureType.class.getPackage().getName());
 				SignatureType root = ((JAXBElement<SignatureType>) ctx.createUnmarshaller().unmarshal(IOUtils.toInputStream(citizenSignature))).getValue();
-- 
cgit v1.2.3


From 2517b992ab38c09bc2979ed5010aee113e569834 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Fri, 28 Feb 2014 17:07:38 +0100
Subject: protocol change

---
 .../java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index 502925a2a..9b46ee9c6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -62,7 +62,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
     }
 
     public STORKProtocol() {
-        super();    //
+        super();
     }
 
     /*
@@ -152,7 +152,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         Logger.error("spid " + authnRequest.getSPID());
         Logger.error("spi " + authnRequest.getSpInstitution());
 
-
+        authnRequest.setCountry("");
         STORK2Request.setSTORKAuthnRequest(authnRequest);
 
 
-- 
cgit v1.2.3


From 7767c1c7fe237ec729d98d66577f8a247c622d85 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Mon, 3 Mar 2014 09:36:31 +0100
Subject: clean

---
 .../moa/id/protocols/stork2/STORKProtocol.java     | 39 ++--------------------
 1 file changed, 3 insertions(+), 36 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index 9b46ee9c6..042d61080 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -25,7 +25,6 @@ import java.util.HashMap;
 
 /**
  * Stork 2 Protocol Support
- * Date: 11/29/13, Time: 12:32 PM
  * @author bsuzic
  */
 public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
@@ -71,22 +70,9 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
          */
     public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action) throws MOAIDException {
         Logger.debug("Starting preprocessing");
-        Logger.debug("Got request: " + request.toString());
         Logger.debug("Request method: " + request.getMethod());
-        for (Object o : Collections.list(request.getHeaderNames())) {
-            Logger.debug("Request header: " + o.toString() + ":::" + request.getHeader(o.toString()));
-        }
-        for (Object o : Collections.list(request.getParameterNames())) {
-            Logger.debug("Request parameter: " + o.toString() + "::::" + request.getParameter(o.toString()));
-        }
-
         Logger.debug("Request content length: " + request.getContentLength());
-        Logger.debug("Request query: " + request.getQueryString());
-        Logger.debug("Response: " + response.toString());
-        Logger.debug("Action: " + action);
-
-        Logger.debug("Processing saml request");
-        String SAMLRequest = request.getParameter("SAMLRequest");
+        Logger.debug("Initiating action: " + action);
 
         HTTPInTransport profileReq = new HttpServletRequestAdapter(request);
         HTTPOutTransport profileResp = new HttpServletResponseAdapter(response, request.isSecure());
@@ -104,28 +90,11 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         } catch (Exception e) {
             Logger.error("Error decoding STORKAuthnRequest", e);
         }
-        /*
-
-        STORKAuthnRequestImpl ST2Req = (STORKAuthnRequestImpl)samlMessageContext.getInboundSAMLMessage();
-        //MOASTORKAuthnRequest STORK2Request = (MOASTORKAuthnRequest)samlMessageContext.getInboundSAMLMessage();
-        MOASTORKAuthnRequest STORK2Request = new MOASTORKAuthnRequest();
-        STORK2Request.setSTORKAuthnRequest(ST2Req);
-
-        Logger.debug("STORK2 Citizen code: " + ST2Req.getCitizenCountryCode());
-        Logger.debug("STORK2 QAA: " + ST2Req.getQAALevel());
-        Logger.debug("STORK2 ISSUER: " + ST2Req.getIssuer().toString());
-
-        */
-        //STORKAuthnReq storkAuthnReq = new STORKAuthnReq();
-
 
         MOASTORKAuthnRequest STORK2Request = new MOASTORKAuthnRequest();
 
 
         //extract STORK Response from HTTP Request
-        //Decodes SAML Response
-
-
         byte[] decSamlToken;
         try {
             decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLRequest"));
@@ -138,12 +107,11 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming");
 
         STORKAuthnRequest authnRequest = null;
-        Logger.error("decsamltoken" +decSamlToken.toString());
 
         try {
-        authnRequest = engine.validateSTORKAuthnRequest(decSamlToken);
+            authnRequest = engine.validateSTORKAuthnRequest(decSamlToken);
         } catch (STORKSAMLEngineException ex) {
-            Logger.error("Unable to validate storkrkauthnreqeust" + ex.getMessage() );
+            Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage() );
         }
 
         Logger.error("acsu " + authnRequest.getAssertionConsumerServiceURL());
@@ -152,7 +120,6 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         Logger.error("spid " + authnRequest.getSPID());
         Logger.error("spi " + authnRequest.getSpInstitution());
 
-        authnRequest.setCountry("");
         STORK2Request.setSTORKAuthnRequest(authnRequest);
 
 
-- 
cgit v1.2.3


From 85da46b80e3b1c3d3565d044c1fba9c07182482b Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Mon, 3 Mar 2014 09:26:02 +0100
Subject: refactoring

---
 .../id/protocols/stork2/AttributeCollector.java    | 37 ++++++++++++----------
 .../moa/id/protocols/stork2/DataContainer.java     | 21 ++++++++++++
 2 files changed, 41 insertions(+), 17 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 7801f9a54..93b2b0495 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -1,11 +1,14 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
+import java.io.IOException;
+import java.io.StringWriter;
 import java.util.ArrayList;
 import java.util.List;
 
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
@@ -17,10 +20,18 @@ import at.gv.egovernment.moa.logging.Logger;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.apache.velocity.Template;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
 import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
 
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PEPSUtil;
 import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
+import eu.stork.peps.auth.commons.STORKAuthnResponse;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
 
 /**
  * the AttributeCollector Action tries to get all requested attributes from a set of {@link AttributeProvider} Plugins.
@@ -92,8 +103,6 @@ public class AttributeCollector implements IAction {
      */
     public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, AuthenticationSession moasession, OAAuthParameter oaParam) throws MOAIDException {
         // check if there are attributes we need to fetch
-        this.httpResp = response;
-        this.container = container;
 
         IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList();
         IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList();
@@ -126,11 +135,10 @@ public class AttributeCollector implements IAction {
             }
 
             // build response
-            generateSTORKResponse();
+            generateSTORKResponse(container);
 
             // set new http response
-            generateRedirectResponse();
-            response = httpResp;
+            generateRedirectResponse(response, container);
 
             return "12345"; // AssertionId
 
@@ -161,7 +169,7 @@ public class AttributeCollector implements IAction {
     }
 
 
-    private void generateSTORKResponse() throws MOAIDException {
+    private void generateSTORKResponse(DataContainer container) throws MOAIDException {
         STORKAuthnResponse authnResponse = container.getResponse();
         STORKAuthnRequest authnRequest = container.getRequest();
 
@@ -181,21 +189,16 @@ public class AttributeCollector implements IAction {
         Logger.info("STORK SAML Response message succesfully generated ");
         String statusCodeValue = authnResponse.getStatusCode();
 
-        try {
-            Logger.debug("authn saml plain:" + authnResponse.getTokenSaml());
-            Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); // works
-            Logger.debug("authn saml encodedx: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes())));
-
-        } catch (IOException e) {
-            e.printStackTrace();
-        }
+        Logger.debug("authn saml plain:" + authnResponse.getTokenSaml());
+		Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml()));
+		Logger.debug("authn saml encodedx: " + PEPSUtil.encodeSAMLToken(authnResponse.getTokenSaml()));
 
         container.setResponse(authnResponse);
 
     }
 
 
-    private void generateRedirectResponse() {
+    private void generateRedirectResponse(HttpServletResponse httpResp, DataContainer container) {
         STORKAuthnResponse authnResponse = container.getResponse();
         STORKAuthnRequest authnRequest = container.getRequest();
 
@@ -207,8 +210,8 @@ public class AttributeCollector implements IAction {
             Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html");
             VelocityContext context = new VelocityContext();
 
-            context.put("SAMLResponse", new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes())));
-            Logger.debug("SAMLResponse original: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes())));
+            context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(authnResponse.getTokenSaml()).getBytes());
+            Logger.debug("SAMLResponse original: " + new String(authnResponse.getTokenSaml()).getBytes());
 
             Logger.debug("Putting assertion consumer url as action: " + authnRequest.getAssertionConsumerServiceURL());
             context.put("action", authnRequest.getAssertionConsumerServiceURL());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java
index 40c827ef8..a1c40526d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java
@@ -23,6 +23,9 @@ public class DataContainer implements Serializable {
 	/** The target. */
 	private String target;
 	
+	/** The remote address. */
+	private String remoteAddress;
+	
 	/**
 	 * Gets the request.
 	 *
@@ -76,4 +79,22 @@ public class DataContainer implements Serializable {
 	public void setTarget(String target) {
 		this.target = target;
 	}
+
+	/**
+	 * Gets the remote address.
+	 *
+	 * @return the remote address
+	 */
+	public String getRemoteAddress() {
+		return remoteAddress;
+	}
+
+	/**
+	 * Sets the remote address.
+	 *
+	 * @param remoteAddress the new remote address
+	 */
+	public void setRemoteAddress(String remoteAddress) {
+		this.remoteAddress = remoteAddress;
+	}
 }
-- 
cgit v1.2.3


From bf784b6222784758eb846b0aaf2080b009549be0 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Mon, 3 Mar 2014 09:30:41 +0100
Subject: cleanup

---
 .../id/protocols/stork2/AttributeCollector.java    | 29 +++++++++-------------
 .../ExternalAttributeRequestRequiredException.java | 15 +++++++++++
 2 files changed, 27 insertions(+), 17 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 93b2b0495..c711d9400 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -1,6 +1,5 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
-import java.io.IOException;
 import java.io.StringWriter;
 import java.util.ArrayList;
 import java.util.List;
@@ -164,11 +163,14 @@ public class AttributeCollector implements IAction {
 
             return "12345"; // TODO what to do here?
         }
-
-
     }
 
-
+    /**
+     * generates binary response from given response class.
+     *
+     * @param container the container
+     * @throws MOAIDException the mOAID exception
+     */
     private void generateSTORKResponse(DataContainer container) throws MOAIDException {
         STORKAuthnResponse authnResponse = container.getResponse();
         STORKAuthnRequest authnRequest = container.getRequest();
@@ -187,24 +189,24 @@ public class AttributeCollector implements IAction {
         }
 
         Logger.info("STORK SAML Response message succesfully generated ");
-        String statusCodeValue = authnResponse.getStatusCode();
-
         Logger.debug("authn saml plain:" + authnResponse.getTokenSaml());
 		Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml()));
 		Logger.debug("authn saml encodedx: " + PEPSUtil.encodeSAMLToken(authnResponse.getTokenSaml()));
 
         container.setResponse(authnResponse);
-
     }
 
-
+    /**
+     * writes the storkresponse to the httpresponse using the velocity engine.
+     *
+     * @param httpResp the http resp
+     * @param container the container
+     */
     private void generateRedirectResponse(HttpServletResponse httpResp, DataContainer container) {
         STORKAuthnResponse authnResponse = container.getResponse();
         STORKAuthnRequest authnRequest = container.getRequest();
 
-
         // preparing redirection for the client
-
         try {
             VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
             Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html");
@@ -225,18 +227,11 @@ public class AttributeCollector implements IAction {
             Logger.debug("Sending html content: " + writer.getBuffer().toString());
             Logger.debug("Sending html content2  : " + new String(writer.getBuffer()));
 
-
             httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes());
 
         } catch (Exception e) {
             Logger.error("Velocity error: " + e.getMessage());
         }
-
-        //HttpSession httpSession = this.httpResp.getSession();
-        //httpSession.setAttribute("STORKSessionID", "12345");
-        //Logger.info("Status code again: " + authnResponse.getStatusCode());
-
-        //return "12345"; // AssertionId
     }
 
     /* (non-Javadoc)
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java
index 29b09487b..56f31723c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java
@@ -1,12 +1,27 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
 public class ExternalAttributeRequestRequiredException extends Exception {
+	
+	/** The Constant serialVersionUID. */
+	private static final long serialVersionUID = 5207631348933518908L;
+	
+	/** The ap. */
 	private AttributeProvider ap;
 
+	/**
+	 * Instantiates a new external attribute request required exception.
+	 *
+	 * @param provider the provider
+	 */
 	public ExternalAttributeRequestRequiredException(AttributeProvider provider) {
 		ap = provider;
 	}
 
+	/**
+	 * Gets the ap.
+	 *
+	 * @return the ap
+	 */
 	public AttributeProvider getAp() {
 		return ap;
 	}
-- 
cgit v1.2.3


From 142bf6e5c229aa523e5c1363716d011df6d6af93 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Mon, 3 Mar 2014 14:03:38 +0100
Subject: attr supporT

---
 .../data/deploy/conf/moa-id/stork/SamlEngine.xml   | 17 ++++
 .../conf/moa-id/stork/SignModule_incoming_attr.xml | 12 +++
 .../moa-id/stork/StorkSamlEngine_incoming_attr.xml | 93 +++++++++++++++++++++
 .../id/protocols/stork2/AuthenticationRequest.java | 95 ++++++++++------------
 .../id/protocols/stork2/MOAAttributeProvider.java  | 10 +--
 .../id/protocols/stork2/MOASTORKAuthnRequest.java  | 71 ----------------
 .../moa/id/protocols/stork2/MOASTORKRequest.java   | 95 ++++++++++++++++++++++
 .../moa/id/protocols/stork2/STORKProtocol.java     | 25 ++++--
 8 files changed, 282 insertions(+), 136 deletions(-)
 create mode 100644 id/server/data/deploy/conf/moa-id/stork/SignModule_incoming_attr.xml
 create mode 100644 id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_incoming_attr.xml
 delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml b/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml
index 75245d8f0..166a48ff8 100644
--- a/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml
+++ b/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml
@@ -33,6 +33,23 @@
                 </configuration>
         </instance>
 
+
+        <instance name="incoming_attr">
+                <!-- Configurations parameters StorkSamlEngine  -->
+                <configuration name="SamlEngineConf">
+                        <parameter name="fileConfiguration" value="StorkSamlEngine_incoming_attr.xml" />
+                </configuration>
+
+                <!-- Settings module signature-->
+                <configuration name="SignatureConf">
+                        <!-- Specific signature module -->
+                        <parameter name="class" value="eu.stork.peps.auth.engine.core.impl.SignSW" />
+                        <!-- Settings specific module -->
+                        <parameter name="fileConfiguration" value="SignModule_incoming_attr.xml" />
+                </configuration>
+        </instance>
+
+
         <instance name="VIDP">
                 <!-- Configurations parameters StorkSamlEngine  -->
                 <configuration name="SamlEngineConf">
diff --git a/id/server/data/deploy/conf/moa-id/stork/SignModule_incoming_attr.xml b/id/server/data/deploy/conf/moa-id/stork/SignModule_incoming_attr.xml
new file mode 100644
index 000000000..68b15e667
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-id/stork/SignModule_incoming_attr.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+	<comment>SWModule sign with JKS.</comment>
+	<entry key="keystorePath">/home/stork/repos/moa-idspss/id/server/data/deploy/conf/moa-id/stork/storkDemoKeysPT.jks</entry>
+	<entry key="keyStorePassword">local-demo</entry>
+	<entry key="keyPassword">local-demo</entry>
+	<entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry>	
+	<entry key="serialNumber">4BA89DB2</entry>		
+	<entry key="keystoreType">JKS</entry>
+</properties>
diff --git a/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_incoming_attr.xml b/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_incoming_attr.xml
new file mode 100644
index 000000000..fb786529a
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_incoming_attr.xml
@@ -0,0 +1,93 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+	<comment>SAML constants for AuthnRequests and Responses.</comment>
+
+	<!--
+		Types of consent obtained from the user for this authentication and
+		data transfer.
+		Allow values: 'unspecified'.
+	-->
+	<entry key="consentAuthnRequest">unspecified</entry>
+	
+	<!--
+	Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'.
+	-->
+	<entry key="consentAuthnResponse">obtained</entry>
+
+	<!--URI representing the classification of the identifier
+		Allow values: 'entity'.
+	-->
+	<entry key="formatEntity">entity</entry>
+
+	<!--Only HTTP-POST binding is only supported for inter PEPS-->
+	<!--The SOAP binding is only supported for direct communication between SP-MW and VIdP-->
+	<entry key="protocolBinding">HTTP-POST</entry>
+	
+	
+	
+	
+	<!--URI representing the classification of the identifier
+		Allow values: 'entity'.
+		<entry key="eIDSectorShare">true</entry>
+		<entry key="eIDCrossSectorShare">true</entry>
+		<entry key="eIDCrossBorderShare">true</entry>
+	-->
+	
+	
+	
+	<!-- A friendly name for the attribute that can be displayed to a user -->
+	<entry key="friendlyName">false</entry>
+	
+	<!-- A friendly name for the attribute that can be displayed to a user -->
+	<entry key="isRequired">true</entry>
+	
+	<!--PEPS in the Service Provider's country-->
+	<entry key="requester">http://S-PEPS.gov.xx</entry>
+
+	<!--PEPS in the citizen's origin country-->
+	<entry key="responder">http://C-PEPS.gov.xx</entry>
+
+	<!--Subject cannot be confirmed on or after this seconds time (positive number)-->
+	<entry key="timeNotOnOrAfter">300</entry>
+	
+	<!--Validation IP of the response-->
+	<entry key="ipAddrValidation">false</entry>
+	
+	
+	<!--Subject Attribute Definitions-->
+	<entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
+	<entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
+	<entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
+	<entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
+	<entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
+	<entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
+	<entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
+	<entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
+	<entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
+	<entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
+	<entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
+	<entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
+	<entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
+	<entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
+	<entry key="age">http://www.stork.gov.eu/1.0/age</entry>
+	<entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
+
+	<entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
+	<entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
+
+	<entry key="title">http://www.stork.gov.eu/1.0/title</entry>
+	<entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
+
+	<entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
+	<entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry>
+	
+	<entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
+	<entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
+	<entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+	<entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry>
+	<entry key="representative">http://www.stork.gov.eu/1.0/representative</entry>
+	<entry key="represented">http://www.stork.gov.eu/1.0/represented</entry>
+	
+</properties>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index e10c4d9d9..91326a51d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -3,91 +3,77 @@ package at.gv.egovernment.moa.id.protocols.stork2;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
-import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.storage.AssertionStorage;
 import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate;
 import at.gv.egovernment.moa.logging.Logger;
-import edu.emory.mathcs.backport.java.util.Collections;
-import eu.stork.peps.auth.commons.*;
-import eu.stork.peps.auth.engine.STORKSAMLEngine;
-import eu.stork.peps.exceptions.STORKSAMLEngineException;
-import org.apache.commons.io.IOUtils;
-import org.apache.velocity.Template;
-import org.apache.velocity.VelocityContext;
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+import eu.stork.peps.auth.commons.STORKAuthnResponse;
 import org.apache.velocity.app.VelocityEngine;
 import org.apache.velocity.runtime.RuntimeConstants;
-import org.opensaml.xml.util.Base64;
-import org.opensaml.xml.util.XMLHelper;
-import javax.servlet.ServletOutputStream;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-import java.io.*;
-import java.util.HashMap;
-import eu.stork.peps.auth.engine.SAMLEngine;
 import org.w3c.dom.Element;
 import org.w3c.dom.NamedNodeMap;
 
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
 
 /**
+ * Second request step - after authentication of the user is done and moasession obtained,
+ * process request and forward the user further to PEPS and/or other entities
+ *
  * @author bsuzic
- *         Date: 12/3/13, Time: 2:08 PM
  */
 
 public class AuthenticationRequest implements IAction {
-    /*
-    Second request step - after authentication of the user is done and moasession obtained,
-    process request and forward the user further to PEPS and/or other entities
-     */
 
 
     private VelocityEngine velocityEngine;
     private AuthenticationSession moaSession;
-    private MOASTORKAuthnRequest moaStorkAuthnRequest;
+    private MOASTORKRequest moaStorkRequest;
 
 
     public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {
 
         this.moaSession = moasession;
-        this.moaStorkAuthnRequest = (MOASTORKAuthnRequest)req;
-
-        try {
-            MISMandate mandate = moasession.getMISMandate();
-            String owbpk = mandate.getOWbPK();
-            byte[] mand = mandate.getMandate();
-            String profprep = mandate.getProfRep();
-            //String textdesc = mandate.getTextualDescriptionOfOID();
-            Element mndt = moasession.getMandate();
+        this.moaStorkRequest = (MOASTORKRequest) req;
+
+        if (moasession.getUseMandate()) {
+            try {
+                MISMandate mandate = moasession.getMISMandate();
+                String owbpk = mandate.getOWbPK();
+                byte[] mand = mandate.getMandate();
+                String profprep = mandate.getProfRep();
+                //String textdesc = mandate.getTextualDescriptionOfOID();
+                Element mndt = moasession.getMandate();
+
+                iterate(mndt.getAttributes());
+                Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand)));
+            } catch (Exception x) {
+                Logger.debug("There is no mandate used in transaction");
+            }
+        }
 
-            iterate(mndt.getAttributes());
-            Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand)));
-        } catch (Exception x) {}
 
         Logger.debug("Starting AuthenticationRequest");
-        //AuthenticationServer.getInstance().startSTORKAuthentication(httpReq, httpResp, moasession);
-        Logger.debug("Http Response: " + httpResp.toString() + ", ");
-        Logger.debug("Remote user: " + httpReq.getRemoteAddr());
-        Logger.debug("Moa session: " + moasession.toString() + " " + moasession.getOAURLRequested() + " " + moasession.getPublicOAURLPrefix() + " " + moasession.getAction() + " " + moasession.getIdentityLink().getName() + " " + moasession.getTarget());
         httpResp.reset();
 
         STORKAuthnResponse authnResponse = new STORKAuthnResponse();
-        authnResponse.setCountry(((MOASTORKAuthnRequest)req).getStorkAuthnRequest().getSpCountry());
-
+        authnResponse.setCountry(((MOASTORKRequest) req).getStorkAuthnRequest().getSpCountry());
 
 
         OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
         if (oaParam == null)
-            throw new AuthenticationException("stork.12", new Object[] { moasession.getPublicOAURLPrefix() });
+            throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()});
 
 
         // Prepare basic AT attributes
         try {
-            IPersonalAttributeList moaAttrList =  moasession.getStorkAttributes();
+            IPersonalAttributeList moaAttrList = moasession.getStorkAttributes();
             Logger.info("Found number of moa personal attributes: " + moasession.getStorkAttributes().size());
 
 
@@ -114,13 +100,13 @@ public class AuthenticationRequest implements IAction {
         DataContainer container = new DataContainer();
 
         // - fill in the request we extracted above
-        container.setRequest(((MOASTORKAuthnRequest) req).getStorkAuthnRequest());
-        
+        container.setRequest(((MOASTORKRequest) req).getStorkAuthnRequest());
+
         // - fill in the partial response created above
         container.setResponse(authnResponse);
-        
+
         // - memorize the target url were we have to return the result
-        container.setTarget(((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL());
+        container.setTarget(((MOASTORKRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL());
 
         container.setRemoteAddress(httpReq.getRemoteAddr());
 
@@ -141,24 +127,25 @@ public class AuthenticationRequest implements IAction {
             Logger.debug("--Attribute: "
                     + attributesList.item(j).getNodeName() + " = "
                     + attributesList.item(j).getNodeValue());
-        }                    }
+        }
+    }
 
 
     public PersonalAttributeList populateAttributes() {
 
-        IPersonalAttributeList attrLst = moaStorkAuthnRequest.getStorkAuthnRequest().getPersonalAttributeList();
-        Logger.info("Found " + attrLst.size() + " personal attributes in the request." );
+        IPersonalAttributeList attrLst = moaStorkRequest.getStorkAuthnRequest().getPersonalAttributeList();
+        Logger.info("Found " + attrLst.size() + " personal attributes in the request.");
 
         // Define attribute list to be populated
         PersonalAttributeList attributeList = new PersonalAttributeList();
-        MOAAttributeProvider moaAttributeProvider = new MOAAttributeProvider(moaSession.getIdentityLink(), moaStorkAuthnRequest);
+        MOAAttributeProvider moaAttributeProvider = new MOAAttributeProvider(moaSession.getIdentityLink(), moaStorkRequest);
 
         try {
             for (PersonalAttribute personalAttribute : attrLst) {
                 Logger.debug("Personal attribute found in request: " + personalAttribute.getName() + " isRequired: " + personalAttribute.isRequired());
                 moaAttributeProvider.populateAttribute(attributeList, personalAttribute);
             }
-        }  catch (Exception e) {
+        } catch (Exception e) {
             Logger.error("Exception, attributes: " + e.getMessage());
         }
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
index 190a0d27c..d89fb8cb2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
@@ -22,7 +22,7 @@ public class MOAAttributeProvider {
     private final IdentityLink identityLink;
     private static final Map<String, String> storkAttributeSimpleMapping;
     private static final Map<String, String> storkAttributeFunctionMapping;
-    private final MOASTORKAuthnRequest moastorkAuthnRequest;
+    private final MOASTORKRequest moastorkRequest;
 
     static {
         Map<String, String> tempSimpleMap = new HashMap<String, String>();
@@ -35,9 +35,9 @@ public class MOAAttributeProvider {
         storkAttributeFunctionMapping = Collections.unmodifiableMap(tempFunctionMap);
     }
 
-    public MOAAttributeProvider(IdentityLink identityLink, MOASTORKAuthnRequest moastorkAuthnRequest) {
+    public MOAAttributeProvider(IdentityLink identityLink, MOASTORKRequest moastorkRequest) {
         this.identityLink = identityLink;
-        this.moastorkAuthnRequest = moastorkAuthnRequest;
+        this.moastorkRequest = moastorkRequest;
         Logger.debug("identity " + identityLink.getIdentificationType() + " " + identityLink.getIdentificationValue());
     }
 
@@ -70,9 +70,9 @@ public class MOAAttributeProvider {
     }
 
     private String geteIdentifier() {
-        Logger.debug("Using base urn for identification value: " + identityLink.getIdentificationType() + " and target country: " + moastorkAuthnRequest.getStorkAuthnRequest().getSpCountry());
+        Logger.debug("Using base urn for identification value: " + identityLink.getIdentificationType() + " and target country: " + moastorkRequest.getStorkAuthnRequest().getSpCountry());
         try {
-            return new BPKBuilder().buildStorkbPK(identityLink.getIdentificationValue(), moastorkAuthnRequest.getStorkAuthnRequest().getSpCountry());
+            return new BPKBuilder().buildStorkbPK(identityLink.getIdentificationValue(), moastorkRequest.getStorkAuthnRequest().getSpCountry());
         } catch (BuildException be) {
             Logger.error("Stork eid could not be constructed; " + be.getMessage());
             return null; // TODO error
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java
deleted file mode 100644
index cee64e16e..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java
+++ /dev/null
@@ -1,71 +0,0 @@
-package at.gv.egovernment.moa.id.protocols.stork2;
-
-import at.gv.egovernment.moa.id.moduls.IRequest;
-import eu.stork.peps.auth.commons.STORKAuthnRequest;
-import org.opensaml.common.xml.SAMLConstants;
-
-/**
- * @author bsuzic
- *         Date: 12/4/13, Time: 6:31 PM
- */
-
-public class MOASTORKAuthnRequest implements IRequest {
-    private String requestID;
-    private String target = null;
-    String module = null;
-    String action = null;
-    private STORKAuthnRequest storkAuthnRequest;
-
-    public void setSTORKAuthnRequest(STORKAuthnRequest request) {
-        this.storkAuthnRequest = request;
-    }
-
-    public STORKAuthnRequest getStorkAuthnRequest() {
-        return this.storkAuthnRequest;
-    }
-
-    public String getOAURL() {
-
-        return "https://sp:8889/SP";  //
-    }
-
-    public boolean isPassiv() {
-        return false;  //
-    }
-
-    public boolean forceAuth() {
-        return false;  //
-    }
-
-    public boolean isSSOSupported() {
-        return false;  //
-    }
-
-    public String requestedModule() {
-        return this.module;  //
-    }
-
-    public String requestedAction() {
-        return action;  //
-    }
-
-    public void setModule(String module) {
-        this.module = module;
-    }
-
-    public void setAction(String action) {
-        this.action = action;
-    }
-
-    public String getTarget() {
-        return this.target;  //
-    }
-
-    public void setRequestID(String id) {
-        this.requestID = id;
-    }
-
-    public String getRequestID() {
-        return this.requestID;  //
-    }
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
new file mode 100644
index 000000000..8c7fd8706
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
@@ -0,0 +1,95 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import at.gv.egovernment.moa.id.moduls.IRequest;
+import eu.stork.peps.auth.commons.STORKAttrQueryRequest;
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
+
+/**
+ * Implements MOA request and stores StorkAuthnRequest related data
+ *
+ * @author bsuzic
+ */
+
+public class MOASTORKRequest implements IRequest {
+    private String requestID;
+    private String target = null;
+    String module = null;
+    String action = null;
+    private STORKAuthnRequest storkAuthnRequest;
+    private STORKAttrQueryRequest storkAttrQueryRequest;
+    private boolean isAttrRequest = false;
+    private boolean isAuthnRequest = false;
+
+    public void setSTORKAuthnRequest(STORKAuthnRequest request) {
+        this.storkAuthnRequest = request;
+        if (request != null) {
+            isAuthnRequest = true;
+        }
+    }
+
+    public void setSTORKAttrRequest(STORKAttrQueryRequest request) {
+        this.storkAttrQueryRequest = request;
+        if (request != null) {
+            isAttrRequest = true;
+        }
+
+    }
+
+    public boolean isAttrRequest() {
+        return this.isAttrRequest;
+    }
+
+    public boolean isAuthnRequest() {
+        return this.isAuthnRequest;
+    }
+
+
+    public STORKAuthnRequest getStorkAuthnRequest() {
+        return this.storkAuthnRequest;
+    }
+
+    public String getOAURL() {
+
+        return storkAuthnRequest.getAssertionConsumerServiceURL();
+    }
+
+    public boolean isPassiv() {
+        return false;
+    }
+
+    public boolean forceAuth() {
+        return false;
+    }
+
+    public boolean isSSOSupported() {
+        return false;
+    }
+
+    public String requestedModule() {
+        return this.module;
+    }
+
+    public String requestedAction() {
+        return action;
+    }
+
+    public void setModule(String module) {
+        this.module = module;
+    }
+
+    public void setAction(String action) {
+        this.action = action;
+    }
+
+    public String getTarget() {
+        return this.target;
+    }
+
+    public void setRequestID(String id) {
+        this.requestID = id;
+    }
+
+    public String getRequestID() {
+        return this.requestID;
+    }
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index 042d61080..28a516d2a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -5,13 +5,12 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.id.moduls.IModulInfo;
 import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare;
 import at.gv.egovernment.moa.logging.Logger;
 import eu.stork.peps.auth.commons.PEPSUtil;
+import eu.stork.peps.auth.commons.STORKAttrQueryRequest;
 import eu.stork.peps.auth.engine.STORKSAMLEngine;
 import eu.stork.peps.exceptions.STORKSAMLEngineException;
 import org.opensaml.common.binding.BasicSAMLMessageContext;
-import org.opensaml.saml2.binding.decoding.HTTPPostDecoder;
 import org.opensaml.ws.transport.http.HTTPInTransport;
 import org.opensaml.ws.transport.http.HTTPOutTransport;
 import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
@@ -20,7 +19,6 @@ import eu.stork.peps.auth.commons.STORKAuthnRequest;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import java.util.Collections;
 import java.util.HashMap;
 
 /**
@@ -81,6 +79,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext();
         samlMessageContext.setInboundMessageTransport(profileReq);
 
+/*
         HTTPPostDecoder postDecoder = new HTTPPostDecoder();
         postDecoder.setURIComparator(new MOAURICompare()); // TODO Abstract to use general comparator
 
@@ -90,8 +89,9 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         } catch (Exception e) {
             Logger.error("Error decoding STORKAuthnRequest", e);
         }
+*/
 
-        MOASTORKAuthnRequest STORK2Request = new MOASTORKAuthnRequest();
+        MOASTORKRequest STORK2Request = new MOASTORKRequest();
 
 
         //extract STORK Response from HTTP Request
@@ -99,7 +99,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         try {
             decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLRequest"));
         } catch(NullPointerException e) {
-            Logger.error("Unable to retrieve STORK Response", e);
+            Logger.error("Unable to retrieve STORK Request", e);
             throw new MOAIDException("stork.04", null);
         }
 
@@ -107,13 +107,26 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming");
 
         STORKAuthnRequest authnRequest = null;
+        STORKAttrQueryRequest attrRequest = null;
 
+        // check if valid authn request is contained
         try {
             authnRequest = engine.validateSTORKAuthnRequest(decSamlToken);
         } catch (STORKSAMLEngineException ex) {
             Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage() );
         }
 
+
+        // check if a valid attr request is container
+        try {
+            attrRequest = engine.validateSTORKAttrQueryRequest(decSamlToken);
+        } catch (STORKSAMLEngineException ex) {
+            Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage() );
+        }
+
+
+
+
         Logger.error("acsu " + authnRequest.getAssertionConsumerServiceURL());
         Logger.error("cc " + authnRequest.getCitizenCountryCode());
         Logger.error("iss " + authnRequest.getIssuer());
@@ -121,7 +134,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         Logger.error("spi " + authnRequest.getSpInstitution());
 
         STORK2Request.setSTORKAuthnRequest(authnRequest);
-
+        STORK2Request.setSTORKAttrRequest(attrRequest);
 
         return STORK2Request;
     }
-- 
cgit v1.2.3


From b04102cfcf46aa62417b6f1990dff76e2b706862 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Mon, 3 Mar 2014 14:05:18 +0100
Subject: remove comments

---
 .../moa/id/protocols/stork2/STORKProtocol.java     | 25 ++++++----------------
 1 file changed, 6 insertions(+), 19 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index 28a516d2a..3b9a5bc29 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -8,6 +8,7 @@ import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.logging.Logger;
 import eu.stork.peps.auth.commons.PEPSUtil;
 import eu.stork.peps.auth.commons.STORKAttrQueryRequest;
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
 import eu.stork.peps.auth.engine.STORKSAMLEngine;
 import eu.stork.peps.exceptions.STORKSAMLEngineException;
 import org.opensaml.common.binding.BasicSAMLMessageContext;
@@ -15,7 +16,6 @@ import org.opensaml.ws.transport.http.HTTPInTransport;
 import org.opensaml.ws.transport.http.HTTPOutTransport;
 import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
 import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
-import eu.stork.peps.auth.commons.STORKAuthnRequest;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -23,6 +23,7 @@ import java.util.HashMap;
 
 /**
  * Stork 2 Protocol Support
+ *
  * @author bsuzic
  */
 public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
@@ -31,7 +32,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
     public static final String PATH = "id_stork2";
 
     public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest";
-	public static final String ATTRIBUTE_COLLECTOR = "AttributeCollector";
+    public static final String ATTRIBUTE_COLLECTOR = "AttributeCollector";
 
     private static HashMap<String, IAction> actions = new HashMap<String, IAction>();
 
@@ -79,18 +80,6 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext();
         samlMessageContext.setInboundMessageTransport(profileReq);
 
-/*
-        HTTPPostDecoder postDecoder = new HTTPPostDecoder();
-        postDecoder.setURIComparator(new MOAURICompare()); // TODO Abstract to use general comparator
-
-        try {
-            Logger.debug("Attempting to decode request...");
-            postDecoder.decode(samlMessageContext);
-        } catch (Exception e) {
-            Logger.error("Error decoding STORKAuthnRequest", e);
-        }
-*/
-
         MOASTORKRequest STORK2Request = new MOASTORKRequest();
 
 
@@ -98,7 +87,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         byte[] decSamlToken;
         try {
             decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLRequest"));
-        } catch(NullPointerException e) {
+        } catch (NullPointerException e) {
             Logger.error("Unable to retrieve STORK Request", e);
             throw new MOAIDException("stork.04", null);
         }
@@ -113,7 +102,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         try {
             authnRequest = engine.validateSTORKAuthnRequest(decSamlToken);
         } catch (STORKSAMLEngineException ex) {
-            Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage() );
+            Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage());
         }
 
 
@@ -121,12 +110,10 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         try {
             attrRequest = engine.validateSTORKAttrQueryRequest(decSamlToken);
         } catch (STORKSAMLEngineException ex) {
-            Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage() );
+            Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage());
         }
 
 
-
-
         Logger.error("acsu " + authnRequest.getAssertionConsumerServiceURL());
         Logger.error("cc " + authnRequest.getCitizenCountryCode());
         Logger.error("iss " + authnRequest.getIssuer());
-- 
cgit v1.2.3


From c900f870b2e64c2e25820b8162d8f0444c0dc7d4 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Mon, 3 Mar 2014 16:03:08 +0100
Subject: aatributes

---
 .../id/protocols/stork2/AuthenticationRequest.java | 112 +++++++++++----------
 .../stork2/DemoNoRedirectAttributeProvider.java    |   3 -
 .../stork2/DemoRedirectAttributeProvider.java      |   3 -
 .../id/protocols/stork2/MISAttributeProvider.java  |  27 +++++
 .../moa/id/protocols/stork2/MOASTORKRequest.java   |  15 ++-
 .../moa/id/protocols/stork2/STORKProtocol.java     |  22 ++--
 .../resources/properties/id_messages_de.properties |   2 +
 7 files changed, 110 insertions(+), 74 deletions(-)
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 91326a51d..d33b33c77 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -33,88 +33,96 @@ public class AuthenticationRequest implements IAction {
 
 
     private VelocityEngine velocityEngine;
-    private AuthenticationSession moaSession;
-    private MOASTORKRequest moaStorkRequest;
+    private AuthenticationSession moaSession = null;
+    private MOASTORKRequest moaStorkRequest = null;
 
 
     public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {
 
         this.moaSession = moasession;
-        this.moaStorkRequest = (MOASTORKRequest) req;
 
-        if (moasession.getUseMandate()) {
-            try {
-                MISMandate mandate = moasession.getMISMandate();
-                String owbpk = mandate.getOWbPK();
-                byte[] mand = mandate.getMandate();
-                String profprep = mandate.getProfRep();
-                //String textdesc = mandate.getTextualDescriptionOfOID();
-                Element mndt = moasession.getMandate();
-
-                iterate(mndt.getAttributes());
-                Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand)));
-            } catch (Exception x) {
-                Logger.debug("There is no mandate used in transaction");
+        if (req instanceof MOASTORKRequest) {
+
+            this.moaStorkRequest = (MOASTORKRequest) req;
+
+
+            if (moasession.getUseMandate()) {
+                try {
+                    MISMandate mandate = moasession.getMISMandate();
+                    String owbpk = mandate.getOWbPK();
+                    byte[] mand = mandate.getMandate();
+                    String profprep = mandate.getProfRep();
+                    //String textdesc = mandate.getTextualDescriptionOfOID();
+                    Element mndt = moasession.getMandate();
+
+                    iterate(mndt.getAttributes());
+                    Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand)));
+                } catch (Exception x) {
+                    Logger.debug("There is no mandate used in transaction");
+                }
             }
-        }
 
 
-        Logger.debug("Starting AuthenticationRequest");
-        httpResp.reset();
+            Logger.debug("Starting AuthenticationRequest");
+            httpResp.reset();
 
-        STORKAuthnResponse authnResponse = new STORKAuthnResponse();
-        authnResponse.setCountry(((MOASTORKRequest) req).getStorkAuthnRequest().getSpCountry());
+            STORKAuthnResponse authnResponse = new STORKAuthnResponse();
+            authnResponse.setCountry(moaStorkRequest.getStorkAuthnRequest().getSpCountry());
 
 
-        OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
-        if (oaParam == null)
-            throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()});
+            OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
+            if (oaParam == null)
+                throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()});
 
 
-        // Prepare basic AT attributes
-        try {
-            IPersonalAttributeList moaAttrList = moasession.getStorkAttributes();
-            Logger.info("Found number of moa personal attributes: " + moasession.getStorkAttributes().size());
+            // Prepare basic AT attributes
+            try {
+                IPersonalAttributeList moaAttrList = moasession.getStorkAttributes();
+                Logger.info("Found number of moa personal attributes: " + moasession.getStorkAttributes().size());
 
 
-            for (PersonalAttribute personalAttribute : moaAttrList) {
-                Logger.info("Personal attribute found: " + personalAttribute.getName() + personalAttribute.getStatus());
-                if (personalAttribute.getValue().size() > 0) {
-                    for (String value : personalAttribute.getValue()) {
-                        Logger.info("     Value found: " + value);
+                for (PersonalAttribute personalAttribute : moaAttrList) {
+                    Logger.info("Personal attribute found: " + personalAttribute.getName() + personalAttribute.getStatus());
+                    if (personalAttribute.getValue().size() > 0) {
+                        for (String value : personalAttribute.getValue()) {
+                            Logger.info("     Value found: " + value);
+                        }
                     }
                 }
-            }
 
-        } catch (Exception e) {
-            Logger.error("Exception, attributes: " + e.getMessage());
-        }
+            } catch (Exception e) {
+                Logger.error("Exception, attributes: " + e.getMessage());
+            }
 
-        // Get personal attributtes from MOA/IdentityLink
-        authnResponse.setPersonalAttributeList(populateAttributes());
+            // Get personal attributtes from MOA/IdentityLink
+            authnResponse.setPersonalAttributeList(populateAttributes());
 
-        // Prepare extended attributes
-        Logger.debug("Preparing data container");
+            // Prepare extended attributes
+            Logger.debug("Preparing data container");
 
-        // create fresh container
-        DataContainer container = new DataContainer();
+            // create fresh container
+            DataContainer container = new DataContainer();
 
-        // - fill in the request we extracted above
-        container.setRequest(((MOASTORKRequest) req).getStorkAuthnRequest());
+            // - fill in the request we extracted above
+            container.setRequest(moaStorkRequest.getStorkAuthnRequest());
 
-        // - fill in the partial response created above
-        container.setResponse(authnResponse);
+            // - fill in the partial response created above
+            container.setResponse(authnResponse);
 
-        // - memorize the target url were we have to return the result
-        container.setTarget(((MOASTORKRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL());
+            // - memorize the target url were we have to return the result
+            container.setTarget(moaStorkRequest.getStorkAuthnRequest().getAssertionConsumerServiceURL());
 
-        container.setRemoteAddress(httpReq.getRemoteAddr());
+            container.setRemoteAddress(httpReq.getRemoteAddr());
 
 
-        Logger.debug("Data container prepared");
+            Logger.debug("Data container prepared");
 
-        return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam);
+            return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam);
 
+        } else {
+            Logger.error("Could not recognize request.");
+            throw new MOAIDException("stork.15", null);
+        }
     }
 
     public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
index 669a9389b..9c0869d97 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
@@ -20,7 +20,6 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String)
 	 */
-	@Override
 	public IPersonalAttributeList acquire(PersonalAttribute attributeName, AuthenticationSession moasession)
 			throws UnsupportedAttributeException {
 		PersonalAttributeList requestedAttributes = new PersonalAttributeList(1);
@@ -31,7 +30,6 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest)
 	 */
-	@Override
 	public IPersonalAttributeList parse(HttpServletRequest httpReq) {
 		// TODO Auto-generated method stub
 		return null;
@@ -40,7 +38,6 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
 	 */
-	@Override
 	public void performRedirect(String url, String citizenCountyCode,
 			HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) {
 		// we should not get here
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
index 2f6b69075..26fc00406 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
@@ -20,7 +20,6 @@ public class DemoRedirectAttributeProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String)
 	 */
-	@Override
 	public IPersonalAttributeList acquire(PersonalAttribute attributeName, AuthenticationSession moasession)
 			throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException {
 		throw new ExternalAttributeRequestRequiredException(this);
@@ -29,7 +28,6 @@ public class DemoRedirectAttributeProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest)
 	 */
-	@Override
 	public IPersonalAttributeList parse(HttpServletRequest httpReq) {
 		PersonalAttributeList requestedAttributes = new PersonalAttributeList(1);
 		requestedAttributes.add(new PersonalAttribute("sepp", true, new ArrayList<String>(), ""));
@@ -39,7 +37,6 @@ public class DemoRedirectAttributeProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
 	 */
-	@Override
 	public void performRedirect(String url, String citizenCountyCode,
 			HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) {
 		// we should not get here
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java
new file mode 100644
index 000000000..7665bb239
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java
@@ -0,0 +1,27 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * Implements Attribute Provider for Mandates
+ */
+public class MISAttributeProvider implements AttributeProvider {
+    public IPersonalAttributeList acquire(PersonalAttribute attributes, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException {
+        return null;  //
+    }
+
+    public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException {
+        //
+    }
+
+    public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException {
+        return null;  //
+    }
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
index 8c7fd8706..1776d958c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
@@ -1,11 +1,13 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.logging.Logger;
 import eu.stork.peps.auth.commons.STORKAttrQueryRequest;
 import eu.stork.peps.auth.commons.STORKAuthnRequest;
 
 /**
- * Implements MOA request and stores StorkAuthnRequest related data
+ * Implements MOA request and stores StorkAuthn/Attr-Request related data
  *
  * @author bsuzic
  */
@@ -32,7 +34,6 @@ public class MOASTORKRequest implements IRequest {
         if (request != null) {
             isAttrRequest = true;
         }
-
     }
 
     public boolean isAttrRequest() {
@@ -49,8 +50,14 @@ public class MOASTORKRequest implements IRequest {
     }
 
     public String getOAURL() {
-
-        return storkAuthnRequest.getAssertionConsumerServiceURL();
+        if (isAuthnRequest)
+            return storkAuthnRequest.getAssertionConsumerServiceURL();
+        else if (isAttrRequest)
+            return storkAttrQueryRequest.getAssertionConsumerServiceURL();
+        else {
+            Logger.error("There is no authentication or attribute request contained in MOASTORKRequest.");
+            return null;
+        }
     }
 
     public boolean isPassiv() {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index 3b9a5bc29..e68b66510 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -6,9 +6,7 @@ import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.id.moduls.IModulInfo;
 import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.logging.Logger;
-import eu.stork.peps.auth.commons.PEPSUtil;
-import eu.stork.peps.auth.commons.STORKAttrQueryRequest;
-import eu.stork.peps.auth.commons.STORKAuthnRequest;
+import eu.stork.peps.auth.commons.*;
 import eu.stork.peps.auth.engine.STORKSAMLEngine;
 import eu.stork.peps.exceptions.STORKSAMLEngineException;
 import org.opensaml.common.binding.BasicSAMLMessageContext;
@@ -93,14 +91,15 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         }
 
         //Get SAMLEngine instance
-        STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming");
+        STORKSAMLEngine authnEngine = STORKSAMLEngine.getInstance("incoming");
+        STORKSAMLEngine attrEngine = STORKSAMLEngine.getInstance("incoming_attr");
 
         STORKAuthnRequest authnRequest = null;
         STORKAttrQueryRequest attrRequest = null;
 
         // check if valid authn request is contained
         try {
-            authnRequest = engine.validateSTORKAuthnRequest(decSamlToken);
+            authnRequest = authnEngine.validateSTORKAuthnRequest(decSamlToken);
         } catch (STORKSAMLEngineException ex) {
             Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage());
         }
@@ -108,17 +107,16 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
 
         // check if a valid attr request is container
         try {
-            attrRequest = engine.validateSTORKAttrQueryRequest(decSamlToken);
+            attrRequest = attrEngine.validateSTORKAttrQueryRequest(decSamlToken);
         } catch (STORKSAMLEngineException ex) {
             Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage());
         }
 
-
-        Logger.error("acsu " + authnRequest.getAssertionConsumerServiceURL());
-        Logger.error("cc " + authnRequest.getCitizenCountryCode());
-        Logger.error("iss " + authnRequest.getIssuer());
-        Logger.error("spid " + authnRequest.getSPID());
-        Logger.error("spi " + authnRequest.getSpInstitution());
+        // if there is no authn or attr request, raise error
+        if ((authnRequest == null) && (attrRequest == null)) {
+            Logger.error("There is no authentication or attribute request contained.");
+            throw new MOAIDException("stork.14", null);
+        }
 
         STORK2Request.setSTORKAuthnRequest(authnRequest);
         STORK2Request.setSTORKAttrRequest(attrRequest);
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
index 4007eacdc..99d5d7612 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
@@ -208,6 +208,8 @@ stork.10=Fehler in der Verbindung zum SZR-Gateway
 stork.11=Fehler beim Sammeln von StorkAttributen
 stork.12=Konnte keine VIDP Konfiguration finden
 stork.13=Fehler beim Sammeln eines Attributes in einem AttributProviderPlugin
+stork.14=Es wurde weder Authentifizierungs/  noch Attributerequest empfangen
+stork.15=Unbekannte request.
 
 pvp2.00={0} ist kein gueltiger consumer service index
 pvp2.01=Fehler beim kodieren der PVP2 Antwort
-- 
cgit v1.2.3


From e6dc09e9274cc5e38fa0c0832c205881faece862 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Mon, 3 Mar 2014 16:03:18 +0100
Subject: remove attr test

---
 .../moa/id/protocols/stork2/AuthenticationRequest.java | 18 ------------------
 1 file changed, 18 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index d33b33c77..4e7a1bb8b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -75,24 +75,6 @@ public class AuthenticationRequest implements IAction {
                 throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()});
 
 
-            // Prepare basic AT attributes
-            try {
-                IPersonalAttributeList moaAttrList = moasession.getStorkAttributes();
-                Logger.info("Found number of moa personal attributes: " + moasession.getStorkAttributes().size());
-
-
-                for (PersonalAttribute personalAttribute : moaAttrList) {
-                    Logger.info("Personal attribute found: " + personalAttribute.getName() + personalAttribute.getStatus());
-                    if (personalAttribute.getValue().size() > 0) {
-                        for (String value : personalAttribute.getValue()) {
-                            Logger.info("     Value found: " + value);
-                        }
-                    }
-                }
-
-            } catch (Exception e) {
-                Logger.error("Exception, attributes: " + e.getMessage());
-            }
 
             // Get personal attributtes from MOA/IdentityLink
             authnResponse.setPersonalAttributeList(populateAttributes());
-- 
cgit v1.2.3


From 594dc394d958ee8c9106ff4ba837d6ba40fbecae Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Mon, 3 Mar 2014 16:03:22 +0100
Subject: remove attr test

---
 .../at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java | 1 -
 1 file changed, 1 deletion(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 4e7a1bb8b..cb49856c4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -75,7 +75,6 @@ public class AuthenticationRequest implements IAction {
                 throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()});
 
 
-
             // Get personal attributtes from MOA/IdentityLink
             authnResponse.setPersonalAttributeList(populateAttributes());
 
-- 
cgit v1.2.3


From 0d11865d1ccab1aca91e28c71cd86d1443faff41 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Mon, 3 Mar 2014 16:20:00 +0100
Subject: putting attrrequest in main endpoint

---
 .../id/protocols/stork2/AuthenticationRequest.java | 101 ++++++++++++---------
 .../moa/id/protocols/stork2/MOASTORKRequest.java   |   5 +-
 2 files changed, 63 insertions(+), 43 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index cb49856c4..18d0b479e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -9,10 +9,7 @@ import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate;
 import at.gv.egovernment.moa.logging.Logger;
-import eu.stork.peps.auth.commons.IPersonalAttributeList;
-import eu.stork.peps.auth.commons.PersonalAttribute;
-import eu.stork.peps.auth.commons.PersonalAttributeList;
-import eu.stork.peps.auth.commons.STORKAuthnResponse;
+import eu.stork.peps.auth.commons.*;
 import org.apache.velocity.app.VelocityEngine;
 import org.apache.velocity.runtime.RuntimeConstants;
 import org.w3c.dom.Element;
@@ -45,65 +42,63 @@ public class AuthenticationRequest implements IAction {
 
             this.moaStorkRequest = (MOASTORKRequest) req;
 
+            Logger.debug("Entering MOASTORKRequest");
+            httpResp.reset();
 
-            if (moasession.getUseMandate()) {
-                try {
-                    MISMandate mandate = moasession.getMISMandate();
-                    String owbpk = mandate.getOWbPK();
-                    byte[] mand = mandate.getMandate();
-                    String profprep = mandate.getProfRep();
-                    //String textdesc = mandate.getTextualDescriptionOfOID();
-                    Element mndt = moasession.getMandate();
-
-                    iterate(mndt.getAttributes());
-                    Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand)));
-                } catch (Exception x) {
-                    Logger.debug("There is no mandate used in transaction");
-                }
-            }
-
+            // check if it is attribute query
+            if (moaStorkRequest.isAttrRequest()) {
+                Logger.debug("Starting AttrQueryRequest");
+                STORKAttrQueryResponse attrResponse = new STORKAttrQueryResponse();
+                IPersonalAttributeList personalAttributeList = moaStorkRequest.getStorkAttrQueryRequest().getPersonalAttributeList();
 
-            Logger.debug("Starting AuthenticationRequest");
-            httpResp.reset();
+                // TODO Check if this instance is eligible to fetch attributes locally, assuming yes
 
-            STORKAuthnResponse authnResponse = new STORKAuthnResponse();
-            authnResponse.setCountry(moaStorkRequest.getStorkAuthnRequest().getSpCountry());
+                return (new AttributeCollector()).processRequest(req, httpReq, httpResp, moasession);
 
+            } else
+                // check if we have authentication request
+                if (moaStorkRequest.isAuthnRequest()) {
+                    Logger.debug("Starting AuthenticationRequest");
 
-            OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
-            if (oaParam == null)
-                throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()});
+                    STORKAuthnResponse authnResponse = new STORKAuthnResponse();
+                    authnResponse.setCountry(moaStorkRequest.getStorkAuthnRequest().getSpCountry());
 
+                    OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
+                    if (oaParam == null)
+                        throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()});
 
-            // Get personal attributtes from MOA/IdentityLink
-            authnResponse.setPersonalAttributeList(populateAttributes());
+                    // Get personal attributtes from MOA/IdentityLink
+                    authnResponse.setPersonalAttributeList(populateAttributes());
 
-            // Prepare extended attributes
-            Logger.debug("Preparing data container");
+                    // Prepare extended attributes
+                    Logger.debug("Preparing data container");
 
-            // create fresh container
-            DataContainer container = new DataContainer();
+                    // create fresh container
+                    DataContainer container = new DataContainer();
 
-            // - fill in the request we extracted above
-            container.setRequest(moaStorkRequest.getStorkAuthnRequest());
+                    // - fill in the request we extracted above
+                    container.setRequest(moaStorkRequest.getStorkAuthnRequest());
 
-            // - fill in the partial response created above
-            container.setResponse(authnResponse);
+                    // - fill in the partial response created above
+                    container.setResponse(authnResponse);
 
-            // - memorize the target url were we have to return the result
-            container.setTarget(moaStorkRequest.getStorkAuthnRequest().getAssertionConsumerServiceURL());
+                    // - memorize the target url were we have to return the result
+                    container.setTarget(moaStorkRequest.getStorkAuthnRequest().getAssertionConsumerServiceURL());
 
-            container.setRemoteAddress(httpReq.getRemoteAddr());
+                    container.setRemoteAddress(httpReq.getRemoteAddr());
 
 
-            Logger.debug("Data container prepared");
+                    Logger.debug("Data container prepared");
 
-            return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam);
+                    return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam);
 
+                }
         } else {
             Logger.error("Could not recognize request.");
             throw new MOAIDException("stork.15", null);
         }
+
+        return null;
     }
 
     public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) {
@@ -120,6 +115,28 @@ public class AuthenticationRequest implements IAction {
     }
 
 
+    // does nothing
+    public void mandate(AuthenticationSession moasession) {
+
+        if (moasession.getUseMandate()) {
+            try {
+                MISMandate mandate = moasession.getMISMandate();
+                String owbpk = mandate.getOWbPK();
+                byte[] mand = mandate.getMandate();
+                String profprep = mandate.getProfRep();
+                //String textdesc = mandate.getTextualDescriptionOfOID();
+                Element mndt = moasession.getMandate();
+
+                iterate(mndt.getAttributes());
+                Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand)));
+            } catch (Exception x) {
+                Logger.debug("There is no mandate used in transaction");
+            }
+        }
+
+
+    }
+
     public PersonalAttributeList populateAttributes() {
 
         IPersonalAttributeList attrLst = moaStorkRequest.getStorkAuthnRequest().getPersonalAttributeList();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
index 1776d958c..47a86174f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
@@ -1,6 +1,5 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.logging.Logger;
 import eu.stork.peps.auth.commons.STORKAttrQueryRequest;
@@ -49,6 +48,10 @@ public class MOASTORKRequest implements IRequest {
         return this.storkAuthnRequest;
     }
 
+    public STORKAttrQueryRequest getStorkAttrQueryRequest() {
+        return this.storkAttrQueryRequest;
+    }
+
     public String getOAURL() {
         if (isAuthnRequest)
             return storkAuthnRequest.getAssertionConsumerServiceURL();
-- 
cgit v1.2.3


From 5e7e02ef338811ea240dd5e53a215f82fdf40954 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Mon, 3 Mar 2014 16:30:07 +0100
Subject: remove override

---
 .../moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java           | 3 ---
 1 file changed, 3 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
index 8b96e0d10..758b70f2d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
@@ -55,7 +55,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(eu.stork.peps.auth.commons.PersonalAttribute)
 	 */
-	@Override
 	public IPersonalAttributeList acquire(PersonalAttribute attributes, AuthenticationSession moasession)
 			throws UnsupportedAttributeException,
 			ExternalAttributeRequestRequiredException, MOAIDException {
@@ -203,7 +202,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.config.auth.OAAuthParameter)
 	 */
-	@Override
 	public void performRedirect(String url, String citizenCountyCode,
 			HttpServletRequest req, HttpServletResponse resp,
 			OAAuthParameter oaParam) throws MOAIDException {
@@ -213,7 +211,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest)
 	 */
-	@Override
 	public IPersonalAttributeList parse(HttpServletRequest httpReq)
 			throws UnsupportedAttributeException, MOAIDException {
 		// there is no redirect required, so we throw an exception when someone asks us to parse a response
-- 
cgit v1.2.3


From 156ef68f4d89cf83e55fac8526e98e7cd445a31c Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Mon, 3 Mar 2014 11:17:30 +0100
Subject: cleanup

---
 .../id/protocols/stork2/AttributeCollector.java    | 91 ++++++++++++----------
 1 file changed, 48 insertions(+), 43 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index c711d9400..428d1c52c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -42,54 +42,59 @@ import eu.stork.peps.exceptions.STORKSAMLEngineException;
  * 
  */
 public class AttributeCollector implements IAction {
-	
-	/** The Constant ARTIFACT_ID. */
-	private static final String ARTIFACT_ID = "artifactId";
-	
+
+    /**
+     * The Constant ARTIFACT_ID.
+     */
+    private static final String ARTIFACT_ID = "artifactId";
+
     /* (non-Javadoc)
      * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.auth.data.AuthenticationSession)
      */
     public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {
 
-		// read configuration parameters of OA
-		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
-		if (oaParam == null)
-			throw new AuthenticationException("stork.12", new Object[] { moasession.getPublicOAURLPrefix() });
-
-    	// find the attribute provider plugin that can handle the response
-		IPersonalAttributeList newAttributes = null;
-		for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs()))
-			try {
-				newAttributes = current.parse(httpReq);
-			} catch (UnsupportedAttributeException e1) {
-				// the current provider cannot find anything familiar within the
-				// provided httpreq. Try the next one.
-			}
-
-		if (null == newAttributes) {
-			// we do not have a provider which is capable of fetching something
-			// from the received httpreq.
-			// TODO should we continue with the next attribute?
-			Logger.error("No attribute could be retrieved from the response the attribute provider gave us.");
-			throw new MOAIDException("stork.11", null);
-		}
-
-    	// - fetch the container
-		String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID);
-		DataContainer container;
-		try {
-			container = AssertionStorage.getInstance().get(artifactId, DataContainer.class);
-		} catch (MOADatabaseException e) {
-			Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e);
-			throw new MOAIDException("stork.11", null);
-		}
-
-    	// - insert the embedded attribute(s) into the container
-		for(PersonalAttribute current : newAttributes)
-			container.getResponse().getPersonalAttributeList().add(current);
-    	
-    	// see if we need some more attributes
-    	return processRequest(container, httpReq, httpResp, moasession, oaParam);
+        // read configuration parameters of OA
+        OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
+        if (oaParam == null)
+            throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()});
+
+        // find the attribute provider plugin that can handle the response
+        IPersonalAttributeList newAttributes = null;
+        for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs()))
+            try {
+                newAttributes = current.parse(httpReq);
+            } catch (UnsupportedAttributeException e1) {
+                // the current provider cannot find anything familiar within the
+                // provided httpreq. Try the next one.
+                // TODO check the loop
+            }
+
+        if (null == newAttributes) {
+            // we do not have a provider which is capable of fetching something
+            // from the received httpreq.
+            // TODO should we continue with the next attribute?
+            Logger.error("No attribute could be retrieved from the response the attribute provider gave us.");
+            throw new MOAIDException("stork.11", null);
+        }
+
+        // - fetch the container
+        String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID);
+        DataContainer container;
+        try {
+            container = AssertionStorage.getInstance().get(artifactId, DataContainer.class);
+        } catch (MOADatabaseException e) {
+            Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e);
+            throw new MOAIDException("stork.11", null);
+        }
+
+
+
+        // - insert the embedded attribute(s) into the container
+        for (PersonalAttribute current : newAttributes)
+            container.getResponse().getPersonalAttributeList().add(current);
+
+        // see if we need some more attributes
+        return processRequest(container, httpReq, httpResp, moasession, oaParam);
     }
     
     /**
-- 
cgit v1.2.3


From e938b31db45af14312e0fe195d274f7f4c9e0aa9 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Mon, 3 Mar 2014 14:43:47 +0100
Subject: fixed spCountryCode in Stork AttrQuery Plugin

---
 .../egovernment/moa/id/protocols/stork2/AttributeCollector.java  | 4 ++--
 .../egovernment/moa/id/protocols/stork2/AttributeProvider.java   | 6 +++---
 .../moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java     | 2 +-
 .../moa/id/protocols/stork2/StorkAttributeRequestProvider.java   | 9 ++++-----
 4 files changed, 10 insertions(+), 11 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 428d1c52c..6b7769c49 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -157,12 +157,12 @@ public class AttributeCollector implements IAction {
                 AssertionStorage.getInstance().put(newArtifactId, container);
 
                 // add container-key to redirect embedded within the return URL
-                e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/dispatcher?mod=id_stork2&action=AttributeCollector&" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam);
+                e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/dispatcher?mod=id_stork2&action=AttributeCollector&" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam);
 
 
             } catch (Exception e1) {
                 // TODO should we return the response as is to the PEPS?
-                Logger.error("Error putting incomplete Stork response into temporary storage", e);
+                Logger.error("Error putting incomplete Stork response into temporary storage", e1);
                 throw new MOAIDException("stork.11", null);
             }
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
index 59376fef6..6fba91fde 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
@@ -34,13 +34,13 @@ public interface AttributeProvider {
 	 * Perform redirect.
 	 *
 	 * @param url the return URL ending with ?artifactId=...
-	 * @param citizenCountyCode the citizen county code
+	 * @param spCountyCode the sp county code
 	 * @param req the request we got from the S-PEPS and for which we have to ask our APs
 	 * @param resp the response to the preceding request
 	 * @param oaParam the oa param
-	 * @throws MOAIDException 
+	 * @throws MOAIDException the mOAID exception
 	 */
-	public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException;
+	public void performRedirect(String url, String spCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException;
 	
 	/**
 	 * Parses the response we got from the external attribute provider.
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
index 8b96e0d10..4404af4e3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
@@ -204,7 +204,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.config.auth.OAAuthParameter)
 	 */
 	@Override
-	public void performRedirect(String url, String citizenCountyCode,
+	public void performRedirect(String url, String spCountyCode,
 			HttpServletRequest req, HttpServletResponse resp,
 			OAAuthParameter oaParam) throws MOAIDException {
 		// there is no redirect required
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
index bd6f192dc..5efdfd117 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
@@ -91,13 +91,11 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String)
 	 */
-	@Override
-	public void performRedirect(String url, String citizenCountryCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException {
+	public void performRedirect(String url, String spCountryCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException {
 		
     	String spSector = "Business";
     	String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName();
     	String spApplication = spInstitution;
-    	String spCountry = "AT";
 
     	//generate AuthnRquest
     	STORKAttrQueryRequest attributeRequest = new STORKAttrQueryRequest();
@@ -106,12 +104,13 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
     	attributeRequest.setIssuer(HTTPUtils.getBaseURL(req));
     	attributeRequest.setQaa(oaParam.getQaaLevel());
     	attributeRequest.setSpInstitution(spInstitution);
-    	attributeRequest.setCountry(spCountry);
+    	attributeRequest.setCountry(spCountryCode);
+    	attributeRequest.setSpCountry(spCountryCode);
     	attributeRequest.setSpApplication(spApplication);
     	attributeRequest.setSpSector(spSector);
     	attributeRequest.setPersonalAttributeList(requestedAttributes);
 
-    	attributeRequest.setCitizenCountryCode(citizenCountryCode);
+    	attributeRequest.setCitizenCountryCode("AT");
 
 
     	Logger.debug("STORK AttrRequest succesfully assembled.");
-- 
cgit v1.2.3


From 013bc5647275872ba182ad7bf62be1cbd7c80f38 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Mon, 3 Mar 2014 16:47:25 +0100
Subject: treated possible infinite loop in ap collection

---
 .../id/protocols/stork2/AttributeCollector.java    | 59 ++++++++++++++++------
 1 file changed, 43 insertions(+), 16 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 6b7769c49..2735fde68 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -27,6 +27,7 @@ import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.PEPSUtil;
 import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
 import eu.stork.peps.auth.commons.STORKAuthnRequest;
 import eu.stork.peps.auth.commons.STORKAuthnResponse;
 import eu.stork.peps.auth.engine.STORKSAMLEngine;
@@ -63,18 +64,18 @@ public class AttributeCollector implements IAction {
         for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs()))
             try {
                 newAttributes = current.parse(httpReq);
+                
+                // stop as soon as we hit a capable plugin
+                break;
             } catch (UnsupportedAttributeException e1) {
                 // the current provider cannot find anything familiar within the
                 // provided httpreq. Try the next one.
-                // TODO check the loop
             }
 
         if (null == newAttributes) {
             // we do not have a provider which is capable of fetching something
             // from the received httpreq.
-            // TODO should we continue with the next attribute?
             Logger.error("No attribute could be retrieved from the response the attribute provider gave us.");
-            throw new MOAIDException("stork.11", null);
         }
 
         // - fetch the container
@@ -87,11 +88,8 @@ public class AttributeCollector implements IAction {
             throw new MOAIDException("stork.11", null);
         }
 
-
-
         // - insert the embedded attribute(s) into the container
-        for (PersonalAttribute current : newAttributes)
-            container.getResponse().getPersonalAttributeList().add(current);
+        addOrUpdateAll(container.getResponse().getPersonalAttributeList(), newAttributes);
 
         // see if we need some more attributes
         return processRequest(container, httpReq, httpResp, moasession, oaParam);
@@ -119,23 +117,35 @@ public class AttributeCollector implements IAction {
         try {
             // for each attribute still missing
             for (PersonalAttribute currentAttribute : missingAttributes) {
-                // - check if we can find a suitable AttributeProvider Plugin
+            	
+				/*
+				 * prefill attributes with "notAvailable". If we get them later, we override the value and status.
+				 * This way, there is no error case in which an attribute is left unanswered.
+				 */
+				IPersonalAttributeList aquiredAttributes = new PersonalAttributeList();
+				currentAttribute.setStatus("notAvailable");
+				addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes);
+
+            	// - check if we can find a suitable AttributeProvider Plugin
                 for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) {
                     try {
                         // - hand over control to the suitable plugin
-                        IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute, moasession);
-
-                        // - add the aquired attribute to the container
-                        for (PersonalAttribute current : aquiredAttributes)
-                            container.getResponse().getPersonalAttributeList().add(current);
+                        aquiredAttributes = currentProvider.acquire(currentAttribute, moasession);
+                        break;
                     } catch (UnsupportedAttributeException e) {
                         // ok, try the next attributeprovider
                     } catch (MOAIDException e) {
                         // the current plugin had an error. Try the next one.
-                        // TODO we might want to add the non-fetchable attribute as "NotAvailable" to prevent an infinite loop
                     }
-
                 }
+                
+				// check if we could fetch the attribute
+				if (null == aquiredAttributes) {
+					// if not
+					Logger.error("We have no suitable plugin for obtaining the attribute '" + currentAttribute.getName() + "'");
+				} else
+					// else, update any existing attributes
+					addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes);
             }
 
             // build response
@@ -159,7 +169,6 @@ public class AttributeCollector implements IAction {
                 // add container-key to redirect embedded within the return URL
                 e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/dispatcher?mod=id_stork2&action=AttributeCollector&" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam);
 
-
             } catch (Exception e1) {
                 // TODO should we return the response as is to the PEPS?
                 Logger.error("Error putting incomplete Stork response into temporary storage", e1);
@@ -238,6 +247,24 @@ public class AttributeCollector implements IAction {
             Logger.error("Velocity error: " + e.getMessage());
         }
     }
+    
+    /**
+     * Adds or updates all {@link PersonalAttribute} objects given in {@code source} to/in {@code target}.
+     *
+     * @param target the target
+     * @param source the source
+     */
+	private void addOrUpdateAll(IPersonalAttributeList target, IPersonalAttributeList source) {
+		for (PersonalAttribute current : source) {
+			// check if we need to update the current pa
+			if (target.containsKey(current.getName())) {
+				target.get(current.getName()).setStatus(current.getStatus());
+				target.get(current.getName()).setValue(current.getValue());
+				target.get(current.getName()).setComplexValue(current.getComplexValue());
+			} else
+				target.add(current);
+		}
+	}
 
     /* (non-Javadoc)
      * @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
-- 
cgit v1.2.3


From 8dbc7af299d5e7a1dd4d1085d2840ff00f403bbb Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Mon, 3 Mar 2014 20:28:57 +0100
Subject: attribut test

---
 .../auth/src/main/webapp/WEB-INF/urlrewrite.xml    |  4 +
 .../moa/id/entrypoints/DispatcherServlet.java      |  2 +-
 .../id/protocols/stork2/AttributeCollector.java    | 12 ++-
 .../moa/id/protocols/stork2/AttributeProvider.java |  1 +
 .../protocols/stork2/AttributeProviderFactory.java | 98 +++++++++++-----------
 .../id/protocols/stork2/MISAttributeProvider.java  | 22 ++++-
 .../moa/id/protocols/stork2/MOASTORKRequest.java   |  2 +-
 .../protocols/stork2/MandateRetrievalRequest.java  | 28 +++++++
 .../moa/id/protocols/stork2/STORKProtocol.java     |  8 +-
 9 files changed, 120 insertions(+), 57 deletions(-)
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
index 59d6d6cce..d6df363c5 100644
--- a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
+++ b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
@@ -68,6 +68,10 @@
         <from>^/moa-id-auth/SendPEPSAuthnRequest$</from>
         <to type="forward">/dispatcher?mod=id_stork2&amp;action=AuthenticationRequest&amp;%{query-string}</to>
     </rule>
+    <rule match-type="regex">
+        <from>^/moa-id-auth/RetrieveMandate$</from>
+        <to type="forward">/dispatcher?mod=id_stork2&amp;action=MandateRetrievalRequest&amp;%{query-string}</to>
+    </rule>
 
 
     <rule match-type="regex">
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index 3af8bcfe5..647c8bb39 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -491,7 +491,7 @@ public class DispatcherServlet extends AuthServlet{
 				}
 
 			} catch (Throwable e) {
-				Logger.info("An authentication error occous: " + e.getMessage());;
+				Logger.info("An authentication error occured: " + e.getMessage());;
 				// Try handle module specific, if not possible rethrow
 				if (!info.generateErrorMessage(e, req, resp, protocolRequest)) {
 					throw e;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 57c68e94c..030d7c497 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -124,15 +124,18 @@ public class AttributeCollector implements IAction {
         try {
             // for each attribute still missing
             for (PersonalAttribute currentAttribute : missingAttributes) {
+                Logger.error("Checking missing attribute: " + currentAttribute.getName());
                 // - check if we can find a suitable AttributeProvider Plugin
                 for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) {
                     try {
                         // - hand over control to the suitable plugin
+                        Logger.error("Going to acquire missing attribute: " + currentAttribute.getName() + " at provider: " + currentProvider.getClass().getName());
                         IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute, moasession);
 
                         // - add the aquired attribute to the container
-                        for (PersonalAttribute current : aquiredAttributes)
-                            container.getResponse().getPersonalAttributeList().add(current);
+
+                        try { for (PersonalAttribute current : aquiredAttributes)
+                            container.getResponse().getPersonalAttributeList().add(current); } catch (NullPointerException ex) { Logger.error ("Nothing found");}
                     } catch (UnsupportedAttributeException e) {
                         // ok, try the next attributeprovider
                     } catch (MOAIDException e) {
@@ -154,6 +157,7 @@ public class AttributeCollector implements IAction {
 
         } catch (ExternalAttributeRequestRequiredException e) {
             // the attribute request is ongoing and requires an external service.
+            Logger.error("EXTERNAL EXCEPTION CAUGHT");
             try {
                 // memorize the container again
                 // - generate new key
@@ -163,19 +167,19 @@ public class AttributeCollector implements IAction {
                 AssertionStorage.getInstance().put(newArtifactId, container);
 
                 // add container-key to redirect embedded within the return URL
+                Logger.info("Performing redirect to gather attributes to: " + AuthConfigurationProvider.getInstance().getPublicURLPrefix());
                 e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam);
 
 
             } catch (Exception e1) {
                 // TODO should we return the response as is to the PEPS?
                 Logger.error("Error putting incomplete Stork response into temporary storage", e);
+                e1.printStackTrace();
                 throw new MOAIDException("stork.11", null);
             }
 
             return "12345"; // TODO what to do here?
         }
-
-
     }
 
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
index 59376fef6..2ecae1288 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
@@ -52,4 +52,5 @@ public interface AttributeProvider {
 	 */
 	public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException;
 
+
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
index 23edf69f9..953758dc3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
@@ -1,59 +1,61 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
+import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin;
+
 import java.util.ArrayList;
 import java.util.List;
 
-import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin;
-
 /**
  * A factory for creating AttributeProvider objects.
  */
 public class AttributeProviderFactory {
 
-	/**
-	 * Gets the available plugins.
-	 * 
-	 * @return the available plugins
-	 */
-	public static List<String> getAvailablePlugins() {
-		List<String> result = new ArrayList<String>();
-		result.add("StorkAttributeRequestProvider");
-		result.add("EHvdAttributeProvider");
-
-		return result;
-	}
-
-	/**
-	 * Creates an AttributeProvider object for the given shortname. Returns
-	 * {@code null} if there is no such provider available.
-	 * 
-	 * @param shortname
-	 *            the simpleName for the providers class
-	 * @return the attribute provider
-	 */
-	public static AttributeProvider create(String shortname, String url) {
-        	if (shortname.equals("StorkAttributeRequestProvider"))  {
-			return new StorkAttributeRequestProvider(url);
-		} else if(shortname.equals("EHvdAttributeProvider")) {
-			return new EHvdAttributeProviderPlugin(url);
-		}       else {
-			return null;
-		}
-	}
-
-	/**
-	 * Gets fresh instances of the configured plugins.
-	 *
-	 * @param configuredAPs the configured a ps
-	 * @return the configured plugins
-	 */
-	public static List<AttributeProvider> getConfiguredPlugins(
-			List<AttributeProviderPlugin> configuredAPs) {
-		
-		List<AttributeProvider> result = new ArrayList<AttributeProvider>();
-		for(AttributeProviderPlugin current : configuredAPs)
-			result.add(create(current.getName(), current.getUrl()));
-		
-		return result;
-	}
+    /**
+     * Gets the available plugins.
+     *
+     * @return the available plugins
+     */
+    public static List<String> getAvailablePlugins() {
+        List<String> result = new ArrayList<String>();
+        result.add("StorkAttributeRequestProvider");
+        result.add("EHvdAttributeProvider");
+        result.add("MISAttributeProvider");
+
+        return result;
+    }
+
+    /**
+     * Creates an AttributeProvider object for the given shortname. Returns
+     * {@code null} if there is no such provider available.
+     *
+     * @param shortname the simpleName for the providers class
+     * @return the attribute provider
+     */
+    public static AttributeProvider create(String shortname, String url) {
+        if (shortname.equals("StorkAttributeRequestProvider")) {
+            return new StorkAttributeRequestProvider(url);
+        } else if (shortname.equals("EHvdAttributeProvider")) {
+            return new EHvdAttributeProviderPlugin(url);
+        } else if (shortname.equals("MISAttributeProvider")) {
+            return new MISAttributeProvider(url);
+        } else {
+            return null;
+        }
+    }
+
+    /**
+     * Gets fresh instances of the configured plugins.
+     *
+     * @param configuredAPs the configured a ps
+     * @return the configured plugins
+     */
+    public static List<AttributeProvider> getConfiguredPlugins(
+            List<AttributeProviderPlugin> configuredAPs) {
+
+        List<AttributeProvider> result = new ArrayList<AttributeProvider>();
+        for (AttributeProviderPlugin current : configuredAPs)
+            result.add(create(current.getName(), current.getUrl()));
+
+        return result;
+    }
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java
index 7665bb239..8cdbfd37c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java
@@ -3,6 +3,7 @@ package at.gv.egovernment.moa.id.protocols.stork2;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.logging.Logger;
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.PersonalAttribute;
 
@@ -13,15 +14,34 @@ import javax.servlet.http.HttpServletResponse;
  * Implements Attribute Provider for Mandates
  */
 public class MISAttributeProvider implements AttributeProvider {
+
+    String url = null;
+
+    public MISAttributeProvider(String url) {
+        this.url = url;
+    }
+
     public IPersonalAttributeList acquire(PersonalAttribute attributes, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException {
+        Logger.error("Entering MIS for attribute: " + attributes.getName());
+
+        if (attributes.getName().equals("residencePermit")) {
+            Logger.error("MIS EXCEPTION: " + attributes.getName());
+            throw new ExternalAttributeRequestRequiredException(this);
+        }
+
         return null;  //
     }
 
     public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException {
-        //
+        Logger.error("Entering MIS redirect for attribute: " );
+
     }
 
     public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException {
         return null;  //
     }
+
+    public String getName() {
+        return "MandateProvider";
+    }
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
index 47a86174f..39a6907c1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
@@ -52,7 +52,7 @@ public class MOASTORKRequest implements IRequest {
         return this.storkAttrQueryRequest;
     }
 
-    public String getOAURL() {
+    public String getOAURL() {     // TODO CHECK IT
         if (isAuthnRequest)
             return storkAuthnRequest.getAssertionConsumerServiceURL();
         else if (isAttrRequest)
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java
new file mode 100644
index 000000000..bad711dbb
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java
@@ -0,0 +1,28 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.moduls.IAction;
+import at.gv.egovernment.moa.id.moduls.IRequest;
+import com.sun.xml.ws.security.trust.WSTrustConstants;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * Processes mandate data after authentication is done in AT
+ * @author bsuzic
+ */
+public class MandateRetrievalRequest implements IAction {
+    public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {
+        return null;  //
+    }
+
+    public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) {
+        return true;
+    }
+
+    public String getDefaultActionName() {
+        return STORKProtocol.MANDATERETRIEVALREQUEST;
+    }
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index e68b66510..3762a5101 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -31,6 +31,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
 
     public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest";
     public static final String ATTRIBUTE_COLLECTOR = "AttributeCollector";
+    public static final String MANDATERETRIEVALREQUEST = "MandateRetrievalRequest";
 
     private static HashMap<String, IAction> actions = new HashMap<String, IAction>();
 
@@ -102,16 +103,19 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
             authnRequest = authnEngine.validateSTORKAuthnRequest(decSamlToken);
         } catch (STORKSAMLEngineException ex) {
             Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage());
+        }  catch (ClassCastException e) {
+            Logger.error("Could not extract authenticaiton request");
         }
 
 
-        // check if a valid attr request is container
+        // check if a valid attr request is containerd
         try {
             attrRequest = attrEngine.validateSTORKAttrQueryRequest(decSamlToken);
         } catch (STORKSAMLEngineException ex) {
             Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage());
+        } catch (ClassCastException e) {
+            Logger.error("Could not extract attribute request");
         }
-
         // if there is no authn or attr request, raise error
         if ((authnRequest == null) && (attrRequest == null)) {
             Logger.error("There is no authentication or attribute request contained.");
-- 
cgit v1.2.3


From e503775e1b98bb9ff5ed188a5ff574026c022461 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Tue, 4 Mar 2014 13:21:14 +0100
Subject: refactored attributecollector url

---
 .../at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index c5125912a..bd32bfc78 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -164,7 +164,7 @@ public class AttributeCollector implements IAction {
                 AssertionStorage.getInstance().put(newArtifactId, container);
 
                 // add container-key to redirect embedded within the return URL
-                e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/dispatcher?mod=id_stork2&action=AttributeCollector&" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam);
+                e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/stork2/ResumeAuthentication?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam);
 
             } catch (Exception e1) {
                 // TODO should we return the response as is to the PEPS?
-- 
cgit v1.2.3


From 4843bccbf840ae93f855ef6548683ee794593915 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Tue, 4 Mar 2014 13:23:37 +0100
Subject: vidp can handle attrquery and authnrequest

---
 .../id/protocols/stork2/AttributeCollector.java    | 34 +++++-----
 .../id/protocols/stork2/AuthenticationRequest.java | 68 +++++++++-----------
 .../moa/id/protocols/stork2/DataContainer.java     | 24 +++----
 .../moa/id/protocols/stork2/MOASTORKRequest.java   | 29 ++++++++-
 .../moa/id/protocols/stork2/MOASTORKResponse.java  | 75 ++++++++++++++++++++++
 .../moa/id/protocols/stork2/STORKProtocol.java     | 16 ++---
 6 files changed, 169 insertions(+), 77 deletions(-)
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index bd32bfc78..5f46153af 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -19,8 +19,6 @@ import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.PEPSUtil;
 import eu.stork.peps.auth.commons.PersonalAttribute;
 import eu.stork.peps.auth.commons.PersonalAttributeList;
-import eu.stork.peps.auth.commons.STORKAuthnRequest;
-import eu.stork.peps.auth.commons.STORKAuthnResponse;
 import eu.stork.peps.auth.engine.STORKSAMLEngine;
 import eu.stork.peps.exceptions.STORKSAMLEngineException;
 import org.apache.velocity.Template;
@@ -183,15 +181,18 @@ public class AttributeCollector implements IAction {
      * @throws MOAIDException the mOAID exception
      */
     private void generateSTORKResponse(DataContainer container) throws MOAIDException {
-        STORKAuthnResponse authnResponse = container.getResponse();
-        STORKAuthnRequest authnRequest = container.getRequest();
+    	MOASTORKRequest request = container.getRequest();
+        MOASTORKResponse response = container.getResponse();
 
         try {
             //Get SAMLEngine instance
             STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
             Logger.debug("Starting generation of SAML response");
-            authnResponse = engine.generateSTORKAuthnResponse(authnRequest, authnResponse, container.getRemoteAddress(), false);
-
+			if(response.isAuthnResponse())
+				response.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(request.getStorkAuthnRequest(), response.getStorkAuthnResponse(), container.getRemoteAddress(), false));
+			else
+				response.setSTORKAttrResponse(engine.generateSTORKAttrQueryResponse(request.getStorkAttrQueryRequest(), response.getStorkAttrQueryResponse(), container.getRemoteAddress(), "", false));
+				
             //generateSAML Token
             Logger.info("SAML response succesfully generated!");
         } catch (STORKSAMLEngineException e) {
@@ -200,11 +201,6 @@ public class AttributeCollector implements IAction {
         }
 
         Logger.info("STORK SAML Response message succesfully generated ");
-        Logger.debug("authn saml plain:" + authnResponse.getTokenSaml());
-		Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml()));
-		Logger.debug("authn saml encodedx: " + PEPSUtil.encodeSAMLToken(authnResponse.getTokenSaml()));
-
-        container.setResponse(authnResponse);
     }
 
     /**
@@ -214,17 +210,23 @@ public class AttributeCollector implements IAction {
      * @param container the container
      */
     private void generateRedirectResponse(HttpServletResponse httpResp, DataContainer container) {
-        STORKAuthnResponse authnResponse = container.getResponse();
-        STORKAuthnRequest authnRequest = container.getRequest();
+        MOASTORKResponse authnResponse = container.getResponse();
+        MOASTORKRequest authnRequest = container.getRequest();
 
         // preparing redirection for the client
         try {
             VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
             Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html");
             VelocityContext context = new VelocityContext();
-
-            context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(authnResponse.getTokenSaml()).getBytes());
-            Logger.debug("SAMLResponse original: " + new String(authnResponse.getTokenSaml()).getBytes());
+            
+            byte[] blob;
+			if(authnRequest.isAttrRequest())
+            	blob = authnResponse.getStorkAttrQueryResponse().getTokenSaml();
+            else
+            	blob = authnResponse.getStorkAuthnResponse().getTokenSaml();
+
+            context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(blob).getBytes());
+            Logger.debug("SAMLResponse original: " + new String(blob).getBytes());
 
             Logger.debug("Putting assertion consumer url as action: " + authnRequest.getAssertionConsumerServiceURL());
             context.put("action", authnRequest.getAssertionConsumerServiceURL());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 18d0b479e..619935abe 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -44,61 +44,55 @@ public class AuthenticationRequest implements IAction {
 
             Logger.debug("Entering MOASTORKRequest");
             httpResp.reset();
+            
+            OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
+            if (oaParam == null)
+                throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()});
 
+            MOASTORKResponse moaStorkResponse = new MOASTORKResponse();
+            
             // check if it is attribute query
             if (moaStorkRequest.isAttrRequest()) {
                 Logger.debug("Starting AttrQueryRequest");
-                STORKAttrQueryResponse attrResponse = new STORKAttrQueryResponse();
-                IPersonalAttributeList personalAttributeList = moaStorkRequest.getStorkAttrQueryRequest().getPersonalAttributeList();
-
-                // TODO Check if this instance is eligible to fetch attributes locally, assuming yes
-
-                return (new AttributeCollector()).processRequest(req, httpReq, httpResp, moasession);
-
-            } else
-                // check if we have authentication request
-                if (moaStorkRequest.isAuthnRequest()) {
-                    Logger.debug("Starting AuthenticationRequest");
-
-                    STORKAuthnResponse authnResponse = new STORKAuthnResponse();
-                    authnResponse.setCountry(moaStorkRequest.getStorkAuthnRequest().getSpCountry());
-
-                    OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
-                    if (oaParam == null)
-                        throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()});
-
-                    // Get personal attributtes from MOA/IdentityLink
-                    authnResponse.setPersonalAttributeList(populateAttributes());
+                
+                moaStorkResponse.setSTORKAttrResponse(new STORKAttrQueryResponse());
+            }
+            // check if we have authentication request
+            else if (moaStorkRequest.isAuthnRequest()) {
+                Logger.debug("Starting AuthenticationRequest");
 
-                    // Prepare extended attributes
-                    Logger.debug("Preparing data container");
+                moaStorkResponse.setSTORKAuthnResponse(new STORKAuthnResponse());
+                // Get personal attributtes from MOA/IdentityLink
+                moaStorkResponse.setPersonalAttributeList(populateAttributes());
+            }
+            
+            moaStorkResponse.setCountry(moaStorkRequest.getSpCountry());
 
-                    // create fresh container
-                    DataContainer container = new DataContainer();
+            // Prepare extended attributes
+            Logger.debug("Preparing data container");
 
-                    // - fill in the request we extracted above
-                    container.setRequest(moaStorkRequest.getStorkAuthnRequest());
+            // create fresh container
+            DataContainer container = new DataContainer();
 
-                    // - fill in the partial response created above
-                    container.setResponse(authnResponse);
+            // - fill in the request we extracted above
+            container.setRequest(moaStorkRequest);
 
-                    // - memorize the target url were we have to return the result
-                    container.setTarget(moaStorkRequest.getStorkAuthnRequest().getAssertionConsumerServiceURL());
+            // - fill in the partial response created above
+            container.setResponse(moaStorkResponse);
 
-                    container.setRemoteAddress(httpReq.getRemoteAddr());
+            // - memorize the target url were we have to return the result
+            container.setTarget(moaStorkRequest.getAssertionConsumerServiceURL());
 
+            container.setRemoteAddress(httpReq.getRemoteAddr());
 
-                    Logger.debug("Data container prepared");
 
-                    return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam);
+            Logger.debug("Data container prepared");
 
-                }
+            return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam);
         } else {
             Logger.error("Could not recognize request.");
             throw new MOAIDException("stork.15", null);
         }
-
-        return null;
     }
 
     public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java
index a1c40526d..74239318b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java
@@ -2,10 +2,6 @@ package at.gv.egovernment.moa.id.protocols.stork2;
 
 import java.io.Serializable;
 
-import eu.stork.peps.auth.commons.STORKAuthnRequest;
-import eu.stork.peps.auth.commons.STORKAuthnResponse;
-
-// TODO: Auto-generated Javadoc
 /**
  * Holds info about an ongoing but yet incomplete stork authnrequest process.
  */
@@ -15,10 +11,10 @@ public class DataContainer implements Serializable {
 	private static final long serialVersionUID = -8765997480582363012L;
 
 	/** The incoming request. */
-	private STORKAuthnRequest request;
+	private MOASTORKRequest request;
 	
 	/** The yet incomplete response. */
-	private STORKAuthnResponse response;
+	private MOASTORKResponse response;
 	
 	/** The target. */
 	private String target;
@@ -31,17 +27,17 @@ public class DataContainer implements Serializable {
 	 *
 	 * @return the request
 	 */
-	public STORKAuthnRequest getRequest() {
+	public MOASTORKRequest getRequest() {
 		return request;
 	}
 
 	/**
 	 * Sets the request.
 	 *
-	 * @param request the new request
+	 * @param moaStorkRequest the new request
 	 */
-	public void setRequest(STORKAuthnRequest request) {
-		this.request = request;
+	public void setRequest(MOASTORKRequest moaStorkRequest) {
+		this.request = moaStorkRequest;
 	}
 
 	/**
@@ -49,17 +45,17 @@ public class DataContainer implements Serializable {
 	 *
 	 * @return the response
 	 */
-	public STORKAuthnResponse getResponse() {
+	public MOASTORKResponse getResponse() {
 		return response;
 	}
 
 	/**
 	 * Sets the response.
 	 *
-	 * @param response the new response
+	 * @param moaStorkResponse the new response
 	 */
-	public void setResponse(STORKAuthnResponse response) {
-		this.response = response;
+	public void setResponse(MOASTORKResponse moaStorkResponse) {
+		this.response = moaStorkResponse;
 	}
 
 	/**
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
index 47a86174f..fa7db82c4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
@@ -1,7 +1,10 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
+import java.io.Serializable;
+
 import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.logging.Logger;
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.STORKAttrQueryRequest;
 import eu.stork.peps.auth.commons.STORKAuthnRequest;
 
@@ -11,8 +14,9 @@ import eu.stork.peps.auth.commons.STORKAuthnRequest;
  * @author bsuzic
  */
 
-public class MOASTORKRequest implements IRequest {
-    private String requestID;
+public class MOASTORKRequest implements IRequest, Serializable {
+	private static final long serialVersionUID = 4581953368724501376L;
+	private String requestID;
     private String target = null;
     String module = null;
     String action = null;
@@ -102,4 +106,25 @@ public class MOASTORKRequest implements IRequest {
     public String getRequestID() {
         return this.requestID;
     }
+    
+    public IPersonalAttributeList getPersonalAttributeList() {
+    	if(isAttrRequest())
+    		return this.storkAttrQueryRequest.getPersonalAttributeList();
+    	else
+    		return this.storkAuthnRequest.getPersonalAttributeList();
+    }
+
+	public String getSpCountry() {
+    	if(isAttrRequest())
+    		return this.storkAttrQueryRequest.getSpCountry();
+    	else
+    		return this.storkAuthnRequest.getSpCountry();
+	}
+
+	public String getAssertionConsumerServiceURL() {
+    	if(isAttrRequest())
+    		return this.storkAttrQueryRequest.getAssertionConsumerServiceURL();
+    	else
+    		return this.storkAuthnRequest.getAssertionConsumerServiceURL();
+	}
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java
new file mode 100644
index 000000000..36f5a80b4
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java
@@ -0,0 +1,75 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import java.io.Serializable;
+
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+import eu.stork.peps.auth.commons.STORKAttrQueryResponse;
+import eu.stork.peps.auth.commons.STORKAuthnResponse;
+
+/**
+ * Implements MOA request and stores StorkAuthn/Attr-Request related data
+ *
+ * @author bsuzic
+ */
+
+public class MOASTORKResponse implements Serializable {
+	private static final long serialVersionUID = -5798803155055518747L;
+	private STORKAuthnResponse storkAuthnRequest;
+    private STORKAttrQueryResponse storkAttrQueryRequest;
+    private boolean isAttrRequest = false;
+    private boolean isAuthnRequest = false;
+
+    public void setSTORKAuthnResponse(STORKAuthnResponse request) {
+        this.storkAuthnRequest = request;
+        if (request != null) {
+            isAuthnRequest = true;
+        }
+    }
+
+    public void setSTORKAttrResponse(STORKAttrQueryResponse request) {
+        this.storkAttrQueryRequest = request;
+        if (request != null) {
+            isAttrRequest = true;
+        }
+    }
+
+    public boolean isAttrResponse() {
+        return this.isAttrRequest;
+    }
+
+    public boolean isAuthnResponse() {
+        return this.isAuthnRequest;
+    }
+
+
+    public STORKAuthnResponse getStorkAuthnResponse() {
+        return this.storkAuthnRequest;
+    }
+
+    public STORKAttrQueryResponse getStorkAttrQueryResponse() {
+        return this.storkAttrQueryRequest;
+    }
+    
+    public IPersonalAttributeList getPersonalAttributeList() {
+    	if(isAttrResponse())
+    		return this.storkAttrQueryRequest.getPersonalAttributeList();
+    	else
+    		return this.storkAuthnRequest.getPersonalAttributeList();
+    }
+
+    public void setPersonalAttributeList(PersonalAttributeList populateAttributes) {
+    	if(isAttrResponse())
+    		this.storkAttrQueryRequest.setPersonalAttributeList(populateAttributes);
+    	else
+    		this.storkAuthnRequest.setPersonalAttributeList(populateAttributes);
+    }
+    
+	public void setCountry(String spCountry) {
+    	if(isAttrResponse())
+    		this.storkAttrQueryRequest.setCountry(spCountry);
+    	else
+    		this.storkAuthnRequest.setCountry(spCountry);
+	}
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index e68b66510..d2f2ff663 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -102,14 +102,14 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
             authnRequest = authnEngine.validateSTORKAuthnRequest(decSamlToken);
         } catch (STORKSAMLEngineException ex) {
             Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage());
-        }
-
-
-        // check if a valid attr request is container
-        try {
-            attrRequest = attrEngine.validateSTORKAttrQueryRequest(decSamlToken);
-        } catch (STORKSAMLEngineException ex) {
-            Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage());
+        } catch(ClassCastException e) {
+        	// we do not have a authnRequest
+        	// check if a valid attr request is container
+        	try {
+        		attrRequest = attrEngine.validateSTORKAttrQueryRequest(decSamlToken);
+        	} catch (STORKSAMLEngineException ex) {
+        		Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage());
+        	}
         }
 
         // if there is no authn or attr request, raise error
-- 
cgit v1.2.3


From 4e5383a60b4cc2db7b51883f2e85aeff6f3f70cd Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Tue, 4 Mar 2014 16:09:21 +0100
Subject: fixed eHVD plugin

---
 .../id/protocols/stork2/AttributeCollector.java    |  4 +--
 .../stork2/EHvdAttributeProviderPlugin.java        | 39 ++++++++++++++++------
 2 files changed, 30 insertions(+), 13 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 5f46153af..7342a45aa 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -225,8 +225,8 @@ public class AttributeCollector implements IAction {
             else
             	blob = authnResponse.getStorkAuthnResponse().getTokenSaml();
 
-            context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(blob).getBytes());
-            Logger.debug("SAMLResponse original: " + new String(blob).getBytes());
+            context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(blob));
+            Logger.debug("SAMLResponse original: " + new String(blob));
 
             Logger.debug("Putting assertion consumer url as action: " + authnRequest.getAssertionConsumerServiceURL());
             context.put("action", authnRequest.getAssertionConsumerServiceURL());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
index 4404af4e3..f97d8c804 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
@@ -8,6 +8,7 @@ import java.util.Map;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.xml.namespace.QName;
 import javax.xml.parsers.DocumentBuilderFactory;
 import javax.xml.soap.MessageFactory;
 import javax.xml.soap.SOAPBody;
@@ -27,6 +28,7 @@ import javax.xml.transform.stream.StreamResult;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 
+import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
@@ -61,7 +63,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 			ExternalAttributeRequestRequiredException, MOAIDException {
 
 		// break when we cannot handle the requested attribute
-		if(!attributes.getFriendlyName().equals("isHCP"))
+		if(!attributes.getName().equals("isHealthCareProfessional"))
 			throw new UnsupportedAttributeException();
 		
 		try {
@@ -95,8 +97,9 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 			// SOAP Body
 			SOAPBody requestBody = envelope.getBody();
 			SOAPElement requestBodyElem = requestBody.addChildElement("IsHealthcareProfessional");
+			requestBodyElem.addAttribute(new QName("xmlns"), "http://gesundheit.gv.at/BAGDAD/DataAccessService");
 			SOAPElement requestBodyElem1 = requestBodyElem.addChildElement("bPK");
-			requestBodyElem1.addTextNode(moasession.getIdentityLink().getIdentificationValue());
+			requestBodyElem1.addTextNode(new BPKBuilder().buildBPK(moasession.getIdentityLink().getIdentificationValue(), "GH"));
 
 			requestMessage.saveChanges();
 
@@ -154,26 +157,34 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 
 			if (collection.get("IsHealthcareProfessional").equals("false")) {
 				// the citizen is no HCP
-				acquiredAttribute = new PersonalAttribute("isHCP", false, new ArrayList<String>(), "NotAvailable");
+				acquiredAttribute = new PersonalAttribute("isHealthCareProfessional", false, new ArrayList<String>(), "NotAvailable");
 			} else {
 				// go on and parse the data
 
 				Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument();
+				
+				// create the root element
+				Element root = doc.createElement("isHealthCareProfessional");
+				doc.appendChild(root);
 
 				Element orgname = doc.createElement("nameOfOrganisation");
-				orgname.appendChild(doc.createTextNode(collection.get("NameOfOrganization")));
-				doc.appendChild(orgname);
+				orgname.appendChild(doc.createTextNode(collection.get("NameOfOrganisation")));
+				root.appendChild(orgname);
 
 				Element type = doc.createElement("HCP");
 				// TODO fix value mapping
-				if (collection.get("Type").equals("Medical Doctors"))
+				if (collection.get("Type").equals("Medical doctor"))
 					type.appendChild(doc.createTextNode("D"));
-				doc.appendChild(type);
+				root.appendChild(type);
 
 				Element specialization = doc.createElement("specialisation");
-				// TODO fix value mapping
-				specialization.appendChild(doc.createTextNode(collection.get("Specialization").substring(0, 2)));
-				doc.appendChild(specialization);
+				if (collection.get("Specialization").contains("Arzt für Allgemeinmedizin"))
+					specialization.appendChild(doc.createTextNode("GP"));
+				root.appendChild(specialization);
+				
+				Element aqaa = doc.createElement("AQAA");
+				aqaa.appendChild(doc.createTextNode("4"));
+				root.appendChild(aqaa);
 
 				// get string from dom tree
 				Source source = new DOMSource(doc);
@@ -187,12 +198,18 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 				ArrayList<String> value = new ArrayList<String>();
 				value.add(out.toString());
 
-				acquiredAttribute = new PersonalAttribute("isHCP", false, value, "Available");
+				acquiredAttribute = new PersonalAttribute("isHealthCareProfessional", false, value, "Available");
 			}
 
 			// pack and return the result
 			PersonalAttributeList result = new PersonalAttributeList();
 			result.add(acquiredAttribute);
+			
+			// add stork id for verification
+			ArrayList<String> value = new ArrayList<String>();
+			value.add(new BPKBuilder().buildStorkbPK(moasession.getIdentityLink().getIdentificationValue(), "IT"));
+			result.add(new PersonalAttribute("eIdentifier", false, value, "Available"));
+			
 
 			return result;
 		} catch (Exception e) {
-- 
cgit v1.2.3


From 7ce4c799eb26f65ef8826b74d0fb09a8d1f4949d Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Tue, 4 Mar 2014 17:05:01 +0100
Subject: fixed response handling

---
 .../id/protocols/stork2/AttributeCollector.java    | 22 +++++++++++-----------
 .../moa/id/protocols/stork2/STORKProtocol.java     |  9 +++++----
 2 files changed, 16 insertions(+), 15 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 7342a45aa..b2f5076b6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -49,8 +49,18 @@ public class AttributeCollector implements IAction {
      */
     public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {
 
+		// - fetch the container
+		String artifactId = (String) httpReq.getParameter(ARTIFACT_ID);
+		DataContainer container;
+		try {
+			container = AssertionStorage.getInstance().get(artifactId, DataContainer.class);
+		} catch (MOADatabaseException e) {
+			Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e);
+			throw new MOAIDException("stork.11", null);
+		}
+
         // read configuration parameters of OA
-        OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
+        OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(container.getRequest().getAssertionConsumerServiceURL());
         if (oaParam == null)
             throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()});
 
@@ -73,16 +83,6 @@ public class AttributeCollector implements IAction {
             Logger.error("No attribute could be retrieved from the response the attribute provider gave us.");
         }
 
-        // - fetch the container
-        String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID);
-        DataContainer container;
-        try {
-            container = AssertionStorage.getInstance().get(artifactId, DataContainer.class);
-        } catch (MOADatabaseException e) {
-            Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e);
-            throw new MOAIDException("stork.11", null);
-        }
-
         // - insert the embedded attribute(s) into the container
         addOrUpdateAll(container.getResponse().getPersonalAttributeList(), newAttributes);
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index d2f2ff663..638035008 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -71,16 +71,17 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         Logger.debug("Request content length: " + request.getContentLength());
         Logger.debug("Initiating action: " + action);
 
+        MOASTORKRequest STORK2Request = new MOASTORKRequest();
+
+		if (AttributeCollector.class.getSimpleName().equals(action))
+			return STORK2Request;
+
         HTTPInTransport profileReq = new HttpServletRequestAdapter(request);
         HTTPOutTransport profileResp = new HttpServletResponseAdapter(response, request.isSecure());
 
-
         BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext();
         samlMessageContext.setInboundMessageTransport(profileReq);
 
-        MOASTORKRequest STORK2Request = new MOASTORKRequest();
-
-
         //extract STORK Response from HTTP Request
         byte[] decSamlToken;
         try {
-- 
cgit v1.2.3


From cd0887a43b0b4350e736433c2b513901a2151601 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Tue, 4 Mar 2014 17:51:06 +0100
Subject: after merge, having problem

---
 id/ConfigWebTool/ConfigurationInterface.iml        |  20 +-
 id/oa/moa-id-oa.iml                                |   4 +-
 id/server/auth/moa-id-auth.iml                     |  19 +-
 id/server/auth/pom.xml                             |   9 +-
 id/server/idserverlib/moa-id-lib.iml               |  25 +-
 .../moa/id/auth/AuthenticationServer.java          |   2 +-
 .../id/protocols/stork2/AttributeCollector.java    |   9 +-
 id/server/moa-id-commons/moa-id-commons.iml        |   7 +-
 id/server/moa-id-commons/pom.xml                   | 491 +++++++++++----------
 id/server/proxy/moa-id-proxy.iml                   |  17 +-
 .../oasis-dss-api-1.0.0-SNAPSHOT.jar               | Bin 180095 -> 282629 bytes
 .../clients/api/moa-spss-handbook-apiClient.iml    |   4 +-
 .../moa-spss-handbook-webserviceClient.iml         |   4 +-
 spss/server/serverlib/moa-spss-lib.iml             |   4 +-
 spss/server/serverws/moa-spss-ws.iml               |   4 +-
 15 files changed, 308 insertions(+), 311 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/ConfigWebTool/ConfigurationInterface.iml b/id/ConfigWebTool/ConfigurationInterface.iml
index 20f45337e..43790145b 100644
--- a/id/ConfigWebTool/ConfigurationInterface.iml
+++ b/id/ConfigWebTool/ConfigurationInterface.iml
@@ -73,8 +73,6 @@
     <orderEntry type="library" name="Maven: org.jvnet.jaxb2_commons:jaxb2-basics-testing:0.6.2" level="project" />
     <orderEntry type="library" name="Maven: xmlunit:xmlunit:1.0" level="project" />
     <orderEntry type="library" name="Maven: commons-io:commons-io:2.0.1" level="project" />
-    <orderEntry type="library" name="Maven: org.slf4j:slf4j-log4j12:1.6.1" level="project" />
-    <orderEntry type="library" name="Maven: org.slf4j:slf4j-api:1.6.1" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-schemas-persistence:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-schemas-customizations:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: org.springframework:spring:2.0.7" level="project" />
@@ -121,29 +119,20 @@
     <orderEntry type="library" name="Maven: org.apache.velocity:velocity:1.7" level="project" />
     <orderEntry type="library" name="Maven: org.owasp.esapi:esapi:2.0.1" level="project" />
     <orderEntry type="library" name="Maven: org.bouncycastle:bcprov-jdk16:1.46" level="project" />
+    <orderEntry type="library" name="Maven: org.slf4j:slf4j-api:1.6.1" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-simple:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:jcl-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: eu.stork:oasis-dss-api:1.0.0-SNAPSHOT" level="project" />
-    <orderEntry type="library" name="Maven: com.sun.xml.ws:jaxws-rt:2.1.7" level="project" />
-    <orderEntry type="library" name="Maven: javax.xml.ws:jaxws-api:2.1" level="project" />
-    <orderEntry type="library" name="Maven: javax.xml.bind:jaxb-api:2.2.6" level="project" />
-    <orderEntry type="library" name="Maven: com.sun.xml.messaging.saaj:saaj-impl:1.3.3" level="project" />
-    <orderEntry type="library" name="Maven: javax.xml.soap:saaj-api:1.3" level="project" />
-    <orderEntry type="library" name="Maven: javax.activation:activation:1.1" level="project" />
-    <orderEntry type="library" name="Maven: com.sun.xml.stream.buffer:streambuffer:0.9" level="project" />
-    <orderEntry type="library" name="Maven: org.jvnet.staxex:stax-ex:1.2" level="project" />
-    <orderEntry type="library" name="Maven: javax.xml.stream:stax-api:1.0" level="project" />
-    <orderEntry type="library" name="Maven: org.codehaus.woodstox:wstx-asl:3.2.3" level="project" />
-    <orderEntry type="library" name="Maven: stax:stax-api:1.0.1" level="project" />
-    <orderEntry type="library" name="Maven: org.jvnet:mimepull:1.3" level="project" />
+    <orderEntry type="library" name="Maven: eu.medsea.mimeutil:mime-util:2.1.3" level="project" />
     <orderEntry type="module" module-name="moa-spss-lib" />
     <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
     <orderEntry type="library" name="Maven: org.apache.axis:axis-jaxrpc:1.4" level="project" />
     <orderEntry type="library" name="Maven: org.apache.axis:axis-saaj:1.4" level="project" />
     <orderEntry type="library" name="Maven: axis:axis-wsdl4j:1.5.1" level="project" />
     <orderEntry type="library" name="Maven: commons-discovery:commons-discovery:0.2" level="project" />
+    <orderEntry type="library" name="Maven: javax.activation:activation:1.1" level="project" />
     <orderEntry type="library" name="Maven: javax.mail:mail:1.4" level="project" />
     <orderEntry type="library" scope="RUNTIME" name="Maven: postgresql:postgresql:7.2" level="project" />
     <orderEntry type="library" name="Maven: xalan-bin-dist:xalan:2.7.1" level="project" />
@@ -168,6 +157,8 @@
     <orderEntry type="library" name="Maven: iaik:iaik_ssl:4.4" level="project" />
     <orderEntry type="library" name="Maven: iaik:w3c_http:1.0" level="project" />
     <orderEntry type="library" name="Maven: org.xerial:sqlite-jdbc:3.7.8-SNAPSHOT" level="project" />
+    <orderEntry type="library" name="Maven: stax:stax-api:1.0.1" level="project" />
+    <orderEntry type="library" name="Maven: javax.xml.bind:jaxb-api:2.2.6" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_util:0.23" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_xsect:1.1709142" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_jsse:4.4" level="project" />
@@ -186,6 +177,7 @@
     <orderEntry type="library" name="Maven: commons-validator:commons-validator:1.3.1" level="project" />
     <orderEntry type="library" name="Maven: commons-digester:commons-digester:1.6" level="project" />
     <orderEntry type="library" name="Maven: bouncycastle:bcprov-jdk16:140" level="project" />
+    <orderEntry type="library" name="Maven: org.slf4j:slf4j-log4j12:1.6.1" level="project" />
     <orderEntry type="library" name="Maven: org.apache.struts:struts2-core:2.3.14.3" level="project" />
     <orderEntry type="library" name="Maven: org.apache.struts.xwork:xwork-core:2.3.14.3" level="project" />
     <orderEntry type="library" name="Maven: ognl:ognl:3.0.6" level="project" />
diff --git a/id/oa/moa-id-oa.iml b/id/oa/moa-id-oa.iml
index 6d9905e25..0b7bf00de 100644
--- a/id/oa/moa-id-oa.iml
+++ b/id/oa/moa-id-oa.iml
@@ -13,8 +13,8 @@
     </facet>
   </component>
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/../target/classes" />
-    <output-test url="file://$MODULE_DIR$/../target/test-classes" />
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
       <sourceFolder url="file://$MODULE_DIR$/src/main/resources" type="java-resource" />
diff --git a/id/server/auth/moa-id-auth.iml b/id/server/auth/moa-id-auth.iml
index f61dfa171..b8b4208b8 100644
--- a/id/server/auth/moa-id-auth.iml
+++ b/id/server/auth/moa-id-auth.iml
@@ -14,8 +14,8 @@
     </facet>
   </component>
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/../../target/classes" />
-    <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/resources" type="java-resource" />
       <excludeFolder url="file://$MODULE_DIR$/target" />
@@ -96,19 +96,10 @@
     <orderEntry type="library" name="Maven: org.slf4j:jcl-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.5" level="project" />
-    <orderEntry type="library" name="Maven: commons-io:commons-io:2.2" level="project" />
+    <orderEntry type="library" name="Maven: commons-io:commons-io:1.3.2" level="project" />
     <orderEntry type="library" name="Maven: eu.stork:oasis-dss-api:1.0.0-SNAPSHOT" level="project" />
     <orderEntry type="library" scope="TEST" name="Maven: junit:junit:3.8.1" level="project" />
-    <orderEntry type="library" name="Maven: com.sun.xml.ws:jaxws-rt:2.1.7" level="project" />
-    <orderEntry type="library" name="Maven: javax.xml.ws:jaxws-api:2.1" level="project" />
-    <orderEntry type="library" name="Maven: com.sun.xml.messaging.saaj:saaj-impl:1.3.3" level="project" />
-    <orderEntry type="library" name="Maven: javax.xml.soap:saaj-api:1.3" level="project" />
-    <orderEntry type="library" name="Maven: com.sun.xml.stream.buffer:streambuffer:0.9" level="project" />
-    <orderEntry type="library" name="Maven: org.jvnet.staxex:stax-ex:1.2" level="project" />
-    <orderEntry type="library" name="Maven: javax.xml.stream:stax-api:1.0" level="project" />
-    <orderEntry type="library" name="Maven: org.codehaus.woodstox:wstx-asl:3.2.3" level="project" />
-    <orderEntry type="library" name="Maven: com.sun.org.apache.xml.internal:resolver:20050927" level="project" />
-    <orderEntry type="library" name="Maven: org.jvnet:mimepull:1.3" level="project" />
+    <orderEntry type="library" name="Maven: eu.medsea.mimeutil:mime-util:2.1.3" level="project" />
     <orderEntry type="module" module-name="moa-id-commons" />
     <orderEntry type="library" name="Maven: org.hibernate:hibernate-core:4.2.1.Final" level="project" />
     <orderEntry type="library" name="Maven: antlr:antlr:2.7.7" level="project" />
@@ -134,12 +125,12 @@
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-roundtrip:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.jaxb2_commons:jaxb2-basics-testing:0.6.2" level="project" />
     <orderEntry type="library" name="Maven: xmlunit:xmlunit:1.0" level="project" />
-    <orderEntry type="library" name="Maven: org.slf4j:slf4j-log4j12:1.6.1" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-schemas-persistence:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-schemas-customizations:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: org.springframework:spring:2.0.7" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.jaxb2.maven2:maven-jaxb2-plugin:0.8.0" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.jaxb2.maven2:maven-jaxb2-plugin-core:0.8.0" level="project" />
+    <orderEntry type="library" name="Maven: com.sun.org.apache.xml.internal:resolver:20050927" level="project" />
     <orderEntry type="library" name="Maven: org.apache.maven:maven-plugin-api:2.2.1" level="project" />
     <orderEntry type="library" name="Maven: org.apache.maven:maven-project:2.2.1" level="project" />
     <orderEntry type="library" name="Maven: org.apache.maven:maven-settings:2.2.1" level="project" />
diff --git a/id/server/auth/pom.xml b/id/server/auth/pom.xml
index 987ae1951..c17722df0 100644
--- a/id/server/auth/pom.xml
+++ b/id/server/auth/pom.xml
@@ -79,8 +79,13 @@
 			<groupId>MOA.id.server</groupId>
 			<artifactId>moa-id-lib</artifactId>
 		</dependency>
-		
-		<!-- transitive dependencies we don't want to include into the war -->
+        <dependency>
+            <groupId>eu.stork</groupId>
+            <artifactId>oasis-dss-api</artifactId>
+            <version>1.0.0-SNAPSHOT</version>
+        </dependency>
+
+        <!-- transitive dependencies we don't want to include into the war -->
 		<dependency>
 			<groupId>iaik.prod</groupId>
 			<artifactId>iaik_jce_full</artifactId>
diff --git a/id/server/idserverlib/moa-id-lib.iml b/id/server/idserverlib/moa-id-lib.iml
index cf1b34b4b..d995f23af 100644
--- a/id/server/idserverlib/moa-id-lib.iml
+++ b/id/server/idserverlib/moa-id-lib.iml
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/../../target/classes" />
-    <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
       <sourceFolder url="file://$MODULE_DIR$/src/test/java" isTestSource="true" />
@@ -43,20 +43,7 @@
     <orderEntry type="library" name="Maven: commons-io:commons-io:2.2" level="project" />
     <orderEntry type="library" name="Maven: eu.stork:oasis-dss-api:1.0.0-SNAPSHOT" level="project" />
     <orderEntry type="library" scope="TEST" name="Maven: junit:junit:3.8.1" level="project" />
-    <orderEntry type="library" name="Maven: com.sun.xml.ws:jaxws-rt:2.1.7" level="project" />
-    <orderEntry type="library" name="Maven: javax.xml.ws:jaxws-api:2.1" level="project" />
-    <orderEntry type="library" name="Maven: javax.xml.bind:jaxb-api:2.2.6" level="project" />
-    <orderEntry type="library" name="Maven: com.sun.xml.bind:jaxb-impl:2.2.5" level="project" />
-    <orderEntry type="library" name="Maven: com.sun.xml.messaging.saaj:saaj-impl:1.3.3" level="project" />
-    <orderEntry type="library" name="Maven: javax.xml.soap:saaj-api:1.3" level="project" />
-    <orderEntry type="library" name="Maven: javax.activation:activation:1.1" level="project" />
-    <orderEntry type="library" name="Maven: com.sun.xml.stream.buffer:streambuffer:0.9" level="project" />
-    <orderEntry type="library" name="Maven: org.jvnet.staxex:stax-ex:1.2" level="project" />
-    <orderEntry type="library" name="Maven: javax.xml.stream:stax-api:1.0" level="project" />
-    <orderEntry type="library" name="Maven: org.codehaus.woodstox:wstx-asl:3.2.3" level="project" />
-    <orderEntry type="library" name="Maven: stax:stax-api:1.0.1" level="project" />
-    <orderEntry type="library" name="Maven: com.sun.org.apache.xml.internal:resolver:20050927" level="project" />
-    <orderEntry type="library" name="Maven: org.jvnet:mimepull:1.3" level="project" />
+    <orderEntry type="library" name="Maven: eu.medsea.mimeutil:mime-util:2.1.3" level="project" />
     <orderEntry type="module" module-name="moa-id-commons" />
     <orderEntry type="library" name="Maven: org.hibernate:hibernate-core:4.2.1.Final" level="project" />
     <orderEntry type="library" name="Maven: antlr:antlr:2.7.7" level="project" />
@@ -88,12 +75,12 @@
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-roundtrip:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.jaxb2_commons:jaxb2-basics-testing:0.6.2" level="project" />
     <orderEntry type="library" name="Maven: xmlunit:xmlunit:1.0" level="project" />
-    <orderEntry type="library" name="Maven: org.slf4j:slf4j-log4j12:1.6.1" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-schemas-persistence:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-schemas-customizations:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: org.springframework:spring:2.0.7" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.jaxb2.maven2:maven-jaxb2-plugin:0.8.0" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.jaxb2.maven2:maven-jaxb2-plugin-core:0.8.0" level="project" />
+    <orderEntry type="library" name="Maven: com.sun.org.apache.xml.internal:resolver:20050927" level="project" />
     <orderEntry type="library" name="Maven: org.apache.maven:maven-plugin-api:2.2.1" level="project" />
     <orderEntry type="library" name="Maven: org.apache.maven:maven-project:2.2.1" level="project" />
     <orderEntry type="library" name="Maven: org.apache.maven:maven-settings:2.2.1" level="project" />
@@ -111,6 +98,7 @@
     <orderEntry type="library" name="Maven: org.apache.maven:maven-plugin-registry:2.2.1" level="project" />
     <orderEntry type="library" name="Maven: org.jfrog.maven.annomojo:maven-plugin-anno:1.3.1" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.jaxb2.maven2:maven-jaxb22-plugin:0.8.0" level="project" />
+    <orderEntry type="library" name="Maven: com.sun.xml.bind:jaxb-impl:2.2.5" level="project" />
     <orderEntry type="library" name="Maven: com.sun.xml.bind:jaxb-xjc:2.2.4-1" level="project" />
     <orderEntry type="library" name="Maven: mysql:mysql-connector-java:5.1.25" level="project" />
     <orderEntry type="module" module-name="moa-common" scope="TEST" production-on-test="" />
@@ -120,6 +108,7 @@
     <orderEntry type="library" name="Maven: org.apache.axis:axis-saaj:1.4" level="project" />
     <orderEntry type="library" name="Maven: axis:axis-wsdl4j:1.5.1" level="project" />
     <orderEntry type="library" name="Maven: commons-discovery:commons-discovery:0.2" level="project" />
+    <orderEntry type="library" name="Maven: javax.activation:activation:1.1" level="project" />
     <orderEntry type="library" name="Maven: javax.mail:mail:1.4" level="project" />
     <orderEntry type="library" scope="RUNTIME" name="Maven: postgresql:postgresql:7.2" level="project" />
     <orderEntry type="library" scope="PROVIDED" name="Maven: javax.servlet:servlet-api:2.4" level="project" />
@@ -145,6 +134,8 @@
     <orderEntry type="library" name="Maven: iaik:iaik_ssl:4.4" level="project" />
     <orderEntry type="library" name="Maven: iaik:w3c_http:1.0" level="project" />
     <orderEntry type="library" name="Maven: org.xerial:sqlite-jdbc:3.7.8-SNAPSHOT" level="project" />
+    <orderEntry type="library" name="Maven: stax:stax-api:1.0.1" level="project" />
+    <orderEntry type="library" name="Maven: javax.xml.bind:jaxb-api:2.2.6" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_util:0.23" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_xsect:1.1709142" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_jsse:4.4" level="project" />
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index ce5aa15c3..6f6d9611a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -125,7 +125,7 @@ import at.gv.util.xsd.srzgw.MISType;
 import at.gv.util.xsd.srzgw.MISType.Filters;
 import eu.stork.oasisdss.api.AdditionalProfiles;
 import eu.stork.oasisdss.api.ApiUtils;
-import eu.stork.oasisdss.api.ApiUtilsException;
+import eu.stork.oasisdss.api.exceptions.ApiUtilsException;
 import eu.stork.oasisdss.api.Profiles;
 import eu.stork.oasisdss.api.QualityLevels;
 import eu.stork.oasisdss.api.SignatureTypes;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 84831a7b5..10cdcba6c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -62,7 +62,12 @@ public class AttributeCollector implements IAction {
 
         this.httpResp = httpResp;
 
-    	// find the attribute provider plugin that can handle the response
+        // read configuration parameters of OA
+        OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
+        if (oaParam == null)
+            throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()});
+
+        // find the attribute provider plugin that can handle the response
 		IPersonalAttributeList newAttributes = null;
 		for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs()))
 			try {
@@ -167,7 +172,7 @@ public class AttributeCollector implements IAction {
             } catch (Exception e1) {
                 // TODO should we return the response as is to the PEPS?
                 Logger.error("Error putting incomplete Stork response into temporary storage", e);
-                throw new MOAIDException("stork.11", An Introduction to Knowledge Engineeringnull);
+                throw new MOAIDException("stork.11", null);
             }
 
             return "12345"; // TODO what to do here?
diff --git a/id/server/moa-id-commons/moa-id-commons.iml b/id/server/moa-id-commons/moa-id-commons.iml
index 08d15d746..8ded8b94a 100644
--- a/id/server/moa-id-commons/moa-id-commons.iml
+++ b/id/server/moa-id-commons/moa-id-commons.iml
@@ -26,8 +26,8 @@
     </facet>
   </component>
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/../../target/classes" />
-    <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
       <sourceFolder url="file://$MODULE_DIR$/src/main/resources/config" type="java-resource" />
@@ -71,9 +71,6 @@
     <orderEntry type="library" name="Maven: org.jvnet.jaxb2_commons:jaxb2-basics-testing:0.6.2" level="project" />
     <orderEntry type="library" name="Maven: xmlunit:xmlunit:1.0" level="project" />
     <orderEntry type="library" name="Maven: commons-io:commons-io:1.2" level="project" />
-    <orderEntry type="library" name="Maven: org.slf4j:slf4j-log4j12:1.6.1" level="project" />
-    <orderEntry type="library" name="Maven: org.slf4j:slf4j-api:1.6.1" level="project" />
-    <orderEntry type="library" name="Maven: log4j:log4j:1.2.14" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-schemas-persistence:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-schemas-customizations:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: org.springframework:spring:2.0.7" level="project" />
diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml
index 9a3cf4f7c..055a67bf4 100644
--- a/id/server/moa-id-commons/pom.xml
+++ b/id/server/moa-id-commons/pom.xml
@@ -1,235 +1,260 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-  <modelVersion>4.0.0</modelVersion>
-  <parent>
-    <groupId>MOA.id</groupId>
-    <artifactId>moa-id</artifactId>
-    <version>1.9.98-SNAPSHOT</version>
-  </parent>
-  <artifactId>moa-id-commons</artifactId>
-  <name>moa-id-commons</name>
-  <groupId>MOA.id.server</groupId>
-  
-  <repositories>
-  	<repository>
-      <id>hyberjaxb</id>
-      <url>http://repository.highsource.org/maven2/releases/</url>
-      <releases><enabled>true</enabled></releases>
-  	</repository>
-      <repository>
-          <id>JBoss IAIK</id>
-          <url>http://nexus.iaik.tugraz.at/nexus/content/repositories/nexus/</url>
-         <!-- <releases><enabled>true</enabled></releases> -->
-      </repository>
-  </repositories>
-  
-  <dependencies>
-		<dependency>
-			<groupId>org.hibernate</groupId>
-			<artifactId>hibernate-core</artifactId>
-			<version>4.2.1.Final</version>
-		</dependency>
-		<dependency>
-			<groupId>org.hibernate</groupId>
-			<artifactId>hibernate-c3p0</artifactId>
-			<version>4.2.1.Final</version>
-		</dependency>
-		<dependency>
-			<groupId>org.hibernate</groupId>
-			<artifactId>hibernate-entitymanager</artifactId>
-			<version>4.2.1.Final</version>
-		</dependency>
-		
-		<dependency>
-			<groupId>org.apache.commons</groupId>
-			<artifactId>commons-lang3</artifactId>
-			<version>3.1</version>
-		</dependency>
-		<dependency>
-			<groupId>MOA</groupId>
-			<artifactId>moa-common</artifactId>
-			<type>jar</type>
-		</dependency>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>MOA.id</groupId>
+        <artifactId>moa-id</artifactId>
+        <version>1.9.98-SNAPSHOT</version>
+    </parent>
+    <artifactId>moa-id-commons</artifactId>
+    <name>moa-id-commons</name>
+    <groupId>MOA.id.server</groupId>
 
-		<!-- dependency>
-			<groupId>com.sun.xml.bind</groupId>
-			<artifactId>jaxb-xjc</artifactId>
-			<version>2.2.7</version>
-		</dependency -->		
-					
-		<dependency>
-			<groupId>org.hibernate.javax.persistence</groupId>
-			<artifactId>hibernate-jpa-2.0-api</artifactId>
-			<version>1.0.1.Final</version>
-		</dependency>
-				
-		<dependency>
-			<groupId>org.jvnet.hyperjaxb3</groupId>
-			<artifactId>hyperjaxb3-ejb-runtime</artifactId>
-			<version>0.5.6</version>
-		</dependency>
-		<dependency>
-	<groupId>org.jvnet.hyperjaxb3</groupId>
-	<artifactId>maven-hyperjaxb3-plugin</artifactId>
-	<version>0.5.6</version>
-</dependency>
-		<dependency>
-			<groupId>mysql</groupId>
-			<artifactId>mysql-connector-java</artifactId>
-			<version>5.1.25</version>
-		</dependency>
-  </dependencies>
-  
-  	<build>
-  		<defaultGoal>install</defaultGoal>
-    	
-    	<resources>
-        <resource>
-          	<directory>src/main/resources/config</directory>
-            <excludes>
-                <exclude>**/*.java</exclude>
-            </excludes>
-        </resource>
-        <resource>
-            <directory>target/generated-sources/xjc</directory>
-            <excludes>
-                <exclude>**/*.java</exclude>
-            </excludes>
-        </resource>
-    	</resources>
-    	  
-	<plugins>		    
-		<plugin>
-			<groupId>org.apache.maven.plugins</groupId>
-			<artifactId>maven-compiler-plugin</artifactId>
-			<configuration>
-			<source>1.5</source>
-			<target>1.5</target>
-			</configuration>
-			</plugin>
-					<plugin>
-				<groupId>org.apache.maven.plugins</groupId>
-				<artifactId>maven-jar-plugin</artifactId>
-				<configuration>
-				<skip>true</skip>
-				<skipTests>true</skipTests>
-					<archive>
-						<addMavenDescriptor>false</addMavenDescriptor>
-					</archive>
-				</configuration>
-				<executions>
-					<execution>
-						<goals>
-							<goal>test-jar</goal>
-						</goals>
-					</execution>
-				</executions>
-			</plugin>
-	
-			<plugin>
-				<groupId>org.jvnet.hyperjaxb3</groupId>
-				<artifactId>maven-hyperjaxb3-plugin</artifactId>
-				<version>0.5.6</version>
-				<executions>
-					<execution>
-						<goals>
-							<goal>generate</goal>
-						</goals>
-					</execution>
-				</executions>
-				<configuration>
-					<extension>true</extension>
-          <schemaDirectory>src/main/resources/config</schemaDirectory>
-          <bindingDirectory>src/main/resources/config</bindingDirectory>
-          <persistenceXml>src/main/resources/config/persistence_template.xml</persistenceXml>
-          <generatePackage>at.gv.egovernment.moa.id.commons.db.dao.config</generatePackage>
- 				</configuration>
-			</plugin>
-			<plugin>
-				<inherited>true</inherited>
-				<artifactId>maven-compiler-plugin</artifactId>
-				<version>2.0.2</version>
-				<configuration>
-					<source>1.5</source>
-					<target>1.5</target>
-				</configuration>
-			</plugin>
-					
-			<plugin>
-				<groupId>org.apache.maven.plugins</groupId>
-				<artifactId>maven-javadoc-plugin</artifactId>
-				<version>2.5</version>
-				<configuration>
-					<charset>UTF-8</charset>
-					<docencoding>UTF-8</docencoding>
-					<quiet>true</quiet>
-					<author>false</author>
-					<version>false</version>
-					<use>true</use>
-					<excludePackageNames>at.gv.egovernment.moa.spss.server.*;at.gv.egovernment.moa.spss.api.impl.*;at.gv.egovernment.moa.spss.impl.*</excludePackageNames>
-					<tags>
-						<tag>
-							<name>pre</name>
-							<placement>a</placement>
-							<head>Preconditions:</head>
-						</tag>
-						<tag>
-							<name>post</name>
-							<placement>a</placement>
-							<head>Postconditions:</head>
-						</tag>
-					</tags>
-					<links>
-						<link>http://java.sun.com/j2se/1.4/docs/api/</link>
-						<link>http://java.sun.com/j2se/1.5.0/docs/api/</link>
-						<link>http://logging.apache.org/log4j/docs/api/</link>
-					</links>
-					<target>1.5</target>
-				</configuration>
-				<executions>
-					<execution>
-						<id>generate-javadoc</id>
-						<phase>package</phase>
-						<goals>
-							<goal>jar</goal>
-						</goals>
-					</execution>
-				</executions>
-			</plugin>
-		</plugins>
-	<pluginManagement>
-		<plugins>
-			<!--This plugin's configuration is used to store Eclipse m2e settings only. It has no influence on the Maven build itself.-->
-			<plugin>
-				<groupId>org.eclipse.m2e</groupId>
-				<artifactId>lifecycle-mapping</artifactId>
-				<version>1.0.0</version>
-				<configuration>
-					<lifecycleMappingMetadata>
-						<pluginExecutions>
-							<pluginExecution>
-								<pluginExecutionFilter>
-									<groupId>
-										org.jvnet.hyperjaxb3
-									</groupId>
-									<artifactId>
-										maven-hyperjaxb3-plugin
-									</artifactId>
-									<versionRange>
-										[0.5.6,)
-									</versionRange>
-									<goals>
-										<goal>generate</goal>
-									</goals>
-								</pluginExecutionFilter>
-								<action>
-									<ignore></ignore>
-								</action>
-							</pluginExecution>
-						</pluginExecutions>
-					</lifecycleMappingMetadata>
-				</configuration>
-			</plugin>
-		</plugins>
-	</pluginManagement>
-  	</build>
+    <repositories>
+        <repository>
+            <id>hyberjaxb</id>
+            <url>http://repository.highsource.org/maven2/releases/</url>
+            <releases>
+                <enabled>true</enabled>
+            </releases>
+        </repository>
+        <repository>
+            <id>JBoss IAIK</id>
+            <url>http://nexus.iaik.tugraz.at/nexus/content/repositories/nexus/</url>
+            <!-- <releases><enabled>true</enabled></releases> -->
+        </repository>
+    </repositories>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.hibernate</groupId>
+            <artifactId>hibernate-core</artifactId>
+            <version>4.2.1.Final</version>
+        </dependency>
+        <dependency>
+            <groupId>org.hibernate</groupId>
+            <artifactId>hibernate-c3p0</artifactId>
+            <version>4.2.1.Final</version>
+        </dependency>
+        <dependency>
+            <groupId>org.hibernate</groupId>
+            <artifactId>hibernate-entitymanager</artifactId>
+            <version>4.2.1.Final</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.apache.commons</groupId>
+            <artifactId>commons-lang3</artifactId>
+            <version>3.1</version>
+        </dependency>
+        <dependency>
+            <groupId>MOA</groupId>
+            <artifactId>moa-common</artifactId>
+            <type>jar</type>
+        </dependency>
+
+        <!-- dependency>
+            <groupId>com.sun.xml.bind</groupId>
+            <artifactId>jaxb-xjc</artifactId>
+            <version>2.2.7</version>
+        </dependency -->
+
+        <dependency>
+            <groupId>org.hibernate.javax.persistence</groupId>
+            <artifactId>hibernate-jpa-2.0-api</artifactId>
+            <version>1.0.1.Final</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.jvnet.hyperjaxb3</groupId>
+            <artifactId>hyperjaxb3-ejb-runtime</artifactId>
+            <version>0.5.6</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.slf4j</groupId>
+                    <artifactId>slf4j-api</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.slf4j</groupId>
+                    <artifactId>slf4j-log4j12</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>org.jvnet.hyperjaxb3</groupId>
+            <artifactId>maven-hyperjaxb3-plugin</artifactId>
+            <version>0.5.6</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.slf4j</groupId>
+                    <artifactId>slf4j-api</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.slf4j</groupId>
+                    <artifactId>slf4j-log4j12</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>mysql</groupId>
+            <artifactId>mysql-connector-java</artifactId>
+            <version>5.1.25</version>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <defaultGoal>install</defaultGoal>
+
+        <resources>
+            <resource>
+                <directory>src/main/resources/config</directory>
+                <excludes>
+                    <exclude>**/*.java</exclude>
+                </excludes>
+            </resource>
+            <resource>
+                <directory>target/generated-sources/xjc</directory>
+                <excludes>
+                    <exclude>**/*.java</exclude>
+                </excludes>
+            </resource>
+        </resources>
+
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <configuration>
+                    <source>1.5</source>
+                    <target>1.5</target>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-jar-plugin</artifactId>
+                <configuration>
+                    <skip>true</skip>
+                    <skipTests>true</skipTests>
+                    <archive>
+                        <addMavenDescriptor>false</addMavenDescriptor>
+                    </archive>
+                </configuration>
+                <executions>
+                    <execution>
+                        <goals>
+                            <goal>test-jar</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
+
+            <plugin>
+                <groupId>org.jvnet.hyperjaxb3</groupId>
+                <artifactId>maven-hyperjaxb3-plugin</artifactId>
+                <version>0.5.6</version>
+                <executions>
+                    <execution>
+                        <goals>
+                            <goal>generate</goal>
+                        </goals>
+                    </execution>
+                </executions>
+                <configuration>
+                    <extension>true</extension>
+                    <schemaDirectory>src/main/resources/config</schemaDirectory>
+                    <bindingDirectory>src/main/resources/config</bindingDirectory>
+                    <persistenceXml>src/main/resources/config/persistence_template.xml</persistenceXml>
+                    <generatePackage>at.gv.egovernment.moa.id.commons.db.dao.config</generatePackage>
+                </configuration>
+            </plugin>
+            <plugin>
+                <inherited>true</inherited>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <version>2.0.2</version>
+                <configuration>
+                    <source>1.5</source>
+                    <target>1.5</target>
+                </configuration>
+            </plugin>
+
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-javadoc-plugin</artifactId>
+                <version>2.5</version>
+                <configuration>
+                    <charset>UTF-8</charset>
+                    <docencoding>UTF-8</docencoding>
+                    <quiet>true</quiet>
+                    <author>false</author>
+                    <version>false</version>
+                    <use>true</use>
+                    <excludePackageNames>
+                        at.gv.egovernment.moa.spss.server.*;at.gv.egovernment.moa.spss.api.impl.*;at.gv.egovernment.moa.spss.impl.*
+                    </excludePackageNames>
+                    <tags>
+                        <tag>
+                            <name>pre</name>
+                            <placement>a</placement>
+                            <head>Preconditions:</head>
+                        </tag>
+                        <tag>
+                            <name>post</name>
+                            <placement>a</placement>
+                            <head>Postconditions:</head>
+                        </tag>
+                    </tags>
+                    <links>
+                        <link>http://java.sun.com/j2se/1.4/docs/api/</link>
+                        <link>http://java.sun.com/j2se/1.5.0/docs/api/</link>
+                        <link>http://logging.apache.org/log4j/docs/api/</link>
+                    </links>
+                    <target>1.5</target>
+                </configuration>
+                <executions>
+                    <execution>
+                        <id>generate-javadoc</id>
+                        <phase>package</phase>
+                        <goals>
+                            <goal>jar</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+        <pluginManagement>
+            <plugins>
+                <!--This plugin's configuration is used to store Eclipse m2e settings only. It has no influence on the Maven build itself.-->
+                <plugin>
+                    <groupId>org.eclipse.m2e</groupId>
+                    <artifactId>lifecycle-mapping</artifactId>
+                    <version>1.0.0</version>
+                    <configuration>
+                        <lifecycleMappingMetadata>
+                            <pluginExecutions>
+                                <pluginExecution>
+                                    <pluginExecutionFilter>
+                                        <groupId>
+                                            org.jvnet.hyperjaxb3
+                                        </groupId>
+                                        <artifactId>
+                                            maven-hyperjaxb3-plugin
+                                        </artifactId>
+                                        <versionRange>
+                                            [0.5.6,)
+                                        </versionRange>
+                                        <goals>
+                                            <goal>generate</goal>
+                                        </goals>
+                                    </pluginExecutionFilter>
+                                    <action>
+                                        <ignore></ignore>
+                                    </action>
+                                </pluginExecution>
+                            </pluginExecutions>
+                        </lifecycleMappingMetadata>
+                    </configuration>
+                </plugin>
+            </plugins>
+        </pluginManagement>
+    </build>
 </project>
\ No newline at end of file
diff --git a/id/server/proxy/moa-id-proxy.iml b/id/server/proxy/moa-id-proxy.iml
index 86fa1b292..936460e23 100644
--- a/id/server/proxy/moa-id-proxy.iml
+++ b/id/server/proxy/moa-id-proxy.iml
@@ -13,8 +13,8 @@
     </facet>
   </component>
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/../../target/classes" />
-    <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <excludeFolder url="file://$MODULE_DIR$/target" />
     </content>
@@ -96,16 +96,7 @@
     <orderEntry type="library" name="Maven: commons-io:commons-io:2.2" level="project" />
     <orderEntry type="library" name="Maven: eu.stork:oasis-dss-api:1.0.0-SNAPSHOT" level="project" />
     <orderEntry type="library" scope="TEST" name="Maven: junit:junit:3.8.1" level="project" />
-    <orderEntry type="library" name="Maven: com.sun.xml.ws:jaxws-rt:2.1.7" level="project" />
-    <orderEntry type="library" name="Maven: javax.xml.ws:jaxws-api:2.1" level="project" />
-    <orderEntry type="library" name="Maven: com.sun.xml.messaging.saaj:saaj-impl:1.3.3" level="project" />
-    <orderEntry type="library" name="Maven: javax.xml.soap:saaj-api:1.3" level="project" />
-    <orderEntry type="library" name="Maven: com.sun.xml.stream.buffer:streambuffer:0.9" level="project" />
-    <orderEntry type="library" name="Maven: org.jvnet.staxex:stax-ex:1.2" level="project" />
-    <orderEntry type="library" name="Maven: javax.xml.stream:stax-api:1.0" level="project" />
-    <orderEntry type="library" name="Maven: org.codehaus.woodstox:wstx-asl:3.2.3" level="project" />
-    <orderEntry type="library" name="Maven: com.sun.org.apache.xml.internal:resolver:20050927" level="project" />
-    <orderEntry type="library" name="Maven: org.jvnet:mimepull:1.3" level="project" />
+    <orderEntry type="library" name="Maven: eu.medsea.mimeutil:mime-util:2.1.3" level="project" />
     <orderEntry type="module" module-name="moa-id-commons" />
     <orderEntry type="library" name="Maven: org.hibernate:hibernate-core:4.2.1.Final" level="project" />
     <orderEntry type="library" name="Maven: antlr:antlr:2.7.7" level="project" />
@@ -131,12 +122,12 @@
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-roundtrip:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.jaxb2_commons:jaxb2-basics-testing:0.6.2" level="project" />
     <orderEntry type="library" name="Maven: xmlunit:xmlunit:1.0" level="project" />
-    <orderEntry type="library" name="Maven: org.slf4j:slf4j-log4j12:1.6.1" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-schemas-persistence:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-schemas-customizations:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: org.springframework:spring:2.0.7" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.jaxb2.maven2:maven-jaxb2-plugin:0.8.0" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.jaxb2.maven2:maven-jaxb2-plugin-core:0.8.0" level="project" />
+    <orderEntry type="library" name="Maven: com.sun.org.apache.xml.internal:resolver:20050927" level="project" />
     <orderEntry type="library" name="Maven: org.apache.maven:maven-plugin-api:2.2.1" level="project" />
     <orderEntry type="library" name="Maven: org.apache.maven:maven-project:2.2.1" level="project" />
     <orderEntry type="library" name="Maven: org.apache.maven:maven-settings:2.2.1" level="project" />
diff --git a/repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/oasis-dss-api-1.0.0-SNAPSHOT.jar b/repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/oasis-dss-api-1.0.0-SNAPSHOT.jar
index 5ad0cb42e..8414d7851 100644
Binary files a/repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/oasis-dss-api-1.0.0-SNAPSHOT.jar and b/repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/oasis-dss-api-1.0.0-SNAPSHOT.jar differ
diff --git a/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml b/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml
index c9c03b243..26b212283 100644
--- a/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml
+++ b/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/../../../target/classes" />
-    <output-test url="file://$MODULE_DIR$/../../../target/test-classes" />
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
       <excludeFolder url="file://$MODULE_DIR$/target" />
diff --git a/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml b/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml
index c9c03b243..26b212283 100644
--- a/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml
+++ b/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/../../../target/classes" />
-    <output-test url="file://$MODULE_DIR$/../../../target/test-classes" />
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
       <excludeFolder url="file://$MODULE_DIR$/target" />
diff --git a/spss/server/serverlib/moa-spss-lib.iml b/spss/server/serverlib/moa-spss-lib.iml
index 7864354f4..11dc743a9 100644
--- a/spss/server/serverlib/moa-spss-lib.iml
+++ b/spss/server/serverlib/moa-spss-lib.iml
@@ -45,8 +45,8 @@
     </facet>
   </component>
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/../../target/classes" />
-    <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
       <sourceFolder url="file://$MODULE_DIR$/src/test/java" isTestSource="true" />
diff --git a/spss/server/serverws/moa-spss-ws.iml b/spss/server/serverws/moa-spss-ws.iml
index 60f6d1803..45ebf8969 100644
--- a/spss/server/serverws/moa-spss-ws.iml
+++ b/spss/server/serverws/moa-spss-ws.iml
@@ -15,8 +15,8 @@
     </facet>
   </component>
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/../../target/classes" />
-    <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <excludeFolder url="file://$MODULE_DIR$/target" />
     </content>
-- 
cgit v1.2.3


From 55885d24e176c92b97af233796189c8b2cc88808 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Tue, 4 Mar 2014 20:16:23 +0100
Subject: attr

---
 .../moa/id/protocols/stork2/AttributeCollector.java       | 15 +++++++--------
 .../moa/id/protocols/stork2/MISAttributeProvider.java     |  2 +-
 2 files changed, 8 insertions(+), 9 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 10cdcba6c..e816725c8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -48,9 +48,8 @@ import eu.stork.peps.auth.commons.PersonalAttribute;
 public class AttributeCollector implements IAction {
 
     /**
-     * The Constant ARTIFACT_ID.
-     */
-    private static final String ARTIFACT_ID = "artifactId";
+	/** The Constant ARTIFACT_ID. */
+	private static final String ARTIFACT_ID = "artifactId";
     private DataContainer container;
     private HttpServletResponse httpResp;
 
@@ -62,12 +61,12 @@ public class AttributeCollector implements IAction {
 
         this.httpResp = httpResp;
 
-        // read configuration parameters of OA
-        OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
-        if (oaParam == null)
-            throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()});
+		// read configuration parameters of OA
+		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
+		if (oaParam == null)
+			throw new AuthenticationException("stork.12", new Object[] { moasession.getPublicOAURLPrefix() });
 
-        // find the attribute provider plugin that can handle the response
+    	// find the attribute provider plugin that can handle the response
 		IPersonalAttributeList newAttributes = null;
 		for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs()))
 			try {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java
index 8cdbfd37c..ec38db513 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java
@@ -26,7 +26,7 @@ public class MISAttributeProvider implements AttributeProvider {
 
         if (attributes.getName().equals("residencePermit")) {
             Logger.error("MIS EXCEPTION: " + attributes.getName());
-            throw new ExternalAttributeRequestRequiredException(this);
+            //throw new ExternalAttributeRequestRequiredException(this);
         }
 
         return null;  //
-- 
cgit v1.2.3


From 458a579978fa4fd0718c754bb8b6ca41f82d8145 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Tue, 4 Mar 2014 20:33:36 +0100
Subject: after chaning

---
 .../id/protocols/stork2/AttributeCollector.java    | 58 +---------------------
 id/server/moa-id-commons/moa-id-commons.iml        |  1 -
 .../clients/api/moa-spss-handbook-apiClient.iml    |  1 -
 .../moa-spss-handbook-webserviceClient.iml         |  1 -
 spss/server/serverlib/moa-spss-lib.iml             |  2 -
 spss/server/serverws/moa-spss-ws.iml               |  1 -
 6 files changed, 2 insertions(+), 62 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 72dddee88..0317322ee 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -15,25 +15,6 @@ import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.storage.AssertionStorage;
 import at.gv.egovernment.moa.logging.Logger;
-<<<<<<< HEAD
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.velocity.Template;
-import org.apache.velocity.VelocityContext;
-import org.apache.velocity.app.VelocityEngine;
-import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
-
-import eu.stork.peps.auth.commons.IPersonalAttributeList;
-import eu.stork.peps.auth.commons.PEPSUtil;
-import eu.stork.peps.auth.commons.PersonalAttribute;
-import eu.stork.peps.auth.commons.PersonalAttributeList;
-import eu.stork.peps.auth.commons.STORKAuthnRequest;
-import eu.stork.peps.auth.commons.STORKAuthnResponse;
-import eu.stork.peps.auth.engine.STORKSAMLEngine;
-import eu.stork.peps.exceptions.STORKSAMLEngineException;
-=======
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.PEPSUtil;
 import eu.stork.peps.auth.commons.PersonalAttribute;
@@ -47,7 +28,6 @@ import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
->>>>>>> origin/bs_3_fr
 
 /**
  * the AttributeCollector Action tries to get all requested attributes from a set of {@link AttributeProvider} Plugins.
@@ -56,7 +36,6 @@ import javax.servlet.http.HttpServletResponse;
  * interaction, redirect to another portal, etc. The redirect will hit here and the class can continue to fetch attributes.
  * 
  * TODO how do we treat mandatory and optional attributes?
- * 
  */
 public class AttributeCollector implements IAction {
 
@@ -70,8 +49,6 @@ public class AttributeCollector implements IAction {
      */
     public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {
 
-<<<<<<< HEAD
-=======
 		// - fetch the container
 		String artifactId = (String) httpReq.getParameter(ARTIFACT_ID);
 		DataContainer container;
@@ -82,7 +59,6 @@ public class AttributeCollector implements IAction {
 			throw new MOAIDException("stork.11", null);
 		}
 
->>>>>>> origin/bs_3_fr
         // read configuration parameters of OA
         OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(container.getRequest().getAssertionConsumerServiceURL());
         if (oaParam == null)
@@ -107,33 +83,20 @@ public class AttributeCollector implements IAction {
             Logger.error("No attribute could be retrieved from the response the attribute provider gave us.");
         }
 
-<<<<<<< HEAD
-        // - fetch the container
-        String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID);
-        DataContainer container;
-        try {
-            container = AssertionStorage.getInstance().get(artifactId, DataContainer.class);
-        } catch (MOADatabaseException e) {
-            Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e);
-            throw new MOAIDException("stork.11", null);
-        }
-
-=======
->>>>>>> origin/bs_3_fr
         // - insert the embedded attribute(s) into the container
         addOrUpdateAll(container.getResponse().getPersonalAttributeList(), newAttributes);
 
         // see if we need some more attributes
         return processRequest(container, httpReq, httpResp, moasession, oaParam);
     }
-    
+
     /**
      * Checks if there are missing attributes and tries to fetch them. If there are no more attribute to fetch,
      * this very method creates and sends the protocol result to the asking S-PEPS.
      *
      * @param container the {@link DataContainer} representing the status of the overall query.
      * @return the string
-     * @throws MOAIDException 
+     * @throws MOAIDException
      */
     public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, AuthenticationSession moasession, OAAuthParameter oaParam) throws MOAIDException {
         // check if there are attributes we need to fetch
@@ -199,11 +162,7 @@ public class AttributeCollector implements IAction {
                 AssertionStorage.getInstance().put(newArtifactId, container);
 
                 // add container-key to redirect embedded within the return URL
-<<<<<<< HEAD
-                e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/dispatcher?mod=id_stork2&action=AttributeCollector&" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam);
-=======
                 e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/stork2/ResumeAuthentication?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam);
->>>>>>> origin/bs_3_fr
 
             } catch (Exception e1) {
                 // TODO should we return the response as is to the PEPS?
@@ -222,13 +181,8 @@ public class AttributeCollector implements IAction {
      * @throws MOAIDException the mOAID exception
      */
     private void generateSTORKResponse(DataContainer container) throws MOAIDException {
-<<<<<<< HEAD
-        STORKAuthnResponse authnResponse = container.getResponse();
-        STORKAuthnRequest authnRequest = container.getRequest();
-=======
     	MOASTORKRequest request = container.getRequest();
         MOASTORKResponse response = container.getResponse();
->>>>>>> origin/bs_3_fr
 
         try {
             //Get SAMLEngine instance
@@ -247,14 +201,6 @@ public class AttributeCollector implements IAction {
         }
 
         Logger.info("STORK SAML Response message succesfully generated ");
-<<<<<<< HEAD
-        Logger.debug("authn saml plain:" + authnResponse.getTokenSaml());
-		Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml()));
-		Logger.debug("authn saml encodedx: " + PEPSUtil.encodeSAMLToken(authnResponse.getTokenSaml()));
-
-        container.setResponse(authnResponse);
-=======
->>>>>>> origin/bs_3_fr
     }
 
     /**
diff --git a/id/server/moa-id-commons/moa-id-commons.iml b/id/server/moa-id-commons/moa-id-commons.iml
index 3bd426fc3..ef994abd3 100644
--- a/id/server/moa-id-commons/moa-id-commons.iml
+++ b/id/server/moa-id-commons/moa-id-commons.iml
@@ -37,7 +37,6 @@
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
-    <orderEntry type="module" module-name="moa-common" />
     <orderEntry type="library" name="Maven: org.hibernate:hibernate-core:4.2.1.Final" level="project" />
     <orderEntry type="library" name="Maven: antlr:antlr:2.7.7" level="project" />
     <orderEntry type="library" name="Maven: org.jboss.logging:jboss-logging:3.1.0.GA" level="project" />
diff --git a/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml b/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml
index 4e0a0fddf..6ed837a51 100644
--- a/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml
+++ b/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml
@@ -9,7 +9,6 @@
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
-    <orderEntry type="module" module-name="moa-common" />
     <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
     <orderEntry type="library" name="Maven: org.apache.axis:axis-jaxrpc:1.4" level="project" />
     <orderEntry type="library" name="Maven: org.apache.axis:axis-saaj:1.4" level="project" />
diff --git a/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml b/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml
index 4e0a0fddf..6ed837a51 100644
--- a/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml
+++ b/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml
@@ -9,7 +9,6 @@
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
-    <orderEntry type="module" module-name="moa-common" />
     <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
     <orderEntry type="library" name="Maven: org.apache.axis:axis-jaxrpc:1.4" level="project" />
     <orderEntry type="library" name="Maven: org.apache.axis:axis-saaj:1.4" level="project" />
diff --git a/spss/server/serverlib/moa-spss-lib.iml b/spss/server/serverlib/moa-spss-lib.iml
index 93d7e676f..4c0128bf3 100644
--- a/spss/server/serverlib/moa-spss-lib.iml
+++ b/spss/server/serverlib/moa-spss-lib.iml
@@ -55,8 +55,6 @@
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
-    <orderEntry type="module" module-name="moa-common" />
-    <orderEntry type="module" module-name="moa-common" scope="TEST" production-on-test="" />
     <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
     <orderEntry type="library" name="Maven: org.apache.axis:axis-jaxrpc:1.4" level="project" />
     <orderEntry type="library" name="Maven: org.apache.axis:axis-saaj:1.4" level="project" />
diff --git a/spss/server/serverws/moa-spss-ws.iml b/spss/server/serverws/moa-spss-ws.iml
index 7943aa854..ae8f03a70 100644
--- a/spss/server/serverws/moa-spss-ws.iml
+++ b/spss/server/serverws/moa-spss-ws.iml
@@ -22,7 +22,6 @@
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
-    <orderEntry type="module" module-name="moa-common" />
     <orderEntry type="module" module-name="moa-spss-lib" />
     <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
     <orderEntry type="library" name="Maven: org.apache.axis:axis-jaxrpc:1.4" level="project" />
-- 
cgit v1.2.3


From 683209b2aabf589e1e22ed9cb7c69d6e76442bb0 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Tue, 4 Mar 2014 20:40:29 +0100
Subject: after merging, inspecting, fixing, tbc.

---
 .../moa/id/protocols/stork2/STORKProtocol.java          | 17 +----------------
 .../clients/api/moa-spss-handbook-apiClient.iml         |  1 +
 .../webservice/moa-spss-handbook-webserviceClient.iml   |  1 +
 spss/server/serverlib/moa-spss-lib.iml                  |  2 ++
 4 files changed, 5 insertions(+), 16 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index 5e9d50221..a361d5f67 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -1,6 +1,5 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
 import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.moduls.IAction;
@@ -105,20 +104,6 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
             authnRequest = authnEngine.validateSTORKAuthnRequest(decSamlToken);
         } catch (STORKSAMLEngineException ex) {
             Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage());
-<<<<<<< HEAD
-        }  catch (ClassCastException e) {
-            Logger.error("Could not extract authenticaiton request");
-        }
-
-
-        // check if a valid attr request is containerd
-        try {
-            attrRequest = attrEngine.validateSTORKAttrQueryRequest(decSamlToken);
-        } catch (STORKSAMLEngineException ex) {
-            Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage());
-        } catch (ClassCastException e) {
-            Logger.error("Could not extract attribute request");
-=======
         } catch(ClassCastException e) {
         	// we do not have a authnRequest
         	// check if a valid attr request is container
@@ -127,8 +112,8 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         	} catch (STORKSAMLEngineException ex) {
         		Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage());
         	}
->>>>>>> origin/bs_3_fr
         }
+
         // if there is no authn or attr request, raise error
         if ((authnRequest == null) && (attrRequest == null)) {
             Logger.error("There is no authentication or attribute request contained.");
diff --git a/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml b/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml
index 6ed837a51..4e0a0fddf 100644
--- a/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml
+++ b/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml
@@ -9,6 +9,7 @@
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
+    <orderEntry type="module" module-name="moa-common" />
     <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
     <orderEntry type="library" name="Maven: org.apache.axis:axis-jaxrpc:1.4" level="project" />
     <orderEntry type="library" name="Maven: org.apache.axis:axis-saaj:1.4" level="project" />
diff --git a/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml b/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml
index 6ed837a51..4e0a0fddf 100644
--- a/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml
+++ b/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml
@@ -9,6 +9,7 @@
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
+    <orderEntry type="module" module-name="moa-common" />
     <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
     <orderEntry type="library" name="Maven: org.apache.axis:axis-jaxrpc:1.4" level="project" />
     <orderEntry type="library" name="Maven: org.apache.axis:axis-saaj:1.4" level="project" />
diff --git a/spss/server/serverlib/moa-spss-lib.iml b/spss/server/serverlib/moa-spss-lib.iml
index 4c0128bf3..93d7e676f 100644
--- a/spss/server/serverlib/moa-spss-lib.iml
+++ b/spss/server/serverlib/moa-spss-lib.iml
@@ -55,6 +55,8 @@
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
+    <orderEntry type="module" module-name="moa-common" />
+    <orderEntry type="module" module-name="moa-common" scope="TEST" production-on-test="" />
     <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
     <orderEntry type="library" name="Maven: org.apache.axis:axis-jaxrpc:1.4" level="project" />
     <orderEntry type="library" name="Maven: org.apache.axis:axis-saaj:1.4" level="project" />
-- 
cgit v1.2.3


From b454a8760bc2692d3d9c4fa3d0477c620895a95b Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Wed, 5 Mar 2014 07:44:28 +0100
Subject: check whether attributes obtained from different sources match

---
 .../gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index b2f5076b6..aad80512a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -257,6 +257,13 @@ public class AttributeCollector implements IAction {
 		for (PersonalAttribute current : source) {
 			// check if we need to update the current pa
 			if (target.containsKey(current.getName())) {
+				PersonalAttribute existing = target.get(current.getName());
+				if(!(existing.isEmptyValue() && existing.isEmptyComplexValue()))
+					if(!(existing.getValue().equals(current.getValue()) || existing.getComplexValue().equals(current.getComplexValue()))) {
+		                Logger.error("Attribute Value does not match the value from first authentication!");
+		                throw new MOAIDException("stork.14", null);
+					}
+
 				target.get(current.getName()).setStatus(current.getStatus());
 				target.get(current.getName()).setValue(current.getValue());
 				target.get(current.getName()).setComplexValue(current.getComplexValue());
-- 
cgit v1.2.3


From dbbf8045afe2ddf9a1ba4a4f511d85ffcba32cf8 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Wed, 5 Mar 2014 08:00:01 +0100
Subject: fixed bug in loop prevention

---
 .../at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java    | 1 +
 1 file changed, 1 insertion(+)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index aad80512a..7aab42426 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -119,6 +119,7 @@ public class AttributeCollector implements IAction {
 				 */
 				IPersonalAttributeList aquiredAttributes = new PersonalAttributeList();
 				currentAttribute.setStatus("notAvailable");
+				aquiredAttributes.add((PersonalAttribute) currentAttribute.clone());
 				addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes);
 
             	// - check if we can find a suitable AttributeProvider Plugin
-- 
cgit v1.2.3


From 1ba3c2042e0c4da08af39db6172ff1206dfece36 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Wed, 5 Mar 2014 10:22:46 +0100
Subject: ap plugins can be configured to listen to certain attributes

---
 .../validation/oa/OASTORKConfigValidation.java              |  4 ++++
 .../src/main/resources/applicationResources.properties      |  1 +
 id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp      |  5 +++--
 .../moa/id/protocols/stork2/AttributeProviderFactory.java   |  8 ++++----
 .../id/protocols/stork2/EHvdAttributeProviderPlugin.java    | 11 ++++++++---
 .../id/protocols/stork2/StorkAttributeRequestProvider.java  | 13 +++++++++++--
 .../src/main/resources/config/moaid_config_2.0.xsd          |  5 +++--
 7 files changed, 34 insertions(+), 13 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java
index 25e0d751c..067e85aa6 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OASTORKConfigValidation.java
@@ -58,6 +58,10 @@ public class OASTORKConfigValidation {
 				log.info("AttributeProviderPlugin Name is empty.");
 				errors.add(LanguageHelper.getErrorString("validation.stork.ap.name.valid"));
 			}
+			if (MiscUtil.isEmpty(current.getAttributes()) || !current.getAttributes().matches("[a-zA-Z]+(, ?[a-zA-Z]+)*")) {
+				log.info("AttributeProviderPlugin attributes are empty or do not match csv format.");
+				errors.add(LanguageHelper.getErrorString("validation.stork.ap.attributes.valid"));
+			}
 		}
 
 		return errors;
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources.properties b/id/ConfigWebTool/src/main/resources/applicationResources.properties
index a033205ed..34bf4a8e5 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources.properties
@@ -419,6 +419,7 @@ validation.stork.qaa.outofrange=G\u00FCltige QAA Werte sind 1, 2, 3, und 4
 validation.stork.attributes.empty=Es muss mindestens ein Attribut definiert sein
 validation.stork.ap.url.valid=Ung\u00FCltige AttributProvider Url
 validation.stork.ap.name.valid=Ung\u00FCltiger AttributProvider Name
+validation.stork.ap.attributes.valid=Ung\u00FCltige Attributconfiguration f\u00FCr ein Attribut Provider Plugin. Feld darf nicht leer sein und ist als csv anzugeben.
 
 validation.pvp2.metadataurl.empty=Keine Metadaten URL angegeben.
 validation.pvp2.metadataurl.valid=Die Metadaten URL wei\u00DFt kein g\u00FCltiges URL Format auf.
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp
index 76c347445..5ee1188ae 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp
@@ -516,10 +516,11 @@
 								id="OAuseVidp" /></p>
 							<h5><%=LanguageHelper.getGUIString("webpages.oaconfig.vidp.ap.list", request) %></h5>
 							<table id="stork_aplist">
-								<tr><th>AP Plugin</th><th>URL</th>
+								<tr><th>AP Plugin</th><th>URL</th><th>Attribute (CSV)</th></tr>
 								<s:iterator value="storkOA.attributeProviderPlugins" status="stat">
 								  <tr><td><s:select name="storkOA.attributeProviderPlugins[%{#stat.index}].name" value="%{name}" list="%{storkOA.availableAttributeProviderPlugins}"/></td>
-								      <td><s:textfield name="storkOA.attributeProviderPlugins[%{#stat.index}].url" value="%{url}" cssClass="textfield"/></td>
+								      <td><s:textfield name="storkOA.attributeProviderPlugins[%{#stat.index}].url" value="%{url}" cssClass="textfield_mail"/></td>
+								      <td><s:textfield name="storkOA.attributeProviderPlugins[%{#stat.index}].attributes" value="%{attributes}" cssClass="textfield_mail"/></td>
 								      <td><input type="button" value="<%=LanguageHelper.getGUIString("webpages.oaconfig.vidp.ap.remove", request) %>" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/></td></tr>
 								</s:iterator>
 							</table>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
index 23edf69f9..de079c960 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
@@ -31,11 +31,11 @@ public class AttributeProviderFactory {
 	 *            the simpleName for the providers class
 	 * @return the attribute provider
 	 */
-	public static AttributeProvider create(String shortname, String url) {
+	public static AttributeProvider create(String shortname, String url, String attributes) {
         	if (shortname.equals("StorkAttributeRequestProvider"))  {
-			return new StorkAttributeRequestProvider(url);
+			return new StorkAttributeRequestProvider(url, attributes);
 		} else if(shortname.equals("EHvdAttributeProvider")) {
-			return new EHvdAttributeProviderPlugin(url);
+			return new EHvdAttributeProviderPlugin(url, attributes);
 		}       else {
 			return null;
 		}
@@ -52,7 +52,7 @@ public class AttributeProviderFactory {
 		
 		List<AttributeProvider> result = new ArrayList<AttributeProvider>();
 		for(AttributeProviderPlugin current : configuredAPs)
-			result.add(create(current.getName(), current.getUrl()));
+			result.add(create(current.getName(), current.getUrl(), current.getAttributes()));
 		
 		return result;
 	}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
index f97d8c804..a36855d33 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
@@ -44,26 +44,31 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 	
 	/** The destination. */
 	private Object destination;
+	
+	/** The attributes. */
+	private String attributes;
 
 	/**
 	 * Instantiates a new e hvd attribute provider plugin.
 	 *
 	 * @param url the service url
+	 * @param attributes 
 	 */
-	public EHvdAttributeProviderPlugin(String url) {
+	public EHvdAttributeProviderPlugin(String url, String supportedAttributes) {
 		destination = url;
+		attributes = supportedAttributes;
 	}
 
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(eu.stork.peps.auth.commons.PersonalAttribute)
 	 */
 	@Override
-	public IPersonalAttributeList acquire(PersonalAttribute attributes, AuthenticationSession moasession)
+	public IPersonalAttributeList acquire(PersonalAttribute attribute, AuthenticationSession moasession)
 			throws UnsupportedAttributeException,
 			ExternalAttributeRequestRequiredException, MOAIDException {
 
 		// break when we cannot handle the requested attribute
-		if(!attributes.getName().equals("isHealthCareProfessional"))
+		if(!attributes.contains(attribute.getName()))
 			throw new UnsupportedAttributeException();
 		
 		try {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
index 797695a00..d8becaaf7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
@@ -34,14 +34,19 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 	
 	/** The destination. */
 	private String destination;
-	
+
+	/** The attributes. */
+	private String attributes;
+
 	/**
 	 * Instantiates a new stork attribute request provider.
 	 *
 	 * @param apUrl the AP location
+	 * @param supportedAttributes the supported attributes as csv
 	 */
-	public StorkAttributeRequestProvider(String apUrl) {
+	public StorkAttributeRequestProvider(String apUrl, String supportedAttributes) {
 		destination = apUrl;
+		attributes = supportedAttributes;
 	}
 
 	/* (non-Javadoc)
@@ -49,6 +54,10 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 	 */
 	public IPersonalAttributeList acquire(PersonalAttribute attribute, AuthenticationSession moasession)
 			throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException {
+
+		if (!attributes.contains(attribute.getName()))
+			throw new UnsupportedAttributeException();
+
 		requestedAttributes = new PersonalAttributeList(1);
 		requestedAttributes.add(attribute);
 		throw new ExternalAttributeRequestRequiredException(this);
diff --git a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
index d20ec1c68..845e4fe1f 100644
--- a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
+++ b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
@@ -957,8 +957,9 @@
     		<xsd:sequence>
     			<xsd:element name="name" type="xsd:string"></xsd:element>
     			<xsd:element name="url" type="xsd:anyURI"></xsd:element>
- 		</xsd:sequence>
-	</xsd:complexType>
+    			<xsd:element name="attributes" type="xsd:string"></xsd:element>
+    		</xsd:sequence>
+    	</xsd:complexType>
     
 	<xsd:element name="AttributeProviders" type="AttributeProviderPlugin"></xsd:element>
 	<xsd:element name="Attributes" type="StorkAttribute"/>
-- 
cgit v1.2.3


From 31a10590f3efee8aca463b43623ee689f7b0c605 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Wed, 5 Mar 2014 10:33:14 +0100
Subject: fixed throws declaration

---
 .../at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java  | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 7aab42426..f23e0f599 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -253,8 +253,9 @@ public class AttributeCollector implements IAction {
      *
      * @param target the target
      * @param source the source
+     * @throws MOAIDException 
      */
-	private void addOrUpdateAll(IPersonalAttributeList target, IPersonalAttributeList source) {
+	private void addOrUpdateAll(IPersonalAttributeList target, IPersonalAttributeList source) throws MOAIDException {
 		for (PersonalAttribute current : source) {
 			// check if we need to update the current pa
 			if (target.containsKey(current.getName())) {
-- 
cgit v1.2.3


From ede824250ba1b26305825e07f85ae39e2eaf2ea9 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Wed, 5 Mar 2014 15:58:42 +0100
Subject: inform moasession about the mandate auth case

---
 .../moa/id/auth/servlet/PEPSConnectorServlet.java            | 12 +++++++++++-
 .../moa/id/auth/stork/STORKResponseProcessor.java            |  2 +-
 2 files changed, 12 insertions(+), 2 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index b356c6f35..87e109e33 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -68,6 +68,7 @@ import at.gv.util.xsd.xmldsig.X509DataType;
 import eu.stork.oasisdss.api.ApiUtils;
 import eu.stork.oasisdss.profile.DocumentWithSignature;
 import eu.stork.oasisdss.profile.SignResponse;
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.PEPSUtil;
 import eu.stork.peps.auth.commons.PersonalAttribute;
 import eu.stork.peps.auth.commons.STORKAuthnRequest;
@@ -179,7 +180,15 @@ public class PEPSConnectorServlet extends AuthServlet {
 
 			////////////// incorporate gender from parameters if not in stork response
 			
-			PersonalAttribute gender = authnResponse.getPersonalAttributeList().get("gender");
+			IPersonalAttributeList attributeList = authnResponse.getPersonalAttributeList();
+			
+			// but first, check if we have a representation case
+			if(STORKResponseProcessor.hasAttribute("mandateContent", attributeList) || STORKResponseProcessor.hasAttribute("representative", attributeList) || STORKResponseProcessor.hasAttribute("represented", attributeList)) {
+				// in a representation case...
+				moaSession.setUseMandate("true");
+				
+				// and check if we have the gender value
+			PersonalAttribute gender = attributeList.get("gender");
 			if(null == gender) {
 				String gendervalue = (String) request.getParameter("gender");
 				if(null != gendervalue) {
@@ -192,6 +201,7 @@ public class PEPSConnectorServlet extends AuthServlet {
 					authnResponse.getPersonalAttributeList().add(gender);
 				}
 			}
+			}
 			
 			//////////////////////////////////////////////////////////////////////////
 			
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
index 57843d0f3..c5f0dbd49 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
@@ -86,7 +86,7 @@ public class STORKResponseProcessor {
 	 * @param attributeList the attribute list
 	 * @return true, if successful
 	 */
-	private static boolean hasAttribute(String attributeName, IPersonalAttributeList attributeList) {
+	public static boolean hasAttribute(String attributeName, IPersonalAttributeList attributeList) {
 		try {
 			getAttributeValue(attributeName, attributeList);
 			return true;
-- 
cgit v1.2.3


From feaf4279663ede774e6439f4a48820660e1907b2 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Wed, 5 Mar 2014 16:03:47 +0100
Subject: fixed list override

---
 .../at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
index 3f6495a1a..c22f6d25f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
@@ -78,7 +78,7 @@ public class GetArtifactAction implements IAction {
 			// add other stork attributes to MOA assertion if available
 			if(null != session.getStorkAttributes()) {
 				List<ExtendedSAMLAttribute> moaExtendedSAMLAttibutes = STORKResponseProcessor.addAdditionalSTORKAttributes(session.getStorkAttributes());
-				session.setExtendedSAMLAttributesOA(moaExtendedSAMLAttibutes);
+				session.getExtendedSAMLAttributesOA().addAll(moaExtendedSAMLAttibutes);
 				//produce MOA-Assertion and artifact                    
 				AuthenticationServer.getInstance().getForeignAuthenticationData(session);
 				Logger.info("MOA assertion assembled and SAML Artifact generated.");
-- 
cgit v1.2.3


From 736dd989a147708590e3a50ab1e03dacada8d1d4 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 5 Mar 2014 19:13:07 +0100
Subject: remove unused code

---
 .../moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java   | 1 -
 .../java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java   | 2 ++
 .../main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java   | 3 ---
 3 files changed, 2 insertions(+), 4 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java
index 7bb97b9d8..394fd1430 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java
@@ -156,7 +156,6 @@ public final class OAuth20AttributeBuilder {
 				
 		// STORK
 		buildersSTORK.add(new EIDSTORKTOKEN());
-		buildersSTORK.add(new EIDSTORKTOKEN());
 		buildersSTORK.add(new STORKAdoptedFamilyNameAttributBuilder());
 		buildersSTORK.add(new STORKAgeAttributBuilder());
 		buildersSTORK.add(new STORKCanonicalResidenceAddressAttributBuilder());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index 84c0138a5..e5158f4bf 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -90,6 +90,8 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 		actions.put(POST, new AuthenticationAction());
 		actions.put(METADATA, new MetadataAction());
 		
+		//TODO: insert getArtifact action
+		
 		instance = new PVP2XProtocol();
 		
 		new VelocityLogAdapter();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java
index 9df283965..6efe9b39c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java
@@ -508,7 +508,6 @@ public class ParamValidatorUtils implements MOAIDAuthConstants{
 		
 	    String oaURL = req.getParameter(PARAM_OA);
 	    String bkuURL = req.getParameter(PARAM_BKU);
-	    String templateURL = req.getParameter(PARAM_TEMPLATE);
 	    String useMandate = req.getParameter(PARAM_USEMANDATE);
 	    String ccc = req.getParameter(PARAM_CCC);
 	    
@@ -519,8 +518,6 @@ public class ParamValidatorUtils implements MOAIDAuthConstants{
 				throw new WrongParametersException("StartAuthentication", PARAM_OA, "auth.12");
 		    if (MiscUtil.isEmpty(bkuURL))
 		       throw new WrongParametersException("StartAuthentication", PARAM_BKU, "auth.12");
-//		    if (MiscUtil.isEmpty(templateURL))
-//		       throw new WrongParametersException("StartAuthentication", PARAM_TEMPLATE, "auth.12");
 		    if (!ParamValidatorUtils.isValidUseMandate(useMandate))
 	           throw new WrongParametersException("StartAuthentication", PARAM_USEMANDATE, "auth.12");		    
 		    if (!ParamValidatorUtils.isValidCCC(ccc))
-- 
cgit v1.2.3


From c70cc32f6c1eeed382433d20275f81d3bd2baa1c Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 5 Mar 2014 19:22:16 +0100
Subject: Update eIDSTORKTOKEN attribut builder

---
 .../moa/id/auth/data/AuthenticationSession.java    | 17 +++++++++++++
 .../moa/id/auth/servlet/PEPSConnectorServlet.java  |  3 +++
 .../pvp2x/builder/attributes/EIDSTORKTOKEN.java    | 28 +++++-----------------
 3 files changed, 26 insertions(+), 22 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
index 896feed9e..2a6bde1e8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
@@ -220,6 +220,8 @@ public class AuthenticationSession implements Serializable {
 	 */
 	private STORKAuthnRequest storkAuthnRequest;
 	
+	private String storkAuthnResponse;
+	
 	// private AuthenticationData authData;
 	
 	// protocol selection
@@ -1022,6 +1024,21 @@ public class AuthenticationSession implements Serializable {
 		QAALevel = qAALevel;
 	}
 
+	/**
+	 * @return the storkAuthnResponse
+	 */
+	public String getStorkAuthnResponse() {
+		return storkAuthnResponse;
+	}
+
+	/**
+	 * @param storkAuthnResponse the storkAuthnResponse to set
+	 */
+	public void setStorkAuthnResponse(String storkAuthnResponse) {
+		this.storkAuthnResponse = storkAuthnResponse;
+	}
+
+	
 	
 	
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index b356c6f35..8091c5e71 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -320,6 +320,9 @@ public class PEPSConnectorServlet extends AuthServlet {
 			Logger.debug("Adding addtional STORK attributes to MOA session");
 			moaSession.setStorkAttributes(authnResponse.getPersonalAttributeList());
 			
+			Logger.debug("Add full STORK AuthnResponse to MOA session");
+			moaSession.setStorkAuthnResponse(request.getParameter("SAMLResponse"));
+			
 			//We don't have BKUURL, setting from null to "Not applicable"
 			moaSession.setBkuURL("Not applicable (STORK Authentication)");
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSTORKTOKEN.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSTORKTOKEN.java
index e3e33d6db..e8fba6af2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSTORKTOKEN.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSTORKTOKEN.java
@@ -22,15 +22,12 @@
  *******************************************************************************/
 package at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes;
 
-import eu.stork.peps.auth.commons.IPersonalAttributeList;
-import eu.stork.peps.auth.commons.PersonalAttribute;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.stork.STORKConstants;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.data.AuthenticationData;
 import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.UnavailableAttributeException;
-import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
 
 public class EIDSTORKTOKEN implements IPVPAttributeBuilder  {
 
@@ -46,27 +43,14 @@ public class EIDSTORKTOKEN implements IPVPAttributeBuilder  {
 			throw new UnavailableAttributeException(EID_STORK_TOKEN_NAME);
 			
 		} else {
-			IPersonalAttributeList storkAttributes = authSession.getStorkAttributes();
-			
-			if ( storkAttributes == null ) {
+			String storkResponse = authSession.getStorkAuthnResponse();
+						
+			if ( MiscUtil.isEmpty(storkResponse) ) {
 				throw new UnavailableAttributeException(EID_STORK_TOKEN_NAME);
 				
-			}
-
-			try {
-				PersonalAttribute attribut = storkAttributes.get(STORKConstants.EIDENTIFIER_NAME);
-				ATT attr;
-				if (attribut != null) {
-					
-					attr = g.buildStringAttribute(EID_STORK_TOKEN_FRIENDLY_NAME, EID_STORK_TOKEN_NAME, attribut.getValue().get(0));					
-					return attr; 
-					
-				} else
-					throw new UnavailableAttributeException(EID_STORK_TOKEN_NAME);
+			} else {				
+				return g.buildStringAttribute(EID_STORK_TOKEN_FRIENDLY_NAME, EID_STORK_TOKEN_NAME, storkResponse);
 				
-			} catch (Exception e) {
-				Logger.warn("Attribut " + EID_STORK_TOKEN_FRIENDLY_NAME + " generation error", e);
-				throw new UnavailableAttributeException(EID_STORK_TOKEN_NAME);
 			}
 		}
 	}
-- 
cgit v1.2.3


From 19e164874ea92d51f9df12f56047d77db9683091 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Wed, 5 Mar 2014 20:57:05 +0100
Subject: storkid derivation pro country

---
 id/ConfigWebTool/ConfigurationInterface.iml        |    2 +-
 .../id/configuration/data/oa/OAGeneralConfig.java  |    8 +-
 .../configuration/struts/action/EditOAAction.java  |    7 +-
 id/server/auth/moa-id-auth.iml                     |    2 +-
 id/server/idserverlib/moa-id-lib.iml               |    2 +-
 .../moa/id/auth/AuthenticationServer.java          | 3928 ++++++++++----------
 .../id/auth/builder/InfoboxReadRequestBuilder.java |  197 +-
 .../gv/egovernment/moa/id/config/OAParameter.java  |   20 +-
 id/server/moa-id-commons/moa-id-commons.iml        |    2 +-
 id/server/moa-id.iml                               |    1 +
 id/server/proxy/moa-id-proxy.iml                   |    2 +-
 pom.xml                                            |    6 +
 .../clients/api/moa-spss-handbook-apiClient.iml    |    2 +-
 .../handbook/clients/moa-spss-handbook-clients.iml |    5 +-
 .../moa-spss-handbook-referencedData.iml           |    5 +-
 .../moa-spss-handbook-webserviceClient.iml         |    2 +-
 spss/handbook/moa-spss-handbook.iml                |    5 +-
 spss/server/moa-spss.iml                           |    5 +-
 spss/server/serverlib/moa-spss-lib.iml             |    3 +-
 spss/server/serverws/moa-spss-ws.iml               |    1 +
 spss/server/tools/moa-spss-tools.iml               |    5 +-
 21 files changed, 2104 insertions(+), 2106 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/ConfigWebTool/ConfigurationInterface.iml b/id/ConfigWebTool/ConfigurationInterface.iml
index 742f8df89..f6325d7c7 100644
--- a/id/ConfigWebTool/ConfigurationInterface.iml
+++ b/id/ConfigWebTool/ConfigurationInterface.iml
@@ -63,6 +63,7 @@
     <orderEntry type="library" name="Maven: org.slf4j:jcl-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: commons-io:commons-io:1.3.2" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-runtime:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: commons-lang:commons-lang:2.6" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.jaxb2_commons:jaxb2-basics-runtime:0.6.2" level="project" />
@@ -77,7 +78,6 @@
     <orderEntry type="library" scope="TEST" name="Maven: junit:junit:3.8.1" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.jaxb2_commons:jaxb2-basics-testing:0.6.2" level="project" />
     <orderEntry type="library" name="Maven: xmlunit:xmlunit:1.0" level="project" />
-    <orderEntry type="library" name="Maven: commons-io:commons-io:2.0.1" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-schemas-persistence:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-schemas-customizations:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: org.springframework:spring:2.0.7" level="project" />
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
index 495444db1..c9f5fdde9 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
@@ -120,7 +120,8 @@ public class OAGeneralConfig {
 		 identificationTypeList = Arrays.asList(
 				 Constants.IDENIFICATIONTYPE_FN,
 				 Constants.IDENIFICATIONTYPE_ZVR,
-				 Constants.IDENIFICATIONTYPE_ERSB);
+				 Constants.IDENIFICATIONTYPE_ERSB,
+                 Constants.IDENIFICATIONTYPE_STORK);
 	}
 	
 	
@@ -216,7 +217,10 @@ public class OAGeneralConfig {
 					if (Constants.PREFIX_WPBK.startsWith(split[0]) && split.length >= 2) {
 						identificationType = split[1];
 						identificationNumber = split[2];
-					}
+					} else if (Constants.PREFIX_STORK.startsWith(split[0]) && split.length >= 2) {
+                        identificationType = split[1]; // setting at as iden category ?
+                        identificationNumber = split[2]; // setting sp country as ident type -> sp ident
+                    }
 				}
 			}
 			
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
index 4a0bf744a..370923ca1 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
@@ -746,13 +746,8 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware,
             dboa.setStorkSPTargetCountry(generalOA.getStorkSPTargetCountry());
 
 
-            String num = generalOA.getIdentificationNumber().replaceAll(" ", "");
-
-            if (num.startsWith(Constants.IDENIFICATIONTYPE_STORK))
-                num = num.substring(Constants.IDENIFICATIONTYPE_STORK.length());
-
             IdentificationNumber idnumber = new IdentificationNumber();
-            idnumber.setValue(Constants.PREFIX_STORK + "AT+" + generalOA.getIdentificationType() + num);
+            idnumber.setValue(Constants.PREFIX_STORK + "AT+" + generalOA.getStorkSPTargetCountry());
             idnumber.setType(Constants.BUSINESSSERVICENAMES.get(generalOA.getIdentificationType()));
 
             authoa.setIdentificationNumber(idnumber);
diff --git a/id/server/auth/moa-id-auth.iml b/id/server/auth/moa-id-auth.iml
index 043374bc0..bf76e8805 100644
--- a/id/server/auth/moa-id-auth.iml
+++ b/id/server/auth/moa-id-auth.iml
@@ -58,6 +58,7 @@
     <orderEntry type="library" name="Maven: org.slf4j:jcl-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: commons-io:commons-io:1.3.2" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_tsl:1.0" level="project" />
     <orderEntry type="library" name="Maven: iaik:iaik_xsect_eval:1.1709142" level="project" />
     <orderEntry type="library" name="Maven: iaik:iaik_ecc_signed:2.19" level="project" />
@@ -96,7 +97,6 @@
     <orderEntry type="library" name="Maven: org.apache.velocity:velocity:1.7" level="project" />
     <orderEntry type="library" name="Maven: org.owasp.esapi:esapi:2.0.1" level="project" />
     <orderEntry type="library" name="Maven: org.bouncycastle:bcprov-jdk16:1.46" level="project" />
-    <orderEntry type="library" name="Maven: commons-io:commons-io:1.3.2" level="project" />
     <orderEntry type="library" name="Maven: eu.stork:oasis-dss-api:1.0.0-SNAPSHOT" level="project" />
     <orderEntry type="library" scope="TEST" name="Maven: junit:junit:3.8.1" level="project" />
     <orderEntry type="library" name="Maven: eu.medsea.mimeutil:mime-util:2.1.3" level="project" />
diff --git a/id/server/idserverlib/moa-id-lib.iml b/id/server/idserverlib/moa-id-lib.iml
index d995f23af..91b3617ad 100644
--- a/id/server/idserverlib/moa-id-lib.iml
+++ b/id/server/idserverlib/moa-id-lib.iml
@@ -40,7 +40,7 @@
     <orderEntry type="library" name="Maven: org.slf4j:jcl-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.5" level="project" />
-    <orderEntry type="library" name="Maven: commons-io:commons-io:2.2" level="project" />
+    <orderEntry type="library" name="Maven: commons-io:commons-io:1.3.2" level="project" />
     <orderEntry type="library" name="Maven: eu.stork:oasis-dss-api:1.0.0-SNAPSHOT" level="project" />
     <orderEntry type="library" scope="TEST" name="Maven: junit:junit:3.8.1" level="project" />
     <orderEntry type="library" name="Maven: eu.medsea.mimeutil:mime-util:2.1.3" level="project" />
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 6f6d9611a..01a2e5485 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -1,74 +1,9 @@
 
 package at.gv.egovernment.moa.id.auth;
 
-import iaik.asn1.ObjectID;
-import iaik.util.logging.Log;
-import iaik.x509.X509Certificate;
-import iaik.x509.X509ExtensionInitException;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.StringWriter;
-import java.math.BigInteger;
-import java.security.NoSuchAlgorithmException;
-import java.security.Principal;
-import java.security.cert.CertificateException;
-import java.util.ArrayList;
-//import java.security.cert.CertificateFactory;
-import java.util.Calendar;
-import java.util.Date;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Vector;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-import javax.xml.parsers.ParserConfigurationException;
-import javax.xml.transform.TransformerException;
-
-import org.apache.commons.io.IOUtils;
-import org.apache.commons.lang.StringEscapeUtils;
-import org.apache.velocity.Template;
-import org.apache.velocity.VelocityContext;
-import org.apache.velocity.app.VelocityEngine;
-import org.apache.xpath.XPathAPI;
-import org.opensaml.common.IdentifierGenerator;
-import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
-import org.opensaml.xml.util.Base64;
-import org.opensaml.xml.util.XMLHelper;
-import org.w3c.dom.DOMException;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
-import org.xml.sax.SAXException;
-
-import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder;
-import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
-import at.gv.egovernment.moa.id.auth.builder.CertInfoVerifyXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
-import at.gv.egovernment.moa.id.auth.builder.GetIdentityLinkFormBuilder;
-import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder;
-import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
-import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.data.InfoboxValidationResult;
-import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.exception.BKUException;
-import at.gv.egovernment.moa.id.auth.exception.BuildException;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.ParseException;
-import at.gv.egovernment.moa.id.auth.exception.ServiceException;
-import at.gv.egovernment.moa.id.auth.exception.ValidateException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
+import at.gv.egovernment.moa.id.auth.builder.*;
+import at.gv.egovernment.moa.id.auth.data.*;
+import at.gv.egovernment.moa.id.auth.exception.*;
 import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
 import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
 import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
@@ -81,13 +16,9 @@ import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator;
 import at.gv.egovernment.moa.id.auth.validator.InfoboxValidator;
 import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator;
 import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils;
-//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateIdentityLinkResponse;
-//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClient;
-//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException;
 import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants;
 import at.gv.egovernment.moa.id.client.SZRGWClient;
 import at.gv.egovernment.moa.id.client.SZRGWClientException;
-import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute;
 import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
@@ -109,13 +40,7 @@ import at.gv.egovernment.moa.id.util.XMLUtil;
 import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate;
 import at.gv.egovernment.moa.logging.LogMsg;
 import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.DateTimeUtils;
-import at.gv.egovernment.moa.util.FileUtils;
-import at.gv.egovernment.moa.util.MiscUtil;
-import at.gv.egovernment.moa.util.StringUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
+import at.gv.egovernment.moa.util.*;
 import at.gv.util.xsd.mis.MandateIdentifiers;
 import at.gv.util.xsd.mis.Target;
 import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest;
@@ -123,12 +48,8 @@ import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest.PEPSData;
 import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse;
 import at.gv.util.xsd.srzgw.MISType;
 import at.gv.util.xsd.srzgw.MISType.Filters;
-import eu.stork.oasisdss.api.AdditionalProfiles;
-import eu.stork.oasisdss.api.ApiUtils;
+import eu.stork.oasisdss.api.*;
 import eu.stork.oasisdss.api.exceptions.ApiUtilsException;
-import eu.stork.oasisdss.api.Profiles;
-import eu.stork.oasisdss.api.QualityLevels;
-import eu.stork.oasisdss.api.SignatureTypes;
 import eu.stork.oasisdss.profile.AnyType;
 import eu.stork.oasisdss.profile.DocumentType;
 import eu.stork.oasisdss.profile.SignRequest;
@@ -138,6 +59,42 @@ import eu.stork.peps.auth.commons.PersonalAttributeList;
 import eu.stork.peps.auth.commons.STORKAuthnRequest;
 import eu.stork.peps.auth.engine.STORKSAMLEngine;
 import eu.stork.peps.exceptions.STORKSAMLEngineException;
+import iaik.asn1.ObjectID;
+import iaik.util.logging.Log;
+import iaik.x509.X509Certificate;
+import iaik.x509.X509ExtensionInitException;
+import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang.StringEscapeUtils;
+import org.apache.velocity.Template;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
+import org.apache.xpath.XPathAPI;
+import org.opensaml.common.IdentifierGenerator;
+import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
+import org.opensaml.xml.util.Base64;
+import org.opensaml.xml.util.XMLHelper;
+import org.w3c.dom.*;
+import org.xml.sax.SAXException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.TransformerException;
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.StringWriter;
+import java.math.BigInteger;
+import java.security.NoSuchAlgorithmException;
+import java.security.Principal;
+import java.security.cert.CertificateException;
+import java.util.*;
+
+//import java.security.cert.CertificateFactory;
+//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateIdentityLinkResponse;
+//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClient;
+//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException;
 
 /**
  * API for MOA ID Authentication Service.<br> {@link AuthenticationSession} is
@@ -149,148 +106,147 @@ import eu.stork.peps.exceptions.STORKSAMLEngineException;
  */
 public class AuthenticationServer implements MOAIDAuthConstants {
 
-	/** single instance */
-	private static AuthenticationServer instance;
-
-	/**
-	 * time out in milliseconds used by {@link cleanup} for session store
-	 */
-	private long sessionTimeOutCreated = 15 * 60  * 1000; // default 10 minutes
-	private long sessionTimeOutUpdated = 10 * 60  * 1000; // default 10 minutes
-	/**
-	 * time out in milliseconds used by {@link cleanup} for authentication data
-	 * store
-	 */
-	private long authDataTimeOut = 2 * 60  * 1000; // default 2 minutes
-
-	/**
-	 * Returns the single instance of <code>AuthenticationServer</code>.
-	 *
-	 * @return the single instance of <code>AuthenticationServer</code>
-	 */
-	public static AuthenticationServer getInstance() {
-		if (instance == null)
-			instance = new AuthenticationServer();
-		return instance;
-	}
-
-	/**
-	 * Constructor for AuthenticationServer.
-	 */
-	public AuthenticationServer() {
-		super();
-	}
-
-
-	/**
-	 * Processes the beginning of an authentication session.
-	 * <ul>
-	 * <li>Starts an authentication session</li>
-	 * <li>Creates an <code>&lt;InfoboxReadRequest&gt;</code></li>
-	 * <li>Creates an HTML form for querying the identity link from the security
-	 * layer implementation. <br>
-	 * Form parameters include
-	 * <ul>
-	 * <li>the <code>&lt;InfoboxReadRequest&gt;</code></li>
-	 * <li>the data URL where the security layer implementation sends it
-	 * response to</li>
-	 * </ul>
-	 * </ul>
-	 *
-	 * @param authURL
-	 *            URL of the servlet to be used as data URL
-	 * @param target
-	 *            "Gesch&auml;ftsbereich" of the online application requested
-	 * @param targetFriendlyName
-	 *            Friendly name of the target if the target is configured via
-	 *            configuration
-	 * @param oaURL
-	 *            online application URL requested
-	 * @param bkuURL
-	 *            URL of the "B&uuml;rgerkartenumgebung" to be used; may be
-	 *            <code>null</code>; in this case, the default location will be
-	 *            used
-	 * @param useMandate
-	 *            Indicates if mandate is used or not
-	 * @param templateURL
-	 *            URL providing an HTML template for the HTML form generated
-	 * @param templateMandteURL
-	 *            URL providing an HTML template for the HTML form generated
-	 *            (for signing in mandates mode)
-	 * @param req
-	 *            determines the protocol used
-	 * @param sourceID
-	 * @return HTML form
-	 * @throws AuthenticationException
-	 * @see GetIdentityLinkFormBuilder
-	 * @see InfoboxReadRequestBuilder
-	 */
-	public String startAuthentication(AuthenticationSession session, HttpServletRequest req) throws WrongParametersException,
-			AuthenticationException, ConfigurationException, BuildException {
-
-		if (session == null) {
-			throw new AuthenticationException("auth.18", new Object[] { });
-		}
-
-		//load OnlineApplication configuration
-	    OAAuthParameter oaParam =
-		          AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix());
-		        if (oaParam == null)
-		          throw new AuthenticationException("auth.00", new Object[] { session.getPublicOAURLPrefix() });
-
-		//load Template
-		String template = null;
-		if (session.getTemplateURL() != null) {
-			try {
-				
-				template = new String(FileUtils.readURL(session.getTemplateURL()));
-			} catch (IOException ex) {
-				throw new AuthenticationException("auth.03", new Object[] {
-						session.getTemplateURL(), ex.toString() }, ex);
-			}
-		}
-
-		String infoboxReadRequest = "";
-
-		String domainIdentifier = AuthConfigurationProvider.getInstance().getSSOTagetIdentifier().trim();
-		if (MiscUtil.isEmpty(domainIdentifier) && session.isSsoRequested()) {
-			//do not use SSO if no Target is set
-			Log.warn("NO SSO-Target found in configuration. Single Sign-On is deaktivated!");
-			session.setSsoRequested(false);
-			
-		}
-		
-		if (session.isSsoRequested()) {
-			//load identityLink with SSO Target
-			boolean isbuisness = false;
-						
-			if (domainIdentifier.startsWith(PREFIX_WPBK)) {
-				
-				isbuisness = true;
-				
-			} else {
-				isbuisness = false;
-				
-			}
-			
-			//build ReadInfobox request
-			infoboxReadRequest = new InfoboxReadRequestBuilder().build(
-					isbuisness, domainIdentifier);
-
-		} else {
-			//build ReadInfobox request
-			infoboxReadRequest = new InfoboxReadRequestBuilder().build(
-					oaParam.getBusinessService(), oaParam
-						.getIdentityLinkDomainIdentifier());
-		}
-
-
-		String dataURL = new DataURLBuilder().buildDataURL(
-				session.getAuthURL(), REQ_VERIFY_IDENTITY_LINK, session
-						.getSessionID());
-
-		//removed in MOAID 2.0
-		String pushInfobox = "";
+    /**
+     * single instance
+     */
+    private static AuthenticationServer instance;
+
+    /**
+     * time out in milliseconds used by {@link cleanup} for session store
+     */
+    private long sessionTimeOutCreated = 15 * 60 * 1000; // default 10 minutes
+    private long sessionTimeOutUpdated = 10 * 60 * 1000; // default 10 minutes
+    /**
+     * time out in milliseconds used by {@link cleanup} for authentication data
+     * store
+     */
+    private long authDataTimeOut = 2 * 60 * 1000; // default 2 minutes
+
+    /**
+     * Returns the single instance of <code>AuthenticationServer</code>.
+     *
+     * @return the single instance of <code>AuthenticationServer</code>
+     */
+    public static AuthenticationServer getInstance() {
+        if (instance == null)
+            instance = new AuthenticationServer();
+        return instance;
+    }
+
+    /**
+     * Constructor for AuthenticationServer.
+     */
+    public AuthenticationServer() {
+        super();
+    }
+
+
+    /**
+     * Processes the beginning of an authentication session.
+     * <ul>
+     * <li>Starts an authentication session</li>
+     * <li>Creates an <code>&lt;InfoboxReadRequest&gt;</code></li>
+     * <li>Creates an HTML form for querying the identity link from the security
+     * layer implementation. <br>
+     * Form parameters include
+     * <ul>
+     * <li>the <code>&lt;InfoboxReadRequest&gt;</code></li>
+     * <li>the data URL where the security layer implementation sends it
+     * response to</li>
+     * </ul>
+     * </ul>
+     *
+     * @param authURL            URL of the servlet to be used as data URL
+     * @param target             "Gesch&auml;ftsbereich" of the online application requested
+     * @param targetFriendlyName Friendly name of the target if the target is configured via
+     *                           configuration
+     * @param oaURL              online application URL requested
+     * @param bkuURL             URL of the "B&uuml;rgerkartenumgebung" to be used; may be
+     *                           <code>null</code>; in this case, the default location will be
+     *                           used
+     * @param useMandate         Indicates if mandate is used or not
+     * @param templateURL        URL providing an HTML template for the HTML form generated
+     * @param templateMandteURL  URL providing an HTML template for the HTML form generated
+     *                           (for signing in mandates mode)
+     * @param req                determines the protocol used
+     * @param sourceID
+     * @return HTML form
+     * @throws AuthenticationException
+     * @see GetIdentityLinkFormBuilder
+     * @see InfoboxReadRequestBuilder
+     */
+    public String startAuthentication(AuthenticationSession session, HttpServletRequest req) throws WrongParametersException,
+            AuthenticationException, ConfigurationException, BuildException {
+
+        if (session == null) {
+            throw new AuthenticationException("auth.18", new Object[]{});
+        }
+
+        //load OnlineApplication configuration
+        OAAuthParameter oaParam =
+                AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix());
+        if (oaParam == null)
+            throw new AuthenticationException("auth.00", new Object[]{session.getPublicOAURLPrefix()});
+
+        //load Template
+        String template = null;
+        if (session.getTemplateURL() != null) {
+            try {
+
+                template = new String(FileUtils.readURL(session.getTemplateURL()));
+            } catch (IOException ex) {
+                throw new AuthenticationException("auth.03", new Object[]{
+                        session.getTemplateURL(), ex.toString()}, ex);
+            }
+        }
+
+        String infoboxReadRequest = "";
+
+        String domainIdentifier = AuthConfigurationProvider.getInstance().getSSOTagetIdentifier().trim();
+        if (MiscUtil.isEmpty(domainIdentifier) && session.isSsoRequested()) {
+            //do not use SSO if no Target is set
+            Log.warn("NO SSO-Target found in configuration. Single Sign-On is deaktivated!");
+            session.setSsoRequested(false);
+
+        }
+
+        if (session.isSsoRequested()) {
+            //load identityLink with SSO Target
+            boolean isbuisness = false;
+
+            if (domainIdentifier.startsWith(PREFIX_WPBK)) {
+
+                isbuisness = true;
+
+            } else {
+                isbuisness = false;
+
+            }
+
+            //build ReadInfobox request
+            infoboxReadRequest = new InfoboxReadRequestBuilder().build(
+                    isbuisness, domainIdentifier);
+
+        } else {
+
+            if (oaParam.getStorkService())
+                // build stork request
+                infoboxReadRequest = new InfoboxReadRequestBuilder().buildStorkReadRequest(
+                        oaParam.getIdentityLinkDomainIdentifier());
+            else
+                //build ReadInfobox request
+                infoboxReadRequest = new InfoboxReadRequestBuilder().build(
+                        oaParam.getBusinessService(), oaParam
+                        .getIdentityLinkDomainIdentifier());
+        }
+
+
+        String dataURL = new DataURLBuilder().buildDataURL(
+                session.getAuthURL(), REQ_VERIFY_IDENTITY_LINK, session
+                .getSessionID());
+
+        //removed in MOAID 2.0
+        String pushInfobox = "";
 
 //		VerifyInfoboxParameters verifyInfoboxParameters = oaParam
 //				.getVerifyInfoboxParameters();
@@ -299,1787 +255,1743 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 //			session.setPushInfobox(pushInfobox);
 //		}
 
-		//build CertInfo request
-		String certInfoRequest = new CertInfoVerifyXMLSignatureRequestBuilder()
-				.build();
-		String certInfoDataURL = new DataURLBuilder()
-				.buildDataURL(session.getAuthURL(), REQ_START_AUTHENTICATION,
-						session.getSessionID());
-
-		//get Applet Parameters
-    	String appletwidth = req.getParameter(PARAM_APPLET_WIDTH);
-    	String appletheigth = req.getParameter(PARAM_APPLET_HEIGTH);
-    	appletheigth = StringEscapeUtils.escapeHtml(appletheigth);
-    	appletwidth = StringEscapeUtils.escapeHtml(appletwidth);
-
-		String htmlForm = new GetIdentityLinkFormBuilder().build(template,
-				session.getBkuURL(), infoboxReadRequest, dataURL, certInfoRequest,
-				certInfoDataURL, pushInfobox, oaParam, appletheigth, appletwidth);
-
-		return htmlForm;
-	}
-
-	/**
-	 * Processes an <code>&lt;InfoboxReadResponse&gt;</code> sent by the
-	 * security layer implementation.<br>
-	 * <ul>
-	 * <li>Validates given <code>&lt;InfoboxReadResponse&gt;</code></li>
-	 * <li>Parses identity link enclosed in
-	 * <code>&lt;InfoboxReadResponse&gt;</code></li>
-	 * <li>Verifies identity link by calling the MOA SP component</li>
-	 * <li>Checks certificate authority of identity link</li>
-	 * <li>Stores identity link in the session</li>
-	 * <li>Verifies all additional infoboxes returned from the BKU</li>
-	 * <li>Creates an authentication block to be signed by the user</li>
-	 * <li>Creates and returns a <code>&lt;CreateXMLSignatureRequest&gt;</code>
-	 * containg the authentication block, meant to be returned to the security
-	 * layer implementation</li>
-	 * </ul>
-	 *
-	 * @param sessionID
-	 *            ID of associated authentication session data
-	 * @param infoboxReadResponseParameters
-	 *            The parameters from the response returned from the BKU
-	 *            including the <code>&lt;InfoboxReadResponse&gt;</code>
-	 * @return String representation of the
-	 *         <code>&lt;CreateXMLSignatureRequest&gt;</code>
-	 * @throws BKUException
-	 */
-	public String verifyIdentityLink(AuthenticationSession session,
-			Map<String, String> infoboxReadResponseParameters) throws AuthenticationException,
-			BuildException, ParseException, ConfigurationException,
-			ValidateException, ServiceException, BKUException {
-
-		if (session == null)
-			throw new AuthenticationException("auth.10", new Object[] {
-					REQ_VERIFY_IDENTITY_LINK, PARAM_SESSIONID });
-
-		String xmlInfoboxReadResponse = (String) infoboxReadResponseParameters
-				.get(PARAM_XMLRESPONSE);
-
-		if (isEmpty(xmlInfoboxReadResponse))
-			throw new AuthenticationException("auth.10", new Object[] {
-					REQ_VERIFY_IDENTITY_LINK, PARAM_XMLRESPONSE });
-
-		AuthConfigurationProvider authConf = AuthConfigurationProvider
-				.getInstance();
-
-		// check if an identity link was found
-		// Errorcode 2911 von Trustdesk BKU (nicht spezifikationskonform
-		// (SL1.2))
-		// CharSequence se = "ErrorCode>2911".substring(0);
-		// boolean b = xmlInfoboxReadResponse.contains(se);
-		String se = "ErrorCode>2911";
-		int b = xmlInfoboxReadResponse.indexOf(se);
-		if (b != -1) { // no identity link found
-			Logger
-					.info("Es konnte keine Personenbindung auf der Karte gefunden werden. Versuche Anmeldung als auslaendische eID.");
-			return null;
-		}
-		// spezifikationsgemaess (SL1.2) Errorcode
-		se = "ErrorCode>4002";
-		// b = xmlInfoboxReadResponse.contains(se);
-		b = xmlInfoboxReadResponse.indexOf(se);
-		if (b != -1) { // Unbekannter Infoboxbezeichner
-			Logger
-					.info("Unbekannter Infoboxbezeichner. Versuche Anmeldung als auslaendische eID.");
-			return null;
-		}
-
-		// parses the <InfoboxReadResponse>
-		IdentityLink identityLink = new InfoboxReadResponseParser(
-				xmlInfoboxReadResponse).parseIdentityLink();
-		// validates the identity link
-		IdentityLinkValidator.getInstance().validate(identityLink);
-		// builds a <VerifyXMLSignatureRequest> for a call of MOA-SP
-		Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder()
-				.build(identityLink, authConf
-						.getMoaSpIdentityLinkTrustProfileID());
-
-		// invokes the call
-		Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker()
-				.verifyXMLSignature(domVerifyXMLSignatureRequest);
-		// parses the <VerifyXMLSignatureResponse>
-		VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser(
-				domVerifyXMLSignatureResponse).parseData();
-
-		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
-				.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
-
-		// if OA is type is business service the manifest validation result has
-		// to be ignored
-		boolean ignoreManifestValidationResult = oaParam.getBusinessService() ? true
-				: false;
-
-		// validates the <VerifyXMLSignatureResponse>
-		VerifyXMLSignatureResponseValidator.getInstance().validate(
-				verifyXMLSignatureResponse,
-				authConf.getIdentityLinkX509SubjectNames(),
-				VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK,
-				ignoreManifestValidationResult);
-
-		session.setIdentityLink(identityLink);
-		// now validate the extended infoboxes
-
-		//Removed in MOA-ID 2.0
-		//verifyInfoboxes(session, infoboxReadResponseParameters, false);
-
-		return "found!";
-	}
-
-	/**
-	 * Processes an <code>&lt;InfoboxReadResponse&gt;</code> sent by the
-	 * security layer implementation.<br>
-	 * <ul>
-	 * <li>Validates given <code>&lt;InfoboxReadResponse&gt;</code></li>
-	 * <li>Parses identity link enclosed in
-	 * <code>&lt;InfoboxReadResponse&gt;</code></li>
-	 * <li>Verifies identity link by calling the MOA SP component</li>
-	 * <li>Checks certificate authority of identity link</li>
-	 * <li>Stores identity link in the session</li>
-	 * <li>Verifies all additional infoboxes returned from the BKU</li>
-	 * <li>Creates an authentication block to be signed by the user</li>
-	 * <li>Creates and returns a <code>&lt;CreateXMLSignatureRequest&gt;</code>
-	 * containg the authentication block, meant to be returned to the security
-	 * layer implementation</li>
-	 * </ul>
-	 *
-	 * @param sessionID
-	 *            ID of associated authentication session data
-	 * @param infoboxReadResponseParameters
-	 *            The parameters from the response returned from the BKU
-	 *            including the <code>&lt;InfoboxReadResponse&gt;</code>
-	 * @return String representation of the
-	 *         <code>&lt;CreateXMLSignatureRequest&gt;</code>
-	 */
-	public String verifyCertificate(AuthenticationSession session,
-			X509Certificate certificate) throws AuthenticationException,
-			BuildException, ParseException, ConfigurationException,
-			ValidateException, ServiceException, MOAIDException{
-
-		if (session == null)
-			throw new AuthenticationException("auth.10", new Object[] {
-					REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID });
-
-		// check if person is a Organwalter
-		// if true - don't show bPK in AUTH Block
-		try {
-			for (ObjectID OWid : MOAIDAuthConstants.OW_LIST) {
-				if (certificate.getExtension(OWid) != null) {
-					session.setOW(true);
-				}
-
-			}
-
-		} catch (X509ExtensionInitException e) {
-			Logger.warn("Certificate extension is not readable.");
-			session.setOW(false);
-		}
-
-		AuthConfigurationProvider authConf = AuthConfigurationProvider
-				.getInstance();
-
-		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
-				.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
-
-		String returnvalue = getCreateXMLSignatureRequestAuthBlockOrRedirect(session,
-				authConf, oaParam);
-
-		return returnvalue;
-	}
-
-	/**
-	 * Processes an <code>Mandate</code> sent by the MIS.<br>
-	 * <ul>
-	 * <li>Validates given <code>Mandate</code></li>
-	 * <li>Verifies Mandate by calling the MOA SP component</li>
-	 * <li>Creates an authentication block to be signed by the user</li>
-	 * <li>Creates and returns a <code>&lt;CreateXMLSignatureRequest&gt;</code>
-	 * containg the authentication block, meant to be returned to the security
-	 * layer implementation</li>
-	 * </ul>
-	 *
-	 * @param sessionID
-	 *            ID of associated authentication session data
-	 * @param infoboxReadResponseParameters
-	 *            The parameters from the response returned from the BKU
-	 *            including the <code>&lt;InfoboxReadResponse&gt;</code>
-	 * @return String representation of the
-	 *         <code>&lt;CreateXMLSignatureRequest&gt;</code>
-	 */
-	public void verifyMandate(AuthenticationSession session, MISMandate mandate)
-			throws AuthenticationException, BuildException, ParseException,
-			ConfigurationException, ValidateException, ServiceException {
-
-		if (session == null)
-			throw new AuthenticationException("auth.10", new Object[] {
-					GET_MIS_SESSIONID, PARAM_SESSIONID });
-
-		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
-				.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
-
-		try {
-			// sets the extended SAML attributes for OID (Organwalter)
-			setExtendedSAMLAttributeForMandatesOID(session, mandate, oaParam
-					.getBusinessService());
-
-			validateExtendedSAMLAttributeForMandates(session, mandate, oaParam.getBusinessService());
-
-
-		} catch (SAXException e) {
-			throw new AuthenticationException("auth.16",
-					new Object[] { GET_MIS_SESSIONID }, e);
-		} catch (IOException e) {
-			throw new AuthenticationException("auth.16",
-					new Object[] { GET_MIS_SESSIONID }, e);
-		} catch (ParserConfigurationException e) {
-			throw new AuthenticationException("auth.16",
-					new Object[] { GET_MIS_SESSIONID }, e);
-		} catch (TransformerException e) {
-			throw new AuthenticationException("auth.16",
-					new Object[] { GET_MIS_SESSIONID }, e);
-		}
-
-	}
-
-	/**
-	 *
-	 * @param session
-	 * @param authConf
-	 * @param oaParam
-	 * @return
-	 * @throws ConfigurationException
-	 * @throws BuildException
-	 * @throws ValidateException
-	 */
-	public String getCreateXMLSignatureRequestAuthBlockOrRedirect(
-			AuthenticationSession session, AuthConfigurationProvider authConf,
-			OAAuthParameter oaParam) throws ConfigurationException,
-			BuildException, ValidateException {
-
-		// check for intermediate processing of the infoboxes
-		if (session.isValidatorInputPending())
-			return "Redirect to Input Processor";
-
-		if (authConf == null)
-			authConf = AuthConfigurationProvider.getInstance();
-		if (oaParam == null)
-			oaParam = AuthConfigurationProvider.getInstance()
-					.getOnlineApplicationParameter(
-							session.getPublicOAURLPrefix());
-
-		// builds the AUTH-block
-	String authBlock = buildAuthenticationBlock(session, oaParam);
-
-		// builds the <CreateXMLSignatureRequest>
-		List<String> transformsInfos = oaParam.getTransformsInfos();
-		if ((transformsInfos == null) || (transformsInfos.size() == 0)) {
-			// no OA specific transforms specified, use default ones
-			transformsInfos = authConf.getTransformsInfos();
-		}
-		String createXMLSignatureRequest = new CreateXMLSignatureRequestBuilder()
-				.build(authBlock, oaParam.getKeyBoxIdentifier(),
-						transformsInfos);
-		return createXMLSignatureRequest;
-	}
-
-	/**
-	 * Returns an CreateXMLSignatureRequest for signing the ERnP statement.<br>
-	 * <ul>
-	 * <li>Creates an CreateXMLSignatureRequest to be signed by the user</li>
-	 * </ul>
-	 *
-	 * @param sessionID
-	 *            ID of associated authentication session data
-	 * @param cert
-	 *            The certificate from the user
-	 * @return String representation of the
-	 *         <code>&lt;CreateXMLSignatureRequest&gt;</code>
-	 */
-	public String createXMLSignatureRequestForeignID(AuthenticationSession session,
-			X509Certificate cert) throws AuthenticationException,
-			BuildException, ParseException, ConfigurationException,
-			ValidateException, ServiceException {
-
-		if (session == null)
-			throw new AuthenticationException("auth.10", new Object[] {
-					REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID });
-
-		AuthConfigurationProvider authConf = AuthConfigurationProvider
-				.getInstance();
-
-		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
-				.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
-
-		return getCreateXMLSignatureRequestForeigID(session, authConf, oaParam,
-				cert);
-	}
-
-	public String getCreateXMLSignatureRequestForeigID(
-			AuthenticationSession session, AuthConfigurationProvider authConf,
-			OAAuthParameter oaParam, X509Certificate cert)
-			throws ConfigurationException {
-
-		// check for intermediate processing of the infoboxes
-		if (session.isValidatorInputPending())
-			return "Redirect to Input Processor";
-
-		if (authConf == null)
-			authConf = AuthConfigurationProvider.getInstance();
-		if (oaParam == null)
-			oaParam = AuthConfigurationProvider.getInstance()
-					.getOnlineApplicationParameter(
-							session.getPublicOAURLPrefix());
-
-		Principal subject = cert.getSubjectDN();
-
-		String createXMLSignatureRequest = new CreateXMLSignatureRequestBuilder()
-				.buildForeignID(subject.toString(), oaParam, session);
-		return createXMLSignatureRequest;
-	}
-
-	/**
-	 * Processes an <code>&lt;CreateXMLSignatureResponse&gt;</code> sent by the
-	 * security layer implementation.<br>
-	 * <ul>
-	 * <li>Validates given <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
-	 * <li>Parses response enclosed in
-	 * <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
-	 * <li>Verifies signature by calling the MOA SP component</li>
-	 * <li>Returns the signer certificate</li>
-	 * </ul>
-	 *
-	 * @param sessionID
-	 *            ID of associated authentication session data
-	 * @param createXMLSignatureResponseParameters
-	 *            The parameters from the response returned from the BKU
-	 *            including the <code>&lt;CreateXMLSignatureResponse&gt;</code>
-	 * @throws BKUException
-	 */
-	public X509Certificate verifyXMLSignature(String sessionID,
-			Map<String, String> createXMLSignatureResponseParameters)
-			throws AuthenticationException, BuildException, ParseException,
-			ConfigurationException, ValidateException, ServiceException, BKUException {
-
-		if (isEmpty(sessionID))
-			throw new AuthenticationException("auth.10", new Object[] {
-					REQ_GET_FOREIGN_ID, PARAM_SESSIONID });
-
-		String xmlCreateXMLSignatureResponse = (String) createXMLSignatureResponseParameters
-				.get(PARAM_XMLRESPONSE);
-
-		if (isEmpty(xmlCreateXMLSignatureResponse))
-			throw new AuthenticationException("auth.10", new Object[] {
-					REQ_GET_FOREIGN_ID, PARAM_XMLRESPONSE });
-
-		AuthConfigurationProvider authConf = AuthConfigurationProvider
-				.getInstance();
-
-		// parses the <CreateXMLSignatureResponse>
-		CreateXMLSignatureResponseParser p = new CreateXMLSignatureResponseParser(
-				xmlCreateXMLSignatureResponse);
-		CreateXMLSignatureResponse createXMLSignatureResponse = p
-				.parseResponseDsig();
-
-		// builds a <VerifyXMLSignatureRequest> for a call of MOA-SP
-		Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder()
-				.buildDsig(createXMLSignatureResponse, authConf
-						.getMoaSpAuthBlockTrustProfileID());
-
-		// invokes the call
-		Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker()
-				.verifyXMLSignature(domVerifyXMLSignatureRequest);
-
-		// parses the <VerifyXMLSignatureResponse>
-		VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser(
-				domVerifyXMLSignatureResponse).parseData();
-
-		return verifyXMLSignatureResponse.getX509certificate();
-
-	}
-
-	/**
-	 * Processes an <code>&lt;CreateXMLSignatureResponse&gt;</code> sent by the
-	 * security layer implementation.<br>
-	 * <ul>
-	 * <li>Validates given <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
-	 * <li>Parses response enclosed in
-	 * <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
-	 * <li>Verifies signature by calling the MOA SP component</li>
-	 * <li>Returns the signer certificate</li>
-	 * </ul>
-	 *
-	 * @param sessionID
-	 *            ID of associated authentication session data
-	 * @param readInfoboxResponseParameters
-	 *            The parameters from the response returned from the BKU
-	 *            including the <code>&lt;ReadInfoboxResponse&gt;</code>
-	 * @throws BKUException
-	 */
-	public X509Certificate getCertificate(String sessionID,
-			Map<String, String> readInfoboxResponseParameters) throws AuthenticationException,
-			BuildException, ParseException, ConfigurationException,
-			ValidateException, ServiceException, BKUException {
-
-		if (isEmpty(sessionID))
-			throw new AuthenticationException("auth.10", new Object[] {
-					REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID });
-
-		String xmlReadInfoboxResponse = (String) readInfoboxResponseParameters
-				.get(PARAM_XMLRESPONSE);
-
-		if (isEmpty(xmlReadInfoboxResponse))
-			throw new AuthenticationException("auth.10", new Object[] {
-					REQ_VERIFY_CERTIFICATE, PARAM_XMLRESPONSE });
-
-		// parses the <CreateXMLSignatureResponse>
-		InfoboxReadResponseParser p = new InfoboxReadResponseParser(
-				xmlReadInfoboxResponse);
-		X509Certificate cert = p.parseCertificate();
-
-		return cert;
-
-	}
-
-	/**
-	 * Builds an authentication block <code>&lt;saml:Assertion&gt;</code> from
-	 * given session data.
-	 *
-	 * @param session
-	 *            authentication session
-	 *
-	 * @return <code>&lt;saml:Assertion&gt;</code> as a String
-	 *
-	 * @throws BuildException
-	 *             If an error occurs on serializing an extended SAML attribute
-	 *             to be appended to the AUTH-Block.
-	 */
-	private String buildAuthenticationBlock(AuthenticationSession session,
-			OAAuthParameter oaParam) throws BuildException {
-
-		IdentityLink identityLink = session.getIdentityLink();
-		String issuer = identityLink.getName();
-		String gebDat = identityLink.getDateOfBirth();
-
-		String identificationValue = null;
-		String identificationType = null;
-
-		//set empty AuthBlock BPK in case of OW or SSO or bpk is not requested
-		if (session.isOW() || session.isSsoRequested() || oaParam.isRemovePBKFromAuthBlock()) {
-			identificationType = "";
-			identificationValue = "";
-
-		} else if (identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) {
-
-			if (oaParam.getBusinessService()) {
-
-				String bpkBase64 = new BPKBuilder().buildWBPK(identityLink
-							.getIdentificationValue(), oaParam.getIdentityLinkDomainIdentifier());
-				identificationValue = bpkBase64;
-
-			    if (oaParam.getIdentityLinkDomainIdentifier().startsWith(Constants.URN_PREFIX_WBPK + "+" ))
-			    	identificationType = oaParam.getIdentityLinkDomainIdentifier();
-			    else
-			    	identificationType = Constants.URN_PREFIX_WBPK + "+" + oaParam.getIdentityLinkDomainIdentifier();
-
-			} else {
-				String bpkBase64 = new BPKBuilder().buildBPK(identityLink
-							.getIdentificationValue(), session.getTarget());
-				identificationValue = bpkBase64;
-				identificationType = Constants.URN_PREFIX_CDID + "+" + session.getTarget();
-			}
-
-
-		} else {
-			identificationValue = identityLink.getIdentificationValue();
-			identificationType = identityLink.getIdentificationType();
-
-		}
-
-		String issueInstant = DateTimeUtils.buildDateTimeUTC(Calendar
-				.getInstance());
-		session.setIssueInstant(issueInstant);
-		String authURL = session.getAuthURL();
-		String target = session.getTarget();
-		String targetFriendlyName = session.getTargetFriendlyName();
-
-		// Bug #485
-		// (https://egovlabs.gv.at/tracker/index.php?func=detail&aid=485&group_id=6&atid=105)
-		// String oaURL = session.getPublicOAURLPrefix();
-
-		List<ExtendedSAMLAttribute> extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH();
-
-
-		if (session.isSsoRequested()) {
-			String oaURL = new String();
-			try {
-				oaURL = AuthConfigurationProvider.getInstance().getPublicURLPrefix();
-
-				if (MiscUtil.isNotEmpty(oaURL))
-					oaURL = oaURL.replaceAll("&", "&amp;");
-
-			} catch (ConfigurationException e) {
-			}
-			String authBlock = new AuthenticationBlockAssertionBuilder()
-				.buildAuthBlockSSO(issuer, issueInstant, authURL, target,
-						targetFriendlyName, identificationValue,
-						identificationType, oaURL, gebDat,
-						extendedSAMLAttributes, session, oaParam);
-			return authBlock;
-
-		} else {
-			String oaURL = session.getPublicOAURLPrefix().replaceAll("&", "&amp;");
-			String authBlock = new AuthenticationBlockAssertionBuilder()
-				.buildAuthBlock(issuer, issueInstant, authURL, target,
-						targetFriendlyName, identificationValue,
-						identificationType, oaURL, gebDat,
-						extendedSAMLAttributes, session, oaParam);
-			return authBlock;
-		}
-	}
-
-
-
-	/**
-	 * Verifies the infoboxes (except of the identity link infobox) returned by
-	 * the BKU by calling appropriate validator classes.
-	 *
-	 * @param session
-	 *            The actual authentication session.
-	 * @param mandate
-	 *            The Mandate from the MIS
-	 *
-	 * @throws AuthenticationException
-	 * @throws ConfigurationException
-	 * @throws TransformerException
-	 * @throws ParserConfigurationException
-	 * @throws IOException
-	 * @throws SAXException
-	 */
-	private void validateExtendedSAMLAttributeForMandates(
-			AuthenticationSession session, MISMandate mandate,
-			boolean business)
-			throws ValidateException, ConfigurationException, SAXException,
-			IOException, ParserConfigurationException, TransformerException {
-
-		ExtendedSAMLAttribute[] extendedSAMLAttributes = addExtendedSamlAttributes(
-				mandate, business, false);
-
-		int length = extendedSAMLAttributes.length;
-		for (int i = 0; i < length; i++) {
-			ExtendedSAMLAttribute samlAttribute = extendedSAMLAttributes[i];
-
-			verifySAMLAttribute(samlAttribute, i, "MISService",
-					"MISService");
-
-		}
-	}
-
-	/**
-	 * Verifies the infoboxes (except of the identity link infobox) returned by
-	 * the BKU by calling appropriate validator classes.
-	 *
-	 * @param session
-	 *            The actual authentication session.
-	 * @param mandate
-	 *            The Mandate from the MIS
-	 *
-	 * @throws AuthenticationException
-	 * @throws ConfigurationException
-	 * @throws TransformerException
-	 * @throws ParserConfigurationException
-	 * @throws IOException
-	 * @throws SAXException
-	 */
-	private void setExtendedSAMLAttributeForMandatesOID(
-			AuthenticationSession session, MISMandate mandate, boolean business)
-			throws ValidateException, ConfigurationException, SAXException,
-			IOException, ParserConfigurationException, TransformerException {
-
-		ExtendedSAMLAttribute[] extendedSamlAttributes = addExtendedSamlAttributesOID(
-				mandate, business);
-
-		AddAdditionalSAMLAttributes(session, extendedSamlAttributes,
-				"MISService", "MISService");
-
-	}
-
-	/**
-	 * Adds given SAML Attributes to the current session. They will be appended
-	 * to the final SAML Assertion or the AUTH block. If the attributes are
-	 * already in the list, they will be replaced.
-	 *
-	 * @param session
-	 *            The current session
-	 * @param extendedSAMLAttributes
-	 *            The SAML attributes to add
-	 * @param identifier
-	 *            The infobox identifier for debug purposes
-	 * @param friendlyNam
-	 *            The friendly name of the infobox for debug purposes
-	 */
-	private static void AddAdditionalSAMLAttributes(
-			AuthenticationSession session,
-			ExtendedSAMLAttribute[] extendedSAMLAttributes, String identifier,
-			String friendlyName) throws ValidateException {
-		if (extendedSAMLAttributes == null)
-			return;
-		List<ExtendedSAMLAttribute> oaAttributes = session.getExtendedSAMLAttributesOA();
-		if (oaAttributes == null)
-			oaAttributes = new Vector<ExtendedSAMLAttribute>();
-		List<ExtendedSAMLAttribute> authAttributes = session.getExtendedSAMLAttributesAUTH();
-		if (authAttributes == null)
-			authAttributes = new Vector<ExtendedSAMLAttribute>();
-		int length = extendedSAMLAttributes.length;
-		for (int i = 0; i < length; i++) {
-			ExtendedSAMLAttribute samlAttribute = extendedSAMLAttributes[i];
-
-			Object value = verifySAMLAttribute(samlAttribute, i, identifier,
-					friendlyName);
-
-			if ((value instanceof String) || (value instanceof Element)) {
-				switch (samlAttribute.getAddToAUTHBlock()) {
-				case ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY:
-					replaceExtendedSAMLAttribute(authAttributes, samlAttribute);
-					break;
-				case ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK:
-					replaceExtendedSAMLAttribute(authAttributes, samlAttribute);
-					replaceExtendedSAMLAttribute(oaAttributes, samlAttribute);
-					break;
-				case ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK:
-					replaceExtendedSAMLAttribute(oaAttributes, samlAttribute);
-					break;
-				default:
-					Logger
-							.info("Invalid return value from method \"getAddToAUTHBlock()\" ("
-									+ samlAttribute.getAddToAUTHBlock()
-									+ ") in SAML attribute number "
-									+ (i + 1)
-									+ " for infobox " + identifier);
-					throw new ValidateException("validator.47", new Object[] {
-							friendlyName, String.valueOf((i + 1)) });
-				}
-			} else {
-				Logger
-						.info("The type of SAML-Attribute number "
-								+ (i + 1)
-								+ " returned from "
-								+ identifier
-								+ "-infobox validator is not valid. Must be either \"java.Lang.String\""
-								+ " or \"org.w3c.dom.Element\"");
-				throw new ValidateException("validator.46", new Object[] {
-						identifier, String.valueOf((i + 1)) });
-			}
-		}
-		session.setExtendedSAMLAttributesAUTH(authAttributes);
-		session.setExtendedSAMLAttributesOA(oaAttributes);
-	}
-
-	/**
-	 * Adds the AUTH block related SAML attributes to the validation result.
-	 * This is needed always before the AUTH block is to be signed, because the
-	 * name of the mandator has to be set
-	 *
-	 * @throws ParserConfigurationException
-	 * @throws IOException
-	 * @throws SAXException
-	 * @throws TransformerException
-	 */
-
-	protected static ExtendedSAMLAttribute[] addExtendedSamlAttributes(
-			MISMandate mandate, boolean business, boolean provideStammzahl)
-			throws SAXException, IOException, ParserConfigurationException,
-			TransformerException {
-		Vector<ExtendedSAMLAttribute> extendedSamlAttributes = new Vector<ExtendedSAMLAttribute>();
-
-		extendedSamlAttributes.clear();
-
-		// Name
-		Element domMandate = mandateToElement(mandate);
-		Element nameSpaceNode = domMandate.getOwnerDocument().createElement(
-				"NameSpaceNode");
-		nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX,
-				Constants.PD_NS_URI);
-		nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.MANDATE_POSTFIX,
-				SZRGWConstants.MANDATE_NS);
-
-		Element mandator = (Element) XPathAPI.selectSingleNode(domMandate,
-				"//md:Mandate/md:Mandator", nameSpaceNode);
-
-		// Mandate
-		extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
-				EXT_SAML_MANDATE_RAW, domMandate,
-				SZRGWConstants.MANDATE_NS,
-				ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
-
-		// (w)bpk
-		String wbpk = ParepUtils.extractMandatorWbpk(mandator);
-		if (!ParepUtils.isEmpty(wbpk)) {
-			if (!ParepUtils.isPhysicalPerson(mandator)) {
-				String idType = ParepUtils
-						.extractMandatorIdentificationType(mandator);
-				if (!ParepUtils.isEmpty(idType)
-						&& idType.startsWith(Constants.URN_PREFIX_BASEID)) {
-					extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
-							EXT_SAML_MANDATE_CB_BASE_ID,
-							ParepUtils.getRegisterString(idType) + ": " + wbpk,
-							SZRGWConstants.MANDATE_NS,
-							ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY));
-				}
-			} else if (business) {
-				extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
-						EXT_SAML_MANDATE_WBPK, wbpk,
-						SZRGWConstants.MANDATE_NS,
-						ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY));
-			}
-		}
-
-		ExtendedSAMLAttribute[] ret = new ExtendedSAMLAttribute[extendedSamlAttributes
-				.size()];
-		extendedSamlAttributes.copyInto(ret);
-		Logger.debug("ExtendedSAML Attributes: " + ret.length);
-		return ret;
-
-	}
-
-	/**
-	 * Adds the AUTH block related SAML attributes to the validation result.
-	 * This is needed always before the AUTH block is to be signed, because the
-	 * name of the mandator has to be set
-	 *
-	 * @throws ParserConfigurationException
-	 * @throws IOException
-	 * @throws SAXException
-	 * @throws TransformerException
-	 */
-	private static ExtendedSAMLAttribute[] addExtendedSamlAttributesOID(
-			MISMandate mandate, boolean business) throws SAXException,
-			IOException, ParserConfigurationException, TransformerException {
-
-		Vector<ExtendedSAMLAttribute> extendedSamlAttributes = new Vector<ExtendedSAMLAttribute>();
-
-		extendedSamlAttributes.clear();
-
-		// RepresentationType
-		extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
-				EXT_SAML_MANDATE_REPRESENTATIONTYPE,
-				EXT_SAML_MANDATE_REPRESENTATIONTEXT,
-				SZRGWConstants.MANDATE_NS,
-				ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
-
-		String oid = mandate.getProfRep();
-
-		if (oid != null) {
-			extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
-					EXT_SAML_MANDATE_OID, oid,
-					SZRGWConstants.MANDATE_NS,
-					ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
-			String oidDescription = mandate.getTextualDescriptionOfOID();
-			extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
-					EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION,
-					oidDescription, SZRGWConstants.MANDATE_NS,
-					ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
-
-		}
-
-		ExtendedSAMLAttribute[] ret = new ExtendedSAMLAttribute[extendedSamlAttributes
-				.size()];
-		extendedSamlAttributes.copyInto(ret);
-		Logger.debug("ExtendedSAML Attributes: " + ret.length);
-		return ret;
-
-	}
-
-	/**
-	 *
-	 * @param mandate
-	 * @return
-	 * @throws ParserConfigurationException
-	 * @throws IOException
-	 * @throws SAXException
-	 */
-	private static Element mandateToElement(MISMandate mandate)
-			throws SAXException, IOException, ParserConfigurationException {
-		ByteArrayInputStream bais = new ByteArrayInputStream(mandate
-				.getMandate());
-		Document doc = DOMUtils.parseDocumentSimple(bais);
-		return doc.getDocumentElement();
-	}
-
-	protected static void replaceExtendedSAMLAttribute(List<ExtendedSAMLAttribute> attributes,
-			ExtendedSAMLAttribute samlAttribute) {
-		if (null == attributes) {
-			attributes = new Vector<ExtendedSAMLAttribute>();
-		} else {
-			String id = samlAttribute.getName();
-			int length = attributes.size();
-			for (int i = 0; i < length; i++) {
-				ExtendedSAMLAttribute att = (ExtendedSAMLAttribute) attributes
-						.get(i);
-				if (id.equals(att.getName())) {
-					// replace attribute
-					attributes.set(i, samlAttribute);
-					return;
-				}
-			}
-			attributes.add(samlAttribute);
-		}
-	}
-
-	/**
-	 * Processes a <code>&lt;CreateXMLSignatureResponse&gt;</code> sent by the
-	 * security layer implementation.<br>
-	 * <ul>
-	 * <li>Validates given <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
-	 * <li>Parses <code>&lt;CreateXMLSignatureResponse&gt;</code> for error
-	 * codes</li>
-	 * <li>Parses authentication block enclosed in
-	 * <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
-	 * <li>Verifies authentication block by calling the MOA SP component</li>
-	 * <li>Creates authentication data</li>
-	 * <li>Creates a corresponding SAML artifact</li>
-	 * <li>Stores authentication data in the authentication data store indexed
-	 * by the SAML artifact</li>
-	 * <li>Deletes authentication session</li>
-	 * <li>Returns the SAML artifact, encoded BASE64</li>
-	 * </ul>
-	 *
-	 * @param sessionID
-	 *            session ID of the running authentication session
-	 * @param xmlCreateXMLSignatureReadResponse
-	 *            String representation of the
-	 *            <code>&lt;CreateXMLSignatureResponse&gt;</code>
-	 * @return SAML artifact needed for retrieving authentication data, encoded
-	 *         BASE64
-	 * @throws BKUException
-	 */
-	public String verifyAuthenticationBlock(AuthenticationSession session,
-			String xmlCreateXMLSignatureReadResponse)
-			throws AuthenticationException, BuildException, ParseException,
-			ConfigurationException, ServiceException, ValidateException, BKUException {
-
-		if (session == null)
-			throw new AuthenticationException("auth.10", new Object[] {
-					REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID });
-		if (isEmpty(xmlCreateXMLSignatureReadResponse))
-			throw new AuthenticationException("auth.10", new Object[] {
-					REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE });
-
-		AuthConfigurationProvider authConf = AuthConfigurationProvider
-				.getInstance();
-		// parses <CreateXMLSignatureResponse>
-		CreateXMLSignatureResponse csresp = new CreateXMLSignatureResponseParser(
-				xmlCreateXMLSignatureReadResponse).parseResponse();
-
-		try {
-			String serializedAssertion = DOMUtils.serializeNode(csresp
-					.getSamlAssertion());
-			session.setAuthBlock(serializedAssertion);
-		} catch (TransformerException e) {
-			throw new ParseException("parser.04", new Object[] {
-					REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE });
-		} catch (IOException e) {
-			throw new ParseException("parser.04", new Object[] {
-					REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE });
-		}
-		// validates <CreateXMLSignatureResponse>
-		if (session.isSsoRequested())
-			new CreateXMLSignatureResponseValidator().validateSSO(csresp, session);
-		else
-			new CreateXMLSignatureResponseValidator().validate(csresp, session);
-
-		// builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call
-		List<String> vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs();
-		String tpid = authConf.getMoaSpAuthBlockTrustProfileID();
-		Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp,
-				vtids, tpid);
-		// debug output
-
-		// invokes the call
-		Element domVsresp = new SignatureVerificationInvoker()
-				.verifyXMLSignature(domVsreq);
-		// debug output
-
-		// parses the <VerifyXMLSignatureResponse>
-		VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser(
-				domVsresp).parseData();
-
-		if (Logger.isTraceEnabled()) {
-			if (domVsresp != null) {
-				try {
-					String xmlVerifyXMLSignatureResponse = DOMUtils
-							.serializeNode(domVsresp, true);
-					Logger.trace(new LogMsg(xmlCreateXMLSignatureReadResponse));
-					Logger.trace(new LogMsg(xmlVerifyXMLSignatureResponse));
-				} catch (Throwable t) {
-					t.printStackTrace();
-					Logger.info(new LogMsg(t.getStackTrace()));
-				}
-			}
-		}
-
-		// validates the <VerifyXMLSignatureResponse>
-		VerifyXMLSignatureResponseValidator.getInstance().validate(vsresp,
-				null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK,
-				false);
-
-		// Compare AuthBlock Data with information stored in session, especially
-		// date and time
-		CreateXMLSignatureResponseValidator.getInstance().validateSigningDateTime(csresp);
-
-		// compares the public keys from the identityLink with the AuthBlock
-		VerifyXMLSignatureResponseValidator.getInstance().validateCertificate(
-				vsresp, session.getIdentityLink());
-
-		// post processing of the infoboxes
-		Iterator iter = session.getInfoboxValidatorIterator();
-		boolean formpending = false;
-		if (iter != null) {
-			while (!formpending && iter.hasNext()) {
-				Vector infoboxValidatorVector = (Vector) iter.next();
-				String identifier = (String) infoboxValidatorVector.get(0);
-				String friendlyName = (String) infoboxValidatorVector.get(1);
-				InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector
-						.get(2);
-				InfoboxValidationResult infoboxValidationResult = null;
-				try {
-					infoboxValidationResult = infoboxvalidator.validate(csresp
-							.getSamlAssertion());
-				} catch (ValidateException e) {
-					Logger.error("Error validating " + identifier + " infobox:"
-							+ e.getMessage());
-					throw new ValidateException("validator.44",
-							new Object[] { friendlyName });
-				}
-				if (!infoboxValidationResult.isValid()) {
-					Logger.info("Validation of " + identifier
-							+ " infobox failed.");
-					throw new ValidateException("validator.40", new Object[] {
-							friendlyName,
-							infoboxValidationResult.getErrorMessage() });
-				}
-				String form = infoboxvalidator.getForm();
-				if (ParepUtils.isEmpty(form)) {
-					AddAdditionalSAMLAttributes(
-							session,
-							infoboxValidationResult.getExtendedSamlAttributes(),
-							identifier, friendlyName);
-				} else {
-					return "Redirect to Input Processor";
-				}
-			}
-		}
-
-		session.setXMLVerifySignatureResponse(vsresp);
-		session.setSignerCertificate(vsresp.getX509certificate());
-		vsresp.setX509certificate(null);
-		session.setForeigner(false);
-
-		if (session.getUseMandate()) {
-			// mandate mode
-			return null;
-
-		} else {
-
-			session.setAuthenticatedUsed(false);
-			session.setAuthenticated(true);
-			
-	    	//set QAA Level four in case of card authentifcation
-	    	session.setQAALevel(PVPConstants.STORK_QAA_1_4);
-			
-			
-			String oldsessionID = session.getSessionID();
-
-			//Session is implicte stored in changeSessionID!!!
-			String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session);
-
-			Logger.info("Changed MOASession " + oldsessionID + " to Session " + newMOASessionID);
-			Logger.info("Daten angelegt zu MOASession " + newMOASessionID);
-
-			return newMOASessionID;
-		}
-	}
-
-	/**
-	 * Processes a <code>&lt;CreateXMLSignatureResponse&gt;</code> sent by the
-	 * security layer implementation.<br>
-	 * <ul>
-	 * <li>Validates given <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
-	 * <li>Parses <code>&lt;CreateXMLSignatureResponse&gt;</code> for error
-	 * codes</li>
-	 * <li>Parses authentication block enclosed in
-	 * <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
-	 * <li>Verifies authentication block by calling the MOA SP component</li>
-	 * <li>Creates authentication data</li>
-	 * <li>Creates a corresponding SAML artifact</li>
-	 * <li>Stores authentication data in the authentication data store indexed
-	 * by the SAML artifact</li>
-	 * <li>Deletes authentication session</li>
-	 * <li>Returns the SAML artifact, encoded BASE64</li>
-	 * </ul>
-	 *
-	 * @param sessionID
-	 *            session ID of the running authentication session
-	 * @param xmlCreateXMLSignatureReadResponse
-	 *            String representation of the
-	 *            <code>&lt;CreateXMLSignatureResponse&gt;</code>
-	 * @return SAML artifact needed for retrieving authentication data, encoded
-	 *         BASE64
-	 */
-
-	protected Element createIdentificationBPK(Element mandatePerson,
-			String baseid, String target) throws BuildException {
-		Element identificationBpK = mandatePerson.getOwnerDocument()
-				.createElementNS(Constants.PD_NS_URI, "Identification");
-		Element valueBpK = mandatePerson.getOwnerDocument().createElementNS(
-				Constants.PD_NS_URI, "Value");
-
-		String bpkBase64 = new BPKBuilder().buildBPK(baseid, target);
-		valueBpK.appendChild(mandatePerson.getOwnerDocument().createTextNode(
-				bpkBase64));
-		Element typeBpK = mandatePerson.getOwnerDocument().createElementNS(
-				Constants.PD_NS_URI, "Type");
-		typeBpK.appendChild(mandatePerson.getOwnerDocument().createTextNode(
-				"urn:publicid:gv.at:cdid+bpk"));
-		identificationBpK.appendChild(valueBpK);
-		identificationBpK.appendChild(typeBpK);
-
-		return identificationBpK;
-
-	}
-
-	protected String getBaseId(Element mandatePerson)
-			throws TransformerException, IOException {
-		NodeList list = mandatePerson.getElementsByTagNameNS(
-				Constants.PD_NS_URI, "Identification");
-		for (int i = 0; i < list.getLength(); i++) {
-			Element identification = (Element) list.item(i);
-			Element type = (Element) identification.getElementsByTagNameNS(
-					Constants.PD_NS_URI, "Type").item(0);
-			if (type.getTextContent().compareToIgnoreCase(
-					"urn:publicid:gv.at:baseid") == 0) {
-				Element value = (Element) identification
-						.getElementsByTagNameNS(Constants.PD_NS_URI, "Value")
-						.item(0);
-				return value.getTextContent();
-			}
-		}
-		return null;
-
-	}
-
-	/**
-	 * Gets the foreign authentication data.<br>
-	 * <ul>
-	 * <li>Creates authentication data</li>
-	 * <li>Creates a corresponding SAML artifact</li>
-	 * <li>Stores authentication data in the authentication data store indexed
-	 * by the SAML artifact</li>
-	 * <li>Deletes authentication session</li>
-	 * <li>Returns the SAML artifact, encoded BASE64</li>
-	 * </ul>
-	 *
-	 * @param sessionID
-	 *            session ID of the running authentication session
-	 * @return SAML artifact needed for retrieving authentication data, encoded
-	 *         BASE64
-	 */
-	public String getForeignAuthenticationData(AuthenticationSession session)
-			throws AuthenticationException, BuildException, ParseException,
-			ConfigurationException, ServiceException, ValidateException {
-
-		if (session == null)
-			throw new AuthenticationException("auth.10", new Object[] {
-					REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID });
-
-		// post processing of the infoboxes
-		Iterator iter = session.getInfoboxValidatorIterator();
-		boolean formpending = false;
-		if (iter != null) {
-			while (!formpending && iter.hasNext()) {
-				Vector infoboxValidatorVector = (Vector) iter.next();
-				String identifier = (String) infoboxValidatorVector.get(0);
-				String friendlyName = (String) infoboxValidatorVector.get(1);
-				InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector
-						.get(2);
-				InfoboxValidationResult infoboxValidationResult = null;
-				try {
-					infoboxValidationResult = infoboxvalidator.validate(session
-							.getIdentityLink().getSamlAssertion());
-				} catch (ValidateException e) {
-					Logger.error("Error validating " + identifier + " infobox:"
-							+ e.getMessage());
-					throw new ValidateException("validator.44",
-							new Object[] { friendlyName });
-				}
-				if (!infoboxValidationResult.isValid()) {
-					Logger.info("Validation of " + identifier
-							+ " infobox failed.");
-					throw new ValidateException("validator.40", new Object[] {
-							friendlyName,
-							infoboxValidationResult.getErrorMessage() });
-				}
-				String form = infoboxvalidator.getForm();
-				if (ParepUtils.isEmpty(form)) {
-					AddAdditionalSAMLAttributes(
-							session,
-							infoboxValidationResult.getExtendedSamlAttributes(),
-							identifier, friendlyName);
-				} else {
-					return "Redirect to Input Processor";
-				}
-			}
-		}
-
-		VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponse();
-		X509Certificate cert = session.getSignerCertificate();
-		vsresp.setX509certificate(cert);
-
-		session.setAuthenticatedUsed(false);
-		session.setAuthenticated(true);
-
-
-		session.setXMLVerifySignatureResponse(vsresp);
-		session.setSignerCertificate(vsresp.getX509certificate());
-		vsresp.setX509certificate(null);
-		session.setForeigner(true);
-
-		//TODO: regenerate MOASession ID!
-		return "new Session";
-	}
-
-	/**
-	 * Builds the AuthenticationData object together with the corresponding
-	 * <code>&lt;saml:Assertion&gt;</code>
-	 *
-	 * @param session
-	 *            authentication session
-	 * @param verifyXMLSigResp
-	 *            VerifyXMLSignatureResponse from MOA-SP
-	 * @param useUTC uses correct UTC time format
-	 * @param useUTC indicates that authenticated citizen is a foreigner
-	 * @param isForeigner indicates whether Austrian (false) or foreigner (true) authenticates
-	 * @return AuthenticationData object
-	 * @throws ConfigurationException
-	 *             while accessing configuration data
-	 * @throws BuildException
-	 *             while building the <code>&lt;saml:Assertion&gt;</code>
-	 */
-	public static AuthenticationData buildAuthenticationData(
-			AuthenticationSession session, OAAuthParameter oaParam, String target)
-			throws ConfigurationException, BuildException {
-
-		IdentityLink identityLink = session.getIdentityLink();
-		AuthenticationData authData = new AuthenticationData();
-
-		VerifyXMLSignatureResponse verifyXMLSigResp = session.getXMLVerifySignatureResponse();
-
-		boolean businessService = oaParam.getBusinessService();
-
-		authData.setMajorVersion(1);
-		authData.setMinorVersion(0);
-		authData.setAssertionID(Random.nextRandom());
-		authData.setIssuer(session.getAuthURL());
-
-		authData.setIssueInstant(DateTimeUtils.buildDateTimeUTC(Calendar
-				.getInstance()));
-
-		//baseID or wbpk in case of BusinessService without SSO or BusinessService SSO
-		authData.setIdentificationValue(identityLink.getIdentificationValue());
-		authData.setIdentificationType(identityLink.getIdentificationType());
-
-		authData.setGivenName(identityLink.getGivenName());
-		authData.setFamilyName(identityLink.getFamilyName());
-		authData.setDateOfBirth(identityLink.getDateOfBirth());
-		authData.setQualifiedCertificate(verifyXMLSigResp
-				.isQualifiedCertificate());
-		authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority());
-		authData.setPublicAuthorityCode(verifyXMLSigResp
-				.getPublicAuthorityCode());
-		authData.setBkuURL(session.getBkuURL());
-
-		try {
-
-			if (session.getUseMandate() && session.isOW()) {
-				MISMandate mandate = session.getMISMandate();
-				authData.setBPK(mandate.getOWbPK());
-				authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + "OW");
-				authData.setIdentityLink(identityLink);
-
-				Logger.trace("Authenticated User is OW: " + mandate.getOWbPK());
-
-			} else {
-
-				if (businessService) {
-					//since we have foreigner, wbPK is not calculated in BKU
-					if(identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) {
-
-					 	String registerAndOrdNr = oaParam.getIdentityLinkDomainIdentifier();
-
-						if (registerAndOrdNr.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_)) {
-							// If domainIdentifier starts with prefix
-							// "urn:publicid:gv.at:wbpk+"; remove this prefix
-							registerAndOrdNr = registerAndOrdNr
-									.substring(AuthenticationSession.REGISTERANDORDNR_PREFIX_.length());
-							Logger.debug("Register and ordernumber prefix stripped off; resulting register string: "
-									+ registerAndOrdNr);
-						}
-
-						String wbpkBase64 = new BPKBuilder().buildWBPK(identityLink.getIdentificationValue(), registerAndOrdNr);
-						authData.setBPK(wbpkBase64);
-						authData.setBPKType( Constants.URN_PREFIX_WBPK + "+" + registerAndOrdNr);
-
-					} else {
-						authData.setBPK(identityLink.getIdentificationValue());
-						authData.setBPKType(identityLink.getIdentificationType());
-
-					}
-
-					Logger.trace("Authenticate user with wbPK " + authData.getBPK());
-
-					Element idlassertion = session.getIdentityLink().getSamlAssertion();
-					//set bpk/wpbk;
-					Node prIdentification = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH);
-					prIdentification.getFirstChild().setNodeValue(authData.getBPK());
-					//set bkp/wpbk type
-					Node prIdentificationType = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_IDENT_TYPE_XPATH);
-					prIdentificationType.getFirstChild().setNodeValue(authData.getBPKType());
-
-					IdentityLinkAssertionParser idlparser = new IdentityLinkAssertionParser(idlassertion);
-					IdentityLink idl = idlparser.parseIdentityLink();
-					authData.setIdentityLink(idl);
-
-				} else {
-
-					if(identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) {
-						// only compute bPK if online application is a public service and we have the Stammzahl
-						String bpkBase64 = new BPKBuilder().buildBPK(identityLink.getIdentificationValue(), target);
-						authData.setBPK(bpkBase64);
-						authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + oaParam.getTarget());
-					}
-
-					Logger.trace("Authenticate user with bPK " + authData.getBPK());
-
-					authData.setIdentityLink(identityLink);
-				}
-			}
-
-			return authData;
-
-		} catch (Throwable ex) {
-			throw new BuildException("builder.00", new Object[] {
-					"AuthenticationData", ex.toString() }, ex);
-		}
-	}
-
-	/**
-	 * Retrieves a session from the session store.
-	 *
-	 * @param id
-	 *            session ID
-	 * @return <code>AuthenticationSession</code> stored with given session ID,
-	 *         <code>null</code> if session ID unknown
-	 */
-	public static AuthenticationSession getSession(String id)
-			throws AuthenticationException {
-
-		AuthenticationSession session;
-		try {
-			session = AuthenticationSessionStoreage.getSession(id);
-
-			if (session == null)
-				throw new AuthenticationException("auth.02", new Object[] { id });
-			return session;
-
-		} catch (MOADatabaseException e) {
-			throw new AuthenticationException("parser.04", new Object[] { id });
-		}
-	}
-
-	/**
-	 * Cleans up expired session and authentication data stores.
-	 */
-	public void cleanup() {
-		long now = new Date().getTime();
-
-		//clean AuthenticationSessionStore
-
-		AuthenticationSessionStoreage.clean(now, sessionTimeOutCreated, sessionTimeOutUpdated);
-
-		//clean AssertionStore
-		AssertionStorage assertionstore = AssertionStorage.getInstance();
-		assertionstore.clean(now, authDataTimeOut);
-
-		//clean ExeptionStore
-		DBExceptionStoreImpl exstore = DBExceptionStoreImpl.getStore();
-		exstore.clean(now, authDataTimeOut);
-
-	}
-
-	/**
-	 * Sets the sessionTimeOut.
-	 *
-	 * @param seconds
-	 *            Time out of the session in seconds
-	 */
-	public void setSecondsSessionTimeOutCreated(long seconds) {
-		sessionTimeOutCreated = seconds * 1000;
-	}
-
-	public void setSecondsSessionTimeOutUpdated(long seconds) {
-		sessionTimeOutUpdated = seconds * 1000;
-	}
-
-	/**
-	 * Sets the authDataTimeOut.
-	 *
-	 * @param seconds
-	 *            Time out for signing AuthData in seconds
-	 */
-	public void setSecondsAuthDataTimeOut(long seconds) {
-		authDataTimeOut = seconds * 1000;
-	}
-
-	/**
-	 * Checks a parameter.
-	 *
-	 * @param param
-	 *            parameter
-	 * @return true if the parameter is null or empty
-	 */
-	private boolean isEmpty(String param) {
-		return param == null || param.length() == 0;
-	}
-
-	/**
-	 * Checks the correctness of SAML attributes and returns its value.
-	 *
-	 * @param param
-	 *            samlAttribute
-	 * @param i
-	 *            the number of the verified attribute for messages
-	 * @param identifier
-	 *            the infobox identifier for messages
-	 * @param friendlyname
-	 *            the friendly name of the infobox for messages
-	 * @return the SAML attribute value (Element or String)
-	 */
-	protected static Object verifySAMLAttribute(
-			ExtendedSAMLAttribute samlAttribute, int i, String identifier,
-			String friendlyName) throws ValidateException {
-		String name = samlAttribute.getName();
-
-		if (name == null) {
-			Logger.info("The name of SAML-Attribute number " + (i + 1)
-					+ " returned from " + identifier
-					+ "-infobox validator is null.");
-			throw new ValidateException("validator.45", new Object[] {
-					friendlyName, "Name", String.valueOf((i + 1)), "null" });
-		}
-		if (name == "") {
-			Logger.info("The name of SAML-Attribute number " + (i + 1)
-					+ " returned from " + identifier
-					+ "-infobox validator is empty.");
-			throw new ValidateException("validator.45", new Object[] {
-					friendlyName, "Name", String.valueOf((i + 1)), "leer" });
-		}
-		if (samlAttribute.getNameSpace() == null) {
-			Logger.info("The namespace of SAML-Attribute number " + (i + 1)
-					+ " returned from " + identifier
-					+ "-infobox validator is null.");
-			throw new ValidateException("validator.45",
-					new Object[] { friendlyName, "Namespace",
-							String.valueOf((i + 1)), "null" });
-		}
-		Object value = samlAttribute.getValue();
-		if (value == null) {
-			Logger.info("The value of SAML-Attribute number " + (i + 1)
-					+ " returned from " + identifier
-					+ "-infobox validator is null.");
-			throw new ValidateException("validator.45", new Object[] {
-					friendlyName, "Wert", String.valueOf((i + 1)), "null" });
-		}
-
-		return value;
-	}
-
-	/**
-	   * Does the request to the SZR-GW
-	 * @param oaFriendlyName 
-	 * @param signature XMLDSIG signature
-	   * @return Identity link assertion
-	 * @throws SZRGWClientException 
-	   */
-
-	     public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String gender, String citizenSignature, String represented, String representative, String mandateContent, String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, String filters) throws SZRGWClientException {
-
-			try {
-		    	AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance();
-		    	ConnectionParameter connectionParameters = authConf.getForeignIDConnectionParameter();
-
-		    	SZRGWClient client = new SZRGWClient(connectionParameters);
-		    	 
-		    	
-		    	CreateIdentityLinkRequest request = new CreateIdentityLinkRequest();
-		    	request.setSignature(citizenSignature.getBytes());
-	    	
-		    	PEPSData data = new PEPSData();
-		    	data.setDateOfBirth(PEPSDateOfBirth);
-		    	data.setFamilyname(PEPSFamilyname);
-		    	data.setFirstname(PEPSFirstname);
-		    	data.setIdentifier(PEPSIdentifier);
-
-		    	data.setRepresentative(representative);
-		    	data.setRepresented(represented);
-		    	data.setMandateContent(mandateContent);
-		    	
-		    	data.setLegalPersonCanonicalRegisteredAddress(organizationAddress);
-		    	data.setLegalPersonTranslatableType(organizationType);
-
-		    	if(null != mandateContent) {
-			    	MISType mis = new MISType();
-			    	
-			    	Target targetObject = new Target();
-			    	targetObject.setType(targetType);
-			    	targetObject.setValue(targetValue);
-			    	mis.setTarget(targetObject);
-			    	
-			    	mis.setOAFriendlyName(oaFriendlyName);
-			    	
-			    	Filters filterObject = new Filters();
-			    	MandateIdentifiers mandateIds = new MandateIdentifiers();
-			        for(String current : filters.split(","))
-			        	mandateIds.getMandateIdentifier().add(current.trim());
-			    	filterObject.setMandateIdentifiers(mandateIds);
-			    	mis.setFilters(filterObject);
-			    	
-			    	request.setMIS(mis);
-		    	}
-		    	
-		    	Logger.info("Starte Kommunikation mit dem Stammzahlenregister Gateway(" + connectionParameters.getUrl() + ")...");
-				CreateIdentityLinkResponse response = client.sentCreateIDLRequest(request , connectionParameters.getUrl());
-				return response;
-		    	
-		    }
-		    catch (ConfigurationException e) {
-		    	Logger.warn(e);
-		    	Logger.warn(MOAIDMessageProvider.getInstance().getMessage("config.12", null ));
-			}
-		    
-		    return null;
-		
-	  }
-
-	/**
-	 * Does the request to the SZR-GW.
-	 *
-	 * @param signature the signature
-	 * @return the identity link
-	 * @throws SZRGWClientException the sZRGW client exception
-	 * @throws ConfigurationException the configuration exception
-	 */
-	public CreateIdentityLinkResponse getIdentityLink(Element signature) throws SZRGWClientException, ConfigurationException {
-		return getIdentityLink(null, null, null, null, XMLHelper.nodeToString(signature));
-	}
-
-	/**
-	 * Does the request to the SZR-GW.
-	 *
-	 * @param PEPSIdentifier the pEPS identifier
-	 * @param PEPSFirstname the pEPS firstname
-	 * @param PEPSFamilyname the pEPS familyname
-	 * @param PEPSDateOfBirth the pEPS date of birth
-	 * @param signature XMLDSIG signature
-	 * @return Identity link assertion
-	 * @throws SZRGWClientException the sZRGW client exception
-	 * @throws ConfigurationException the configuration exception
-	 */
-	public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String signature) throws SZRGWClientException {
-		return getIdentityLink(PEPSIdentifier, PEPSFirstname, PEPSFamilyname, PEPSDateOfBirth, null, signature, null, null, null, null, null, null, null);
-	}
-
-	/**
-	 * Gets the identity link.
-	 *
-	 * @param citizenSignature the citizen signature
-	 * @param representative the representative
-	 * @param represented the represented
-	 * @param mandate the mandate
-	 * @param organizationAddress the organization address
-	 * @param organizationType the organization type
-	 * @return the identity link
-	 * @throws SZRGWClientException 
-	 */
-	public CreateIdentityLinkResponse getIdentityLink(String citizenSignature,
-			String representative, String represented, String mandateContent,
-			String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, String filters) throws SZRGWClientException {
-		return getIdentityLink(null, null, null, null, null,
-				citizenSignature, represented, representative, mandateContent, organizationAddress,
-				organizationType, targetType, targetValue, oaFriendlyName, filters);
-	}
-	
- 	/**
-	  * SZR-GW Client interface.
-	  *
-	  * @param eIdentifier the e identifier
-	  * @param givenName the given name
-	  * @param lastName the last name
-	  * @param dateOfBirth the date of birth
-	  * @param citizenSignature the citizen signature
-	  * @param representative the representative
-	  * @param represented the represented
-	  * @param mandate the mandate
-	  * @return the identity link
-	  * @throws SZRGWClientException the sZRGW client exception
-	  */
-	 public CreateIdentityLinkResponse getIdentityLink(String eIdentifier,
- 			String givenName, String lastName, String dateOfBirth, String gender,
- 			String citizenSignature, String representative, String represented,
- 			String mandate, String targetType, String targetValue, String oaFriendlyName, String filters) throws SZRGWClientException {
- 		return getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, gender,
- 				citizenSignature, representative, represented, mandate, null,
- 				null, targetType, targetValue, oaFriendlyName, filters);
- 	}
-
-	/**
-	 * Starts a MOA-ID authentication process using STORK
-	 * @param req HttpServletRequest
-	 * @param resp HttpServletResponse
-	 * @param ccc Citizen country code
-	 * @param oaURL URL of the online application
-	 * @param target Target parameter
-	 * @param targetFriendlyName Friendly Name of Target
-	 * @param authURL Authentication URL
-	 * @param sourceID SourceID parameter
-	 * @throws MOAIDException
-	 * @throws AuthenticationException
-	 * @throws WrongParametersException
-	 * @throws ConfigurationException
-	 */
-	public static void startSTORKAuthentication(
-			HttpServletRequest req,
-			HttpServletResponse resp,
-			AuthenticationSession moasession) throws MOAIDException, AuthenticationException, WrongParametersException, ConfigurationException {
-
-		if (moasession == null) {
-			throw new AuthenticationException("auth.18", new Object[] { });
-		}
-
-		//read configuration paramters of OA
-		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
-		if (oaParam == null)
-				throw new AuthenticationException("auth.00", new Object[] { moasession.getPublicOAURLPrefix() });
-
-		//Start of STORK Processing
-		STORKConfig storkConfig = AuthConfigurationProvider.getInstance().getStorkConfig();
-
-		CPEPS cpeps = storkConfig.getCPEPS(moasession.getCcc());
-
-		Logger.debug("Preparing to assemble STORK AuthnRequest with the following values:");
-    	String destination = cpeps.getPepsURL().toExternalForm();
-    	Logger.debug("C-PEPS URL: " + destination);
-
-    	String acsURL = HTTPUtils.getBaseURL(req) + PEPSConnectorServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN;
-    	Logger.debug("MOA Assertion Consumer URL (PEPSConnctor): " + acsURL);
-
-    	String providerName= oaParam.getFriendlyName();
-    	String issuerValue = HTTPUtils.getBaseURL(req);
-    	Logger.debug("Issuer value: " + issuerValue);
-
-    	// prepare collection of required attributes
-    	// - attributes for online application
-    	List<OAStorkAttribute> attributesFromConfig = oaParam.getRequestedAttributes();
-
-    	// - prepare attribute list
-    	PersonalAttributeList attributeList = new PersonalAttributeList();
-
-    	// - fill container
-    	for(OAStorkAttribute current : attributesFromConfig) {
-	    	PersonalAttribute newAttribute = new PersonalAttribute();
-	    	newAttribute.setName(current.getName());
-
-	    	boolean globallyMandatory = false;
-	    	for(StorkAttribute currentGlobalAttribute : storkConfig.getStorkAttributes())
-	    		if(current.getName().equals(currentGlobalAttribute.getName())) {
-	    			globallyMandatory = currentGlobalAttribute.isMandatory();
-	    			break;
-	    		}
-
-	    	newAttribute.setIsRequired(current.isMandatory() || globallyMandatory);
-	    	attributeList.add(newAttribute);
-    	}
-
-    	// add sign request
-    	PersonalAttribute newAttribute = new PersonalAttribute();
-    	newAttribute.setName("signedDoc");
-    	List<String> value = new ArrayList<String>();
-    	value.add(generateDssSignRequest(CreateXMLSignatureRequestBuilder.buildForeignIDTextToBeSigned("wie im  Signaturzertifikat (as in my signature certificate)", oaParam, moasession),
-    			"application/xhtml+xml",
-    			moasession.getCcc()));
-    	newAttribute.setValue(value);
-    	attributeList.add(newAttribute);
-
-
-		if (Logger.isDebugEnabled()) {
-			Logger.debug("The following attributes are requested for this OA:");
-			for (OAStorkAttribute logReqAttr : attributesFromConfig)
-				Logger.debug("OA specific requested attribute: " + logReqAttr.getName() + ", isRequired: " + logReqAttr.isMandatory());
-		}
-
-		//TODO: check Target in case of SSO!!
-    	String spSector = StringUtils.isEmpty(moasession.getTarget()) ? "Business" : moasession.getTarget();
-    	String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName();
-    	String spApplication = spInstitution;
-    	String spCountry = "AT";
-
-    	//generate AuthnRquest
-    	STORKAuthnRequest authnRequest = new STORKAuthnRequest();
-    	authnRequest.setDestination(destination);
-    	authnRequest.setAssertionConsumerServiceURL(acsURL);
-    	authnRequest.setProviderName(providerName);
-    	authnRequest.setIssuer(issuerValue);
-    	authnRequest.setQaa(oaParam.getQaaLevel());
-    	authnRequest.setSpInstitution(spInstitution);
-    	authnRequest.setCountry(spCountry);
-    	authnRequest.setSpApplication(spApplication);
-    	authnRequest.setSpSector(spSector);
-    	authnRequest.setPersonalAttributeList(attributeList);
-
-    	authnRequest.setEIDCrossBorderShare(true);
-    	authnRequest.setEIDCrossSectorShare(true);
-    	authnRequest.setEIDSectorShare(true);
-
-    	authnRequest.setCitizenCountryCode(moasession.getCcc());
-
-
-    	Logger.debug("STORK AuthnRequest succesfully assembled.");
-
-    	STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("outgoing");
-    	try {
-    		authnRequest = samlEngine.generateSTORKAuthnRequest(authnRequest);
-    	} catch (STORKSAMLEngineException e) {
-			Logger.error("Could not sign STORK SAML AuthnRequest.", e);
-			throw new MOAIDException("stork.00", null);
-		}
-
-		Logger.info("STORK AuthnRequest successfully signed!");
-		
-    	//validate AuthnRequest
-		try {
-			samlEngine.validateSTORKAuthnRequest(authnRequest.getTokenSaml());
-		} catch (STORKSAMLEngineException e) {
-			Logger.error("STORK SAML AuthnRequest not valid.", e);
-			throw new MOAIDException("stork.01", null);
-		}	
-		
-		Logger.debug("STORK AuthnRequest successfully internally validated.");
-		
-		//send
-		moasession.setStorkAuthnRequest(authnRequest);
-		HttpSession httpSession = req.getSession();
-		httpSession.setAttribute("MOA-Session-ID", moasession.getSessionID());
-
-
-		Logger.info("Preparing to send STORK AuthnRequest.");
-		Logger.info("prepared STORKAuthnRequest: ");
-		Logger.info(new String(authnRequest.getTokenSaml()));
-
-		try {
-			Logger.trace("Initialize VelocityEngine...");
-
-			VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
-			Template template = velocityEngine.getTemplate("/resources/templates/saml2-post-binding-moa.vm");
-			VelocityContext context = new VelocityContext();
-			context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(authnRequest.getTokenSaml()));
-			context.put("action", destination);
-
-			StringWriter writer = new StringWriter();
-			template.merge(context, writer);
-
-			resp.getOutputStream().write(writer.toString().getBytes());
-		} catch (Exception e) {
-			Logger.error("Error sending STORK SAML AuthnRequest.", e);
-			httpSession.invalidate();
-			throw new MOAIDException("stork.02", new Object[] { destination });
-		}
-
-		Logger.info("STORK AuthnRequest successfully successfully prepared for client with target location: " + authnRequest.getDestination());
-	}
-
-	private static String generateDssSignRequest(String text, String  mimeType, String citizenCountry) {
-		IdentifierGenerator idGenerator;
-		try {
-			idGenerator = new SecureRandomIdentifierGenerator();
-			
-			DocumentType doc = new DocumentType();
-			doc.setBase64XML(text.getBytes());
-			doc.setID(idGenerator.generateIdentifier());
-			
-			SignRequest request = new SignRequest();
-			request.setInputDocuments(ApiUtils.createInputDocuments(doc));
-			
-			String id = idGenerator.generateIdentifier();
-			request.setRequestID(id);
-			request.setDocUI(id);
-			
-			request.setProfile(Profiles.XADES_BES.toString());
-			request.setNumberOfSigners(BigInteger.ONE);
-			request.setTargetCountry(citizenCountry);
-
-			// no, no todo. PEPS will alter this value anyhow.
-			request.setReturnURL("http://invalid_return");
-			
-			AnyType required = new AnyType();
-			required.getAny().add(ApiUtils.createSignatureType(SignatureTypes.XMLSIG_RFC3275.toString()));
-			required.getAny().add(ApiUtils.createAdditionalProfile(AdditionalProfiles.XADES.toString()));
-			required.getAny().add(ApiUtils.createQualityRequirements(QualityLevels.QUALITYLEVEL_QUALIFIEDSIG));
-			required.getAny().add(ApiUtils.createIncludeObject(doc));
-			request.setOptionalInputs(required);
-			
-			return IOUtils.toString(ApiUtils.marshalToInputStream(request));
-		} catch (NoSuchAlgorithmException e) {
-			Logger.error("Cannot generate id", e);
-			throw new RuntimeException(e);
-		} catch (ApiUtilsException e) {
-			Logger.error("Could not create SignRequest", e);
-			throw new RuntimeException(e);
-		} catch (DOMException e) {
-			Logger.error("Could not create SignRequest", e);
-			throw new RuntimeException(e);
-		} catch (IOException e) {
-			Logger.error("Could not create SignRequest", e);
-			throw new RuntimeException(e);
-		}
-	}
-
-	/**
-	 * Extracts an X509 Certificate out of an XML signagture element
-	 * @param signedXML XML signature element
-	 * @return X509Certificate
-	 * @throws CertificateException
-	 */
-	public static X509Certificate getCertificateFromXML(Element signedXML) throws CertificateException {
-
-		NodeList nList = signedXML.getElementsByTagNameNS(Constants.DSIG_NS_URI, "X509Certificate");
-
-		String base64CertString = XMLUtil.getFirstTextValueFromNodeList(nList);
-
-		if (StringUtils.isEmpty(base64CertString)) {
-			String msg = "XML does not contain a X509Certificate element.";
-			Logger.error(msg);
-			throw new CertificateException(msg);
-		}
-
-		InputStream is = new ByteArrayInputStream(Base64.decode(base64CertString));
-
-		X509Certificate cert;
-		try {
-			cert = new X509Certificate(is);
-			return cert;
-
-		} catch (Throwable e) {
-			throw new CertificateException(e);
-		}
-	}
+        //build CertInfo request
+        String certInfoRequest = new CertInfoVerifyXMLSignatureRequestBuilder()
+                .build();
+        String certInfoDataURL = new DataURLBuilder()
+                .buildDataURL(session.getAuthURL(), REQ_START_AUTHENTICATION,
+                        session.getSessionID());
+
+        //get Applet Parameters
+        String appletwidth = req.getParameter(PARAM_APPLET_WIDTH);
+        String appletheigth = req.getParameter(PARAM_APPLET_HEIGTH);
+        appletheigth = StringEscapeUtils.escapeHtml(appletheigth);
+        appletwidth = StringEscapeUtils.escapeHtml(appletwidth);
+
+        String htmlForm = new GetIdentityLinkFormBuilder().build(template,
+                session.getBkuURL(), infoboxReadRequest, dataURL, certInfoRequest,
+                certInfoDataURL, pushInfobox, oaParam, appletheigth, appletwidth);
+
+        return htmlForm;
+    }
+
+    /**
+     * Processes an <code>&lt;InfoboxReadResponse&gt;</code> sent by the
+     * security layer implementation.<br>
+     * <ul>
+     * <li>Validates given <code>&lt;InfoboxReadResponse&gt;</code></li>
+     * <li>Parses identity link enclosed in
+     * <code>&lt;InfoboxReadResponse&gt;</code></li>
+     * <li>Verifies identity link by calling the MOA SP component</li>
+     * <li>Checks certificate authority of identity link</li>
+     * <li>Stores identity link in the session</li>
+     * <li>Verifies all additional infoboxes returned from the BKU</li>
+     * <li>Creates an authentication block to be signed by the user</li>
+     * <li>Creates and returns a <code>&lt;CreateXMLSignatureRequest&gt;</code>
+     * containg the authentication block, meant to be returned to the security
+     * layer implementation</li>
+     * </ul>
+     *
+     * @param sessionID                     ID of associated authentication session data
+     * @param infoboxReadResponseParameters The parameters from the response returned from the BKU
+     *                                      including the <code>&lt;InfoboxReadResponse&gt;</code>
+     * @return String representation of the
+     * <code>&lt;CreateXMLSignatureRequest&gt;</code>
+     * @throws BKUException
+     */
+    public String verifyIdentityLink(AuthenticationSession session,
+                                     Map<String, String> infoboxReadResponseParameters) throws AuthenticationException,
+            BuildException, ParseException, ConfigurationException,
+            ValidateException, ServiceException, BKUException {
+
+        if (session == null)
+            throw new AuthenticationException("auth.10", new Object[]{
+                    REQ_VERIFY_IDENTITY_LINK, PARAM_SESSIONID});
+
+        String xmlInfoboxReadResponse = (String) infoboxReadResponseParameters
+                .get(PARAM_XMLRESPONSE);
+
+        if (isEmpty(xmlInfoboxReadResponse))
+            throw new AuthenticationException("auth.10", new Object[]{
+                    REQ_VERIFY_IDENTITY_LINK, PARAM_XMLRESPONSE});
+
+        AuthConfigurationProvider authConf = AuthConfigurationProvider
+                .getInstance();
+
+        // check if an identity link was found
+        // Errorcode 2911 von Trustdesk BKU (nicht spezifikationskonform
+        // (SL1.2))
+        // CharSequence se = "ErrorCode>2911".substring(0);
+        // boolean b = xmlInfoboxReadResponse.contains(se);
+        String se = "ErrorCode>2911";
+        int b = xmlInfoboxReadResponse.indexOf(se);
+        if (b != -1) { // no identity link found
+            Logger
+                    .info("Es konnte keine Personenbindung auf der Karte gefunden werden. Versuche Anmeldung als auslaendische eID.");
+            return null;
+        }
+        // spezifikationsgemaess (SL1.2) Errorcode
+        se = "ErrorCode>4002";
+        // b = xmlInfoboxReadResponse.contains(se);
+        b = xmlInfoboxReadResponse.indexOf(se);
+        if (b != -1) { // Unbekannter Infoboxbezeichner
+            Logger
+                    .info("Unbekannter Infoboxbezeichner. Versuche Anmeldung als auslaendische eID.");
+            return null;
+        }
+
+        // parses the <InfoboxReadResponse>
+        IdentityLink identityLink = new InfoboxReadResponseParser(
+                xmlInfoboxReadResponse).parseIdentityLink();
+        // validates the identity link
+        IdentityLinkValidator.getInstance().validate(identityLink);
+        // builds a <VerifyXMLSignatureRequest> for a call of MOA-SP
+        Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder()
+                .build(identityLink, authConf
+                        .getMoaSpIdentityLinkTrustProfileID());
+
+        // invokes the call
+        Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker()
+                .verifyXMLSignature(domVerifyXMLSignatureRequest);
+        // parses the <VerifyXMLSignatureResponse>
+        VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser(
+                domVerifyXMLSignatureResponse).parseData();
+
+        OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
+                .getOnlineApplicationParameter(session.getPublicOAURLPrefix());
+
+        // if OA is type is business service the manifest validation result has
+        // to be ignored
+        boolean ignoreManifestValidationResult = (oaParam.getBusinessService() || oaParam.getStorkService()) ? true
+                : false;
+
+        // validates the <VerifyXMLSignatureResponse>
+        VerifyXMLSignatureResponseValidator.getInstance().validate(
+                verifyXMLSignatureResponse,
+                authConf.getIdentityLinkX509SubjectNames(),
+                VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK,
+                ignoreManifestValidationResult);
+
+        session.setIdentityLink(identityLink);
+        // now validate the extended infoboxes
+
+        //Removed in MOA-ID 2.0
+        //verifyInfoboxes(session, infoboxReadResponseParameters, false);
+
+        return "found!";
+    }
+
+    /**
+     * Processes an <code>&lt;InfoboxReadResponse&gt;</code> sent by the
+     * security layer implementation.<br>
+     * <ul>
+     * <li>Validates given <code>&lt;InfoboxReadResponse&gt;</code></li>
+     * <li>Parses identity link enclosed in
+     * <code>&lt;InfoboxReadResponse&gt;</code></li>
+     * <li>Verifies identity link by calling the MOA SP component</li>
+     * <li>Checks certificate authority of identity link</li>
+     * <li>Stores identity link in the session</li>
+     * <li>Verifies all additional infoboxes returned from the BKU</li>
+     * <li>Creates an authentication block to be signed by the user</li>
+     * <li>Creates and returns a <code>&lt;CreateXMLSignatureRequest&gt;</code>
+     * containg the authentication block, meant to be returned to the security
+     * layer implementation</li>
+     * </ul>
+     *
+     * @param sessionID                     ID of associated authentication session data
+     * @param infoboxReadResponseParameters The parameters from the response returned from the BKU
+     *                                      including the <code>&lt;InfoboxReadResponse&gt;</code>
+     * @return String representation of the
+     * <code>&lt;CreateXMLSignatureRequest&gt;</code>
+     */
+    public String verifyCertificate(AuthenticationSession session,
+                                    X509Certificate certificate) throws AuthenticationException,
+            BuildException, ParseException, ConfigurationException,
+            ValidateException, ServiceException, MOAIDException {
+
+        if (session == null)
+            throw new AuthenticationException("auth.10", new Object[]{
+                    REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID});
+
+        // check if person is a Organwalter
+        // if true - don't show bPK in AUTH Block
+        try {
+            for (ObjectID OWid : MOAIDAuthConstants.OW_LIST) {
+                if (certificate.getExtension(OWid) != null) {
+                    session.setOW(true);
+                }
+
+            }
+
+        } catch (X509ExtensionInitException e) {
+            Logger.warn("Certificate extension is not readable.");
+            session.setOW(false);
+        }
+
+        AuthConfigurationProvider authConf = AuthConfigurationProvider
+                .getInstance();
+
+        OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
+                .getOnlineApplicationParameter(session.getPublicOAURLPrefix());
+
+        String returnvalue = getCreateXMLSignatureRequestAuthBlockOrRedirect(session,
+                authConf, oaParam);
+
+        return returnvalue;
+    }
+
+    /**
+     * Processes an <code>Mandate</code> sent by the MIS.<br>
+     * <ul>
+     * <li>Validates given <code>Mandate</code></li>
+     * <li>Verifies Mandate by calling the MOA SP component</li>
+     * <li>Creates an authentication block to be signed by the user</li>
+     * <li>Creates and returns a <code>&lt;CreateXMLSignatureRequest&gt;</code>
+     * containg the authentication block, meant to be returned to the security
+     * layer implementation</li>
+     * </ul>
+     *
+     * @param sessionID                     ID of associated authentication session data
+     * @param infoboxReadResponseParameters The parameters from the response returned from the BKU
+     *                                      including the <code>&lt;InfoboxReadResponse&gt;</code>
+     * @return String representation of the
+     * <code>&lt;CreateXMLSignatureRequest&gt;</code>
+     */
+    public void verifyMandate(AuthenticationSession session, MISMandate mandate)
+            throws AuthenticationException, BuildException, ParseException,
+            ConfigurationException, ValidateException, ServiceException {
+
+        if (session == null)
+            throw new AuthenticationException("auth.10", new Object[]{
+                    GET_MIS_SESSIONID, PARAM_SESSIONID});
+
+        OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
+                .getOnlineApplicationParameter(session.getPublicOAURLPrefix());
+
+        try {
+            // sets the extended SAML attributes for OID (Organwalter)
+            setExtendedSAMLAttributeForMandatesOID(session, mandate, oaParam
+                    .getBusinessService());
+
+            validateExtendedSAMLAttributeForMandates(session, mandate, oaParam.getBusinessService());
+
+
+        } catch (SAXException e) {
+            throw new AuthenticationException("auth.16",
+                    new Object[]{GET_MIS_SESSIONID}, e);
+        } catch (IOException e) {
+            throw new AuthenticationException("auth.16",
+                    new Object[]{GET_MIS_SESSIONID}, e);
+        } catch (ParserConfigurationException e) {
+            throw new AuthenticationException("auth.16",
+                    new Object[]{GET_MIS_SESSIONID}, e);
+        } catch (TransformerException e) {
+            throw new AuthenticationException("auth.16",
+                    new Object[]{GET_MIS_SESSIONID}, e);
+        }
+
+    }
+
+    /**
+     * @param session
+     * @param authConf
+     * @param oaParam
+     * @return
+     * @throws ConfigurationException
+     * @throws BuildException
+     * @throws ValidateException
+     */
+    public String getCreateXMLSignatureRequestAuthBlockOrRedirect(
+            AuthenticationSession session, AuthConfigurationProvider authConf,
+            OAAuthParameter oaParam) throws ConfigurationException,
+            BuildException, ValidateException {
+
+        // check for intermediate processing of the infoboxes
+        if (session.isValidatorInputPending())
+            return "Redirect to Input Processor";
+
+        if (authConf == null)
+            authConf = AuthConfigurationProvider.getInstance();
+        if (oaParam == null)
+            oaParam = AuthConfigurationProvider.getInstance()
+                    .getOnlineApplicationParameter(
+                            session.getPublicOAURLPrefix());
+
+        // builds the AUTH-block
+        String authBlock = buildAuthenticationBlock(session, oaParam);
+
+        // builds the <CreateXMLSignatureRequest>
+        List<String> transformsInfos = oaParam.getTransformsInfos();
+        if ((transformsInfos == null) || (transformsInfos.size() == 0)) {
+            // no OA specific transforms specified, use default ones
+            transformsInfos = authConf.getTransformsInfos();
+        }
+        String createXMLSignatureRequest = new CreateXMLSignatureRequestBuilder()
+                .build(authBlock, oaParam.getKeyBoxIdentifier(),
+                        transformsInfos);
+        return createXMLSignatureRequest;
+    }
+
+    /**
+     * Returns an CreateXMLSignatureRequest for signing the ERnP statement.<br>
+     * <ul>
+     * <li>Creates an CreateXMLSignatureRequest to be signed by the user</li>
+     * </ul>
+     *
+     * @param sessionID ID of associated authentication session data
+     * @param cert      The certificate from the user
+     * @return String representation of the
+     * <code>&lt;CreateXMLSignatureRequest&gt;</code>
+     */
+    public String createXMLSignatureRequestForeignID(AuthenticationSession session,
+                                                     X509Certificate cert) throws AuthenticationException,
+            BuildException, ParseException, ConfigurationException,
+            ValidateException, ServiceException {
+
+        if (session == null)
+            throw new AuthenticationException("auth.10", new Object[]{
+                    REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID});
+
+        AuthConfigurationProvider authConf = AuthConfigurationProvider
+                .getInstance();
+
+        OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
+                .getOnlineApplicationParameter(session.getPublicOAURLPrefix());
+
+        return getCreateXMLSignatureRequestForeigID(session, authConf, oaParam,
+                cert);
+    }
+
+    public String getCreateXMLSignatureRequestForeigID(
+            AuthenticationSession session, AuthConfigurationProvider authConf,
+            OAAuthParameter oaParam, X509Certificate cert)
+            throws ConfigurationException {
+
+        // check for intermediate processing of the infoboxes
+        if (session.isValidatorInputPending())
+            return "Redirect to Input Processor";
+
+        if (authConf == null)
+            authConf = AuthConfigurationProvider.getInstance();
+        if (oaParam == null)
+            oaParam = AuthConfigurationProvider.getInstance()
+                    .getOnlineApplicationParameter(
+                            session.getPublicOAURLPrefix());
+
+        Principal subject = cert.getSubjectDN();
+
+        String createXMLSignatureRequest = new CreateXMLSignatureRequestBuilder()
+                .buildForeignID(subject.toString(), oaParam, session);
+        return createXMLSignatureRequest;
+    }
+
+    /**
+     * Processes an <code>&lt;CreateXMLSignatureResponse&gt;</code> sent by the
+     * security layer implementation.<br>
+     * <ul>
+     * <li>Validates given <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
+     * <li>Parses response enclosed in
+     * <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
+     * <li>Verifies signature by calling the MOA SP component</li>
+     * <li>Returns the signer certificate</li>
+     * </ul>
+     *
+     * @param sessionID                            ID of associated authentication session data
+     * @param createXMLSignatureResponseParameters The parameters from the response returned from the BKU
+     *                                             including the <code>&lt;CreateXMLSignatureResponse&gt;</code>
+     * @throws BKUException
+     */
+    public X509Certificate verifyXMLSignature(String sessionID,
+                                              Map<String, String> createXMLSignatureResponseParameters)
+            throws AuthenticationException, BuildException, ParseException,
+            ConfigurationException, ValidateException, ServiceException, BKUException {
+
+        if (isEmpty(sessionID))
+            throw new AuthenticationException("auth.10", new Object[]{
+                    REQ_GET_FOREIGN_ID, PARAM_SESSIONID});
+
+        String xmlCreateXMLSignatureResponse = (String) createXMLSignatureResponseParameters
+                .get(PARAM_XMLRESPONSE);
+
+        if (isEmpty(xmlCreateXMLSignatureResponse))
+            throw new AuthenticationException("auth.10", new Object[]{
+                    REQ_GET_FOREIGN_ID, PARAM_XMLRESPONSE});
+
+        AuthConfigurationProvider authConf = AuthConfigurationProvider
+                .getInstance();
+
+        // parses the <CreateXMLSignatureResponse>
+        CreateXMLSignatureResponseParser p = new CreateXMLSignatureResponseParser(
+                xmlCreateXMLSignatureResponse);
+        CreateXMLSignatureResponse createXMLSignatureResponse = p
+                .parseResponseDsig();
+
+        // builds a <VerifyXMLSignatureRequest> for a call of MOA-SP
+        Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder()
+                .buildDsig(createXMLSignatureResponse, authConf
+                        .getMoaSpAuthBlockTrustProfileID());
+
+        // invokes the call
+        Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker()
+                .verifyXMLSignature(domVerifyXMLSignatureRequest);
+
+        // parses the <VerifyXMLSignatureResponse>
+        VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser(
+                domVerifyXMLSignatureResponse).parseData();
+
+        return verifyXMLSignatureResponse.getX509certificate();
+
+    }
+
+    /**
+     * Processes an <code>&lt;CreateXMLSignatureResponse&gt;</code> sent by the
+     * security layer implementation.<br>
+     * <ul>
+     * <li>Validates given <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
+     * <li>Parses response enclosed in
+     * <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
+     * <li>Verifies signature by calling the MOA SP component</li>
+     * <li>Returns the signer certificate</li>
+     * </ul>
+     *
+     * @param sessionID                     ID of associated authentication session data
+     * @param readInfoboxResponseParameters The parameters from the response returned from the BKU
+     *                                      including the <code>&lt;ReadInfoboxResponse&gt;</code>
+     * @throws BKUException
+     */
+    public X509Certificate getCertificate(String sessionID,
+                                          Map<String, String> readInfoboxResponseParameters) throws AuthenticationException,
+            BuildException, ParseException, ConfigurationException,
+            ValidateException, ServiceException, BKUException {
+
+        if (isEmpty(sessionID))
+            throw new AuthenticationException("auth.10", new Object[]{
+                    REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID});
+
+        String xmlReadInfoboxResponse = (String) readInfoboxResponseParameters
+                .get(PARAM_XMLRESPONSE);
+
+        if (isEmpty(xmlReadInfoboxResponse))
+            throw new AuthenticationException("auth.10", new Object[]{
+                    REQ_VERIFY_CERTIFICATE, PARAM_XMLRESPONSE});
+
+        // parses the <CreateXMLSignatureResponse>
+        InfoboxReadResponseParser p = new InfoboxReadResponseParser(
+                xmlReadInfoboxResponse);
+        X509Certificate cert = p.parseCertificate();
+
+        return cert;
+
+    }
+
+    /**
+     * Builds an authentication block <code>&lt;saml:Assertion&gt;</code> from
+     * given session data.
+     *
+     * @param session authentication session
+     * @return <code>&lt;saml:Assertion&gt;</code> as a String
+     * @throws BuildException If an error occurs on serializing an extended SAML attribute
+     *                        to be appended to the AUTH-Block.
+     */
+    private String buildAuthenticationBlock(AuthenticationSession session,
+                                            OAAuthParameter oaParam) throws BuildException {
+
+        IdentityLink identityLink = session.getIdentityLink();
+        String issuer = identityLink.getName();
+        String gebDat = identityLink.getDateOfBirth();
+
+        String identificationValue = null;
+        String identificationType = null;
+
+        //set empty AuthBlock BPK in case of OW or SSO or bpk is not requested
+        if (session.isOW() || session.isSsoRequested() || oaParam.isRemovePBKFromAuthBlock()) {
+            identificationType = "";
+            identificationValue = "";
+
+        } else if (identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) {
+
+            if (oaParam.getBusinessService()) {
+
+                String bpkBase64 = new BPKBuilder().buildWBPK(identityLink
+                        .getIdentificationValue(), oaParam.getIdentityLinkDomainIdentifier());
+                identificationValue = bpkBase64;
+
+                if (oaParam.getIdentityLinkDomainIdentifier().startsWith(Constants.URN_PREFIX_WBPK + "+"))
+                    identificationType = oaParam.getIdentityLinkDomainIdentifier();
+                else
+                    identificationType = Constants.URN_PREFIX_WBPK + "+" + oaParam.getIdentityLinkDomainIdentifier();
+
+            } else {
+                String bpkBase64 = new BPKBuilder().buildBPK(identityLink
+                        .getIdentificationValue(), session.getTarget());
+                identificationValue = bpkBase64;
+                identificationType = Constants.URN_PREFIX_CDID + "+" + session.getTarget();
+            }
+
+
+        } else {
+            identificationValue = identityLink.getIdentificationValue();
+            identificationType = identityLink.getIdentificationType();
+
+        }
+
+        String issueInstant = DateTimeUtils.buildDateTimeUTC(Calendar
+                .getInstance());
+        session.setIssueInstant(issueInstant);
+        String authURL = session.getAuthURL();
+        String target = session.getTarget();
+        String targetFriendlyName = session.getTargetFriendlyName();
+
+        // Bug #485
+        // (https://egovlabs.gv.at/tracker/index.php?func=detail&aid=485&group_id=6&atid=105)
+        // String oaURL = session.getPublicOAURLPrefix();
+
+        List<ExtendedSAMLAttribute> extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH();
+
+
+        if (session.isSsoRequested()) {
+            String oaURL = new String();
+            try {
+                oaURL = AuthConfigurationProvider.getInstance().getPublicURLPrefix();
+
+                if (MiscUtil.isNotEmpty(oaURL))
+                    oaURL = oaURL.replaceAll("&", "&amp;");
+
+            } catch (ConfigurationException e) {
+            }
+            String authBlock = new AuthenticationBlockAssertionBuilder()
+                    .buildAuthBlockSSO(issuer, issueInstant, authURL, target,
+                            targetFriendlyName, identificationValue,
+                            identificationType, oaURL, gebDat,
+                            extendedSAMLAttributes, session, oaParam);
+            return authBlock;
+
+        } else {
+            String oaURL = session.getPublicOAURLPrefix().replaceAll("&", "&amp;");
+            String authBlock = new AuthenticationBlockAssertionBuilder()
+                    .buildAuthBlock(issuer, issueInstant, authURL, target,
+                            targetFriendlyName, identificationValue,
+                            identificationType, oaURL, gebDat,
+                            extendedSAMLAttributes, session, oaParam);
+            return authBlock;
+        }
+    }
+
+
+    /**
+     * Verifies the infoboxes (except of the identity link infobox) returned by
+     * the BKU by calling appropriate validator classes.
+     *
+     * @param session The actual authentication session.
+     * @param mandate The Mandate from the MIS
+     * @throws AuthenticationException
+     * @throws ConfigurationException
+     * @throws TransformerException
+     * @throws ParserConfigurationException
+     * @throws IOException
+     * @throws SAXException
+     */
+    private void validateExtendedSAMLAttributeForMandates(
+            AuthenticationSession session, MISMandate mandate,
+            boolean business)
+            throws ValidateException, ConfigurationException, SAXException,
+            IOException, ParserConfigurationException, TransformerException {
+
+        ExtendedSAMLAttribute[] extendedSAMLAttributes = addExtendedSamlAttributes(
+                mandate, business, false);
+
+        int length = extendedSAMLAttributes.length;
+        for (int i = 0; i < length; i++) {
+            ExtendedSAMLAttribute samlAttribute = extendedSAMLAttributes[i];
+
+            verifySAMLAttribute(samlAttribute, i, "MISService",
+                    "MISService");
+
+        }
+    }
+
+    /**
+     * Verifies the infoboxes (except of the identity link infobox) returned by
+     * the BKU by calling appropriate validator classes.
+     *
+     * @param session The actual authentication session.
+     * @param mandate The Mandate from the MIS
+     * @throws AuthenticationException
+     * @throws ConfigurationException
+     * @throws TransformerException
+     * @throws ParserConfigurationException
+     * @throws IOException
+     * @throws SAXException
+     */
+    private void setExtendedSAMLAttributeForMandatesOID(
+            AuthenticationSession session, MISMandate mandate, boolean business)
+            throws ValidateException, ConfigurationException, SAXException,
+            IOException, ParserConfigurationException, TransformerException {
+
+        ExtendedSAMLAttribute[] extendedSamlAttributes = addExtendedSamlAttributesOID(
+                mandate, business);
+
+        AddAdditionalSAMLAttributes(session, extendedSamlAttributes,
+                "MISService", "MISService");
+
+    }
+
+    /**
+     * Adds given SAML Attributes to the current session. They will be appended
+     * to the final SAML Assertion or the AUTH block. If the attributes are
+     * already in the list, they will be replaced.
+     *
+     * @param session                The current session
+     * @param extendedSAMLAttributes The SAML attributes to add
+     * @param identifier             The infobox identifier for debug purposes
+     * @param friendlyNam            The friendly name of the infobox for debug purposes
+     */
+    private static void AddAdditionalSAMLAttributes(
+            AuthenticationSession session,
+            ExtendedSAMLAttribute[] extendedSAMLAttributes, String identifier,
+            String friendlyName) throws ValidateException {
+        if (extendedSAMLAttributes == null)
+            return;
+        List<ExtendedSAMLAttribute> oaAttributes = session.getExtendedSAMLAttributesOA();
+        if (oaAttributes == null)
+            oaAttributes = new Vector<ExtendedSAMLAttribute>();
+        List<ExtendedSAMLAttribute> authAttributes = session.getExtendedSAMLAttributesAUTH();
+        if (authAttributes == null)
+            authAttributes = new Vector<ExtendedSAMLAttribute>();
+        int length = extendedSAMLAttributes.length;
+        for (int i = 0; i < length; i++) {
+            ExtendedSAMLAttribute samlAttribute = extendedSAMLAttributes[i];
+
+            Object value = verifySAMLAttribute(samlAttribute, i, identifier,
+                    friendlyName);
+
+            if ((value instanceof String) || (value instanceof Element)) {
+                switch (samlAttribute.getAddToAUTHBlock()) {
+                    case ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY:
+                        replaceExtendedSAMLAttribute(authAttributes, samlAttribute);
+                        break;
+                    case ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK:
+                        replaceExtendedSAMLAttribute(authAttributes, samlAttribute);
+                        replaceExtendedSAMLAttribute(oaAttributes, samlAttribute);
+                        break;
+                    case ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK:
+                        replaceExtendedSAMLAttribute(oaAttributes, samlAttribute);
+                        break;
+                    default:
+                        Logger
+                                .info("Invalid return value from method \"getAddToAUTHBlock()\" ("
+                                        + samlAttribute.getAddToAUTHBlock()
+                                        + ") in SAML attribute number "
+                                        + (i + 1)
+                                        + " for infobox " + identifier);
+                        throw new ValidateException("validator.47", new Object[]{
+                                friendlyName, String.valueOf((i + 1))});
+                }
+            } else {
+                Logger
+                        .info("The type of SAML-Attribute number "
+                                + (i + 1)
+                                + " returned from "
+                                + identifier
+                                + "-infobox validator is not valid. Must be either \"java.Lang.String\""
+                                + " or \"org.w3c.dom.Element\"");
+                throw new ValidateException("validator.46", new Object[]{
+                        identifier, String.valueOf((i + 1))});
+            }
+        }
+        session.setExtendedSAMLAttributesAUTH(authAttributes);
+        session.setExtendedSAMLAttributesOA(oaAttributes);
+    }
+
+    /**
+     * Adds the AUTH block related SAML attributes to the validation result.
+     * This is needed always before the AUTH block is to be signed, because the
+     * name of the mandator has to be set
+     *
+     * @throws ParserConfigurationException
+     * @throws IOException
+     * @throws SAXException
+     * @throws TransformerException
+     */
+
+    protected static ExtendedSAMLAttribute[] addExtendedSamlAttributes(
+            MISMandate mandate, boolean business, boolean provideStammzahl)
+            throws SAXException, IOException, ParserConfigurationException,
+            TransformerException {
+        Vector<ExtendedSAMLAttribute> extendedSamlAttributes = new Vector<ExtendedSAMLAttribute>();
+
+        extendedSamlAttributes.clear();
+
+        // Name
+        Element domMandate = mandateToElement(mandate);
+        Element nameSpaceNode = domMandate.getOwnerDocument().createElement(
+                "NameSpaceNode");
+        nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX,
+                Constants.PD_NS_URI);
+        nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.MANDATE_POSTFIX,
+                SZRGWConstants.MANDATE_NS);
+
+        Element mandator = (Element) XPathAPI.selectSingleNode(domMandate,
+                "//md:Mandate/md:Mandator", nameSpaceNode);
+
+        // Mandate
+        extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
+                EXT_SAML_MANDATE_RAW, domMandate,
+                SZRGWConstants.MANDATE_NS,
+                ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
+
+        // (w)bpk
+        String wbpk = ParepUtils.extractMandatorWbpk(mandator);
+        if (!ParepUtils.isEmpty(wbpk)) {
+            if (!ParepUtils.isPhysicalPerson(mandator)) {
+                String idType = ParepUtils
+                        .extractMandatorIdentificationType(mandator);
+                if (!ParepUtils.isEmpty(idType)
+                        && idType.startsWith(Constants.URN_PREFIX_BASEID)) {
+                    extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
+                            EXT_SAML_MANDATE_CB_BASE_ID,
+                            ParepUtils.getRegisterString(idType) + ": " + wbpk,
+                            SZRGWConstants.MANDATE_NS,
+                            ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY));
+                }
+            } else if (business) {
+                extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
+                        EXT_SAML_MANDATE_WBPK, wbpk,
+                        SZRGWConstants.MANDATE_NS,
+                        ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY));
+            }
+        }
+
+        ExtendedSAMLAttribute[] ret = new ExtendedSAMLAttribute[extendedSamlAttributes
+                .size()];
+        extendedSamlAttributes.copyInto(ret);
+        Logger.debug("ExtendedSAML Attributes: " + ret.length);
+        return ret;
+
+    }
+
+    /**
+     * Adds the AUTH block related SAML attributes to the validation result.
+     * This is needed always before the AUTH block is to be signed, because the
+     * name of the mandator has to be set
+     *
+     * @throws ParserConfigurationException
+     * @throws IOException
+     * @throws SAXException
+     * @throws TransformerException
+     */
+    private static ExtendedSAMLAttribute[] addExtendedSamlAttributesOID(
+            MISMandate mandate, boolean business) throws SAXException,
+            IOException, ParserConfigurationException, TransformerException {
+
+        Vector<ExtendedSAMLAttribute> extendedSamlAttributes = new Vector<ExtendedSAMLAttribute>();
+
+        extendedSamlAttributes.clear();
+
+        // RepresentationType
+        extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
+                EXT_SAML_MANDATE_REPRESENTATIONTYPE,
+                EXT_SAML_MANDATE_REPRESENTATIONTEXT,
+                SZRGWConstants.MANDATE_NS,
+                ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
+
+        String oid = mandate.getProfRep();
+
+        if (oid != null) {
+            extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
+                    EXT_SAML_MANDATE_OID, oid,
+                    SZRGWConstants.MANDATE_NS,
+                    ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
+            String oidDescription = mandate.getTextualDescriptionOfOID();
+            extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
+                    EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION,
+                    oidDescription, SZRGWConstants.MANDATE_NS,
+                    ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
+
+        }
+
+        ExtendedSAMLAttribute[] ret = new ExtendedSAMLAttribute[extendedSamlAttributes
+                .size()];
+        extendedSamlAttributes.copyInto(ret);
+        Logger.debug("ExtendedSAML Attributes: " + ret.length);
+        return ret;
+
+    }
+
+    /**
+     * @param mandate
+     * @return
+     * @throws ParserConfigurationException
+     * @throws IOException
+     * @throws SAXException
+     */
+    private static Element mandateToElement(MISMandate mandate)
+            throws SAXException, IOException, ParserConfigurationException {
+        ByteArrayInputStream bais = new ByteArrayInputStream(mandate
+                .getMandate());
+        Document doc = DOMUtils.parseDocumentSimple(bais);
+        return doc.getDocumentElement();
+    }
+
+    protected static void replaceExtendedSAMLAttribute(List<ExtendedSAMLAttribute> attributes,
+                                                       ExtendedSAMLAttribute samlAttribute) {
+        if (null == attributes) {
+            attributes = new Vector<ExtendedSAMLAttribute>();
+        } else {
+            String id = samlAttribute.getName();
+            int length = attributes.size();
+            for (int i = 0; i < length; i++) {
+                ExtendedSAMLAttribute att = (ExtendedSAMLAttribute) attributes
+                        .get(i);
+                if (id.equals(att.getName())) {
+                    // replace attribute
+                    attributes.set(i, samlAttribute);
+                    return;
+                }
+            }
+            attributes.add(samlAttribute);
+        }
+    }
+
+    /**
+     * Processes a <code>&lt;CreateXMLSignatureResponse&gt;</code> sent by the
+     * security layer implementation.<br>
+     * <ul>
+     * <li>Validates given <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
+     * <li>Parses <code>&lt;CreateXMLSignatureResponse&gt;</code> for error
+     * codes</li>
+     * <li>Parses authentication block enclosed in
+     * <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
+     * <li>Verifies authentication block by calling the MOA SP component</li>
+     * <li>Creates authentication data</li>
+     * <li>Creates a corresponding SAML artifact</li>
+     * <li>Stores authentication data in the authentication data store indexed
+     * by the SAML artifact</li>
+     * <li>Deletes authentication session</li>
+     * <li>Returns the SAML artifact, encoded BASE64</li>
+     * </ul>
+     *
+     * @param sessionID                         session ID of the running authentication session
+     * @param xmlCreateXMLSignatureReadResponse String representation of the
+     *                                          <code>&lt;CreateXMLSignatureResponse&gt;</code>
+     * @return SAML artifact needed for retrieving authentication data, encoded
+     * BASE64
+     * @throws BKUException
+     */
+    public String verifyAuthenticationBlock(AuthenticationSession session,
+                                            String xmlCreateXMLSignatureReadResponse)
+            throws AuthenticationException, BuildException, ParseException,
+            ConfigurationException, ServiceException, ValidateException, BKUException {
+
+        if (session == null)
+            throw new AuthenticationException("auth.10", new Object[]{
+                    REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID});
+        if (isEmpty(xmlCreateXMLSignatureReadResponse))
+            throw new AuthenticationException("auth.10", new Object[]{
+                    REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE});
+
+        AuthConfigurationProvider authConf = AuthConfigurationProvider
+                .getInstance();
+        // parses <CreateXMLSignatureResponse>
+        CreateXMLSignatureResponse csresp = new CreateXMLSignatureResponseParser(
+                xmlCreateXMLSignatureReadResponse).parseResponse();
+
+        try {
+            String serializedAssertion = DOMUtils.serializeNode(csresp
+                    .getSamlAssertion());
+            session.setAuthBlock(serializedAssertion);
+        } catch (TransformerException e) {
+            throw new ParseException("parser.04", new Object[]{
+                    REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE});
+        } catch (IOException e) {
+            throw new ParseException("parser.04", new Object[]{
+                    REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE});
+        }
+        // validates <CreateXMLSignatureResponse>
+        if (session.isSsoRequested())
+            new CreateXMLSignatureResponseValidator().validateSSO(csresp, session);
+        else
+            new CreateXMLSignatureResponseValidator().validate(csresp, session);
+
+        // builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call
+        List<String> vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs();
+        String tpid = authConf.getMoaSpAuthBlockTrustProfileID();
+        Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp,
+                vtids, tpid);
+        // debug output
+
+        // invokes the call
+        Element domVsresp = new SignatureVerificationInvoker()
+                .verifyXMLSignature(domVsreq);
+        // debug output
+
+        // parses the <VerifyXMLSignatureResponse>
+        VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser(
+                domVsresp).parseData();
+
+        if (Logger.isTraceEnabled()) {
+            if (domVsresp != null) {
+                try {
+                    String xmlVerifyXMLSignatureResponse = DOMUtils
+                            .serializeNode(domVsresp, true);
+                    Logger.trace(new LogMsg(xmlCreateXMLSignatureReadResponse));
+                    Logger.trace(new LogMsg(xmlVerifyXMLSignatureResponse));
+                } catch (Throwable t) {
+                    t.printStackTrace();
+                    Logger.info(new LogMsg(t.getStackTrace()));
+                }
+            }
+        }
+
+        // validates the <VerifyXMLSignatureResponse>
+        VerifyXMLSignatureResponseValidator.getInstance().validate(vsresp,
+                null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK,
+                false);
+
+        // Compare AuthBlock Data with information stored in session, especially
+        // date and time
+        CreateXMLSignatureResponseValidator.getInstance().validateSigningDateTime(csresp);
+
+        // compares the public keys from the identityLink with the AuthBlock
+        VerifyXMLSignatureResponseValidator.getInstance().validateCertificate(
+                vsresp, session.getIdentityLink());
+
+        // post processing of the infoboxes
+        Iterator iter = session.getInfoboxValidatorIterator();
+        boolean formpending = false;
+        if (iter != null) {
+            while (!formpending && iter.hasNext()) {
+                Vector infoboxValidatorVector = (Vector) iter.next();
+                String identifier = (String) infoboxValidatorVector.get(0);
+                String friendlyName = (String) infoboxValidatorVector.get(1);
+                InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector
+                        .get(2);
+                InfoboxValidationResult infoboxValidationResult = null;
+                try {
+                    infoboxValidationResult = infoboxvalidator.validate(csresp
+                            .getSamlAssertion());
+                } catch (ValidateException e) {
+                    Logger.error("Error validating " + identifier + " infobox:"
+                            + e.getMessage());
+                    throw new ValidateException("validator.44",
+                            new Object[]{friendlyName});
+                }
+                if (!infoboxValidationResult.isValid()) {
+                    Logger.info("Validation of " + identifier
+                            + " infobox failed.");
+                    throw new ValidateException("validator.40", new Object[]{
+                            friendlyName,
+                            infoboxValidationResult.getErrorMessage()});
+                }
+                String form = infoboxvalidator.getForm();
+                if (ParepUtils.isEmpty(form)) {
+                    AddAdditionalSAMLAttributes(
+                            session,
+                            infoboxValidationResult.getExtendedSamlAttributes(),
+                            identifier, friendlyName);
+                } else {
+                    return "Redirect to Input Processor";
+                }
+            }
+        }
+
+        session.setXMLVerifySignatureResponse(vsresp);
+        session.setSignerCertificate(vsresp.getX509certificate());
+        vsresp.setX509certificate(null);
+        session.setForeigner(false);
+
+        if (session.getUseMandate()) {
+            // mandate mode
+            return null;
+
+        } else {
+
+            session.setAuthenticatedUsed(false);
+            session.setAuthenticated(true);
+
+            //set QAA Level four in case of card authentifcation
+            session.setQAALevel(PVPConstants.STORK_QAA_1_4);
+
+
+            String oldsessionID = session.getSessionID();
+
+            //Session is implicte stored in changeSessionID!!!
+            String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session);
+
+            Logger.info("Changed MOASession " + oldsessionID + " to Session " + newMOASessionID);
+            Logger.info("Daten angelegt zu MOASession " + newMOASessionID);
+
+            return newMOASessionID;
+        }
+    }
+
+    /**
+     * Processes a <code>&lt;CreateXMLSignatureResponse&gt;</code> sent by the
+     * security layer implementation.<br>
+     * <ul>
+     * <li>Validates given <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
+     * <li>Parses <code>&lt;CreateXMLSignatureResponse&gt;</code> for error
+     * codes</li>
+     * <li>Parses authentication block enclosed in
+     * <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
+     * <li>Verifies authentication block by calling the MOA SP component</li>
+     * <li>Creates authentication data</li>
+     * <li>Creates a corresponding SAML artifact</li>
+     * <li>Stores authentication data in the authentication data store indexed
+     * by the SAML artifact</li>
+     * <li>Deletes authentication session</li>
+     * <li>Returns the SAML artifact, encoded BASE64</li>
+     * </ul>
+     *
+     * @param sessionID                         session ID of the running authentication session
+     * @param xmlCreateXMLSignatureReadResponse String representation of the
+     *                                          <code>&lt;CreateXMLSignatureResponse&gt;</code>
+     * @return SAML artifact needed for retrieving authentication data, encoded
+     * BASE64
+     */
+
+    protected Element createIdentificationBPK(Element mandatePerson,
+                                              String baseid, String target) throws BuildException {
+        Element identificationBpK = mandatePerson.getOwnerDocument()
+                .createElementNS(Constants.PD_NS_URI, "Identification");
+        Element valueBpK = mandatePerson.getOwnerDocument().createElementNS(
+                Constants.PD_NS_URI, "Value");
+
+        String bpkBase64 = new BPKBuilder().buildBPK(baseid, target);
+        valueBpK.appendChild(mandatePerson.getOwnerDocument().createTextNode(
+                bpkBase64));
+        Element typeBpK = mandatePerson.getOwnerDocument().createElementNS(
+                Constants.PD_NS_URI, "Type");
+        typeBpK.appendChild(mandatePerson.getOwnerDocument().createTextNode(
+                "urn:publicid:gv.at:cdid+bpk"));
+        identificationBpK.appendChild(valueBpK);
+        identificationBpK.appendChild(typeBpK);
+
+        return identificationBpK;
+
+    }
+
+    protected String getBaseId(Element mandatePerson)
+            throws TransformerException, IOException {
+        NodeList list = mandatePerson.getElementsByTagNameNS(
+                Constants.PD_NS_URI, "Identification");
+        for (int i = 0; i < list.getLength(); i++) {
+            Element identification = (Element) list.item(i);
+            Element type = (Element) identification.getElementsByTagNameNS(
+                    Constants.PD_NS_URI, "Type").item(0);
+            if (type.getTextContent().compareToIgnoreCase(
+                    "urn:publicid:gv.at:baseid") == 0) {
+                Element value = (Element) identification
+                        .getElementsByTagNameNS(Constants.PD_NS_URI, "Value")
+                        .item(0);
+                return value.getTextContent();
+            }
+        }
+        return null;
+
+    }
+
+    /**
+     * Gets the foreign authentication data.<br>
+     * <ul>
+     * <li>Creates authentication data</li>
+     * <li>Creates a corresponding SAML artifact</li>
+     * <li>Stores authentication data in the authentication data store indexed
+     * by the SAML artifact</li>
+     * <li>Deletes authentication session</li>
+     * <li>Returns the SAML artifact, encoded BASE64</li>
+     * </ul>
+     *
+     * @param sessionID session ID of the running authentication session
+     * @return SAML artifact needed for retrieving authentication data, encoded
+     * BASE64
+     */
+    public String getForeignAuthenticationData(AuthenticationSession session)
+            throws AuthenticationException, BuildException, ParseException,
+            ConfigurationException, ServiceException, ValidateException {
+
+        if (session == null)
+            throw new AuthenticationException("auth.10", new Object[]{
+                    REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID});
+
+        // post processing of the infoboxes
+        Iterator iter = session.getInfoboxValidatorIterator();
+        boolean formpending = false;
+        if (iter != null) {
+            while (!formpending && iter.hasNext()) {
+                Vector infoboxValidatorVector = (Vector) iter.next();
+                String identifier = (String) infoboxValidatorVector.get(0);
+                String friendlyName = (String) infoboxValidatorVector.get(1);
+                InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector
+                        .get(2);
+                InfoboxValidationResult infoboxValidationResult = null;
+                try {
+                    infoboxValidationResult = infoboxvalidator.validate(session
+                            .getIdentityLink().getSamlAssertion());
+                } catch (ValidateException e) {
+                    Logger.error("Error validating " + identifier + " infobox:"
+                            + e.getMessage());
+                    throw new ValidateException("validator.44",
+                            new Object[]{friendlyName});
+                }
+                if (!infoboxValidationResult.isValid()) {
+                    Logger.info("Validation of " + identifier
+                            + " infobox failed.");
+                    throw new ValidateException("validator.40", new Object[]{
+                            friendlyName,
+                            infoboxValidationResult.getErrorMessage()});
+                }
+                String form = infoboxvalidator.getForm();
+                if (ParepUtils.isEmpty(form)) {
+                    AddAdditionalSAMLAttributes(
+                            session,
+                            infoboxValidationResult.getExtendedSamlAttributes(),
+                            identifier, friendlyName);
+                } else {
+                    return "Redirect to Input Processor";
+                }
+            }
+        }
+
+        VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponse();
+        X509Certificate cert = session.getSignerCertificate();
+        vsresp.setX509certificate(cert);
+
+        session.setAuthenticatedUsed(false);
+        session.setAuthenticated(true);
+
+
+        session.setXMLVerifySignatureResponse(vsresp);
+        session.setSignerCertificate(vsresp.getX509certificate());
+        vsresp.setX509certificate(null);
+        session.setForeigner(true);
+
+        //TODO: regenerate MOASession ID!
+        return "new Session";
+    }
+
+    /**
+     * Builds the AuthenticationData object together with the corresponding
+     * <code>&lt;saml:Assertion&gt;</code>
+     *
+     * @param session          authentication session
+     * @param verifyXMLSigResp VerifyXMLSignatureResponse from MOA-SP
+     * @param useUTC           uses correct UTC time format
+     * @param useUTC           indicates that authenticated citizen is a foreigner
+     * @param isForeigner      indicates whether Austrian (false) or foreigner (true) authenticates
+     * @return AuthenticationData object
+     * @throws ConfigurationException while accessing configuration data
+     * @throws BuildException         while building the <code>&lt;saml:Assertion&gt;</code>
+     */
+    public static AuthenticationData buildAuthenticationData(
+            AuthenticationSession session, OAAuthParameter oaParam, String target)
+            throws ConfigurationException, BuildException {
+
+        IdentityLink identityLink = session.getIdentityLink();
+        AuthenticationData authData = new AuthenticationData();
+
+        VerifyXMLSignatureResponse verifyXMLSigResp = session.getXMLVerifySignatureResponse();
+
+        boolean businessService = oaParam.getBusinessService();
+
+        authData.setMajorVersion(1);
+        authData.setMinorVersion(0);
+        authData.setAssertionID(Random.nextRandom());
+        authData.setIssuer(session.getAuthURL());
+
+        authData.setIssueInstant(DateTimeUtils.buildDateTimeUTC(Calendar
+                .getInstance()));
+
+        //baseID or wbpk in case of BusinessService without SSO or BusinessService SSO
+        authData.setIdentificationValue(identityLink.getIdentificationValue());
+        authData.setIdentificationType(identityLink.getIdentificationType());
+
+        authData.setGivenName(identityLink.getGivenName());
+        authData.setFamilyName(identityLink.getFamilyName());
+        authData.setDateOfBirth(identityLink.getDateOfBirth());
+        authData.setQualifiedCertificate(verifyXMLSigResp
+                .isQualifiedCertificate());
+        authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority());
+        authData.setPublicAuthorityCode(verifyXMLSigResp
+                .getPublicAuthorityCode());
+        authData.setBkuURL(session.getBkuURL());
+
+        try {
+
+            if (session.getUseMandate() && session.isOW()) {
+                MISMandate mandate = session.getMISMandate();
+                authData.setBPK(mandate.getOWbPK());
+                authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + "OW");
+                authData.setIdentityLink(identityLink);
+
+                Logger.trace("Authenticated User is OW: " + mandate.getOWbPK());
+
+            } else {
+
+                if (businessService) {
+                    //since we have foreigner, wbPK is not calculated in BKU
+                    if (identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) {
+
+                        String registerAndOrdNr = oaParam.getIdentityLinkDomainIdentifier();
+
+                        if (registerAndOrdNr.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_)) {
+                            // If domainIdentifier starts with prefix
+                            // "urn:publicid:gv.at:wbpk+"; remove this prefix
+                            registerAndOrdNr = registerAndOrdNr
+                                    .substring(AuthenticationSession.REGISTERANDORDNR_PREFIX_.length());
+                            Logger.debug("Register and ordernumber prefix stripped off; resulting register string: "
+                                    + registerAndOrdNr);
+                        }
+
+                        String wbpkBase64 = new BPKBuilder().buildWBPK(identityLink.getIdentificationValue(), registerAndOrdNr);
+                        authData.setBPK(wbpkBase64);
+                        authData.setBPKType(Constants.URN_PREFIX_WBPK + "+" + registerAndOrdNr);
+
+                    } else {
+                        authData.setBPK(identityLink.getIdentificationValue());
+                        authData.setBPKType(identityLink.getIdentificationType());
+
+                    }
+
+                    Logger.trace("Authenticate user with wbPK " + authData.getBPK());
+
+                    Element idlassertion = session.getIdentityLink().getSamlAssertion();
+                    //set bpk/wpbk;
+                    Node prIdentification = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH);
+                    prIdentification.getFirstChild().setNodeValue(authData.getBPK());
+                    //set bkp/wpbk type
+                    Node prIdentificationType = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_IDENT_TYPE_XPATH);
+                    prIdentificationType.getFirstChild().setNodeValue(authData.getBPKType());
+
+                    IdentityLinkAssertionParser idlparser = new IdentityLinkAssertionParser(idlassertion);
+                    IdentityLink idl = idlparser.parseIdentityLink();
+                    authData.setIdentityLink(idl);
+
+                } else {
+
+                    if (identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) {
+                        // only compute bPK if online application is a public service and we have the Stammzahl
+                        String bpkBase64 = new BPKBuilder().buildBPK(identityLink.getIdentificationValue(), target);
+                        authData.setBPK(bpkBase64);
+                        authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + oaParam.getTarget());
+                    }
+
+                    Logger.trace("Authenticate user with bPK " + authData.getBPK());
+
+                    authData.setIdentityLink(identityLink);
+                }
+            }
+
+            return authData;
+
+        } catch (Throwable ex) {
+            throw new BuildException("builder.00", new Object[]{
+                    "AuthenticationData", ex.toString()}, ex);
+        }
+    }
+
+    /**
+     * Retrieves a session from the session store.
+     *
+     * @param id session ID
+     * @return <code>AuthenticationSession</code> stored with given session ID,
+     * <code>null</code> if session ID unknown
+     */
+    public static AuthenticationSession getSession(String id)
+            throws AuthenticationException {
+
+        AuthenticationSession session;
+        try {
+            session = AuthenticationSessionStoreage.getSession(id);
+
+            if (session == null)
+                throw new AuthenticationException("auth.02", new Object[]{id});
+            return session;
+
+        } catch (MOADatabaseException e) {
+            throw new AuthenticationException("parser.04", new Object[]{id});
+        }
+    }
+
+    /**
+     * Cleans up expired session and authentication data stores.
+     */
+    public void cleanup() {
+        long now = new Date().getTime();
+
+        //clean AuthenticationSessionStore
+
+        AuthenticationSessionStoreage.clean(now, sessionTimeOutCreated, sessionTimeOutUpdated);
+
+        //clean AssertionStore
+        AssertionStorage assertionstore = AssertionStorage.getInstance();
+        assertionstore.clean(now, authDataTimeOut);
+
+        //clean ExeptionStore
+        DBExceptionStoreImpl exstore = DBExceptionStoreImpl.getStore();
+        exstore.clean(now, authDataTimeOut);
+
+    }
+
+    /**
+     * Sets the sessionTimeOut.
+     *
+     * @param seconds Time out of the session in seconds
+     */
+    public void setSecondsSessionTimeOutCreated(long seconds) {
+        sessionTimeOutCreated = seconds * 1000;
+    }
+
+    public void setSecondsSessionTimeOutUpdated(long seconds) {
+        sessionTimeOutUpdated = seconds * 1000;
+    }
+
+    /**
+     * Sets the authDataTimeOut.
+     *
+     * @param seconds Time out for signing AuthData in seconds
+     */
+    public void setSecondsAuthDataTimeOut(long seconds) {
+        authDataTimeOut = seconds * 1000;
+    }
+
+    /**
+     * Checks a parameter.
+     *
+     * @param param parameter
+     * @return true if the parameter is null or empty
+     */
+    private boolean isEmpty(String param) {
+        return param == null || param.length() == 0;
+    }
+
+    /**
+     * Checks the correctness of SAML attributes and returns its value.
+     *
+     * @param param        samlAttribute
+     * @param i            the number of the verified attribute for messages
+     * @param identifier   the infobox identifier for messages
+     * @param friendlyname the friendly name of the infobox for messages
+     * @return the SAML attribute value (Element or String)
+     */
+    protected static Object verifySAMLAttribute(
+            ExtendedSAMLAttribute samlAttribute, int i, String identifier,
+            String friendlyName) throws ValidateException {
+        String name = samlAttribute.getName();
+
+        if (name == null) {
+            Logger.info("The name of SAML-Attribute number " + (i + 1)
+                    + " returned from " + identifier
+                    + "-infobox validator is null.");
+            throw new ValidateException("validator.45", new Object[]{
+                    friendlyName, "Name", String.valueOf((i + 1)), "null"});
+        }
+        if (name == "") {
+            Logger.info("The name of SAML-Attribute number " + (i + 1)
+                    + " returned from " + identifier
+                    + "-infobox validator is empty.");
+            throw new ValidateException("validator.45", new Object[]{
+                    friendlyName, "Name", String.valueOf((i + 1)), "leer"});
+        }
+        if (samlAttribute.getNameSpace() == null) {
+            Logger.info("The namespace of SAML-Attribute number " + (i + 1)
+                    + " returned from " + identifier
+                    + "-infobox validator is null.");
+            throw new ValidateException("validator.45",
+                    new Object[]{friendlyName, "Namespace",
+                            String.valueOf((i + 1)), "null"});
+        }
+        Object value = samlAttribute.getValue();
+        if (value == null) {
+            Logger.info("The value of SAML-Attribute number " + (i + 1)
+                    + " returned from " + identifier
+                    + "-infobox validator is null.");
+            throw new ValidateException("validator.45", new Object[]{
+                    friendlyName, "Wert", String.valueOf((i + 1)), "null"});
+        }
+
+        return value;
+    }
+
+    /**
+     * Does the request to the SZR-GW
+     *
+     * @param oaFriendlyName
+     * @param signature      XMLDSIG signature
+     * @return Identity link assertion
+     * @throws SZRGWClientException
+     */
+
+    public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String gender, String citizenSignature, String represented, String representative, String mandateContent, String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, String filters) throws SZRGWClientException {
+
+        try {
+            AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance();
+            ConnectionParameter connectionParameters = authConf.getForeignIDConnectionParameter();
+
+            SZRGWClient client = new SZRGWClient(connectionParameters);
+
+
+            CreateIdentityLinkRequest request = new CreateIdentityLinkRequest();
+            request.setSignature(citizenSignature.getBytes());
+
+            PEPSData data = new PEPSData();
+            data.setDateOfBirth(PEPSDateOfBirth);
+            data.setFamilyname(PEPSFamilyname);
+            data.setFirstname(PEPSFirstname);
+            data.setIdentifier(PEPSIdentifier);
+
+            data.setRepresentative(representative);
+            data.setRepresented(represented);
+            data.setMandateContent(mandateContent);
+
+            data.setLegalPersonCanonicalRegisteredAddress(organizationAddress);
+            data.setLegalPersonTranslatableType(organizationType);
+
+            if (null != mandateContent) {
+                MISType mis = new MISType();
+
+                Target targetObject = new Target();
+                targetObject.setType(targetType);
+                targetObject.setValue(targetValue);
+                mis.setTarget(targetObject);
+
+                mis.setOAFriendlyName(oaFriendlyName);
+
+                Filters filterObject = new Filters();
+                MandateIdentifiers mandateIds = new MandateIdentifiers();
+                for (String current : filters.split(","))
+                    mandateIds.getMandateIdentifier().add(current.trim());
+                filterObject.setMandateIdentifiers(mandateIds);
+                mis.setFilters(filterObject);
+
+                request.setMIS(mis);
+            }
+
+            Logger.info("Starte Kommunikation mit dem Stammzahlenregister Gateway(" + connectionParameters.getUrl() + ")...");
+            CreateIdentityLinkResponse response = client.sentCreateIDLRequest(request, connectionParameters.getUrl());
+            return response;
+
+        } catch (ConfigurationException e) {
+            Logger.warn(e);
+            Logger.warn(MOAIDMessageProvider.getInstance().getMessage("config.12", null));
+        }
+
+        return null;
+
+    }
+
+    /**
+     * Does the request to the SZR-GW.
+     *
+     * @param signature the signature
+     * @return the identity link
+     * @throws SZRGWClientException   the sZRGW client exception
+     * @throws ConfigurationException the configuration exception
+     */
+    public CreateIdentityLinkResponse getIdentityLink(Element signature) throws SZRGWClientException, ConfigurationException {
+        return getIdentityLink(null, null, null, null, XMLHelper.nodeToString(signature));
+    }
+
+    /**
+     * Does the request to the SZR-GW.
+     *
+     * @param PEPSIdentifier  the pEPS identifier
+     * @param PEPSFirstname   the pEPS firstname
+     * @param PEPSFamilyname  the pEPS familyname
+     * @param PEPSDateOfBirth the pEPS date of birth
+     * @param signature       XMLDSIG signature
+     * @return Identity link assertion
+     * @throws SZRGWClientException   the sZRGW client exception
+     * @throws ConfigurationException the configuration exception
+     */
+    public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String signature) throws SZRGWClientException {
+        return getIdentityLink(PEPSIdentifier, PEPSFirstname, PEPSFamilyname, PEPSDateOfBirth, null, signature, null, null, null, null, null, null, null);
+    }
+
+    /**
+     * Gets the identity link.
+     *
+     * @param citizenSignature    the citizen signature
+     * @param representative      the representative
+     * @param represented         the represented
+     * @param mandate             the mandate
+     * @param organizationAddress the organization address
+     * @param organizationType    the organization type
+     * @return the identity link
+     * @throws SZRGWClientException
+     */
+    public CreateIdentityLinkResponse getIdentityLink(String citizenSignature,
+                                                      String representative, String represented, String mandateContent,
+                                                      String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, String filters) throws SZRGWClientException {
+        return getIdentityLink(null, null, null, null, null,
+                citizenSignature, represented, representative, mandateContent, organizationAddress,
+                organizationType, targetType, targetValue, oaFriendlyName, filters);
+    }
+
+    /**
+     * SZR-GW Client interface.
+     *
+     * @param eIdentifier      the e identifier
+     * @param givenName        the given name
+     * @param lastName         the last name
+     * @param dateOfBirth      the date of birth
+     * @param citizenSignature the citizen signature
+     * @param representative   the representative
+     * @param represented      the represented
+     * @param mandate          the mandate
+     * @return the identity link
+     * @throws SZRGWClientException the sZRGW client exception
+     */
+    public CreateIdentityLinkResponse getIdentityLink(String eIdentifier,
+                                                      String givenName, String lastName, String dateOfBirth, String gender,
+                                                      String citizenSignature, String representative, String represented,
+                                                      String mandate, String targetType, String targetValue, String oaFriendlyName, String filters) throws SZRGWClientException {
+        return getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, gender,
+                citizenSignature, representative, represented, mandate, null,
+                null, targetType, targetValue, oaFriendlyName, filters);
+    }
+
+    /**
+     * Starts a MOA-ID authentication process using STORK
+     *
+     * @param req                HttpServletRequest
+     * @param resp               HttpServletResponse
+     * @param ccc                Citizen country code
+     * @param oaURL              URL of the online application
+     * @param target             Target parameter
+     * @param targetFriendlyName Friendly Name of Target
+     * @param authURL            Authentication URL
+     * @param sourceID           SourceID parameter
+     * @throws MOAIDException
+     * @throws AuthenticationException
+     * @throws WrongParametersException
+     * @throws ConfigurationException
+     */
+    public static void startSTORKAuthentication(
+            HttpServletRequest req,
+            HttpServletResponse resp,
+            AuthenticationSession moasession) throws MOAIDException, AuthenticationException, WrongParametersException, ConfigurationException {
+
+        if (moasession == null) {
+            throw new AuthenticationException("auth.18", new Object[]{});
+        }
+
+        //read configuration paramters of OA
+        OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
+        if (oaParam == null)
+            throw new AuthenticationException("auth.00", new Object[]{moasession.getPublicOAURLPrefix()});
+
+        //Start of STORK Processing
+        STORKConfig storkConfig = AuthConfigurationProvider.getInstance().getStorkConfig();
+
+        CPEPS cpeps = storkConfig.getCPEPS(moasession.getCcc());
+
+        Logger.debug("Preparing to assemble STORK AuthnRequest with the following values:");
+        String destination = cpeps.getPepsURL().toExternalForm();
+        Logger.debug("C-PEPS URL: " + destination);
+
+        String acsURL = HTTPUtils.getBaseURL(req) + PEPSConnectorServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN;
+        Logger.debug("MOA Assertion Consumer URL (PEPSConnctor): " + acsURL);
+
+        String providerName = oaParam.getFriendlyName();
+        String issuerValue = HTTPUtils.getBaseURL(req);
+        Logger.debug("Issuer value: " + issuerValue);
+
+        // prepare collection of required attributes
+        // - attributes for online application
+        List<OAStorkAttribute> attributesFromConfig = oaParam.getRequestedAttributes();
+
+        // - prepare attribute list
+        PersonalAttributeList attributeList = new PersonalAttributeList();
+
+        // - fill container
+        for (OAStorkAttribute current : attributesFromConfig) {
+            PersonalAttribute newAttribute = new PersonalAttribute();
+            newAttribute.setName(current.getName());
+
+            boolean globallyMandatory = false;
+            for (StorkAttribute currentGlobalAttribute : storkConfig.getStorkAttributes())
+                if (current.getName().equals(currentGlobalAttribute.getName())) {
+                    globallyMandatory = currentGlobalAttribute.isMandatory();
+                    break;
+                }
+
+            newAttribute.setIsRequired(current.isMandatory() || globallyMandatory);
+            attributeList.add(newAttribute);
+        }
+
+        // add sign request
+        PersonalAttribute newAttribute = new PersonalAttribute();
+        newAttribute.setName("signedDoc");
+        List<String> value = new ArrayList<String>();
+        value.add(generateDssSignRequest(CreateXMLSignatureRequestBuilder.buildForeignIDTextToBeSigned("wie im  Signaturzertifikat (as in my signature certificate)", oaParam, moasession),
+                "application/xhtml+xml",
+                moasession.getCcc()));
+        newAttribute.setValue(value);
+        attributeList.add(newAttribute);
+
+
+        if (Logger.isDebugEnabled()) {
+            Logger.debug("The following attributes are requested for this OA:");
+            for (OAStorkAttribute logReqAttr : attributesFromConfig)
+                Logger.debug("OA specific requested attribute: " + logReqAttr.getName() + ", isRequired: " + logReqAttr.isMandatory());
+        }
+
+        //TODO: check Target in case of SSO!!
+        String spSector = StringUtils.isEmpty(moasession.getTarget()) ? "Business" : moasession.getTarget();
+        String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName();
+        String spApplication = spInstitution;
+        String spCountry = "AT";
+
+        //generate AuthnRquest
+        STORKAuthnRequest authnRequest = new STORKAuthnRequest();
+        authnRequest.setDestination(destination);
+        authnRequest.setAssertionConsumerServiceURL(acsURL);
+        authnRequest.setProviderName(providerName);
+        authnRequest.setIssuer(issuerValue);
+        authnRequest.setQaa(oaParam.getQaaLevel());
+        authnRequest.setSpInstitution(spInstitution);
+        authnRequest.setCountry(spCountry);
+        authnRequest.setSpApplication(spApplication);
+        authnRequest.setSpSector(spSector);
+        authnRequest.setPersonalAttributeList(attributeList);
+
+        authnRequest.setEIDCrossBorderShare(true);
+        authnRequest.setEIDCrossSectorShare(true);
+        authnRequest.setEIDSectorShare(true);
+
+        authnRequest.setCitizenCountryCode(moasession.getCcc());
+
+
+        Logger.debug("STORK AuthnRequest succesfully assembled.");
+
+        STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("outgoing");
+        try {
+            authnRequest = samlEngine.generateSTORKAuthnRequest(authnRequest);
+        } catch (STORKSAMLEngineException e) {
+            Logger.error("Could not sign STORK SAML AuthnRequest.", e);
+            throw new MOAIDException("stork.00", null);
+        }
+
+        Logger.info("STORK AuthnRequest successfully signed!");
+
+        //validate AuthnRequest
+        try {
+            samlEngine.validateSTORKAuthnRequest(authnRequest.getTokenSaml());
+        } catch (STORKSAMLEngineException e) {
+            Logger.error("STORK SAML AuthnRequest not valid.", e);
+            throw new MOAIDException("stork.01", null);
+        }
+
+        Logger.debug("STORK AuthnRequest successfully internally validated.");
+
+        //send
+        moasession.setStorkAuthnRequest(authnRequest);
+        HttpSession httpSession = req.getSession();
+        httpSession.setAttribute("MOA-Session-ID", moasession.getSessionID());
+
+
+        Logger.info("Preparing to send STORK AuthnRequest.");
+        Logger.info("prepared STORKAuthnRequest: ");
+        Logger.info(new String(authnRequest.getTokenSaml()));
+
+        try {
+            Logger.trace("Initialize VelocityEngine...");
+
+            VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
+            Template template = velocityEngine.getTemplate("/resources/templates/saml2-post-binding-moa.vm");
+            VelocityContext context = new VelocityContext();
+            context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(authnRequest.getTokenSaml()));
+            context.put("action", destination);
+
+            StringWriter writer = new StringWriter();
+            template.merge(context, writer);
+
+            resp.getOutputStream().write(writer.toString().getBytes());
+        } catch (Exception e) {
+            Logger.error("Error sending STORK SAML AuthnRequest.", e);
+            httpSession.invalidate();
+            throw new MOAIDException("stork.02", new Object[]{destination});
+        }
+
+        Logger.info("STORK AuthnRequest successfully successfully prepared for client with target location: " + authnRequest.getDestination());
+    }
+
+    private static String generateDssSignRequest(String text, String mimeType, String citizenCountry) {
+        IdentifierGenerator idGenerator;
+        try {
+            idGenerator = new SecureRandomIdentifierGenerator();
+
+            DocumentType doc = new DocumentType();
+            doc.setBase64XML(text.getBytes());
+            doc.setID(idGenerator.generateIdentifier());
+
+            SignRequest request = new SignRequest();
+            request.setInputDocuments(ApiUtils.createInputDocuments(doc));
+
+            String id = idGenerator.generateIdentifier();
+            request.setRequestID(id);
+            request.setDocUI(id);
+
+            request.setProfile(Profiles.XADES_BES.toString());
+            request.setNumberOfSigners(BigInteger.ONE);
+            request.setTargetCountry(citizenCountry);
+
+            // no, no todo. PEPS will alter this value anyhow.
+            request.setReturnURL("http://invalid_return");
+
+            AnyType required = new AnyType();
+            required.getAny().add(ApiUtils.createSignatureType(SignatureTypes.XMLSIG_RFC3275.toString()));
+            required.getAny().add(ApiUtils.createAdditionalProfile(AdditionalProfiles.XADES.toString()));
+            required.getAny().add(ApiUtils.createQualityRequirements(QualityLevels.QUALITYLEVEL_QUALIFIEDSIG));
+            required.getAny().add(ApiUtils.createIncludeObject(doc));
+            request.setOptionalInputs(required);
+
+            return IOUtils.toString(ApiUtils.marshalToInputStream(request));
+        } catch (NoSuchAlgorithmException e) {
+            Logger.error("Cannot generate id", e);
+            throw new RuntimeException(e);
+        } catch (ApiUtilsException e) {
+            Logger.error("Could not create SignRequest", e);
+            throw new RuntimeException(e);
+        } catch (DOMException e) {
+            Logger.error("Could not create SignRequest", e);
+            throw new RuntimeException(e);
+        } catch (IOException e) {
+            Logger.error("Could not create SignRequest", e);
+            throw new RuntimeException(e);
+        }
+    }
+
+    /**
+     * Extracts an X509 Certificate out of an XML signagture element
+     *
+     * @param signedXML XML signature element
+     * @return X509Certificate
+     * @throws CertificateException
+     */
+    public static X509Certificate getCertificateFromXML(Element signedXML) throws CertificateException {
+
+        NodeList nList = signedXML.getElementsByTagNameNS(Constants.DSIG_NS_URI, "X509Certificate");
+
+        String base64CertString = XMLUtil.getFirstTextValueFromNodeList(nList);
+
+        if (StringUtils.isEmpty(base64CertString)) {
+            String msg = "XML does not contain a X509Certificate element.";
+            Logger.error(msg);
+            throw new CertificateException(msg);
+        }
+
+        InputStream is = new ByteArrayInputStream(Base64.decode(base64CertString));
+
+        X509Certificate cert;
+        try {
+            cert = new X509Certificate(is);
+            return cert;
+
+        } catch (Throwable e) {
+            throw new CertificateException(e);
+        }
+    }
 
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java
index 828fc78ab..ba347c9e5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java
@@ -2,19 +2,19 @@
  * Copyright 2014 Federal Chancellery Austria
  * MOA-ID has been developed in a cooperation between BRZ, the Federal
  * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- * 
+ *
  * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
  * the European Commission - subsequent versions of the EUPL (the "Licence");
  * You may not use this work except in compliance with the Licence.
  * You may obtain a copy of the Licence at:
  * http://www.osor.eu/eupl/
- * 
+ *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the Licence is distributed on an "AS IS" basis,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the Licence for the specific language governing permissions and
  * limitations under the Licence.
- * 
+ *
  * This product combines work with different licenses. See the "NOTICE" text
  * file for details on the various modules and licenses.
  * The "NOTICE" text file is part of the distribution. Any derivative works
@@ -51,82 +51,143 @@ import at.gv.egovernment.moa.util.Constants;
 /**
  * Builder for the <code>&lt;InfoboxReadRequest&gt;</code> structure
  * used for requesting the identity link from the security layer implementation.
- * 
+ *
  * @author Paul Ivancsics
  * @version $Id$
  */
 public class InfoboxReadRequestBuilder implements Constants {
 
 
-  /**
-   * Constructor for InfoboxReadRequestBuilder.
-   */
-  public InfoboxReadRequestBuilder() {
-  }
-   
-  
-  /**
-   * Builds an <code>&lt;InfoboxReadRequest&gt;</code>.
-   * 
-   * @param slVersion12           specifies whether the Security Layer version is
-   *                              version 1.2 or not
-   * @param businessService       specifies whether the online application is a
-   *                              business service or not
-   * @param identityLinkDomainIdentifier  the identification number of the business 
-   *                              company; maybe <code>null</code> if the OA
-   *                              is a public service; must not be <code>null</code>
-   *                              if the OA is a business service
-   * 
-   * @return <code>&lt;InfoboxReadRequest&gt;</code> as String
-   */
-  public String build(boolean businessService, String identityLinkDomainIdentifier) {
-    
-    String slPrefix;
-    String slNsDeclaration;
-    
+    /**
+     * Constructor for InfoboxReadRequestBuilder.
+     */
+    public InfoboxReadRequestBuilder() {
+    }
+
+
+    /**
+     * Builds an <code>&lt;InfoboxReadRequest&gt;</code>.
+     *
+     * @param slVersion12                  specifies whether the Security Layer version is
+     *                                     version 1.2 or not
+     * @param businessService              specifies whether the online application is a
+     *                                     business service or not
+     * @param identityLinkDomainIdentifier the identification number of the business
+     *                                     company; maybe <code>null</code> if the OA
+     *                                     is a public service; must not be <code>null</code>
+     *                                     if the OA is a business service
+     * @return <code>&lt;InfoboxReadRequest&gt;</code> as String
+     */
+    public String build(boolean businessService, String identityLinkDomainIdentifier) {
+
+        String slPrefix;
+        String slNsDeclaration;
+
 //    if (slVersion12) {
-      slPrefix = SL12_PREFIX;
-      slNsDeclaration = SL12_NS_URI;
+        slPrefix = SL12_PREFIX;
+        slNsDeclaration = SL12_NS_URI;
 //    } else {
 //      slPrefix = SL10_PREFIX;
 //      slNsDeclaration = SL10_NS_URI;
 //    }
-        
-    StringBuffer sb = new StringBuffer("<?xml version=\"1.0\" encoding=\"UTF-8\" ?>");
-    sb.append("<");
-    sb.append(slPrefix);
-    sb.append(":InfoboxReadRequest xmlns:");
-    sb.append(slPrefix);
-    sb.append("=\"");
-    sb.append(slNsDeclaration);
-    sb.append("\">");
-    sb.append("<");
-    sb.append(slPrefix);
-    sb.append(":InfoboxIdentifier>IdentityLink</");
-    sb.append(slPrefix);
-    sb.append(":InfoboxIdentifier>");
-    sb.append("<");
-    sb.append(slPrefix);
-    sb.append(":BinaryFileParameters ContentIsXMLEntity=\"true\"/>");
-    if (businessService) {
-      sb.append("<");
-      sb.append(slPrefix);
-      sb.append(":BoxSpecificParameters>");
-      sb.append("<");
-      sb.append(slPrefix);
-      sb.append(":IdentityLinkDomainIdentifier>");
-      sb.append(identityLinkDomainIdentifier);
-      sb.append("</sl:IdentityLinkDomainIdentifier>");
-      sb.append("</");
-      sb.append(slPrefix);
-      sb.append(":BoxSpecificParameters>");
+
+        StringBuffer sb = new StringBuffer("<?xml version=\"1.0\" encoding=\"UTF-8\" ?>");
+        sb.append("<");
+        sb.append(slPrefix);
+        sb.append(":InfoboxReadRequest xmlns:");
+        sb.append(slPrefix);
+        sb.append("=\"");
+        sb.append(slNsDeclaration);
+        sb.append("\">");
+        sb.append("<");
+        sb.append(slPrefix);
+        sb.append(":InfoboxIdentifier>IdentityLink</");
+        sb.append(slPrefix);
+        sb.append(":InfoboxIdentifier>");
+        sb.append("<");
+        sb.append(slPrefix);
+        sb.append(":BinaryFileParameters ContentIsXMLEntity=\"true\"/>");
+        if (businessService) {
+            sb.append("<");
+            sb.append(slPrefix);
+            sb.append(":BoxSpecificParameters>");
+            sb.append("<");
+            sb.append(slPrefix);
+            sb.append(":IdentityLinkDomainIdentifier>");
+            sb.append(identityLinkDomainIdentifier);
+            sb.append("</sl:IdentityLinkDomainIdentifier>");
+            sb.append("</");
+            sb.append(slPrefix);
+            sb.append(":BoxSpecificParameters>");
+        }
+        sb.append("</");
+        sb.append(slPrefix);
+        sb.append(":InfoboxReadRequest>");
+
+        return sb.toString();
+
+    }
+
+
+    /**
+     * Builds an <code>&lt;InfoboxReadRequest&gt;</code>.
+     *
+     * @param slVersion12                  specifies whether the Security Layer version is
+     *                                     version 1.2 or not
+     * @param businessService              specifies whether the online application is a
+     *                                     business service or not
+     * @param identityLinkDomainIdentifier the identification number of the business
+     *                                     company; maybe <code>null</code> if the OA
+     *                                     is a public service; must not be <code>null</code>
+     *                                     if the OA is a business service
+     * @return <code>&lt;InfoboxReadRequest&gt;</code> as String
+     *
+     */
+    public String buildStorkReadRequest(String identityLinkDomainIdentifier) {
+
+        String slPrefix;
+        String slNsDeclaration;
+
+        slPrefix = SL12_PREFIX;
+        slNsDeclaration = SL12_NS_URI;
+
+        StringBuffer sb = new StringBuffer("<?xml version=\"1.0\" encoding=\"UTF-8\" ?>");
+        sb.append("<");
+        sb.append(slPrefix);
+        sb.append(":InfoboxReadRequest xmlns:");
+        sb.append(slPrefix);
+        sb.append("=\"");
+        sb.append(slNsDeclaration);
+        sb.append("\">");
+        sb.append("<");
+        sb.append(slPrefix);
+        sb.append(":InfoboxIdentifier>IdentityLink</");
+        sb.append(slPrefix);
+        sb.append(":InfoboxIdentifier>");
+        sb.append("<");
+        sb.append(slPrefix);
+        sb.append(":BinaryFileParameters ContentIsXMLEntity=\"true\"/>");
+
+        // append box parameters - necessary for stork?
+        sb.append("<");
+        sb.append(slPrefix);
+        sb.append(":BoxSpecificParameters>");
+        sb.append("<");
+        sb.append(slPrefix);
+        sb.append(":IdentityLinkDomainIdentifier>");
+        sb.append(identityLinkDomainIdentifier);
+        sb.append("</sl:IdentityLinkDomainIdentifier>");
+        sb.append("</");
+        sb.append(slPrefix);
+        sb.append(":BoxSpecificParameters>");
+        // end appending box parameters
+
+        sb.append("</");
+        sb.append(slPrefix);
+        sb.append(":InfoboxReadRequest>");
+
+        return sb.toString();
+
     }
-    sb.append("</");
-    sb.append(slPrefix);
-    sb.append(":InfoboxReadRequest>");
-    
-    return sb.toString();
-       
-  }
 
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java
index 7e21c6667..2d0a0e367 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java
@@ -55,7 +55,12 @@ public class OAParameter {
 			this.businessService = true;
 		else
 			this.businessService = false;
-		
+
+        if (this.oaType.equals("storkService"))
+            this.storkService = true;
+        else
+            this.storkService = false;
+
 		this.publicURLPrefix = oa.getPublicURLPrefix();
 		
 		this.friendlyName = oa.getFriendlyName();
@@ -81,8 +86,15 @@ public class OAParameter {
 	 * if value of {@link #oaType} is "businessService"
 	 */
 	private boolean businessService;
-	
-	/**
+
+    /**
+     * specifies whether the online application is a stork application or not (<code>true</code>
+     * if value of {@link #oaType} is "storkService"
+     */
+    private boolean storkService;
+
+
+    /**
 	 * public URL prefix of the online application
 	 */
 	private String publicURLPrefix;
@@ -139,5 +151,7 @@ public class OAParameter {
 	public OAOAUTH20 getoAuth20Config() {
 		return oAuth20Config;
 	}
+
+    public boolean getStorkService() { return storkService; }
 	
 }
diff --git a/id/server/moa-id-commons/moa-id-commons.iml b/id/server/moa-id-commons/moa-id-commons.iml
index ef994abd3..aeb4ad88c 100644
--- a/id/server/moa-id-commons/moa-id-commons.iml
+++ b/id/server/moa-id-commons/moa-id-commons.iml
@@ -61,6 +61,7 @@
     <orderEntry type="library" name="Maven: org.slf4j:jcl-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: commons-io:commons-io:1.3.2" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-runtime:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: commons-lang:commons-lang:2.2" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.jaxb2_commons:jaxb2-basics-runtime:0.6.2" level="project" />
@@ -75,7 +76,6 @@
     <orderEntry type="library" scope="TEST" name="Maven: junit:junit:3.8.1" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.jaxb2_commons:jaxb2-basics-testing:0.6.2" level="project" />
     <orderEntry type="library" name="Maven: xmlunit:xmlunit:1.0" level="project" />
-    <orderEntry type="library" name="Maven: commons-io:commons-io:1.2" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-schemas-persistence:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: org.jvnet.hyperjaxb3:hyperjaxb3-ejb-schemas-customizations:0.5.6" level="project" />
     <orderEntry type="library" name="Maven: org.springframework:spring:2.0.7" level="project" />
diff --git a/id/server/moa-id.iml b/id/server/moa-id.iml
index c418d6693..6e02e5944 100644
--- a/id/server/moa-id.iml
+++ b/id/server/moa-id.iml
@@ -8,6 +8,7 @@
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
+    <orderEntry type="library" name="Maven: commons-io:commons-io:1.3.2" level="project" />
   </component>
 </module>
 
diff --git a/id/server/proxy/moa-id-proxy.iml b/id/server/proxy/moa-id-proxy.iml
index e61d841ce..279d544b1 100644
--- a/id/server/proxy/moa-id-proxy.iml
+++ b/id/server/proxy/moa-id-proxy.iml
@@ -55,6 +55,7 @@
     <orderEntry type="library" name="Maven: org.slf4j:jcl-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: commons-io:commons-io:1.3.2" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_tsl:1.0" level="project" />
     <orderEntry type="library" name="Maven: iaik:iaik_xsect_eval:1.1709142" level="project" />
     <orderEntry type="library" name="Maven: iaik:iaik_ecc_signed:2.19" level="project" />
@@ -93,7 +94,6 @@
     <orderEntry type="library" name="Maven: org.apache.velocity:velocity:1.7" level="project" />
     <orderEntry type="library" name="Maven: org.owasp.esapi:esapi:2.0.1" level="project" />
     <orderEntry type="library" name="Maven: org.bouncycastle:bcprov-jdk16:1.46" level="project" />
-    <orderEntry type="library" name="Maven: commons-io:commons-io:2.2" level="project" />
     <orderEntry type="library" name="Maven: eu.stork:oasis-dss-api:1.0.0-SNAPSHOT" level="project" />
     <orderEntry type="library" scope="TEST" name="Maven: junit:junit:3.8.1" level="project" />
     <orderEntry type="library" name="Maven: eu.medsea.mimeutil:mime-util:2.1.3" level="project" />
diff --git a/pom.xml b/pom.xml
index d87ab8a4e..c4126fbfb 100644
--- a/pom.xml
+++ b/pom.xml
@@ -469,6 +469,12 @@
             <type>dll</type>
             <scope>runtime</scope>
         </dependency>
+        <dependency>
+            <groupId>commons-io</groupId>
+            <artifactId>commons-io</artifactId>
+            <version>1.3.2</version>
+        </dependency>
+
     </dependencies>
 
     <repositories>
diff --git a/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml b/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml
index 4e0a0fddf..fdffc1a0f 100644
--- a/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml
+++ b/spss/handbook/clients/api/moa-spss-handbook-apiClient.iml
@@ -9,7 +9,6 @@
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
-    <orderEntry type="module" module-name="moa-common" />
     <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
     <orderEntry type="library" name="Maven: org.apache.axis:axis-jaxrpc:1.4" level="project" />
     <orderEntry type="library" name="Maven: org.apache.axis:axis-saaj:1.4" level="project" />
@@ -44,6 +43,7 @@
     <orderEntry type="library" name="Maven: org.slf4j:jcl-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: commons-io:commons-io:1.3.2" level="project" />
     <orderEntry type="module" module-name="moa-spss-lib" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_tsl:1.0" level="project" />
     <orderEntry type="library" name="Maven: iaik:iaik_xsect_eval:1.1709142" level="project" />
diff --git a/spss/handbook/clients/moa-spss-handbook-clients.iml b/spss/handbook/clients/moa-spss-handbook-clients.iml
index 3dda938d9..6e02e5944 100644
--- a/spss/handbook/clients/moa-spss-handbook-clients.iml
+++ b/spss/handbook/clients/moa-spss-handbook-clients.iml
@@ -1,13 +1,14 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/../../target/classes" />
-    <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <excludeFolder url="file://$MODULE_DIR$/target" />
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
+    <orderEntry type="library" name="Maven: commons-io:commons-io:1.3.2" level="project" />
   </component>
 </module>
 
diff --git a/spss/handbook/clients/referencedData/moa-spss-handbook-referencedData.iml b/spss/handbook/clients/referencedData/moa-spss-handbook-referencedData.iml
index 678776d19..07392b36c 100644
--- a/spss/handbook/clients/referencedData/moa-spss-handbook-referencedData.iml
+++ b/spss/handbook/clients/referencedData/moa-spss-handbook-referencedData.iml
@@ -13,13 +13,14 @@
     </facet>
   </component>
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/../../../target/classes" />
-    <output-test url="file://$MODULE_DIR$/../../../target/test-classes" />
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <excludeFolder url="file://$MODULE_DIR$/target" />
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
+    <orderEntry type="library" name="Maven: commons-io:commons-io:1.3.2" level="project" />
   </component>
 </module>
 
diff --git a/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml b/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml
index 4e0a0fddf..fdffc1a0f 100644
--- a/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml
+++ b/spss/handbook/clients/webservice/moa-spss-handbook-webserviceClient.iml
@@ -9,7 +9,6 @@
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
-    <orderEntry type="module" module-name="moa-common" />
     <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
     <orderEntry type="library" name="Maven: org.apache.axis:axis-jaxrpc:1.4" level="project" />
     <orderEntry type="library" name="Maven: org.apache.axis:axis-saaj:1.4" level="project" />
@@ -44,6 +43,7 @@
     <orderEntry type="library" name="Maven: org.slf4j:jcl-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: commons-io:commons-io:1.3.2" level="project" />
     <orderEntry type="module" module-name="moa-spss-lib" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_tsl:1.0" level="project" />
     <orderEntry type="library" name="Maven: iaik:iaik_xsect_eval:1.1709142" level="project" />
diff --git a/spss/handbook/moa-spss-handbook.iml b/spss/handbook/moa-spss-handbook.iml
index deed935ed..0b49fc962 100644
--- a/spss/handbook/moa-spss-handbook.iml
+++ b/spss/handbook/moa-spss-handbook.iml
@@ -10,13 +10,14 @@
     </facet>
   </component>
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/../target/classes" />
-    <output-test url="file://$MODULE_DIR$/../target/test-classes" />
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <excludeFolder url="file://$MODULE_DIR$/target" />
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
+    <orderEntry type="library" name="Maven: commons-io:commons-io:1.3.2" level="project" />
   </component>
 </module>
 
diff --git a/spss/server/moa-spss.iml b/spss/server/moa-spss.iml
index 567359474..6e02e5944 100644
--- a/spss/server/moa-spss.iml
+++ b/spss/server/moa-spss.iml
@@ -1,13 +1,14 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/../target/classes" />
-    <output-test url="file://$MODULE_DIR$/../target/test-classes" />
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <excludeFolder url="file://$MODULE_DIR$/target" />
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
+    <orderEntry type="library" name="Maven: commons-io:commons-io:1.3.2" level="project" />
   </component>
 </module>
 
diff --git a/spss/server/serverlib/moa-spss-lib.iml b/spss/server/serverlib/moa-spss-lib.iml
index 93d7e676f..d1832bd65 100644
--- a/spss/server/serverlib/moa-spss-lib.iml
+++ b/spss/server/serverlib/moa-spss-lib.iml
@@ -55,8 +55,6 @@
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
-    <orderEntry type="module" module-name="moa-common" />
-    <orderEntry type="module" module-name="moa-common" scope="TEST" production-on-test="" />
     <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
     <orderEntry type="library" name="Maven: org.apache.axis:axis-jaxrpc:1.4" level="project" />
     <orderEntry type="library" name="Maven: org.apache.axis:axis-saaj:1.4" level="project" />
@@ -91,6 +89,7 @@
     <orderEntry type="library" name="Maven: org.slf4j:jcl-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: commons-io:commons-io:1.3.2" level="project" />
     <orderEntry type="module" module-name="moa-common" scope="TEST" production-on-test="" />
     <orderEntry type="module" module-name="moa-spss-tools" scope="TEST" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_tsl:1.0" level="project" />
diff --git a/spss/server/serverws/moa-spss-ws.iml b/spss/server/serverws/moa-spss-ws.iml
index ae8f03a70..0714500d5 100644
--- a/spss/server/serverws/moa-spss-ws.iml
+++ b/spss/server/serverws/moa-spss-ws.iml
@@ -56,6 +56,7 @@
     <orderEntry type="library" name="Maven: org.slf4j:jcl-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: commons-io:commons-io:1.3.2" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_tsl:1.0" level="project" />
     <orderEntry type="library" name="Maven: iaik:iaik_xsect_eval:1.1709142" level="project" />
     <orderEntry type="library" name="Maven: iaik:iaik_ecc_signed:2.19" level="project" />
diff --git a/spss/server/tools/moa-spss-tools.iml b/spss/server/tools/moa-spss-tools.iml
index a880f50ab..25d80b1dd 100644
--- a/spss/server/tools/moa-spss-tools.iml
+++ b/spss/server/tools/moa-spss-tools.iml
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/../../target/classes" />
-    <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
+    <output url="file://$MODULE_DIR$/target/classes" />
+    <output-test url="file://$MODULE_DIR$/target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
       <sourceFolder url="file://$MODULE_DIR$/src/main/resources" type="java-resource" />
@@ -17,6 +17,7 @@
     <orderEntry type="library" name="Maven: xalan-bin-dist:xalan:2.7.1" level="project" />
     <orderEntry type="library" name="Maven: xalan:serializer:2.7.1" level="project" />
     <orderEntry type="library" name="Maven: xml-apis:xml-apis:1.3.04" level="project" />
+    <orderEntry type="library" name="Maven: commons-io:commons-io:1.3.2" level="project" />
   </component>
 </module>
 
-- 
cgit v1.2.3


From 97ac38abf8d7fcea628ed1e7bd343c3d4ea958f9 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Wed, 5 Mar 2014 21:56:33 +0100
Subject: merge fr ap

---
 .../protocols/stork2/AttributeProviderFactory.java | 95 +++++++++++-----------
 .../stork2/EHvdAttributeProviderPlugin.java        |  3 -
 2 files changed, 46 insertions(+), 52 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
index dbeaf94e9..d046e12a4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
@@ -1,24 +1,24 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
+import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin;
+
 import java.util.ArrayList;
 import java.util.List;
 
-import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin;
-
 /**
  * A factory for creating AttributeProvider objects.
  */
 public class AttributeProviderFactory {
 
-	/**
-	 * Gets the available plugins.
-	 * 
-	 * @return the available plugins
-	 */
-	public static List<String> getAvailablePlugins() {
-		List<String> result = new ArrayList<String>();
-		result.add("StorkAttributeRequestProvider");
-		result.add("EHvdAttributeProvider");
+    /**
+     * Gets the available plugins.
+     *
+     * @return the available plugins
+     */
+    public static List<String> getAvailablePlugins() {
+        List<String> result = new ArrayList<String>();
+        result.add("StorkAttributeRequestProvider");
+        result.add("EHvdAttributeProvider");
         result.add("SignedDocAttributeRequestProvider");
         result.add("MISAttributeProvider");
 
@@ -26,43 +26,40 @@ public class AttributeProviderFactory {
         return result;
     }
 
-	/**
-	 * Creates an AttributeProvider object for the given shortname. Returns
-	 * {@code null} if there is no such provider available.
-	 * 
-	 * @param shortname
-	 *            the simpleName for the providers class
-	 * @return the attribute provider
-	 */
-	public static AttributeProvider create(String shortname, String url, String attributes) {
-        	if (shortname.equals("StorkAttributeRequestProvider"))  {
-			return new StorkAttributeRequestProvider(url, attributes);
-		} else if(shortname.equals("EHvdAttributeProvider")) {
-			return new EHvdAttributeProviderPlugin(url);
-		}  else if(shortname.equals("SignedDocAttributeRequestProvider")) {
-                return new SignedDocAttributeRequestProvider(url);
-        }  else if (shortname.equals("MISAttributeProvider")) {
-                return new MISAttributeProvider(url);
-        }    else {
-			return new EHvdAttributeProviderPlugin(url, attributes);
-		}       else {
-			return null;
-		}
-	}
+    /**
+     * Creates an AttributeProvider object for the given shortname. Returns
+     * {@code null} if there is no such provider available.
+     *
+     * @param shortname the simpleName for the providers class
+     * @return the attribute provider
+     */
+    public static AttributeProvider create(String shortname, String url, String attributes) {
+        if (shortname.equals("StorkAttributeRequestProvider")) {
+            return new StorkAttributeRequestProvider(url, attributes);
+        } else if (shortname.equals("EHvdAttributeProvider")) {
+            return new EHvdAttributeProviderPlugin(url, attributes);
+        } else if (shortname.equals("SignedDocAttributeRequestProvider")) {
+            return new SignedDocAttributeRequestProvider(url);
+        } else if (shortname.equals("MISAttributeProvider")) {
+            return new MISAttributeProvider(url);
+        } else {
+            return null;
+        }
+    }
 
-	/**
-	 * Gets fresh instances of the configured plugins.
-	 *
-	 * @param configuredAPs the configured a ps
-	 * @return the configured plugins
-	 */
-	public static List<AttributeProvider> getConfiguredPlugins(
-			List<AttributeProviderPlugin> configuredAPs) {
-		
-		List<AttributeProvider> result = new ArrayList<AttributeProvider>();
-		for(AttributeProviderPlugin current : configuredAPs)
-			result.add(create(current.getName(), current.getUrl(), current.getAttributes()));
-		
-		return result;
-	}
+    /**
+     * Gets fresh instances of the configured plugins.
+     *
+     * @param configuredAPs the configured a ps
+     * @return the configured plugins
+     */
+    public static List<AttributeProvider> getConfiguredPlugins(
+            List<AttributeProviderPlugin> configuredAPs) {
+
+        List<AttributeProvider> result = new ArrayList<AttributeProvider>();
+        for (AttributeProviderPlugin current : configuredAPs)
+            result.add(create(current.getName(), current.getUrl(), current.getAttributes()));
+
+        return result;
+    }
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
index a36855d33..1b951c4ff 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
@@ -62,7 +62,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(eu.stork.peps.auth.commons.PersonalAttribute)
 	 */
-	@Override
 	public IPersonalAttributeList acquire(PersonalAttribute attribute, AuthenticationSession moasession)
 			throws UnsupportedAttributeException,
 			ExternalAttributeRequestRequiredException, MOAIDException {
@@ -225,7 +224,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.config.auth.OAAuthParameter)
 	 */
-	@Override
 	public void performRedirect(String url, String spCountyCode,
 			HttpServletRequest req, HttpServletResponse resp,
 			OAAuthParameter oaParam) throws MOAIDException {
@@ -235,7 +233,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest)
 	 */
-	@Override
 	public IPersonalAttributeList parse(HttpServletRequest httpReq)
 			throws UnsupportedAttributeException, MOAIDException {
 		// there is no redirect required, so we throw an exception when someone asks us to parse a response
-- 
cgit v1.2.3


From 257c27091b20e1fbcf7ccce8bfe8b908cb33a62e Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 6 Mar 2014 08:18:18 +0100
Subject: fixed error message

---
 .../at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java   | 2 +-
 .../src/main/resources/resources/properties/id_messages_de.properties   | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index f660e1b33..409e506af 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -263,7 +263,7 @@ public class AttributeCollector implements IAction {
 				if(!(existing.isEmptyValue() && existing.isEmptyComplexValue()))
 					if(!(existing.getValue().equals(current.getValue()) || existing.getComplexValue().equals(current.getComplexValue()))) {
 		                Logger.error("Attribute Value does not match the value from first authentication!");
-		                throw new MOAIDException("stork.14", null);
+		                throw new MOAIDException("stork.16", new Object[] {existing.getName()});
 					}
 
 				target.get(current.getName()).setStatus(current.getStatus());
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
index 99d5d7612..f6a296fde 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
@@ -210,6 +210,7 @@ stork.12=Konnte keine VIDP Konfiguration finden
 stork.13=Fehler beim Sammeln eines Attributes in einem AttributProviderPlugin
 stork.14=Es wurde weder Authentifizierungs/  noch Attributerequest empfangen
 stork.15=Unbekannte request.
+stork.16=Ein Attribute aus zwei verschiedenen Quellen unterscheidet sich\: {0}
 
 pvp2.00={0} ist kein gueltiger consumer service index
 pvp2.01=Fehler beim kodieren der PVP2 Antwort
-- 
cgit v1.2.3


From 58fcfcc39b55705d05ec12cfbbcbd0e05d57e702 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 6 Mar 2014 08:31:53 +0100
Subject: fixed eHVD spCountrycode for eId derivation

---
 .../egovernment/moa/id/protocols/stork2/AttributeCollector.java   | 4 ++--
 .../gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java | 6 +++---
 .../moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java  | 4 ++--
 .../moa/id/protocols/stork2/DemoRedirectAttributeProvider.java    | 4 ++--
 .../moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java      | 6 +++---
 .../egovernment/moa/id/protocols/stork2/MISAttributeProvider.java | 4 ++--
 .../id/protocols/stork2/SignedDocAttributeRequestProvider.java    | 4 ++--
 .../moa/id/protocols/stork2/StorkAttributeRequestProvider.java    | 8 ++++++--
 8 files changed, 22 insertions(+), 18 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 409e506af..842c06f15 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -126,7 +126,7 @@ public class AttributeCollector implements IAction {
                 for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) {
                     try {
                         // - hand over control to the suitable plugin
-                        aquiredAttributes = currentProvider.acquire(currentAttribute, moasession);
+                        aquiredAttributes = currentProvider.acquire(currentAttribute, container.getRequest().getSpCountry(), moasession);
                         break;
                     } catch (UnsupportedAttributeException e) {
                         // ok, try the next attributeprovider
@@ -163,7 +163,7 @@ public class AttributeCollector implements IAction {
                 AssertionStorage.getInstance().put(newArtifactId, container);
 
                 // add container-key to redirect embedded within the return URL
-                e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/stork2/ResumeAuthentication?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam);
+                e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/stork2/ResumeAuthentication?" + ARTIFACT_ID + "=" + newArtifactId, request, response, oaParam);
 
             } catch (Exception e1) {
                 // TODO should we return the response as is to the PEPS?
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
index d92b0b72f..2914d8f7d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java
@@ -22,25 +22,25 @@ public interface AttributeProvider {
 	 * the response.
 	 *
 	 * @param attributes the list of attributes to be acquired
+	 * @param spCountyCode the sp county code
 	 * @param moasession the moasession
 	 * @return the personal attribute
 	 * @throws UnsupportedAttributeException the unsupported attribute exception
 	 * @throws ExternalAttributeRequestRequiredException an attribute request to an external service has to be done
 	 * @throws MOAIDException the mOAID exception
 	 */
-	public IPersonalAttributeList acquire(PersonalAttribute attributes, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException;
+	public IPersonalAttributeList acquire(PersonalAttribute attributes, String spCountyCode, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException;
 
 	/**
 	 * Perform redirect.
 	 *
 	 * @param url the return URL ending with ?artifactId=...
-	 * @param spCountyCode the sp county code
 	 * @param req the request we got from the S-PEPS and for which we have to ask our APs
 	 * @param resp the response to the preceding request
 	 * @param oaParam the oa param
 	 * @throws MOAIDException the mOAID exception
 	 */
-	public void performRedirect(String url, String spCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException;
+	public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException;
 	
 	/**
 	 * Parses the response we got from the external attribute provider.
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
index 9c0869d97..56120cba2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
@@ -20,7 +20,7 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String)
 	 */
-	public IPersonalAttributeList acquire(PersonalAttribute attributeName, AuthenticationSession moasession)
+	public IPersonalAttributeList acquire(PersonalAttribute attributeName, String spCountyCode, AuthenticationSession moasession)
 			throws UnsupportedAttributeException {
 		PersonalAttributeList requestedAttributes = new PersonalAttributeList(1);
 		requestedAttributes.add(new PersonalAttribute("sepp", true, new ArrayList<String>(), ""));
@@ -38,7 +38,7 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
 	 */
-	public void performRedirect(String url, String citizenCountyCode,
+	public void performRedirect(String url, 
 			HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) {
 		// we should not get here
 	}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
index 26fc00406..aaba87c6c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
@@ -20,7 +20,7 @@ public class DemoRedirectAttributeProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String)
 	 */
-	public IPersonalAttributeList acquire(PersonalAttribute attributeName, AuthenticationSession moasession)
+	public IPersonalAttributeList acquire(PersonalAttribute attributeName, String spCountyCode, AuthenticationSession moasession)
 			throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException {
 		throw new ExternalAttributeRequestRequiredException(this);
 	}
@@ -37,7 +37,7 @@ public class DemoRedirectAttributeProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
 	 */
-	public void performRedirect(String url, String citizenCountyCode,
+	public void performRedirect(String url, 
 			HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) {
 		// we should not get here
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
index 1b951c4ff..02ae5fd62 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
@@ -62,7 +62,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(eu.stork.peps.auth.commons.PersonalAttribute)
 	 */
-	public IPersonalAttributeList acquire(PersonalAttribute attribute, AuthenticationSession moasession)
+	public IPersonalAttributeList acquire(PersonalAttribute attribute, String spCountryCode, AuthenticationSession moasession)
 			throws UnsupportedAttributeException,
 			ExternalAttributeRequestRequiredException, MOAIDException {
 
@@ -211,7 +211,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 			
 			// add stork id for verification
 			ArrayList<String> value = new ArrayList<String>();
-			value.add(new BPKBuilder().buildStorkbPK(moasession.getIdentityLink().getIdentificationValue(), "IT"));
+			value.add(new BPKBuilder().buildStorkbPK(moasession.getIdentityLink().getIdentificationValue(), spCountryCode));
 			result.add(new PersonalAttribute("eIdentifier", false, value, "Available"));
 			
 
@@ -224,7 +224,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.config.auth.OAAuthParameter)
 	 */
-	public void performRedirect(String url, String spCountyCode,
+	public void performRedirect(String url,
 			HttpServletRequest req, HttpServletResponse resp,
 			OAAuthParameter oaParam) throws MOAIDException {
 		// there is no redirect required
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java
index ec38db513..9492159e3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java
@@ -21,7 +21,7 @@ public class MISAttributeProvider implements AttributeProvider {
         this.url = url;
     }
 
-    public IPersonalAttributeList acquire(PersonalAttribute attributes, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException {
+    public IPersonalAttributeList acquire(PersonalAttribute attributes, String spCountyCode, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException {
         Logger.error("Entering MIS for attribute: " + attributes.getName());
 
         if (attributes.getName().equals("residencePermit")) {
@@ -32,7 +32,7 @@ public class MISAttributeProvider implements AttributeProvider {
         return null;  //
     }
 
-    public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException {
+    public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException {
         Logger.error("Entering MIS redirect for attribute: " );
 
     }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java
index 6a8e306a1..59b4f386f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java
@@ -59,7 +59,7 @@ public class SignedDocAttributeRequestProvider implements AttributeProvider {
 	 * at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java
 	 * .lang.String)
 	 */
-	public IPersonalAttributeList acquire(PersonalAttribute attribute, AuthenticationSession moasession) throws UnsupportedAttributeException,
+	public IPersonalAttributeList acquire(PersonalAttribute attribute, String spCountyCode, AuthenticationSession moasession) throws UnsupportedAttributeException,
 			ExternalAttributeRequestRequiredException {
 		if(!attribute.getName().equals("signedDoc")){
 			throw new UnsupportedAttributeException();
@@ -108,7 +108,7 @@ public class SignedDocAttributeRequestProvider implements AttributeProvider {
 	 * at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect
 	 * (java.lang.String)
 	 */
-	public void performRedirect(String url, String citizenCountryCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam)
+	public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam)
 			throws MOAIDException {
 
 		try {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
index d8becaaf7..2b946b167 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
@@ -38,6 +38,8 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 	/** The attributes. */
 	private String attributes;
 
+	private String spCountryCode;
+
 	/**
 	 * Instantiates a new stork attribute request provider.
 	 *
@@ -52,11 +54,13 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String)
 	 */
-	public IPersonalAttributeList acquire(PersonalAttribute attribute, AuthenticationSession moasession)
+	public IPersonalAttributeList acquire(PersonalAttribute attribute, String spCountyCode, AuthenticationSession moasession)
 			throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException {
 
 		if (!attributes.contains(attribute.getName()))
 			throw new UnsupportedAttributeException();
+		
+		this.spCountryCode = spCountyCode;
 
 		requestedAttributes = new PersonalAttributeList(1);
 		requestedAttributes.add(attribute);
@@ -98,7 +102,7 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String)
 	 */
-	public void performRedirect(String url, String spCountryCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException {
+	public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException {
 		
     	String spSector = "Business";
     	String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName();
-- 
cgit v1.2.3


From b5eae4b6d7692a61a943a3238e271d634141f1a0 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 6 Mar 2014 08:34:49 +0100
Subject: cleanup demo ap plugins

---
 .../stork2/DemoNoRedirectAttributeProvider.java    | 46 ---------------------
 .../stork2/DemoRedirectAttributeProvider.java      | 46 ---------------------
 .../id/protocols/stork2/MISAttributeProvider.java  | 47 ----------------------
 3 files changed, 139 deletions(-)
 delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
 delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
 delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
deleted file mode 100644
index 56120cba2..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
+++ /dev/null
@@ -1,46 +0,0 @@
-package at.gv.egovernment.moa.id.protocols.stork2;
-
-import java.util.ArrayList;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-
-import eu.stork.peps.auth.commons.IPersonalAttributeList;
-import eu.stork.peps.auth.commons.PersonalAttribute;
-import eu.stork.peps.auth.commons.PersonalAttributeList;
-
-/**
- * Just a simple demoprovider who can fetch any attribute you ask him.
- */
-public class DemoNoRedirectAttributeProvider implements AttributeProvider {
-
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String)
-	 */
-	public IPersonalAttributeList acquire(PersonalAttribute attributeName, String spCountyCode, AuthenticationSession moasession)
-			throws UnsupportedAttributeException {
-		PersonalAttributeList requestedAttributes = new PersonalAttributeList(1);
-		requestedAttributes.add(new PersonalAttribute("sepp", true, new ArrayList<String>(), ""));
-		return requestedAttributes;
-	}
-
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest)
-	 */
-	public IPersonalAttributeList parse(HttpServletRequest httpReq) {
-		// TODO Auto-generated method stub
-		return null;
-	}
-
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
-	 */
-	public void performRedirect(String url, 
-			HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) {
-		// we should not get here
-	}
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
deleted file mode 100644
index aaba87c6c..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
+++ /dev/null
@@ -1,46 +0,0 @@
-package at.gv.egovernment.moa.id.protocols.stork2;
-
-import java.util.ArrayList;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-
-import eu.stork.peps.auth.commons.IPersonalAttributeList;
-import eu.stork.peps.auth.commons.PersonalAttribute;
-import eu.stork.peps.auth.commons.PersonalAttributeList;
-
-/**
- * Just a simple demoprovider who can fetch any attribute you ask him.
- */
-public class DemoRedirectAttributeProvider implements AttributeProvider {
-
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String)
-	 */
-	public IPersonalAttributeList acquire(PersonalAttribute attributeName, String spCountyCode, AuthenticationSession moasession)
-			throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException {
-		throw new ExternalAttributeRequestRequiredException(this);
-	}
-
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest)
-	 */
-	public IPersonalAttributeList parse(HttpServletRequest httpReq) {
-		PersonalAttributeList requestedAttributes = new PersonalAttributeList(1);
-		requestedAttributes.add(new PersonalAttribute("sepp", true, new ArrayList<String>(), ""));
-		return requestedAttributes;
-	}
-
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
-	 */
-	public void performRedirect(String url, 
-			HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) {
-		// we should not get here
-
-	}
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java
deleted file mode 100644
index 9492159e3..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java
+++ /dev/null
@@ -1,47 +0,0 @@
-package at.gv.egovernment.moa.id.protocols.stork2;
-
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.logging.Logger;
-import eu.stork.peps.auth.commons.IPersonalAttributeList;
-import eu.stork.peps.auth.commons.PersonalAttribute;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-/**
- * Implements Attribute Provider for Mandates
- */
-public class MISAttributeProvider implements AttributeProvider {
-
-    String url = null;
-
-    public MISAttributeProvider(String url) {
-        this.url = url;
-    }
-
-    public IPersonalAttributeList acquire(PersonalAttribute attributes, String spCountyCode, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException {
-        Logger.error("Entering MIS for attribute: " + attributes.getName());
-
-        if (attributes.getName().equals("residencePermit")) {
-            Logger.error("MIS EXCEPTION: " + attributes.getName());
-            //throw new ExternalAttributeRequestRequiredException(this);
-        }
-
-        return null;  //
-    }
-
-    public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException {
-        Logger.error("Entering MIS redirect for attribute: " );
-
-    }
-
-    public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException {
-        return null;  //
-    }
-
-    public String getName() {
-        return "MandateProvider";
-    }
-}
-- 
cgit v1.2.3


From 44ff7772172d1baf7ef7201225ee44d74511769e Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 6 Mar 2014 08:50:21 +0100
Subject: cleanup unneeded mandateretrievalrequest

---
 .../protocols/stork2/AttributeProviderFactory.java |  4 ----
 .../protocols/stork2/MandateRetrievalRequest.java  | 28 ----------------------
 2 files changed, 32 deletions(-)
 delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
index d046e12a4..cbe7e5f3c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
@@ -20,8 +20,6 @@ public class AttributeProviderFactory {
         result.add("StorkAttributeRequestProvider");
         result.add("EHvdAttributeProvider");
         result.add("SignedDocAttributeRequestProvider");
-        result.add("MISAttributeProvider");
-
 
         return result;
     }
@@ -40,8 +38,6 @@ public class AttributeProviderFactory {
             return new EHvdAttributeProviderPlugin(url, attributes);
         } else if (shortname.equals("SignedDocAttributeRequestProvider")) {
             return new SignedDocAttributeRequestProvider(url);
-        } else if (shortname.equals("MISAttributeProvider")) {
-            return new MISAttributeProvider(url);
         } else {
             return null;
         }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java
deleted file mode 100644
index bad711dbb..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java
+++ /dev/null
@@ -1,28 +0,0 @@
-package at.gv.egovernment.moa.id.protocols.stork2;
-
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.moduls.IAction;
-import at.gv.egovernment.moa.id.moduls.IRequest;
-import com.sun.xml.ws.security.trust.WSTrustConstants;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-/**
- * Processes mandate data after authentication is done in AT
- * @author bsuzic
- */
-public class MandateRetrievalRequest implements IAction {
-    public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {
-        return null;  //
-    }
-
-    public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) {
-        return true;
-    }
-
-    public String getDefaultActionName() {
-        return STORKProtocol.MANDATERETRIEVALREQUEST;
-    }
-}
-- 
cgit v1.2.3


From 2aa46e49f1566ed6582fa40e0fdffb4ec9b790b4 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 6 Mar 2014 08:51:12 +0100
Subject: cleanup datacontainer

---
 .../moa/id/protocols/stork2/AuthenticationRequest.java |  3 ---
 .../moa/id/protocols/stork2/DataContainer.java         | 18 ------------------
 2 files changed, 21 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 619935abe..2ae3ab03c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -80,9 +80,6 @@ public class AuthenticationRequest implements IAction {
             // - fill in the partial response created above
             container.setResponse(moaStorkResponse);
 
-            // - memorize the target url were we have to return the result
-            container.setTarget(moaStorkRequest.getAssertionConsumerServiceURL());
-
             container.setRemoteAddress(httpReq.getRemoteAddr());
 
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java
index 74239318b..d13754aff 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java
@@ -58,24 +58,6 @@ public class DataContainer implements Serializable {
 		this.response = moaStorkResponse;
 	}
 
-	/**
-	 * Gets the target.
-	 *
-	 * @return the target
-	 */
-	public String getTarget() {
-		return target;
-	}
-
-	/**
-	 * Sets the target.
-	 *
-	 * @param target the new target
-	 */
-	public void setTarget(String target) {
-		this.target = target;
-	}
-
 	/**
 	 * Gets the remote address.
 	 *
-- 
cgit v1.2.3


From 96dee381a4dd221a6f7dc9a63c9dda72e7cbbb04 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 6 Mar 2014 08:52:17 +0100
Subject: cleanup SignedDoc AP Plugin

---
 .../id/protocols/stork2/AttributeProviderFactory.java |  2 +-
 .../stork2/SignedDocAttributeRequestProvider.java     | 19 +++++++------------
 2 files changed, 8 insertions(+), 13 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
index cbe7e5f3c..c998b5f69 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
@@ -37,7 +37,7 @@ public class AttributeProviderFactory {
         } else if (shortname.equals("EHvdAttributeProvider")) {
             return new EHvdAttributeProviderPlugin(url, attributes);
         } else if (shortname.equals("SignedDocAttributeRequestProvider")) {
-            return new SignedDocAttributeRequestProvider(url);
+            return new SignedDocAttributeRequestProvider(url, attributes);
         } else {
             return null;
         }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java
index 59b4f386f..3993ee92f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java
@@ -17,18 +17,10 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.util.HTTPUtils;
 import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.StringUtils;
-
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
-import eu.stork.peps.auth.commons.PEPSUtil;
 import eu.stork.peps.auth.commons.PersonalAttribute;
 import eu.stork.peps.auth.commons.PersonalAttributeList;
-import eu.stork.peps.auth.commons.STORKAttrQueryRequest;
-import eu.stork.peps.auth.commons.STORKAttrQueryResponse;
-import eu.stork.peps.auth.engine.STORKSAMLEngine;
-import eu.stork.peps.exceptions.STORKSAMLEngineException;
 
 /**
  * Forwards a signedDoc attribute request to the oasis-dss service instance
@@ -42,14 +34,19 @@ public class SignedDocAttributeRequestProvider implements AttributeProvider {
 	 */
 	private String oasisDssWebFormURL;
 
+	/** The attributes. */
+	private String attributes;
+
 	/**
 	 * Instantiates a new signed doc attribute request provider.
 	 * 
 	 * @param oasisDssWebFormURL
 	 *            the AP location
+	 * @param attributes 
 	 */
-	public SignedDocAttributeRequestProvider(String oasisDssWebFormURL) {
+	public SignedDocAttributeRequestProvider(String oasisDssWebFormURL, String attributes) {
 		this.oasisDssWebFormURL = oasisDssWebFormURL;
+		this.attributes = attributes;
 	}
 
 	/*
@@ -61,7 +58,7 @@ public class SignedDocAttributeRequestProvider implements AttributeProvider {
 	 */
 	public IPersonalAttributeList acquire(PersonalAttribute attribute, String spCountyCode, AuthenticationSession moasession) throws UnsupportedAttributeException,
 			ExternalAttributeRequestRequiredException {
-		if(!attribute.getName().equals("signedDoc")){
+		if(!attributes.contains(attribute.getName())) {
 			throw new UnsupportedAttributeException();
 		}
 		
@@ -80,8 +77,6 @@ public class SignedDocAttributeRequestProvider implements AttributeProvider {
 	public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException, UnsupportedAttributeException {
 		Logger.debug("Beginning to extract OASIS-DSS response out of HTTP Request");
 
-
-		STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
 		try {
 			String signResponse = new String(Base64.decodeBase64(httpReq.getParameter("signresponse")), "UTF8");
 			List<String> values = new ArrayList<String>();
-- 
cgit v1.2.3


From eb08e465772a766919fdce9dbebc8d5c4e51f224 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 6 Mar 2014 08:53:00 +0100
Subject: cleanup on javadoc

---
 .../ExternalAttributeRequestRequiredException.java |   2 +-
 .../moa/id/protocols/stork2/MOASTORKRequest.java   | 113 ++++++++++++++++++---
 .../moa/id/protocols/stork2/MOASTORKResponse.java  |  92 ++++++++++++-----
 .../stork2/StorkAttributeRequestProvider.java      |   1 +
 4 files changed, 167 insertions(+), 41 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java
index 56f31723c..67fbd50f8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java
@@ -18,7 +18,7 @@ public class ExternalAttributeRequestRequiredException extends Exception {
 	}
 
 	/**
-	 * Gets the ap.
+	 * Gets the ap that caused the exception.
 	 *
 	 * @return the ap
 	 */
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
index e95cfabe2..9ea33c8ef 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
@@ -9,57 +9,95 @@ import eu.stork.peps.auth.commons.STORKAttrQueryRequest;
 import eu.stork.peps.auth.commons.STORKAuthnRequest;
 
 /**
- * Implements MOA request and stores StorkAuthn/Attr-Request related data
+ * Implements MOA request and stores StorkAuthn/Attr-Request related data.
  *
  * @author bsuzic
  */
-
 public class MOASTORKRequest implements IRequest, Serializable {
+	
+	/** The Constant serialVersionUID. */
 	private static final long serialVersionUID = 4581953368724501376L;
+	
+	/** The request id. */
 	private String requestID;
+    
+    /** The target. */
     private String target = null;
+    
+    /** The module. */
     String module = null;
+    
+    /** The action. */
     String action = null;
+    
+    /** The stork authn request. */
     private STORKAuthnRequest storkAuthnRequest;
+    
+    /** The stork attr query request. */
     private STORKAttrQueryRequest storkAttrQueryRequest;
-    private boolean isAttrRequest = false;
-    private boolean isAuthnRequest = false;
 
+    /**
+     * Sets the sTORK authn request.
+     *
+     * @param request the new sTORK authn request
+     */
     public void setSTORKAuthnRequest(STORKAuthnRequest request) {
         this.storkAuthnRequest = request;
-        if (request != null) {
-            isAuthnRequest = true;
-        }
     }
 
+    /**
+     * Sets the sTORK attr request.
+     *
+     * @param request the new sTORK attr request
+     */
     public void setSTORKAttrRequest(STORKAttrQueryRequest request) {
         this.storkAttrQueryRequest = request;
-        if (request != null) {
-            isAttrRequest = true;
-        }
     }
 
+    /**
+     * Checks if the container holds an AttrQueryRequest
+     *
+     * @return true, if is attr request
+     */
     public boolean isAttrRequest() {
-        return this.isAttrRequest;
+        return null != storkAttrQueryRequest;
     }
 
+    /**
+     * Checks if the container holds an AuthnRequest
+     *
+     * @return true, if is authn request
+     */
     public boolean isAuthnRequest() {
-        return this.isAuthnRequest;
+        return null != storkAuthnRequest;
     }
 
 
+    /**
+     * Gets the stork authn request.
+     *
+     * @return the stork authn request
+     */
     public STORKAuthnRequest getStorkAuthnRequest() {
         return this.storkAuthnRequest;
     }
 
+    /**
+     * Gets the stork attr query request.
+     *
+     * @return the stork attr query request
+     */
     public STORKAttrQueryRequest getStorkAttrQueryRequest() {
         return this.storkAttrQueryRequest;
     }
 
-    public String getOAURL() {     // TODO CHECK IT
-        if (isAuthnRequest)
+    /* (non-Javadoc)
+     * @see at.gv.egovernment.moa.id.moduls.IRequest#getOAURL()
+     */
+    public String getOAURL() {
+        if (isAuthnRequest())
             return storkAuthnRequest.getAssertionConsumerServiceURL();
-        else if (isAttrRequest)
+        else if (isAttrRequest())
             return storkAttrQueryRequest.getAssertionConsumerServiceURL();
         else {
             Logger.error("There is no authentication or attribute request contained in MOASTORKRequest.");
@@ -67,46 +105,81 @@ public class MOASTORKRequest implements IRequest, Serializable {
         }
     }
 
+    /* (non-Javadoc)
+     * @see at.gv.egovernment.moa.id.moduls.IRequest#isPassiv()
+     */
     public boolean isPassiv() {
         return false;
     }
 
+    /* (non-Javadoc)
+     * @see at.gv.egovernment.moa.id.moduls.IRequest#forceAuth()
+     */
     public boolean forceAuth() {
         return false;
     }
 
+    /* (non-Javadoc)
+     * @see at.gv.egovernment.moa.id.moduls.IRequest#isSSOSupported()
+     */
     public boolean isSSOSupported() {
         return false;
     }
 
+    /* (non-Javadoc)
+     * @see at.gv.egovernment.moa.id.moduls.IRequest#requestedModule()
+     */
     public String requestedModule() {
         return this.module;
     }
 
+    /* (non-Javadoc)
+     * @see at.gv.egovernment.moa.id.moduls.IRequest#requestedAction()
+     */
     public String requestedAction() {
         return action;
     }
 
+    /* (non-Javadoc)
+     * @see at.gv.egovernment.moa.id.moduls.IRequest#setModule(java.lang.String)
+     */
     public void setModule(String module) {
         this.module = module;
     }
 
+    /* (non-Javadoc)
+     * @see at.gv.egovernment.moa.id.moduls.IRequest#setAction(java.lang.String)
+     */
     public void setAction(String action) {
         this.action = action;
     }
 
+    /* (non-Javadoc)
+     * @see at.gv.egovernment.moa.id.moduls.IRequest#getTarget()
+     */
     public String getTarget() {
         return this.target;
     }
 
+    /* (non-Javadoc)
+     * @see at.gv.egovernment.moa.id.moduls.IRequest#setRequestID(java.lang.String)
+     */
     public void setRequestID(String id) {
         this.requestID = id;
     }
 
+    /* (non-Javadoc)
+     * @see at.gv.egovernment.moa.id.moduls.IRequest#getRequestID()
+     */
     public String getRequestID() {
         return this.requestID;
     }
     
+    /**
+     * Gets the personal attribute list.
+     *
+     * @return the personal attribute list
+     */
     public IPersonalAttributeList getPersonalAttributeList() {
     	if(isAttrRequest())
     		return this.storkAttrQueryRequest.getPersonalAttributeList();
@@ -114,6 +187,11 @@ public class MOASTORKRequest implements IRequest, Serializable {
     		return this.storkAuthnRequest.getPersonalAttributeList();
     }
 
+	/**
+	 * Gets the sp country.
+	 *
+	 * @return the sp country
+	 */
 	public String getSpCountry() {
     	if(isAttrRequest())
     		return this.storkAttrQueryRequest.getSpCountry();
@@ -121,6 +199,11 @@ public class MOASTORKRequest implements IRequest, Serializable {
     		return this.storkAuthnRequest.getSpCountry();
 	}
 
+	/**
+	 * Gets the assertion consumer service url.
+	 *
+	 * @return the assertion consumer service url
+	 */
 	public String getAssertionConsumerServiceURL() {
     	if(isAttrRequest())
     		return this.storkAttrQueryRequest.getAssertionConsumerServiceURL();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java
index 36f5a80b4..4e0f57779 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java
@@ -8,68 +8,110 @@ import eu.stork.peps.auth.commons.STORKAttrQueryResponse;
 import eu.stork.peps.auth.commons.STORKAuthnResponse;
 
 /**
- * Implements MOA request and stores StorkAuthn/Attr-Request related data
+ * Implements MOA request and stores StorkAuthn/Attr-Request related data.
  *
  * @author bsuzic
  */
-
 public class MOASTORKResponse implements Serializable {
+	
+	/** The Constant serialVersionUID. */
 	private static final long serialVersionUID = -5798803155055518747L;
-	private STORKAuthnResponse storkAuthnRequest;
-    private STORKAttrQueryResponse storkAttrQueryRequest;
-    private boolean isAttrRequest = false;
-    private boolean isAuthnRequest = false;
-
+	
+	/** The stork authn request. */
+	private STORKAuthnResponse storkAuthnResponse;
+    
+    /** The stork attr query request. */
+    private STORKAttrQueryResponse storkAttrQueryResponse;
+    
+    /**
+     * Sets the sTORK authn response.
+     *
+     * @param request the new sTORK authn response
+     */
     public void setSTORKAuthnResponse(STORKAuthnResponse request) {
-        this.storkAuthnRequest = request;
-        if (request != null) {
-            isAuthnRequest = true;
-        }
+        this.storkAuthnResponse = request;
     }
 
+    /**
+     * Sets the sTORK attr response.
+     *
+     * @param request the new sTORK attr response
+     */
     public void setSTORKAttrResponse(STORKAttrQueryResponse request) {
-        this.storkAttrQueryRequest = request;
-        if (request != null) {
-            isAttrRequest = true;
-        }
+        this.storkAttrQueryResponse = request;
     }
 
+    /**
+     * Checks if the container holds an AttrQuery
+     *
+     * @return true, if is attr response
+     */
     public boolean isAttrResponse() {
-        return this.isAttrRequest;
+        return null != storkAttrQueryResponse;
     }
 
+    /**
+     * Checks if the container holds an AuthnRequest
+     *
+     * @return true, if is authn response
+     */
     public boolean isAuthnResponse() {
-        return this.isAuthnRequest;
+        return null != storkAuthnResponse;
     }
 
 
+    /**
+     * Gets the AuthnResponse.
+     *
+     * @return the stork authn response
+     */
     public STORKAuthnResponse getStorkAuthnResponse() {
-        return this.storkAuthnRequest;
+        return this.storkAuthnResponse;
     }
 
+    /**
+     * Gets the AttrQueryResponse.
+     *
+     * @return the stork attr query response
+     */
     public STORKAttrQueryResponse getStorkAttrQueryResponse() {
-        return this.storkAttrQueryRequest;
+        return this.storkAttrQueryResponse;
     }
     
+    /**
+     * Gets the personal attribute list.
+     *
+     * @return the personal attribute list
+     */
     public IPersonalAttributeList getPersonalAttributeList() {
     	if(isAttrResponse())
-    		return this.storkAttrQueryRequest.getPersonalAttributeList();
+    		return this.storkAttrQueryResponse.getPersonalAttributeList();
     	else
-    		return this.storkAuthnRequest.getPersonalAttributeList();
+    		return this.storkAuthnResponse.getPersonalAttributeList();
     }
 
+    /**
+     * Sets the personal attribute list.
+     *
+     * @param populateAttributes the new personal attribute list
+     */
     public void setPersonalAttributeList(PersonalAttributeList populateAttributes) {
     	if(isAttrResponse())
-    		this.storkAttrQueryRequest.setPersonalAttributeList(populateAttributes);
+    		this.storkAttrQueryResponse.setPersonalAttributeList(populateAttributes);
     	else
-    		this.storkAuthnRequest.setPersonalAttributeList(populateAttributes);
+    		this.storkAuthnResponse.setPersonalAttributeList(populateAttributes);
     }
     
+	/**
+	 * Sets the country.
+	 *
+	 * @param spCountry the new country
+	 */
 	public void setCountry(String spCountry) {
     	if(isAttrResponse())
-    		this.storkAttrQueryRequest.setCountry(spCountry);
+    		this.storkAttrQueryResponse.setCountry(spCountry);
     	else
-    		this.storkAuthnRequest.setCountry(spCountry);
+    		this.storkAuthnResponse.setCountry(spCountry);
 	}
 
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
index 2b946b167..73b8e01b9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
@@ -38,6 +38,7 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 	/** The attributes. */
 	private String attributes;
 
+	/** The sp country code. */
 	private String spCountryCode;
 
 	/**
-- 
cgit v1.2.3


From 0adb60a5f345f8914b40b108608358c573b3dffb Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 6 Mar 2014 08:53:26 +0100
Subject: cleanup StorkProtocol base

---
 .../moa/id/protocols/stork2/STORKProtocol.java     | 30 +++-------------------
 1 file changed, 3 insertions(+), 27 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index a361d5f67..496d1044b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -9,12 +9,6 @@ import at.gv.egovernment.moa.logging.Logger;
 import eu.stork.peps.auth.commons.*;
 import eu.stork.peps.auth.engine.STORKSAMLEngine;
 import eu.stork.peps.exceptions.STORKSAMLEngineException;
-import org.opensaml.common.binding.BasicSAMLMessageContext;
-import org.opensaml.ws.transport.http.HTTPInTransport;
-import org.opensaml.ws.transport.http.HTTPOutTransport;
-import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
-import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
-
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.util.HashMap;
@@ -36,16 +30,10 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
     private static HashMap<String, IAction> actions = new HashMap<String, IAction>();
 
     static {
-
         actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest());
         actions.put(ATTRIBUTE_COLLECTOR, new AttributeCollector());
-
-        instance = new STORKProtocol();
     }
 
-    private static STORKProtocol instance = null;
-
-
     public String getName() {
         return NAME;
     }
@@ -77,12 +65,6 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
 		if (AttributeCollector.class.getSimpleName().equals(action))
 			return STORK2Request;
 
-        HTTPInTransport profileReq = new HttpServletRequestAdapter(request);
-        HTTPOutTransport profileResp = new HttpServletResponseAdapter(response, request.isSecure());
-
-        BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext();
-        samlMessageContext.setInboundMessageTransport(profileReq);
-
         //extract STORK Response from HTTP Request
         byte[] decSamlToken;
         try {
@@ -93,22 +75,21 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         }
 
         //Get SAMLEngine instance
-        STORKSAMLEngine authnEngine = STORKSAMLEngine.getInstance("incoming");
-        STORKSAMLEngine attrEngine = STORKSAMLEngine.getInstance("incoming_attr");
+        STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
 
         STORKAuthnRequest authnRequest = null;
         STORKAttrQueryRequest attrRequest = null;
 
         // check if valid authn request is contained
         try {
-            authnRequest = authnEngine.validateSTORKAuthnRequest(decSamlToken);
+            authnRequest = engine.validateSTORKAuthnRequest(decSamlToken);
         } catch (STORKSAMLEngineException ex) {
             Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage());
         } catch(ClassCastException e) {
         	// we do not have a authnRequest
         	// check if a valid attr request is container
         	try {
-        		attrRequest = attrEngine.validateSTORKAttrQueryRequest(decSamlToken);
+        		attrRequest = engine.validateSTORKAttrQueryRequest(decSamlToken);
         	} catch (STORKSAMLEngineException ex) {
         		Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage());
         	}
@@ -137,11 +118,6 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
     public boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending) {
         return false;
     }
-
-    public void checkPersonalAttributes() {
-
-
-    }
 }
 
 
-- 
cgit v1.2.3


From 00389dee59f886d4389b191d98b1a1db7b5de161 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 6 Mar 2014 08:57:01 +0100
Subject: fixed imports on inbound stork processing

---
 .../moa/id/auth/AuthenticationServer.java          | 34 +---------------------
 .../moa/id/auth/servlet/PEPSConnectorServlet.java  |  6 +---
 2 files changed, 2 insertions(+), 38 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 22c08b3e0..5ad399e2d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -87,7 +87,6 @@ import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils;
 import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants;
 import at.gv.egovernment.moa.id.client.SZRGWClient;
 import at.gv.egovernment.moa.id.client.SZRGWClientException;
-import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute;
 import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
@@ -125,7 +124,7 @@ import at.gv.util.xsd.srzgw.MISType;
 import at.gv.util.xsd.srzgw.MISType.Filters;
 import eu.stork.oasisdss.api.AdditionalProfiles;
 import eu.stork.oasisdss.api.ApiUtils;
-import eu.stork.oasisdss.api.exceptions.ApiUtilsException;
+import eu.stork.oasisdss.api.ApiUtilsException;
 import eu.stork.oasisdss.api.Profiles;
 import eu.stork.oasisdss.api.QualityLevels;
 import eu.stork.oasisdss.api.SignatureTypes;
@@ -138,37 +137,6 @@ import eu.stork.peps.auth.commons.PersonalAttributeList;
 import eu.stork.peps.auth.commons.STORKAuthnRequest;
 import eu.stork.peps.auth.engine.STORKSAMLEngine;
 import eu.stork.peps.exceptions.STORKSAMLEngineException;
-import iaik.asn1.ObjectID;
-import iaik.util.logging.Log;
-import iaik.x509.X509Certificate;
-import iaik.x509.X509ExtensionInitException;
-import org.apache.commons.io.IOUtils;
-import org.apache.commons.lang.StringEscapeUtils;
-import org.apache.velocity.Template;
-import org.apache.velocity.VelocityContext;
-import org.apache.velocity.app.VelocityEngine;
-import org.apache.xpath.XPathAPI;
-import org.opensaml.common.IdentifierGenerator;
-import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
-import org.opensaml.xml.util.Base64;
-import org.opensaml.xml.util.XMLHelper;
-import org.w3c.dom.*;
-import org.xml.sax.SAXException;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-import javax.xml.parsers.ParserConfigurationException;
-import javax.xml.transform.TransformerException;
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.StringWriter;
-import java.math.BigInteger;
-import java.security.NoSuchAlgorithmException;
-import java.security.Principal;
-import java.security.cert.CertificateException;
-import java.util.*;
 
 //import java.security.cert.CertificateFactory;
 //import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateIdentityLinkResponse;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index f98e5c97b..6ed87a744 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -26,10 +26,7 @@ import iaik.x509.X509Certificate;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.StringWriter;
-import java.net.URL;
 import java.util.ArrayList;
-import java.util.List;
-
 import javax.activation.DataSource;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
@@ -68,8 +65,7 @@ import at.gv.util.xsd.xmldsig.SignatureType;
 import at.gv.util.xsd.xmldsig.X509DataType;
 import eu.stork.oasisdss.api.ApiUtils;
 import eu.stork.oasisdss.api.LightweightSourceResolver;
-import eu.stork.oasisdss.api.exceptions.ApiUtilsException;
-import eu.stork.oasisdss.profile.DocumentWithSignature;
+import eu.stork.oasisdss.api.ApiUtilsException;
 import eu.stork.oasisdss.profile.SignResponse;
 import eu.stork.peps.auth.commons.PEPSUtil;
 import eu.stork.peps.auth.commons.PersonalAttribute;
-- 
cgit v1.2.3


From f144311799a2d491bc6c7de88f43665cc8ad2254 Mon Sep 17 00:00:00 2001
From: Andreas Reiter <andreas.reiter@iaik.tugraz.at>
Date: Thu, 6 Mar 2014 11:02:58 +0100
Subject: Updated oasis-dss-api version to 1.0.0-RELEASE

---
 id/server/auth/pom.xml                             |   2 +-
 id/server/idserverlib/pom.xml                      |   2 +-
 .../moa/id/auth/AuthenticationServer.java          |   2 +-
 .../moa/id/auth/servlet/PEPSConnectorServlet.java  |   2 +-
 .../1.0.0-RELEASE/oasis-dss-api-1.0.0-RELEASE.jar  | Bin 0 -> 282669 bytes
 .../1.0.0-RELEASE/oasis-dss-api-1.0.0-RELEASE.pom  |  73 ++++++++++++++++++
 .../oasis-dss-api-1.0.0-SNAPSHOT.jar               | Bin 282629 -> 0 bytes
 .../oasis-dss-api-1.0.0-SNAPSHOT.pom               |  85 ---------------------
 8 files changed, 77 insertions(+), 89 deletions(-)
 create mode 100644 repository/eu/stork/oasis-dss-api/1.0.0-RELEASE/oasis-dss-api-1.0.0-RELEASE.jar
 create mode 100644 repository/eu/stork/oasis-dss-api/1.0.0-RELEASE/oasis-dss-api-1.0.0-RELEASE.pom
 delete mode 100644 repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/oasis-dss-api-1.0.0-SNAPSHOT.jar
 delete mode 100644 repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/oasis-dss-api-1.0.0-SNAPSHOT.pom

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/auth/pom.xml b/id/server/auth/pom.xml
index c17722df0..e1fd9d55a 100644
--- a/id/server/auth/pom.xml
+++ b/id/server/auth/pom.xml
@@ -82,7 +82,7 @@
         <dependency>
             <groupId>eu.stork</groupId>
             <artifactId>oasis-dss-api</artifactId>
-            <version>1.0.0-SNAPSHOT</version>
+            <version>1.0.0-RELEASE</version>
         </dependency>
 
         <!-- transitive dependencies we don't want to include into the war -->
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index 82a42cb8c..59275055f 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -33,7 +33,7 @@
      <dependency>
      	<groupId>eu.stork</groupId>
       <artifactId>oasis-dss-api</artifactId>
-      <version>1.0.0-SNAPSHOT</version>
+      <version>1.0.0-RELEASE</version>
     </dependency>
     
     <dependency>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 5ad399e2d..67a29f81a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -124,7 +124,7 @@ import at.gv.util.xsd.srzgw.MISType;
 import at.gv.util.xsd.srzgw.MISType.Filters;
 import eu.stork.oasisdss.api.AdditionalProfiles;
 import eu.stork.oasisdss.api.ApiUtils;
-import eu.stork.oasisdss.api.ApiUtilsException;
+import eu.stork.oasisdss.api.exceptions.ApiUtilsException;
 import eu.stork.oasisdss.api.Profiles;
 import eu.stork.oasisdss.api.QualityLevels;
 import eu.stork.oasisdss.api.SignatureTypes;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index 6ed87a744..197e4cda7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -65,7 +65,7 @@ import at.gv.util.xsd.xmldsig.SignatureType;
 import at.gv.util.xsd.xmldsig.X509DataType;
 import eu.stork.oasisdss.api.ApiUtils;
 import eu.stork.oasisdss.api.LightweightSourceResolver;
-import eu.stork.oasisdss.api.ApiUtilsException;
+import eu.stork.oasisdss.api.exceptions.ApiUtilsException;
 import eu.stork.oasisdss.profile.SignResponse;
 import eu.stork.peps.auth.commons.PEPSUtil;
 import eu.stork.peps.auth.commons.PersonalAttribute;
diff --git a/repository/eu/stork/oasis-dss-api/1.0.0-RELEASE/oasis-dss-api-1.0.0-RELEASE.jar b/repository/eu/stork/oasis-dss-api/1.0.0-RELEASE/oasis-dss-api-1.0.0-RELEASE.jar
new file mode 100644
index 000000000..2943eac88
Binary files /dev/null and b/repository/eu/stork/oasis-dss-api/1.0.0-RELEASE/oasis-dss-api-1.0.0-RELEASE.jar differ
diff --git a/repository/eu/stork/oasis-dss-api/1.0.0-RELEASE/oasis-dss-api-1.0.0-RELEASE.pom b/repository/eu/stork/oasis-dss-api/1.0.0-RELEASE/oasis-dss-api-1.0.0-RELEASE.pom
new file mode 100644
index 000000000..7dab86ee0
--- /dev/null
+++ b/repository/eu/stork/oasis-dss-api/1.0.0-RELEASE/oasis-dss-api-1.0.0-RELEASE.pom
@@ -0,0 +1,73 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<artifactId>oasis-dss-api</artifactId>
+	<groupId>eu.stork</groupId>
+	<version>1.0.0-RELEASE</version>
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-compiler-plugin</artifactId>
+				<version>2.0.2</version>
+				<configuration>
+					<source>1.6</source>
+					<target>1.6</target>
+					<encoding>${project.build.sourceEncoding}</encoding>
+				</configuration>
+			</plugin>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-resources-plugin</artifactId>
+				<version>2.4</version>
+				<configuration>
+					<encoding>${project.build.sourceEncoding}</encoding>
+				</configuration>
+			</plugin>
+
+		</plugins>
+	</build>
+	<properties>
+		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+	</properties>
+	<dependencies>
+		<dependency>
+			<groupId>log4j</groupId>
+			<artifactId>log4j</artifactId>
+			<version>1.2.17</version>
+		</dependency>
+		<dependency>
+			<groupId>xerces</groupId>
+			<artifactId>xercesImpl</artifactId>
+			<version>2.11.0</version>
+
+			<scope>provided</scope>
+		</dependency>
+		<dependency>
+			<groupId>junit</groupId>
+			<artifactId>junit</artifactId>
+			<version>4.11</version>
+		</dependency>
+		<dependency>
+			<groupId>org.apache.commons</groupId>
+			<artifactId>commons-io</artifactId>
+			<version>1.3.2</version>
+		</dependency>
+<!-- 		<dependency> -->
+<!-- 			<groupId>org.jvnet.jaxb2_commons</groupId> -->
+<!-- 			<artifactId>jaxb2-namespace-prefix</artifactId> -->
+<!-- 			<version>1.1</version> -->
+<!-- 		</dependency> -->
+		<dependency>
+			<groupId>eu.medsea.mimeutil</groupId>
+			<artifactId>mime-util</artifactId>
+			<version>2.1.3</version>
+			<exclusions>
+				<exclusion>
+					<groupId>org.slf4j</groupId>
+					<artifactId>slf4j-log4j12</artifactId>
+				</exclusion>
+			</exclusions>
+		</dependency>
+	</dependencies>
+</project>
\ No newline at end of file
diff --git a/repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/oasis-dss-api-1.0.0-SNAPSHOT.jar b/repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/oasis-dss-api-1.0.0-SNAPSHOT.jar
deleted file mode 100644
index 8414d7851..000000000
Binary files a/repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/oasis-dss-api-1.0.0-SNAPSHOT.jar and /dev/null differ
diff --git a/repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/oasis-dss-api-1.0.0-SNAPSHOT.pom b/repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/oasis-dss-api-1.0.0-SNAPSHOT.pom
deleted file mode 100644
index ef04f07c4..000000000
--- a/repository/eu/stork/oasis-dss-api/1.0.0-SNAPSHOT/oasis-dss-api-1.0.0-SNAPSHOT.pom
+++ /dev/null
@@ -1,85 +0,0 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-	<modelVersion>4.0.0</modelVersion>
-	<artifactId>oasis-dss-api</artifactId>
-	<groupId>eu.stork</groupId>
-	<version>1.0.0-SNAPSHOT</version>
-	<build>
-		<plugins>
-			<plugin>
-				<groupId>org.codehaus.mojo</groupId>
-				<artifactId>jaxb2-maven-plugin</artifactId>
-				<version>1.5</version>
-				<executions>
-					<execution>
-						<id>oasis-dss</id>
-						<goals>
-							<goal>xjc</goal>
-						</goals>
-					</execution>
-				</executions>
-				<configuration>
-					<args>
-						<arg>-npa</arg>
-					</args>
-					<schemaDirectory>${project.basedir}/src/main/resources/schema/oasis-dss</schemaDirectory>
-					<schemaFiles>oasis-dss-core-schema-v1.0-os.xsd</schemaFiles>
-					<packageName>eu.stork.oasisdss.profile</packageName>
-					<extension>true</extension>
-				</configuration>
-			</plugin>
-			<plugin>
-				<groupId>org.apache.maven.plugins</groupId>
-				<artifactId>maven-compiler-plugin</artifactId>
-				<version>2.0.2</version>
-				<configuration>
-					<source>1.6</source>
-					<target>1.6</target>
-					<encoding>${project.build.sourceEncoding}</encoding>
-				</configuration>
-			</plugin>
-			<plugin>
-				<groupId>org.apache.maven.plugins</groupId>
-				<artifactId>maven-resources-plugin</artifactId>
-				<version>2.4</version>
-				<configuration>
-					<encoding>${project.build.sourceEncoding}</encoding>
-				</configuration>
-			</plugin>
-
-		</plugins>
-	</build>
-	<properties>
-		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-	</properties>
-	<dependencies>
-		<dependency>
-			<groupId>log4j</groupId>
-			<artifactId>log4j</artifactId>
-			<version>1.2.17</version>
-		</dependency>
-		<dependency>
-			<groupId>xerces</groupId>
-			<artifactId>xercesImpl</artifactId>
-			<version>2.11.0</version>
-
-			<scope>provided</scope>
-		</dependency>
-		<dependency>
-			<groupId>junit</groupId>
-			<artifactId>junit</artifactId>
-			<version>4.11</version>
-		</dependency>
-		<dependency>
-			<groupId>org.apache.commons</groupId>
-			<artifactId>commons-io</artifactId>
-			<version>1.3.2</version>
-		</dependency>
-		<dependency>
-			<groupId>com.sun.xml.ws</groupId>
-			<artifactId>jaxws-rt</artifactId>
-			<version>2.1.7</version>
-		</dependency>
-
-	</dependencies>
-</project>
\ No newline at end of file
-- 
cgit v1.2.3


From 12052df3f07a1439f4126c34b683eb6e48230086 Mon Sep 17 00:00:00 2001
From: Andreas Reiter <andreas.reiter@iaik.tugraz.at>
Date: Thu, 6 Mar 2014 11:30:30 +0100
Subject: Fix EHvdAttributeProviderPlugin soap request

---
 .../moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java           | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
index 02ae5fd62..b99e0ca4d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
@@ -101,7 +101,8 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 			// SOAP Body
 			SOAPBody requestBody = envelope.getBody();
 			SOAPElement requestBodyElem = requestBody.addChildElement("IsHealthcareProfessional");
-			requestBodyElem.addAttribute(new QName("xmlns"), "http://gesundheit.gv.at/BAGDAD/DataAccessService");
+			requestBodyElem.addAttribute(envelope.createName("xmlns"), "http://gesundheit.gv.at/BAGDAD/DataAccessService");
+
 			SOAPElement requestBodyElem1 = requestBodyElem.addChildElement("bPK");
 			requestBodyElem1.addTextNode(new BPKBuilder().buildBPK(moasession.getIdentityLink().getIdentificationValue(), "GH"));
 
-- 
cgit v1.2.3


From bfbafd2a1fd8dc9e8f36b1cf7ea665e7385b47bf Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 6 Mar 2014 12:56:43 +0100
Subject: Fix NullPointer exception

---
 id/ConfigWebTool/pom.xml                                                | 2 +-
 .../java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java  | 2 +-
 .../java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java    | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/ConfigWebTool/pom.xml b/id/ConfigWebTool/pom.xml
index 9d99fb343..287b0b096 100644
--- a/id/ConfigWebTool/pom.xml
+++ b/id/ConfigWebTool/pom.xml
@@ -45,7 +45,7 @@
       <dependency>
     		<groupId>MOA.id.server</groupId>
     		<artifactId>moa-id-commons</artifactId>
-    		<version>1.9.98-SNAPSHOT</version>
+    		<version>2.0-RC1</version>
     	</dependency>
       <dependency>
     		<groupId>MOA.id.server</groupId>
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java
index 6f1112e2e..37135439e 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java
@@ -69,7 +69,7 @@ public class MailHelper {
 		
 		String template = readTemplateFromURL(templateurl);
 		
-		if (userdb.isIsMandateUser()) {
+		if (userdb.isIsMandateUser() != null && userdb.isIsMandateUser()) {
 			template = template.replace(PATTERN_GIVENNAME, userdb.getInstitut());
 			template = template.replace(PATTERN_FAMILYNAME, "");
 			
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index c9fc07b70..34366b790 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -491,7 +491,7 @@ public class DispatcherServlet extends AuthServlet{
 				}
 
 			} catch (Throwable e) {
-				Logger.info("An authentication error occous: " + e.getMessage());;
+				Logger.warn("An authentication error occous: ", e);;
 				// Try handle module specific, if not possible rethrow
 				if (!info.generateErrorMessage(e, req, resp, protocolRequest)) {
 					throw e;
-- 
cgit v1.2.3


From 2b13590261375b56c272945b159d67986162be77 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 7 Mar 2014 09:44:53 +0100
Subject: PVP 2.1: add Transient and Unspecified NameIDFormat   * only return a
 persistent subjectNameID if it is requested or metadata includes only one
 NameIDFormat with value persistent

---
 .../moa/id/demoOA/servlet/pvp2/Authenticate.java   |   5 +-
 .../moa/id/entrypoints/DispatcherServlet.java      |   8 +-
 .../moa/id/protocols/pvp2x/PVP2XProtocol.java      |  39 +++++-
 .../builder/assertion/PVP2AssertionBuilder.java    | 149 ++++++++++++---------
 .../exceptions/AuthnRequestValidatorException.java |  62 +++++++++
 .../NameIDFormatNotSupportedException.java         |   2 +-
 .../pvp2x/validation/AuthnRequestValidator.java    |  58 ++++++++
 7 files changed, 247 insertions(+), 76 deletions(-)
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/AuthnRequestValidatorException.java
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AuthnRequestValidator.java

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java
index 5bf9c4970..00d82296c 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java
@@ -129,10 +129,11 @@ public class Authenticate extends HttpServlet {
 			authReq.setSubject(subject);
 			issuer.setFormat(NameIDType.ENTITY);
 			authReq.setIssuer(issuer);
+			
 			NameIDPolicy policy = SAML2Utils
 					.createSAMLObject(NameIDPolicy.class);
-			policy.setAllowCreate(true);
-			policy.setFormat(NameID.PERSISTENT);
+			policy.setAllowCreate(true);			
+			policy.setFormat(NameID.PERSISTENT);			
 			authReq.setNameIDPolicy(policy);
 			
 			String entityname = config.getPVP2IDPMetadataEntityName();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index 34366b790..d58b7b267 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -54,6 +54,7 @@ import at.gv.egovernment.moa.id.moduls.ModulStorage;
 import at.gv.egovernment.moa.id.moduls.NoPassivAuthenticationException;
 import at.gv.egovernment.moa.id.moduls.RequestStorage;
 import at.gv.egovernment.moa.id.moduls.SSOManager;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AuthnRequestValidatorException;
 import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
 import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl;
 import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
@@ -320,7 +321,12 @@ public class DispatcherServlet extends AuthServlet{
 						resp.sendError(HttpServletResponse.SC_FORBIDDEN, e.getMessage());
 						return;
 						
-						
+					} catch (AuthnRequestValidatorException e) {
+						//log Error Message
+						StatisticLogger logger = StatisticLogger.getInstance();
+						logger.logErrorOperation(e, e.getErrorRequest());						
+						return;
+											
 					} catch (MOAIDException e) {
 						Logger.error("Failed to generate a valid protocol request!");
 						resp.setContentType("text/html;charset=UTF-8");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index e5158f4bf..804688de5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -40,6 +40,7 @@ import org.opensaml.saml2.core.Response;
 import org.opensaml.saml2.core.Status;
 import org.opensaml.saml2.core.StatusCode;
 import org.opensaml.saml2.core.StatusMessage;
+import org.opensaml.saml2.core.impl.AuthnRequestImpl;
 import org.opensaml.saml2.metadata.AssertionConsumerService;
 import org.opensaml.saml2.metadata.AttributeConsumingService;
 import org.opensaml.saml2.metadata.EntityDescriptor;
@@ -58,11 +59,14 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOARequest;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.PostBinding;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.RedirectBinding;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AuthnRequestValidatorException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.MandateAttributesNotHandleAbleException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NameIDFormatNotSupportedException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMetadataInformationException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception;
 import at.gv.egovernment.moa.id.protocols.pvp2x.utils.CheckMandateAttributes;
 import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
+import at.gv.egovernment.moa.id.protocols.pvp2x.validation.AuthnRequestValidator;
 import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngine;
 import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory;
 import at.gv.egovernment.moa.id.util.VelocityLogAdapter;
@@ -169,7 +173,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 			if(!(samlReq instanceof AuthnRequest)) {
 				throw new MOAIDException("Unsupported request", new Object[] {});
 			}
-			
+						
 			EntityDescriptor metadata = moaRequest.getEntityMetadata();
 			if(metadata == null) {
 				throw new NoMetadataInformationException();
@@ -203,7 +207,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 					spSSODescriptor.getAttributeConsumingServices().size() > 0) {
 				attributeConsumer  = spSSODescriptor.getAttributeConsumingServices().get(attributeIdx);
 			} 
-			
+						
 			String oaURL = moaRequest.getEntityMetadata().getEntityID();
 			String binding = consumerService.getBinding();
 //			String entityID = moaRequest.getEntityMetadata().getEntityID();
@@ -225,11 +229,30 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 					}
 				}
 			}
-			
-			request.getSession().setAttribute(PARAM_OA, oaURL);
 
+			//validate AuthnRequest
+			try {
+				AuthnRequestValidator.validate((AuthnRequestImpl) samlReq);
+				
+			} catch (AuthnRequestValidatorException e) {
+				if (generateErrorMessage(e, request, response, config)) {
+					throw new AuthnRequestValidatorException(e.getMessage(), 
+							new Object[] {}, config);
+					
+				} else {
+					throw new MOAIDException(e.getMessage(), new Object[] {});
+	
+				}			
+			}
+
+			request.getSession().setAttribute(PARAM_OA, oaURL);
+			
 			return config;
-		} catch (Exception e) {
+
+		} catch (PVP2Exception e) {
+			throw e;
+			
+		} catch (Throwable e) {
 			e.printStackTrace();
 			throw new MOAIDException(e.getMessage(), new Object[] {});
 		}
@@ -256,6 +279,11 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 		if(e instanceof NoPassivAuthenticationException) {
 			statusCode.setValue(StatusCode.NO_PASSIVE_URI);
 			statusMessage.setMessage(e.getLocalizedMessage());	
+			
+		} else if (e instanceof NameIDFormatNotSupportedException) {
+			statusCode.setValue(StatusCode.INVALID_NAMEID_POLICY_URI);
+			statusMessage.setMessage(e.getLocalizedMessage());
+			
 		} else if(e instanceof PVP2Exception) {
 			PVP2Exception ex = (PVP2Exception) e;
 			statusCode.setValue(ex.getStatusCodeValue());
@@ -263,6 +291,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 			if(statusMessageValue != null) {
 				statusMessage.setMessage(statusMessageValue);
 			}
+			
 		} else {
 			statusCode.setValue(StatusCode.RESPONDER_URI);
 			statusMessage.setMessage(e.getLocalizedMessage());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
index bc90da8df..e834797b1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
@@ -22,6 +22,7 @@
  *******************************************************************************/
 package at.gv.egovernment.moa.id.protocols.pvp2x.builder.assertion;
 
+import java.security.MessageDigest;
 import java.util.Iterator;
 import java.util.List;
 
@@ -43,6 +44,7 @@ import org.opensaml.saml2.core.RequestedAuthnContext;
 import org.opensaml.saml2.core.Subject;
 import org.opensaml.saml2.core.SubjectConfirmation;
 import org.opensaml.saml2.core.SubjectConfirmationData;
+import org.opensaml.saml2.core.impl.AuthnRequestImpl;
 import org.opensaml.saml2.metadata.AssertionConsumerService;
 import org.opensaml.saml2.metadata.AttributeConsumingService;
 import org.opensaml.saml2.metadata.EntityDescriptor;
@@ -75,7 +77,9 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.UnprovideableAttribut
 import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
 import at.gv.egovernment.moa.id.util.MandateBuilder;
 import at.gv.egovernment.moa.id.util.QAALevelVerifier;
+import at.gv.egovernment.moa.id.util.Random;
 import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.Base64Utils;
 import at.gv.egovernment.moa.util.Constants;
 
 public class PVP2AssertionBuilder implements PVPConstants {
@@ -95,54 +99,55 @@ public class PVP2AssertionBuilder implements PVPConstants {
 						peerEntity.getEntityID());
 		
 		if (reqAuthnContext == null) {
-			 authnContextClassRef.setAuthnContextClassRef(STORK_QAA_1_4);
+			 authnContextClassRef.setAuthnContextClassRef(authSession.getQAALevel());
 			
-		}
+		} else {
 
-		boolean stork_qaa_1_4_found = false;
+			boolean stork_qaa_1_4_found = false;
 	
-		 List<AuthnContextClassRef> reqAuthnContextClassRefIt = reqAuthnContext
-				.getAuthnContextClassRefs();
+			List<AuthnContextClassRef> reqAuthnContextClassRefIt = reqAuthnContext
+					.getAuthnContextClassRefs();
 		
-		 if (reqAuthnContextClassRefIt.size() == 0) {
+			if (reqAuthnContextClassRefIt.size() == 0) {
 			 
-			 QAALevelVerifier.verifyQAALevel(authSession.getQAALevel(), 
-					 STORK_QAA_1_4);
+				QAALevelVerifier.verifyQAALevel(authSession.getQAALevel(), 
+						STORK_QAA_1_4);
 			
-			 stork_qaa_1_4_found = true;
-			 authnContextClassRef.setAuthnContextClassRef(STORK_QAA_1_4);
+				stork_qaa_1_4_found = true;
+				authnContextClassRef.setAuthnContextClassRef(STORK_QAA_1_4);
 			 
-		 } else {
-			 for (AuthnContextClassRef authnClassRef : reqAuthnContextClassRefIt) {
-				 String qaa_uri = authnClassRef.getAuthnContextClassRef();
-				 if (qaa_uri.trim().equals(STORK_QAA_1_4)
-						 || qaa_uri.trim().equals(STORK_QAA_1_3)
-						 || qaa_uri.trim().equals(STORK_QAA_1_2)
-						 || qaa_uri.trim().equals(STORK_QAA_1_1)) {
+			} else {
+				for (AuthnContextClassRef authnClassRef : reqAuthnContextClassRefIt) {
+					String qaa_uri = authnClassRef.getAuthnContextClassRef();
+					if (qaa_uri.trim().equals(STORK_QAA_1_4)
+							|| qaa_uri.trim().equals(STORK_QAA_1_3)
+							|| qaa_uri.trim().equals(STORK_QAA_1_2)
+							|| qaa_uri.trim().equals(STORK_QAA_1_1)) {
 					
-					 if (authSession.isForeigner()) {
-						 QAALevelVerifier.verifyQAALevel(authSession.getQAALevel(), 
-								 STORK_QAA_PREFIX + oaParam.getQaaLevel());
-						 
-						 stork_qaa_1_4_found = true;
-						 authnContextClassRef.setAuthnContextClassRef(authSession.getQAALevel());
-						 
-					 } else {
-						 
-						 QAALevelVerifier.verifyQAALevel(authSession.getQAALevel(), 
-								 qaa_uri.trim());
-						 
-						 stork_qaa_1_4_found = true;
-						 authnContextClassRef.setAuthnContextClassRef(authSession.getQAALevel());
-						 							 
+						 if (authSession.isForeigner()) {
+							 QAALevelVerifier.verifyQAALevel(authSession.getQAALevel(), 
+									 STORK_QAA_PREFIX + oaParam.getQaaLevel());
+							 
+							 stork_qaa_1_4_found = true;
+							 authnContextClassRef.setAuthnContextClassRef(authSession.getQAALevel());
+							 
+						 } else {
+							 
+							 QAALevelVerifier.verifyQAALevel(authSession.getQAALevel(), 
+									 qaa_uri.trim());
+							 
+							 stork_qaa_1_4_found = true;
+							 authnContextClassRef.setAuthnContextClassRef(authSession.getQAALevel());
+							 							 
+						 }
+						 break;
 					 }
-					 break;
 				 }
 			 }
-		 }
-
-		if (!stork_qaa_1_4_found) {
-			throw new QAANotSupportedException(STORK_QAA_1_4);
+	
+			if (!stork_qaa_1_4_found) {
+				throw new QAANotSupportedException(STORK_QAA_1_4);
+			}
 		}
 
 //		reqAuthnContextClassRefIt = reqAuthnContext.getAuthnContextClassRefs()
@@ -196,33 +201,6 @@ public class PVP2AssertionBuilder implements PVPConstants {
 				.createSAMLObject(AttributeStatement.class);
 
 		Subject subject = SAML2Utils.createSAMLObject(Subject.class);
-		NameID subjectNameID = SAML2Utils.createSAMLObject(NameID.class);
-		boolean foundFormat = false;
-
-		// TL: AuthData generation is moved to Assertion generation.
-
-		Iterator<NameIDFormat> formatIt = spSSODescriptor.getNameIDFormats()
-				.iterator();
-		while (formatIt.hasNext()) {
-			if (formatIt.next().getFormat().equals(NameID.PERSISTENT)) {
-				foundFormat = true;
-				break;
-			}
-		}
-		if (!foundFormat) {
-			// TODO use correct exception
-			throw new NameIDFormatNotSupportedException("");
-		}
-
-		// TODO: Check if we need to hide source pin
-		/*
-		 * if(authSession.getUseMandate()) { Element mandate =
-		 * authSession.getMandate(); if(authSession.getBusinessService()) { //
-		 * Hide Source PIN! ParepUtils.HideStammZahlen(mandate, true, null,
-		 * authSession.getDomainIdentifier(), true); } else {
-		 * ParepUtils.HideStammZahlen(mandate, false, authSession.getTarget(),
-		 * null, true); } }
-		 */
 
 		AuthenticationData authData = AuthenticationServer
 				.buildAuthenticationData(authSession, oaParam,
@@ -263,9 +241,9 @@ public class PVP2AssertionBuilder implements PVPConstants {
 		if (attributeStatement.getAttributes().size() > 0) {
 			assertion.getAttributeStatements().add(attributeStatement);
 		}
-
-		subjectNameID.setFormat(NameID.PERSISTENT);
 		
+		NameID subjectNameID = SAML2Utils.createSAMLObject(NameID.class);
+
 		//TLenz: set correct bPK Type and Value from AuthData
 		if (authSession.getUseMandate()) {
 			Element mandate = authSession.getMandate();
@@ -295,6 +273,7 @@ public class PVP2AssertionBuilder implements PVPConstants {
 			String bpktype = id.getType();
 			String bpk = id.getValue().getValue();
 			
+			
 			if (bpktype.equals(Constants.URN_PREFIX_BASEID)) {
 				if (authSession.getBusinessService()) {						    
 					subjectNameID.setValue(new BPKBuilder().buildWBPK(bpk, oaParam.getIdentityLinkDomainIdentifier()));
@@ -322,7 +301,43 @@ public class PVP2AssertionBuilder implements PVPConstants {
 			subjectNameID.setValue(authData.getBPK());
 		}
 		
-
+		String nameIDFormat = NameID.TRANSIENT;
+		
+		//get NameIDFormat from request		
+		AuthnRequest authnReq = (AuthnRequestImpl) authnRequest;
+		if (authnReq.getNameIDPolicy() != null) {
+			nameIDFormat = authnReq.getNameIDPolicy().getFormat();
+			
+		} else {
+			//get NameIDFormat from metadata
+			List<NameIDFormat> metadataNameIDFormats = spSSODescriptor.getNameIDFormats();
+			
+			if (metadataNameIDFormats != null) {
+				if (metadataNameIDFormats.size() == 1)
+					nameIDFormat = metadataNameIDFormats.get(0).getFormat();
+				
+			}
+		}
+	
+		if (NameID.TRANSIENT.equals(nameIDFormat) || NameID.UNSPECIFIED.equals(nameIDFormat)) {
+			String random = Random.nextRandom();
+			String nameID = subjectNameID.getValue();
+			
+			try {
+				MessageDigest md = MessageDigest.getInstance("SHA-1");
+				byte[] hash = md.digest((nameID + random).getBytes("ISO-8859-1"));			
+				subjectNameID.setValue(Base64Utils.encode(hash));
+				subjectNameID.setFormat(NameID.TRANSIENT);
+				
+			} catch (Exception e) {
+				Logger.warn("PVP2 subjectNameID error", e);
+				throw new MOAIDException("pvp2.13", null, e);
+			}
+			
+		} else 
+			subjectNameID.setFormat(nameIDFormat);			
+		
+		
 		subject.setNameID(subjectNameID);
 
 		SubjectConfirmation subjectConfirmation = SAML2Utils
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/AuthnRequestValidatorException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/AuthnRequestValidatorException.java
new file mode 100644
index 000000000..7ed438471
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/AuthnRequestValidatorException.java
@@ -0,0 +1,62 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.protocols.pvp2x.exceptions;
+
+import at.gv.egovernment.moa.id.moduls.IRequest;
+
+/**
+ * @author tlenz
+ *
+ */
+public class AuthnRequestValidatorException extends PVP2Exception {
+
+	private IRequest errorRequest = null;
+	
+	/**
+	 * 
+	 */
+	private static final long serialVersionUID = 4939651000658508576L;
+
+	/**
+	 * @param messageId
+	 * @param parameters
+	 */
+	public AuthnRequestValidatorException(String messageId, Object[] parameters) {
+		super(messageId, parameters);
+		
+	}
+	
+	public AuthnRequestValidatorException(String messageId, Object[] parameters, IRequest errorRequest) {
+		super(messageId, parameters);
+		this.errorRequest = errorRequest;
+		
+	}
+
+	/**
+	 * @return the errorRequest
+	 */
+	public IRequest getErrorRequest() {
+		return errorRequest;
+	}
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/NameIDFormatNotSupportedException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/NameIDFormatNotSupportedException.java
index 5a393062f..b5facde34 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/NameIDFormatNotSupportedException.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/NameIDFormatNotSupportedException.java
@@ -22,7 +22,7 @@
  *******************************************************************************/
 package at.gv.egovernment.moa.id.protocols.pvp2x.exceptions;
 
-public class NameIDFormatNotSupportedException extends PVP2Exception {
+public class NameIDFormatNotSupportedException extends AuthnRequestValidatorException {
 
 	public NameIDFormatNotSupportedException(String nameIDFormat) {
 		super("pvp2.12", new Object[] {nameIDFormat});
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AuthnRequestValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AuthnRequestValidator.java
new file mode 100644
index 000000000..ab8fab5d1
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AuthnRequestValidator.java
@@ -0,0 +1,58 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.protocols.pvp2x.validation;
+
+import org.opensaml.saml2.core.AuthnRequest;
+import org.opensaml.saml2.core.NameID;
+import org.opensaml.saml2.core.NameIDPolicy;
+
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AuthnRequestValidatorException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NameIDFormatNotSupportedException;
+
+/**
+ * @author tlenz
+ *
+ */
+public class AuthnRequestValidator {
+
+	public static void validate(AuthnRequest req) throws AuthnRequestValidatorException{
+
+		//validate NameIDPolicy
+		NameIDPolicy nameIDPolicy = req.getNameIDPolicy();
+		if (nameIDPolicy != null) {
+			String nameIDFormat = nameIDPolicy.getFormat();
+			
+			if ( !(nameIDFormat != null &&
+					(NameID.TRANSIENT.equals(nameIDFormat) ||
+							NameID.PERSISTENT.equals(nameIDFormat) ||
+							NameID.UNSPECIFIED.equals(nameIDFormat))) ) {
+			
+				throw new NameIDFormatNotSupportedException(nameIDFormat);
+				
+			}
+		}
+		
+		
+		
+	}
+}
-- 
cgit v1.2.3


From dc242cc927974270476c9c836ea7fe07c0a2a43e Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 7 Mar 2014 10:22:41 +0100
Subject: set no NameQualifier in element subjectNameID if transient
 NameIDFormat is used

---
 .../moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java   | 1 +
 1 file changed, 1 insertion(+)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
index e834797b1..1454ee297 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
@@ -327,6 +327,7 @@ public class PVP2AssertionBuilder implements PVPConstants {
 				MessageDigest md = MessageDigest.getInstance("SHA-1");
 				byte[] hash = md.digest((nameID + random).getBytes("ISO-8859-1"));			
 				subjectNameID.setValue(Base64Utils.encode(hash));
+				subjectNameID.setNameQualifier(null);
 				subjectNameID.setFormat(NameID.TRANSIENT);
 				
 			} catch (Exception e) {
-- 
cgit v1.2.3


From fc15ed904e615e7768c4081940482c5377a6d6a3 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 7 Mar 2014 10:56:53 +0100
Subject: use first NameIDFormat from metadata

---
 .../pvp2x/builder/assertion/PVP2AssertionBuilder.java      | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
index 1454ee297..7f5e2420e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
@@ -53,6 +53,8 @@ import org.opensaml.saml2.metadata.RequestedAttribute;
 import org.opensaml.saml2.metadata.SPSSODescriptor;
 import org.w3c.dom.Element;
 
+import edu.emory.mathcs.backport.java.util.Arrays;
+
 import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate;
 import at.gv.e_government.reference.namespace.persondata._20020228_.CorporateBodyType;
 import at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType;
@@ -313,9 +315,17 @@ public class PVP2AssertionBuilder implements PVPConstants {
 			List<NameIDFormat> metadataNameIDFormats = spSSODescriptor.getNameIDFormats();
 			
 			if (metadataNameIDFormats != null) {
-				if (metadataNameIDFormats.size() == 1)
-					nameIDFormat = metadataNameIDFormats.get(0).getFormat();
 				
+				for (NameIDFormat el : metadataNameIDFormats) {
+					if (NameID.PERSISTENT.equals(el.getFormat())) {
+						nameIDFormat = NameID.PERSISTENT;
+						break;
+						
+					} else if (NameID.TRANSIENT.equals(el.getFormat()) ||
+							NameID.UNSPECIFIED.equals(el.getFormat()))
+						break;
+										
+				}				
 			}
 		}
 	
-- 
cgit v1.2.3


From 8d0c3d8aa27084b4c1e195cf06601d0d920d176f Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 7 Mar 2014 11:45:58 +0100
Subject: if an error occurs remove MOASession

---
 .../gv/egovernment/moa/id/entrypoints/DispatcherServlet.java |  4 ++++
 .../gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java | 12 +++++++-----
 .../pvp2x/builder/assertion/PVP2AssertionBuilder.java        |  2 +-
 .../protocols/pvp2x/requestHandler/AuthnRequestHandler.java  |  7 ++++++-
 4 files changed, 18 insertions(+), 7 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index d58b7b267..31c6f43c5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -157,6 +157,10 @@ public class DispatcherServlet extends AuthServlet{
 										StatisticLogger logger = StatisticLogger.getInstance();
 										logger.logErrorOperation(throwable, errorRequest);
 										
+										//remove MOASession
+										AuthenticationSession moaSession = AuthenticationSessionStoreage.getSessionWithPendingRequestID(pendingRequestID);
+										AuthenticationManager.getInstance().logout(req, resp, moaSession.getSessionID());
+										
 										return;
 									}
 								}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index 804688de5..1d85f29bf 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -278,23 +278,23 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 		StatusMessage statusMessage = SAML2Utils.createSAMLObject(StatusMessage.class);
 		if(e instanceof NoPassivAuthenticationException) {
 			statusCode.setValue(StatusCode.NO_PASSIVE_URI);
-			statusMessage.setMessage(e.getLocalizedMessage());	
+			statusMessage.setMessage(StringEscapeUtils.escapeXml(e.getLocalizedMessage()));	
 			
 		} else if (e instanceof NameIDFormatNotSupportedException) {
 			statusCode.setValue(StatusCode.INVALID_NAMEID_POLICY_URI);
-			statusMessage.setMessage(e.getLocalizedMessage());
+			statusMessage.setMessage(StringEscapeUtils.escapeXml(e.getLocalizedMessage()));
 			
 		} else if(e instanceof PVP2Exception) {
 			PVP2Exception ex = (PVP2Exception) e;
 			statusCode.setValue(ex.getStatusCodeValue());
 			String statusMessageValue = ex.getStatusMessageValue();
 			if(statusMessageValue != null) {
-				statusMessage.setMessage(statusMessageValue);
+				statusMessage.setMessage(StringEscapeUtils.escapeXml(statusMessageValue));
 			}
 			
 		} else {
 			statusCode.setValue(StatusCode.RESPONDER_URI);
-			statusMessage.setMessage(e.getLocalizedMessage());
+			statusMessage.setMessage(StringEscapeUtils.escapeXml(e.getLocalizedMessage()));
 		}
 		
 		status.setStatusCode(statusCode);
@@ -302,7 +302,9 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 			status.setStatusMessage(statusMessage);
 		}
 		samlResponse.setStatus(status);
-		
+		String remoteSessionID = SAML2Utils.getSecureIdentifier();
+		samlResponse.setID(remoteSessionID);
+				
 		IEncoder encoder = null;
 		
 		if(pvpRequest.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
index 7f5e2420e..51f3cf4a7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
@@ -324,7 +324,7 @@ public class PVP2AssertionBuilder implements PVPConstants {
 					} else if (NameID.TRANSIENT.equals(el.getFormat()) ||
 							NameID.UNSPECIFIED.equals(el.getFormat()))
 						break;
-										
+					
 				}				
 			}
 		}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
index 229158778..4d143058b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
@@ -102,6 +102,10 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
 		authResponse.setIssuer(nissuer);
 		authResponse.setInResponseTo(authnRequest.getID());
 
+		//set responseID
+		String remoteSessionID = SAML2Utils.getSecureIdentifier();
+		authResponse.setID(remoteSessionID);
+		
 		
 		//SAML2 response required IssueInstant
 		authResponse.setIssueInstant(date);
@@ -150,7 +154,8 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
 			
 		}
 	
-		if (encryptionCredentials != null) {
+		//TODO: insert!!!!!!
+		if (encryptionCredentials != null && false) {
 			//encrypt SAML2 assertion
 				
 			try {
-- 
cgit v1.2.3


From 56ce62018a9f29f54991d7ea26c74da86305ee0a Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 7 Mar 2014 15:25:00 +0100
Subject: first test for authentication which requires no browser session
 (req.getSession())

---
 .../moa/id/auth/AuthenticationServer.java          |  10 +-
 .../moa/id/auth/servlet/LogOutServlet.java         |   3 +-
 .../moa/id/auth/servlet/PEPSConnectorServlet.java  |   9 +-
 .../id/auth/servlet/VerifyIdentityLinkServlet.java |   3 +-
 .../moa/id/entrypoints/DispatcherServlet.java      | 118 +++++----------------
 .../moa/id/moduls/AuthenticationManager.java       |   2 +-
 .../egovernment/moa/id/moduls/RequestStorage.java  |  81 ++++++--------
 .../moa/id/protocols/pvp2x/PVP2XProtocol.java      |   2 +-
 .../moa/id/protocols/saml1/SAML1Protocol.java      |   4 +-
 9 files changed, 82 insertions(+), 150 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 9ac9986c8..fd47c5f53 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -1886,7 +1886,9 @@ public class AuthenticationServer implements MOAIDAuthConstants {
     	String providerName= oaParam.getFriendlyName();
     	Logger.debug("Issuer value: " + issuerValue);
     	
-    	String acsURL = issuerValue + PEPSConnectorServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN;
+//    	String acsURL = issuerValue + PEPSConnectorServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN
+    	String acsURL = new DataURLBuilder().buildDataURL(issuerValue, 
+    			PEPSConnectorServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN, moasession.getSessionID());    			
     	Logger.debug("MOA Assertion Consumer URL (PEPSConnctor): " + acsURL);
 
     	// prepare collection of required attributes
@@ -1979,8 +1981,8 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 		
 		//send
 		moasession.setStorkAuthnRequest(authnRequest);
-		HttpSession httpSession = req.getSession();
-		httpSession.setAttribute("MOA-Session-ID", moasession.getSessionID());
+//		HttpSession httpSession = req.getSession();
+//		httpSession.setAttribute("MOA-Session-ID", moasession.getSessionID());
 
 
 		Logger.info("Preparing to send STORK AuthnRequest.");
@@ -2002,7 +2004,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 			resp.getOutputStream().write(writer.toString().getBytes());
 		} catch (Exception e) {
 			Logger.error("Error sending STORK SAML AuthnRequest.", e);
-			httpSession.invalidate();
+			//httpSession.invalidate();
 			throw new MOAIDException("stork.02", new Object[] { destination });
 		}
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
index f3495966a..12cf54e16 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
@@ -88,8 +88,7 @@ public class LogOutServlet extends AuthServlet {
 			AuthenticationManager authmanager = AuthenticationManager.getInstance();
 			String moasessionid = AuthenticationSessionStoreage.getMOASessionID(ssoid);
 	
-			RequestStorage.removePendingRequest(RequestStorage.getPendingRequest(req.getSession()), 
-					AuthenticationSessionStoreage.getPendingRequestID(moasessionid));
+			RequestStorage.removePendingRequest(AuthenticationSessionStoreage.getPendingRequestID(moasessionid));
 			
 			authmanager.logout(req, resp, moasessionid);
 			Logger.info("User with SSO Id " + ssoid + " is logged out and get redirect to "+ redirectUrl);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index c6cd5cd86..7c96c2194 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -40,6 +40,7 @@ import javax.xml.bind.JAXBElement;
 import javax.xml.transform.stream.StreamSource;
 
 import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang.StringEscapeUtils;
 import org.apache.velocity.Template;
 import org.apache.velocity.VelocityContext;
 import org.apache.velocity.app.VelocityEngine;
@@ -112,8 +113,10 @@ public class PEPSConnectorServlet extends AuthServlet {
 			super.checkIfHTTPisAllowed(request.getRequestURL().toString());
 			
 			Logger.debug("Trying to find MOA Session-ID");			
-			HttpSession httpSession = request.getSession();
-			String moaSessionID = (String) httpSession.getAttribute("MOA-Session-ID");
+		    String moaSessionID = request.getParameter(PARAM_SESSIONID);
+	           
+		    // escape parameter strings
+		    moaSessionID= StringEscapeUtils.escapeHtml(moaSessionID);
 			
 			if (StringUtils.isEmpty(moaSessionID)) {
 				//No authentication session has been started before
@@ -308,7 +311,7 @@ public class PEPSConnectorServlet extends AuthServlet {
 						response.getOutputStream().write(writer.toString().getBytes());
 					} catch (Exception e1) {
 						Logger.error("Error sending gender retrival form.", e1);
-						httpSession.invalidate();
+//						httpSession.invalidate();
 						throw new MOAIDException("stork.10", null);
 					}
 					
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
index 7c2a032a1..72b479112 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
@@ -147,8 +147,7 @@ public class VerifyIdentityLinkServlet extends AuthServlet {
       throw new IOException(e.getMessage());
     }
     String sessionID = req.getParameter(PARAM_SESSIONID);
-       
-
+           
     // escape parameter strings
 	sessionID = StringEscapeUtils.escapeHtml(sessionID);
     
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index 31c6f43c5..487e86b34 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -109,41 +109,24 @@ public class DispatcherServlet extends AuthServlet{
 				
 				Object idObject = req.getParameter(PARAM_TARGET_PENDINGREQUESTID);
 
-				Map<String, IRequest> errorRequests = RequestStorage.getPendingRequest(req.getSession());
+				//Map<String, IRequest> errorRequests = RequestStorage.getPendingRequest(req.getSession());
 				
 				String pendingRequestID = null;
 				if (idObject != null && (idObject instanceof String)) {
-					if (errorRequests.containsKey((String)idObject))
-						pendingRequestID = (String) idObject; 
+					pendingRequestID = (String) idObject; 
 				}
 				
 				if (throwable != null) {					
-					if (errorRequests != null) {
-		
-						synchronized (errorRequests) {
 													
 						IRequest errorRequest = null;
 						if (pendingRequestID != null) {
-							errorRequest = errorRequests.get(pendingRequestID);
+							errorRequest = RequestStorage.getPendingRequest(pendingRequestID);
 						
-							//remove the 
-							RequestStorage.removePendingRequest(errorRequests, pendingRequestID);
-						}
-						else {
-							if (errorRequests.size() > 1) {
-								handleErrorNoRedirect(throwable.getMessage(), throwable,
-										req, resp);
-								
-							} else {
-								Set<String> keys = errorRequests.keySet();
-								errorRequest = errorRequests.get(keys.toArray()[0]);
-								RequestStorage.removeAllPendingRequests(req.getSession());
-							}
-							
 						}
 						
 						if (errorRequest != null) {
-						
+							RequestStorage.removePendingRequest(pendingRequestID);
+							
 							try {
 								IModulInfo handlingModule = ModulStorage
 										.getModuleByPath(errorRequest
@@ -177,16 +160,9 @@ public class DispatcherServlet extends AuthServlet{
 					}
 					handleErrorNoRedirect(throwable.getMessage(), throwable,
 							req, resp);
-
-				} else {
-					// TODO: use better string
-					handleErrorNoRedirect("UNKOWN ERROR DETECTED!", null, req,
-							resp);
-				}
 					
 				return;
 			}
-			}
 
 			Object moduleObject = req.getParameter(PARAM_TARGET_MODULE);
 			String module = null;
@@ -247,32 +223,24 @@ public class DispatcherServlet extends AuthServlet{
 				}
 			}
 
-			HttpSession httpSession = req.getSession();
-			Map<String, IRequest> protocolRequests = null;
+			//HttpSession httpSession = req.getSession();
+			//Map<String, IRequest> protocolRequests = null;
 			IRequest protocolRequest = null;
 			
 			try {
-				protocolRequests = RequestStorage.getPendingRequest(httpSession);
-
 				Object idObject = req.getParameter(PARAM_TARGET_PENDINGREQUESTID);
 	
-				if (protocolRequests != null && 
-					idObject != null && (idObject instanceof String)) {
+				if (idObject != null && (idObject instanceof String)) {
 								
 					protocolRequestID = (String) idObject;
-				
+					protocolRequest = RequestStorage.getPendingRequest(protocolRequestID);
+					
 					//get IRequest if it exits
-					if (protocolRequests.containsKey(protocolRequestID)) {
-						protocolRequest = protocolRequests.get(protocolRequestID);
+					if (protocolRequest != null) {
 						Logger.debug(DispatcherServlet.class.getName()+": Found PendingRequest with ID " + protocolRequestID);
 						
 					} else {
-						Logger.error("No PendingRequest with ID " + protocolRequestID + " found.!");
-
-						Set<String> mapkeys = protocolRequests.keySet();
-						for (String el : mapkeys)
-							Logger.debug("PendingRequest| ID=" + el + "  OAIdentifier=" + protocolRequests.get(el));
-					
+						Logger.error("No PendingRequest with ID " + protocolRequestID + " found.!");		
 						handleErrorNoRedirect("Während des Anmeldevorgangs ist ein Fehler aufgetreten. Bitte versuchen Sie es noch einmal.",
 								null, req, resp);							
 						return;
@@ -282,43 +250,25 @@ public class DispatcherServlet extends AuthServlet{
 						protocolRequest = info.preProcess(req, resp, action);
 						
 						if (protocolRequest != null) {
+								
+							//Start new Authentication
+							protocolRequest.setAction(action);
+							protocolRequest.setModule(module);
+							protocolRequestID = Random.nextRandom();
+							protocolRequest.setRequestID(protocolRequestID);
 							
-							if(protocolRequests != null) {
+							RequestStorage.setPendingRequest(protocolRequest);
 							
-								Set<String> mapkeys = protocolRequests.keySet();
-								for (String el : mapkeys) {
-									IRequest value = protocolRequests.get(el);
-						
-									if (value.getOAURL().equals(protocolRequest.getOAURL())) {
-								
-										if(!AuthenticationSessionStoreage.deleteSessionWithPendingRequestID(el)) {
-											Logger.warn(DispatcherServlet.class.getName()+": NO MOASession with PendingRequestID " + el + " found. Delete all user sessions!");
-											RequestStorage.removeAllPendingRequests(req.getSession());
-									
-										} else {
-											RequestStorage.removePendingRequest(protocolRequests, el);
-										}
-									}
-								}
-
-							} else {
-								protocolRequests = new ConcurrentHashMap<String, IRequest>();
-							}
+							Logger.debug(DispatcherServlet.class.getName()+": Create PendingRequest with ID " + protocolRequestID + ".");
+							
+						} else {
+							Logger.error("Failed to generate a valid protocol request!");
+							resp.setContentType("text/html;charset=UTF-8");
+							resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "NO valid protocol request received!");
+							return;
 							
-							synchronized (protocolRequest) {
-								synchronized (protocolRequests) {
-								
-									//Start new Authentication
-									protocolRequest.setAction(action);
-									protocolRequest.setModule(module);
-									protocolRequestID = Random.nextRandom();
-									protocolRequest.setRequestID(protocolRequestID);
-									protocolRequests.put(protocolRequestID, protocolRequest);
-									Logger.debug(DispatcherServlet.class.getName()+": Create PendingRequest with ID " + protocolRequestID + ".");
-								}
-							}
 						}
-						
+																	
 					} catch (ProtocolNotActiveException e) {
 						resp.getWriter().write(e.getMessage());
 						resp.setContentType("text/html;charset=UTF-8");
@@ -338,18 +288,8 @@ public class DispatcherServlet extends AuthServlet{
 						return;
 						
 					}
-						
-					if (protocolRequest == null) {
-						Logger.error("Failed to generate a valid protocol request!");
-						resp.setContentType("text/html;charset=UTF-8");
-						resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "NO valid protocol request received!");
-						return;
-						
-					}
 				}
-				
-				RequestStorage.setPendingRequest(httpSession, protocolRequests);
-				
+								
 				AuthenticationManager authmanager = AuthenticationManager.getInstance();									
 				SSOManager ssomanager = SSOManager.getInstance();
 				
@@ -470,7 +410,7 @@ public class DispatcherServlet extends AuthServlet{
 		
 				String assertionID = moduleAction.processRequest(protocolRequest, req, resp, moasession);
 
-				RequestStorage.removePendingRequest(protocolRequests, protocolRequestID);
+				RequestStorage.removePendingRequest(protocolRequestID);
 				
 				if (needAuthentication) {
 					boolean isSSOSession = MiscUtil.isNotEmpty(newSSOSessionId);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index 666224b3a..03a61d08f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -252,7 +252,7 @@ public class AuthenticationManager extends AuthServlet {
 			}
 			
 			//set MOAIDSession
-			request.getSession().setAttribute(MOA_SESSION, moasession.getSessionID());
+			//request.getSession().setAttribute(MOA_SESSION, moasession.getSessionID());
 			
 			response.setContentType("text/html;charset=UTF-8");
 			PrintWriter out = new PrintWriter(response.getOutputStream()); 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java
index bfe1151c4..21b4e2b65 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java
@@ -22,64 +22,53 @@
  *******************************************************************************/
 package at.gv.egovernment.moa.id.moduls;
 
-import java.util.Map;
-
-import javax.servlet.http.HttpSession;
-
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.storage.AssertionStorage;
 import at.gv.egovernment.moa.logging.Logger;
 
 public class RequestStorage {
 
-	private static final String PENDING_REQUEST = "PENDING_REQUEST";
-
-	public static Map<String,IRequest> getPendingRequest(HttpSession session) {
+	public static IRequest getPendingRequest(String pendingReqID) {
 		
-				
-			Object obj = session.getAttribute(PENDING_REQUEST);
-			if (obj != null) {
-				synchronized (obj) {
-					if (obj instanceof Map<?,?>) {
-						if (((Map<?,?>) obj).size() > 0) {
-							if ( ((Map<?,?>) obj).keySet().toArray()[0] instanceof String) {
-								if (((Map<?,?>) obj).get(((Map<?,?>) obj).keySet().toArray()[0]) 
-										instanceof IRequest) {
-									return (Map<String, IRequest>) obj;
-							
-							
-							
-								}
-							}
-						}
-					}
-				}
-				session.setAttribute(PENDING_REQUEST, null);
-			}
+		try {
+			AssertionStorage storage = AssertionStorage.getInstance();
+			IRequest pendingRequest = storage.get(pendingReqID, IRequest.class);
+			return pendingRequest;
+		
+		} catch (MOADatabaseException e) {
+			Logger.info("No PendingRequst found with pendingRequestID " + pendingReqID);			
 			return null;
+			
+		}
 	}
 
-	public static void setPendingRequest(HttpSession session, Map<String, IRequest> request) {
-		session.setAttribute(PENDING_REQUEST, request);
-	}
-
-	public static void removeAllPendingRequests(HttpSession session) {
-		
-		Logger.debug(RequestStorage.class.getName()+": Remove all PendingRequests");
+	public static void setPendingRequest(Object pendingRequest) throws MOAIDException {
+		try {
+			AssertionStorage storage = AssertionStorage.getInstance();
+			
+			if (pendingRequest instanceof IRequest) {
+				storage.put(((IRequest)pendingRequest).getRequestID(), pendingRequest);
+				
+			} else {
+				throw new MOAIDException("auth.20", null);
+				
+			}
+			
+		} catch (MOADatabaseException e) {
+			Logger.warn("Pending Request with ID=" + ((IRequest)pendingRequest).getRequestID() +
+					" can not stored.", e);
+			throw new MOAIDException("auth.20", null);
+		}
 		
-		session.setAttribute(PENDING_REQUEST, null);
 	}
 	
-	public static void removePendingRequest(Map<String, IRequest> requestmap, String requestID) {
-		
-		if (requestmap != null && requestID != null) {
+	public static void removePendingRequest(String requestID) {
 		
-			synchronized (requestmap) {
-						
-				if (requestmap.containsKey(requestID)) {
-					requestmap.remove(requestID);
-					Logger.debug(RequestStorage.class.getName()+": Remove PendingRequest with ID " + requestID);
-				
-				}
-			}
+		if (requestID != null) {
+			AssertionStorage storage = AssertionStorage.getInstance();
+			storage.remove(requestID);
+			
 		}
 	}
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index 1d85f29bf..db83233fe 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -245,7 +245,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 				}			
 			}
 
-			request.getSession().setAttribute(PARAM_OA, oaURL);
+			//request.getSession().setAttribute(PARAM_OA, oaURL);
 			
 			return config;
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index e587ef0e1..d82bd1496 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -125,8 +125,8 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
 		
 		config.setTarget(oaParam.getTarget());
 		
-		request.getSession().setAttribute(PARAM_OA, oaURL);
-		request.getSession().setAttribute(PARAM_TARGET, oaParam.getTarget());
+//		request.getSession().setAttribute(PARAM_OA, oaURL);
+//		request.getSession().setAttribute(PARAM_TARGET, oaParam.getTarget());
 		return config;
 	}
 
-- 
cgit v1.2.3


From 333ed628cc5be8dfbece822d9caff0a8fe49438a Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 10 Mar 2014 08:42:26 +0100
Subject: Improvement for cluster operations  - only use http GET parameter for
 session management and no information from browser sessions.

---
 .../moa/id/auth/servlet/PEPSConnectorServlet.java  | 18 +++++--
 .../moa/id/protocols/pvp2x/binding/MOARequest.java | 62 ++++++++++++++++++----
 .../id/protocols/pvp2x/binding/PostBinding.java    |  2 +-
 .../protocols/pvp2x/binding/RedirectBinding.java   |  2 +-
 .../pvp2x/requestHandler/AuthnRequestHandler.java  |  3 +-
 5 files changed, 67 insertions(+), 20 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index 7c96c2194..83d0ced20 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -52,6 +52,7 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.data.IdentityLink;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
 import at.gv.egovernment.moa.id.auth.stork.STORKException;
 import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor;
 import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
@@ -62,6 +63,7 @@ import at.gv.egovernment.moa.id.moduls.ModulUtils;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
 import at.gv.egovernment.moa.id.util.HTTPUtils;
+import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.StringUtils;
 import at.gv.util.xsd.xmldsig.SignatureType;
@@ -123,9 +125,18 @@ public class PEPSConnectorServlet extends AuthServlet {
 				Logger.error("MOA-SessionID was not found, no previous AuthnRequest had been started");
 				throw new AuthenticationException("auth.02", new Object[] { moaSessionID });
 			}
-			
+
+	         if (!ParamValidatorUtils.isValidSessionID(moaSessionID))
+	             throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_SESSIONID, "auth.12");
+
 			pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moaSessionID);
 			
+			//load MOASession from database
+			AuthenticationSession moaSession = AuthenticationServer.getSession(moaSessionID);
+			
+			//change MOASessionID
+			moaSessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
+			
 			Logger.info("Found MOA sessionID: " + moaSessionID);
 			
 			Logger.debug("Beginning to extract SAMLResponse out of HTTP Request");
@@ -166,10 +177,7 @@ public class PEPSConnectorServlet extends AuthServlet {
 			}
 			
 			Logger.info("Got SAML response with authentication success message.");
-			
-			//check if authentication request was created before
-			AuthenticationSession moaSession = AuthenticationServer.getSession(moaSessionID);
-			
+						
 			Logger.debug("MOA session is still valid");
 			
 			STORKAuthnRequest storkAuthnRequest = moaSession.getStorkAuthnRequest();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/MOARequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/MOARequest.java
index d28c5eeec..c1104f9f5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/MOARequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/MOARequest.java
@@ -24,27 +24,51 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.binding;
 
 import java.io.Serializable;
 
+import org.opensaml.Configuration;
 import org.opensaml.saml2.core.RequestAbstractType;
+import org.opensaml.saml2.core.impl.RequestAbstractTypeMarshaller;
+import org.opensaml.saml2.core.impl.RequestAbstractTypeUnmarshaller;
 import org.opensaml.saml2.metadata.EntityDescriptor;
+import org.opensaml.saml2.metadata.provider.MetadataProviderException;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.Unmarshaller;
+import org.opensaml.xml.io.UnmarshallerFactory;
+import org.opensaml.xml.io.UnmarshallingException;
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMetadataInformationException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider;
+import at.gv.egovernment.moa.logging.Logger;
 
 public class MOARequest implements Serializable{
 
 	private static final long serialVersionUID = 2395131650841669663L;
 	
-	private RequestAbstractType samlRequest;
-	private EntityDescriptor entityMetadata; 
+	private Element samlRequest;
 	private boolean verified = false;
-
+	private String entityID = null;
+	
 	public MOARequest(RequestAbstractType request) {
-		samlRequest = request;
+		samlRequest = request.getDOM();
 	}
 
 	public RequestAbstractType getSamlRequest() {
-		return samlRequest;
+		UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory();
+		Unmarshaller unmashaller = unmarshallerFactory.getUnmarshaller(samlRequest);
+		
+		try {
+			return (RequestAbstractType) unmashaller.unmarshall(samlRequest);
+			
+		} catch (UnmarshallingException e) {
+			Logger.warn("AuthnRequest Unmarshaller error", e);
+			return null;
+		}
+		
 	}
 
 	public void setSamlRequest(RequestAbstractType request) {
-		this.samlRequest = request;
+		this.samlRequest = request.getDOM();
 	}
 
 	public boolean isVerified() {
@@ -55,13 +79,29 @@ public class MOARequest implements Serializable{
 		this.verified = verified;
 	}
 
-	public EntityDescriptor getEntityMetadata() {
-		return entityMetadata;
+	public EntityDescriptor getEntityMetadata() throws NoMetadataInformationException {
+		
+		try {
+			return MOAMetadataProvider.getInstance().getEntityDescriptor(this.entityID);
+			
+		} catch (MetadataProviderException e) {
+			Logger.warn("No Metadata for EntitiyID " + entityID);
+			throw new NoMetadataInformationException();
+		}			
 	}
 
-	public void setEntityMetadata(EntityDescriptor entityMetadata) {
-		this.entityMetadata = entityMetadata;
+	/**
+	 * @return the entitiyID
+	 */
+	public String getEntityID() {
+		return entityID;
+	}
+
+	/**
+	 * @param entitiyID the entitiyID to set
+	 */
+	public void setEntityID(String entitiyID) {
+		this.entityID = entitiyID;
 	}
-	
 	
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
index af29054e1..d00b1cc16 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
@@ -128,7 +128,7 @@ public class PostBinding implements IDecoder, IEncoder {
 		
 		MOARequest request = new MOARequest(inboundMessage);
 		request.setVerified(false);
-		request.setEntityMetadata(messageContext.getPeerEntityMetadata());
+		request.setEntityID(messageContext.getPeerEntityMetadata().getEntityID());
 		return request;
 
 	}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
index 7c9cc6259..f09178f55 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
@@ -131,7 +131,7 @@ public class RedirectBinding implements IDecoder, IEncoder {
 				.getInboundMessage();
 		MOARequest request = new MOARequest(inboundMessage);
 		request.setVerified(true);
-		request.setEntityMetadata(messageContext.getPeerEntityMetadata());
+		request.setEntityID(messageContext.getPeerEntityMetadata().getEntityID());
 		return request;
 	}
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
index 4d143058b..b6ab357b8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
@@ -154,8 +154,7 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
 			
 		}
 	
-		//TODO: insert!!!!!!
-		if (encryptionCredentials != null && false) {
+		if (encryptionCredentials != null) {
 			//encrypt SAML2 assertion
 				
 			try {
-- 
cgit v1.2.3


From 13e14aa79a0257f791b71969c6d291aaf9ede835 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 11 Mar 2014 11:33:42 +0100
Subject: change AssertionStorage log messages

---
 .../moa/id/storage/AssertionStorage.java           | 24 +++++++++++-----------
 1 file changed, 12 insertions(+), 12 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java
index e1e03bce7..6d8979da3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java
@@ -73,10 +73,10 @@ public class AssertionStorage {
 		//store AssertionStore element to Database
 		try {
 			MOASessionDBUtils.saveOrUpdate(element);
-			Logger.info("Assertion with Artifact=" + artifact + " is stored in Database");
+			Logger.info("Sessioninformation with ID=" + artifact + " is stored in Database");
 			
 		} catch (MOADatabaseException e) {
-			Logger.warn("Assertion could not be stored.");
+			Logger.warn("Sessioninformation could not be stored.");
 			throw new MOADatabaseException(e);
 		}
 		
@@ -96,8 +96,8 @@ public class AssertionStorage {
 		return test;
 		
 	  } catch (Exception e) {
-		Logger.warn("Assertion Cast-Exception by using Artifact=" + artifact);
-		throw new MOADatabaseException("Assertion Cast-Exception");
+		Logger.warn("Sessioninformation Cast-Exception by using Artifact=" + artifact);
+		throw new MOADatabaseException("Sessioninformation Cast-Exception");
 	  }
 	}
 	
@@ -119,11 +119,11 @@ public class AssertionStorage {
 			for(AssertionStore result : results) {
 				try { 
 					MOASessionDBUtils.delete(result);
-					Logger.info("Remove Assertion with Artifact=" + result.getArtifact() 
-							+ " after assertion timeout.");
+					Logger.info("Remove sessioninformation with ID=" + result.getArtifact() 
+							+ " after timeout.");
 				
 				} catch (HibernateException e){
-					Logger.warn("Assertion with Artifact=" + result.getArtifact() 
+					Logger.warn("Sessioninformation with ID=" + result.getArtifact() 
 							+ " not removed after timeout! (Error during Database communication)", e);
 				}
 
@@ -136,22 +136,22 @@ public class AssertionStorage {
 		 try {
 			AssertionStore element = searchInDatabase(artifact);
 			MOASessionDBUtils.delete(element);
-			Logger.info("Remove Assertion with Artifact" + artifact);
+			Logger.info("Remove sessioninformation with ID" + artifact);
 			
 			
 		} catch (MOADatabaseException e) {
-			Logger.info("Assertion not removed! (Assertion with Artifact=" + artifact 
+			Logger.info("Sessioninformation not removed! (Sessioninformation with ID=" + artifact 
 					+ "not found)");
 
 		} catch (HibernateException e) {
-			Logger.warn("Assertion not removed! (Error during Database communication)", e);
+			Logger.warn("Sessioninformation not removed! (Error during Database communication)", e);
 		}
 	}
 
 	@SuppressWarnings("rawtypes")
 	private AssertionStore searchInDatabase(String artifact) throws MOADatabaseException {
 		  MiscUtil.assertNotNull(artifact, "artifact");	  
-		  Logger.trace("Getting Assertion with Artifact " + artifact + " from database.");
+		  Logger.trace("Getting sessioninformation with ID " + artifact + " from database.");
 		  Session session = MOASessionDBUtils.getCurrentSession();
 		  List result;
 		  
@@ -170,7 +170,7 @@ public class AssertionStorage {
 		  //Assertion requires an unique artifact
 		  if (result.size() != 1) {
 			 Logger.trace("No entries found.");
-		   	throw new MOADatabaseException("No Assertion found with this Artifact");
+		   	throw new MOADatabaseException("No sessioninformation found with this ID");
 		  }
 		  
 		  return (AssertionStore) result.get(0);
-- 
cgit v1.2.3


From db5ee0cfc0d6456f1631c499f899113d2eda29d2 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 11 Mar 2014 11:53:26 +0100
Subject: SAML1: if OA parameter is empty then return an error

---
 .../gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java   | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index d82bd1496..5bfaaa899 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -22,6 +22,8 @@
  *******************************************************************************/
 package at.gv.egovernment.moa.id.protocols.saml1;
 
+import iaik.util.logging.Log;
+
 import java.util.HashMap;
 
 import javax.servlet.http.HttpServletRequest;
@@ -44,6 +46,7 @@ import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.moduls.RequestImpl;
 import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
 import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
 import at.gv.egovernment.moa.util.URLEncoder;
 
 public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
@@ -101,6 +104,13 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
 			target = null;
 		}
 		
+		if (MiscUtil.isEmpty(oaURL)) {
+			Logger.info("Receive SAML1 request with no OA parameter. Authentication STOPPED!");
+			throw new WrongParametersException("StartAuthentication", PARAM_OA,
+					"auth.12");
+			
+		}
+		
 		if (!ParamValidatorUtils.isValidOA(oaURL))
 			throw new WrongParametersException("StartAuthentication", PARAM_OA,
 					"auth.12");
-- 
cgit v1.2.3


From 1c802614fe489280f93d36bfb6908ebffc96e4aa Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Tue, 11 Mar 2014 08:03:45 +0100
Subject: logging

---
 .../moa/id/protocols/stork2/AttributeCollector.java       | 15 +++++++++++++++
 .../moa/id/protocols/stork2/AuthenticationRequest.java    |  1 +
 .../id/protocols/stork2/EHvdAttributeProviderPlugin.java  |  4 ++++
 .../moa/id/protocols/stork2/STORKProtocol.java            |  1 +
 .../stork2/SignedDocAttributeRequestProvider.java         |  5 ++++-
 .../protocols/stork2/StorkAttributeRequestProvider.java   | 13 +++++++++----
 6 files changed, 34 insertions(+), 5 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 842c06f15..9cd825fc8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -99,6 +99,7 @@ public class AttributeCollector implements IAction {
      * @throws MOAIDException
      */
     public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, AuthenticationSession moasession, OAAuthParameter oaParam) throws MOAIDException {
+		Logger.setHierarchy("moa.id.protocols.stork2");
         // check if there are attributes we need to fetch
 
         IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList();
@@ -108,6 +109,8 @@ public class AttributeCollector implements IAction {
             if (!responseAttributeList.containsKey(current.getName()))
                 missingAttributes.add(current);
 
+		Logger.debug("found " + missingAttributes.size() + " missing attributes");
+
         // Try to get all missing attributes
         try {
             // for each attribute still missing
@@ -126,7 +129,9 @@ public class AttributeCollector implements IAction {
                 for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) {
                     try {
                         // - hand over control to the suitable plugin
+                    	Logger.info(currentProvider.getClass().getSimpleName() + " called to handle attribute '" + currentAttribute.getName() + "'");
                         aquiredAttributes = currentProvider.acquire(currentAttribute, container.getRequest().getSpCountry(), moasession);
+                    	Logger.info(currentProvider.getClass().getSimpleName() + " can handle attribute '" + currentAttribute.getName() + "'");
                         break;
                     } catch (UnsupportedAttributeException e) {
                         // ok, try the next attributeprovider
@@ -156,12 +161,17 @@ public class AttributeCollector implements IAction {
             // the attribute request is ongoing and requires an external service.
             try {
                 // memorize the container again
+				Logger.debug("prepare putting the container into temporary storage...");
+
                 // - generate new key
                 String newArtifactId = new SecureRandomIdentifierGenerator()
                         .generateIdentifier();
                 // - put container in temporary store.
                 AssertionStorage.getInstance().put(newArtifactId, container);
 
+				Logger.debug("...successful");
+
+				Logger.info(e.getAp().getClass().getSimpleName() + " is going to ask an external service provider for the requested attributes");
                 // add container-key to redirect embedded within the return URL
                 e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/stork2/ResumeAuthentication?" + ARTIFACT_ID + "=" + newArtifactId, request, response, oaParam);
 
@@ -256,7 +266,10 @@ public class AttributeCollector implements IAction {
      * @throws MOAIDException 
      */
 	private void addOrUpdateAll(IPersonalAttributeList target, IPersonalAttributeList source) throws MOAIDException {
+		Logger.info("Updating " + source.size() + " attributes...");
 		for (PersonalAttribute current : source) {
+			Logger.debug("treating " + current.getName());
+	        
 			// check if we need to update the current pa
 			if (target.containsKey(current.getName())) {
 				PersonalAttribute existing = target.get(current.getName());
@@ -271,6 +284,8 @@ public class AttributeCollector implements IAction {
 				target.get(current.getName()).setComplexValue(current.getComplexValue());
 			} else
 				target.add(current);
+
+			Logger.debug("...successfully treated " + current.getName());
 		}
 	}
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 2ae3ab03c..3d5fbd337 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -36,6 +36,7 @@ public class AuthenticationRequest implements IAction {
 
     public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {
 
+    	Logger.setHierarchy("moa.id.protocols.stork2");
         this.moaSession = moasession;
 
         if (req instanceof MOASTORKRequest) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
index b99e0ca4d..f7d105ab8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
@@ -71,6 +71,8 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 			throw new UnsupportedAttributeException();
 		
 		try {
+	    	Logger.setHierarchy("moa.id.protocols.stork2");
+	    	Logger.debug("initializing SOAP connections...");
 			// create SOAP connection
 			SOAPConnection soapConnection = SOAPConnectionFactory.newInstance().createConnection();
 			
@@ -109,6 +111,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 			requestMessage.saveChanges();
 
 			// perform SOAP call
+	    	Logger.debug("call...");
 			SOAPMessage responseMessage = soapConnection.call(requestMessage, destination);
 
 			// parse SOAP response
@@ -131,6 +134,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 
 			see https://stork.ehealth.gv.at/GDAService.asmx?op=IsHealthcareProfessional
              */
+	    	Logger.debug("call successful. Parse...");
 			SOAPBody responseBody = responseMessage.getSOAPBody();
 
 			// iterate through tree
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index 496d1044b..e415daf3e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -55,6 +55,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         and other info are obtained, in the second step the request will be processed and the user redirected
          */
     public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action) throws MOAIDException {
+    	Logger.setHierarchy("moa.id.protocols.stork2");
         Logger.debug("Starting preprocessing");
         Logger.debug("Request method: " + request.getMethod());
         Logger.debug("Request content length: " + request.getContentLength());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java
index 3993ee92f..f629db5a4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java
@@ -75,6 +75,7 @@ public class SignedDocAttributeRequestProvider implements AttributeProvider {
 	 * .servlet.http.HttpServletRequest)
 	 */
 	public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException, UnsupportedAttributeException {
+    	Logger.setHierarchy("moa.id.protocols.stork2");
 		Logger.debug("Beginning to extract OASIS-DSS response out of HTTP Request");
 
 		try {
@@ -106,6 +107,8 @@ public class SignedDocAttributeRequestProvider implements AttributeProvider {
 	public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam)
 			throws MOAIDException {
 
+    	Logger.setHierarchy("moa.id.protocols.stork2");
+    	
 		try {
 			Logger.trace("Initialize VelocityEngine...");
 
@@ -121,7 +124,7 @@ public class SignedDocAttributeRequestProvider implements AttributeProvider {
 
 			resp.getOutputStream().write(writer.toString().getBytes());
 		} catch (Exception e) {
-			Logger.error("Error sending STORK SAML AttrRequest.", e);
+			Logger.error("Error sending DSS signrequest.", e);
 			throw new MOAIDException("stork.11", null);
 		}
 	}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
index 73b8e01b9..b3d831b80 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
@@ -72,7 +72,9 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest)
 	 */
 	public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException, UnsupportedAttributeException {
-		Logger.debug("Beginning to extract SAMLResponse out of HTTP Request");
+
+    	Logger.setHierarchy("moa.id.protocols.stork2");
+		Logger.info(this.getClass().getSimpleName() + " tries to extract SAMLResponse out of HTTP Request");
 		
 		//extract STORK Response from HTTP Request
 		//Decodes SAML Response
@@ -91,7 +93,7 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 			//validate SAML Token
 			Logger.debug("Starting validation of SAML response");
 			attrResponse = engine.validateSTORKAttrQueryResponse(decSamlToken, (String) httpReq.getRemoteHost());
-			Logger.info("SAML response succesfully verified!");
+			Logger.info("SAML response successfully verified!");
 		}catch(STORKSAMLEngineException e){
 			Logger.error("Failed to verify STORK SAML Response", e);
 			throw new MOAIDException("stork.05", null);
@@ -104,7 +106,9 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String)
 	 */
 	public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException {
-		
+
+    	Logger.setHierarchy("moa.id.protocols.stork2");
+    			
     	String spSector = "Business";
     	String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName();
     	String spApplication = spInstitution;
@@ -125,7 +129,7 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
     	attributeRequest.setCitizenCountryCode("AT");
 
 
-    	Logger.debug("STORK AttrRequest succesfully assembled.");
+    	Logger.debug("STORK AttrRequest successfully assembled.");
 
     	STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("VIDP");
     	try {
@@ -154,6 +158,7 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 			Logger.error("Error sending STORK SAML AttrRequest.", e);
 			throw new MOAIDException("stork.11", null);
 		}
+		Logger.info("STORK AttrRequest successfully rendered!");
 	}
 
 }
-- 
cgit v1.2.3


From 921a14d46078fba6ee66addd9b0c40ae82081f9c Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Wed, 12 Mar 2014 09:54:39 +0100
Subject: sketched consent collector

---
 .../id/protocols/stork2/AttributeCollector.java    |  80 +---
 .../moa/id/protocols/stork2/ConsentEvaluator.java  | 149 +++++++
 .../moa/id/protocols/stork2/STORKProtocol.java     |   4 +-
 .../resources/properties/id_messages_de.properties |   1 +
 .../resources/templates/stork2_consent.html        | 444 +++++++++++++++++++++
 5 files changed, 598 insertions(+), 80 deletions(-)
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
 create mode 100644 id/server/idserverlib/src/main/resources/resources/templates/stork2_consent.html

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 9cd825fc8..5d972ba00 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -148,12 +148,7 @@ public class AttributeCollector implements IAction {
 					// else, update any existing attributes
 					addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes);
             }
-
-            // build response
-            generateSTORKResponse(container);
-
-            // set new http response
-            generateRedirectResponse(response, container);
+            	new ConsentEvaluatorSepp().requestConsent(container, response, oaParam);
 
             return "12345"; // AssertionId
 
@@ -185,79 +180,6 @@ public class AttributeCollector implements IAction {
         }
     }
 
-    /**
-     * generates binary response from given response class.
-     *
-     * @param container the container
-     * @throws MOAIDException the mOAID exception
-     */
-    private void generateSTORKResponse(DataContainer container) throws MOAIDException {
-    	MOASTORKRequest request = container.getRequest();
-        MOASTORKResponse response = container.getResponse();
-
-        try {
-            //Get SAMLEngine instance
-            STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
-            Logger.debug("Starting generation of SAML response");
-			if(response.isAuthnResponse())
-				response.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(request.getStorkAuthnRequest(), response.getStorkAuthnResponse(), container.getRemoteAddress(), false));
-			else
-				response.setSTORKAttrResponse(engine.generateSTORKAttrQueryResponse(request.getStorkAttrQueryRequest(), response.getStorkAttrQueryResponse(), container.getRemoteAddress(), "", false));
-				
-            //generateSAML Token
-            Logger.info("SAML response succesfully generated!");
-        } catch (STORKSAMLEngineException e) {
-            Logger.error("Failed to generate STORK SAML Response", e);
-            throw new MOAIDException("stork.05", null);
-        }
-
-        Logger.info("STORK SAML Response message succesfully generated ");
-    }
-
-    /**
-     * writes the storkresponse to the httpresponse using the velocity engine.
-     *
-     * @param httpResp the http resp
-     * @param container the container
-     */
-    private void generateRedirectResponse(HttpServletResponse httpResp, DataContainer container) {
-        MOASTORKResponse authnResponse = container.getResponse();
-        MOASTORKRequest authnRequest = container.getRequest();
-
-        // preparing redirection for the client
-        try {
-            VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
-            Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html");
-            VelocityContext context = new VelocityContext();
-            
-            byte[] blob;
-			if(authnRequest.isAttrRequest())
-            	blob = authnResponse.getStorkAttrQueryResponse().getTokenSaml();
-            else
-            	blob = authnResponse.getStorkAuthnResponse().getTokenSaml();
-
-            context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(blob));
-            Logger.debug("SAMLResponse original: " + new String(blob));
-
-            Logger.debug("Putting assertion consumer url as action: " + authnRequest.getAssertionConsumerServiceURL());
-            context.put("action", authnRequest.getAssertionConsumerServiceURL());
-            Logger.debug("Starting template merge");
-            StringWriter writer = new StringWriter();
-
-            Logger.debug("Doing template merge");
-            template.merge(context, writer);
-            Logger.debug("Template merge done");
-
-            Logger.debug("Sending html content: " + writer.getBuffer().toString());
-            Logger.debug("Sending html content2  : " + new String(writer.getBuffer()));
-
-            httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes());
-
-        } catch (Exception e) {
-            Logger.error("Velocity error: " + e.getMessage());
-        }
-    }
-    
     /**
      * Adds or updates all {@link PersonalAttribute} objects given in {@code source} to/in {@code target}.
      *
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
new file mode 100644
index 000000000..9745d81c5
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
@@ -0,0 +1,149 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import java.io.StringWriter;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.moduls.IAction;
+import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.id.storage.AssertionStorage;
+import at.gv.egovernment.moa.logging.Logger;
+import eu.stork.peps.auth.commons.PEPSUtil;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
+import org.apache.velocity.Template;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * The ConsentEvaluator assists with fetching user consent on the list of attributes to be sent to the asking S-PEPS.
+ */
+public class ConsentEvaluator implements IAction {
+
+    /**
+     * The Constant ARTIFACT_ID.
+     */
+    private static final String ARTIFACT_ID = "artifactId";
+
+    /* (non-Javadoc)
+     * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.auth.data.AuthenticationSession)
+     */
+    public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {
+
+		// - fetch the container
+		String artifactId = (String) httpReq.getParameter(ARTIFACT_ID);
+		DataContainer container;
+		try {
+			container = AssertionStorage.getInstance().get(artifactId, DataContainer.class);
+		} catch (MOADatabaseException e) {
+			Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e);
+			throw new MOAIDException("stork.17", null);
+		}
+
+		// TODO evaluate response
+
+        // build and send response
+        generateSTORKResponse(httpResp, container);
+        
+        return "12345"; // AssertionId
+    }
+
+	/**
+	 * Fills the given HttpResponse with the required web page.
+	 *
+	 * @param container the container
+	 * @param response the response
+	 * @param oaParam the oa param
+	 * @return the string
+	 * @throws MOAIDException the mOAID exception
+	 */
+	public String requestConsent(DataContainer container, HttpServletResponse response, OAAuthParameter oaParam) throws MOAIDException {
+		// prepare redirect
+
+		// ask for consent
+
+		return "12345"; // AssertionId
+	}
+
+    /**
+     * generates binary response from given response class and fill the given HttpResponse with a SAML Post Binding template.
+     *
+     * @param httpResp the http resp
+     * @param container the container
+     * @throws MOAIDException the mOAID exception
+     */
+    public void generateSTORKResponse(HttpServletResponse httpResp, DataContainer container) throws MOAIDException {
+    	MOASTORKRequest request = container.getRequest();
+        MOASTORKResponse response = container.getResponse();
+
+        try {
+            //Get SAMLEngine instance
+            STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
+            Logger.debug("Starting generation of SAML response");
+			if(response.isAuthnResponse())
+				response.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(request.getStorkAuthnRequest(), response.getStorkAuthnResponse(), container.getRemoteAddress(), false));
+			else
+				response.setSTORKAttrResponse(engine.generateSTORKAttrQueryResponse(request.getStorkAttrQueryRequest(), response.getStorkAttrQueryResponse(), container.getRemoteAddress(), "", false));
+				
+            //generateSAML Token
+            Logger.info("SAML response succesfully generated!");
+        } catch (STORKSAMLEngineException e) {
+            Logger.error("Failed to generate STORK SAML Response", e);
+            throw new MOAIDException("stork.05", null);
+        }
+
+        Logger.info("STORK SAML Response message succesfully generated ");
+
+        // preparing redirection for the client
+        try {
+            VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
+            Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html");
+            VelocityContext context = new VelocityContext();
+            
+            byte[] blob;
+			if(request.isAttrRequest())
+            	blob = response.getStorkAttrQueryResponse().getTokenSaml();
+            else
+            	blob = response.getStorkAuthnResponse().getTokenSaml();
+
+            context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(blob));
+            Logger.debug("SAMLResponse original: " + new String(blob));
+
+            Logger.debug("Putting assertion consumer url as action: " + request.getAssertionConsumerServiceURL());
+            context.put("action", request.getAssertionConsumerServiceURL());
+            Logger.debug("Starting template merge");
+            StringWriter writer = new StringWriter();
+
+            Logger.debug("Doing template merge");
+            template.merge(context, writer);
+            Logger.debug("Template merge done");
+
+            Logger.debug("Sending html content: " + writer.getBuffer().toString());
+            Logger.debug("Sending html content2  : " + new String(writer.getBuffer()));
+
+            httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes());
+
+        } catch (Exception e) {
+            Logger.error("Velocity error: " + e.getMessage());
+        }
+    }
+
+    /* (non-Javadoc)
+     * @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+     */
+    public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) {
+    	// this action does not need any authentication. The authentication is already done by the preceding AuthenticationRequest-Action.
+        return false;
+    }
+
+    /* (non-Javadoc)
+     * @see at.gv.egovernment.moa.id.moduls.IAction#getDefaultActionName()
+     */
+    public String getDefaultActionName() {
+        return STORKProtocol.CONSENT_EVALUATOR;
+    }
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index e415daf3e..b1c923b9f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -26,12 +26,14 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
     public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest";
     public static final String ATTRIBUTE_COLLECTOR = "AttributeCollector";
     public static final String MANDATERETRIEVALREQUEST = "MandateRetrievalRequest";
+	public static final String CONSENT_EVALUATOR = "ConsentEvaluator";
 
     private static HashMap<String, IAction> actions = new HashMap<String, IAction>();
 
     static {
         actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest());
         actions.put(ATTRIBUTE_COLLECTOR, new AttributeCollector());
+        actions.put(CONSENT_EVALUATOR, new ConsentEvaluatorSepp());
     }
 
     public String getName() {
@@ -63,7 +65,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
 
         MOASTORKRequest STORK2Request = new MOASTORKRequest();
 
-		if (AttributeCollector.class.getSimpleName().equals(action))
+		if (AttributeCollector.class.getSimpleName().equals(action) || ConsentEvaluatorSepp.class.getSimpleName().equals(action))
 			return STORK2Request;
 
         //extract STORK Response from HTTP Request
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
index f6a296fde..d45abbf1c 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
@@ -211,6 +211,7 @@ stork.13=Fehler beim Sammeln eines Attributes in einem AttributProviderPlugin
 stork.14=Es wurde weder Authentifizierungs/  noch Attributerequest empfangen
 stork.15=Unbekannte request.
 stork.16=Ein Attribute aus zwei verschiedenen Quellen unterscheidet sich\: {0}
+stork.17=Fehler beim Einholen der Zustimmung für Attribut\u00FCbertragung durch den Benutzer
 
 pvp2.00={0} ist kein gueltiger consumer service index
 pvp2.01=Fehler beim kodieren der PVP2 Antwort
diff --git a/id/server/idserverlib/src/main/resources/resources/templates/stork2_consent.html b/id/server/idserverlib/src/main/resources/resources/templates/stork2_consent.html
new file mode 100644
index 000000000..2ad03e34e
--- /dev/null
+++ b/id/server/idserverlib/src/main/resources/resources/templates/stork2_consent.html
@@ -0,0 +1,444 @@
+<!DOCTYPE html>
+<html>
+<head>
+<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
+
+   <!-- MOA-ID 2.x BKUSelection Layout CSS -->               
+    <style type="text/css">
+			@media screen and (min-width: 650px) {
+			
+				body {
+					margin:0;
+					padding:0;
+					color : #000;
+					background-color : #fff;
+			  	text-align: center;
+			  	background-color: #6B7B8B;
+				}
+        
+        #bku_header h2 {
+          font-size: 0.8em;
+        } 
+        
+        
+			  #page {
+			    display: block;
+			    border: 2px solid rgb(0,0,0);
+			    width: 650px;
+			    height: 460px;
+			    margin: 0 auto;
+			    margin-top: 5%;
+			    position: relative;
+			    border-radius: 25px;
+			    background: rgb(255,255,255);
+			  }
+			  
+			  #page1 {
+			    text-align: center;
+			  }
+			  
+			  #main {
+			    /*	clear:both; */
+				  position:relative;
+			    margin: 0 auto;
+			    width: 250px;
+			    text-align: center;
+			  }
+			  
+			  .OA_header {
+			/*	  background-color: white;*/
+			    font-size: 20pt;
+			    margin-bottom: 25px;
+			    margin-top: 25px;
+			  }
+			
+			  #leftcontent {
+			    /*float:left; */
+				  width:250px;
+				  margin-bottom: 25px;
+			    text-align: left;
+			    border: 1px solid rgb(0,0,0);
+			  }
+			  			  
+			  #selectArea {
+				 font-size: 15px;
+				 padding-bottom: 65px;
+			  }
+			
+			  #leftcontent {
+				 width: 300px;
+				 margin-top: 30px;
+			  }
+			
+        #bku_header {
+          height: 5%;
+          padding-bottom: 3px;
+          padding-top: 3px;
+        }
+      
+        #bkulogin {
+				  overflow:auto;	
+          min-width: 190px;
+          height: 260px;
+			  }
+      
+        h2#tabheader{
+				  font-size: 1.1em; 
+          padding-left: 2%;
+          padding-right: 2%;
+          position: relative;
+			  }
+        		  
+			  .setAssertionButton_full {
+			  	background: #efefef;
+				  cursor: pointer;
+				  margin-top: 15px;
+			    width: 100px;
+			    height: 30px
+			  }
+			
+			  #leftbutton  {
+				 width: 30%; 
+				 float:left; 
+				 margin-left: 40px;
+			  }
+			
+			  #rightbutton {
+				 width: 30%; 
+				 float:right; 
+				 margin-right: 45px; 
+				 text-align: right;
+			  }
+        
+        button {
+          height: 25px;
+          width: 75px;
+          margin-bottom: 10px;
+        }
+        
+       #validation {
+        position: absolute;
+        bottom: 0px;
+        margin-left: 270px;
+        padding-bottom: 10px;
+      }
+			
+			}
+
+      @media screen and (max-width: 205px) {        
+        #bku_header h2 {
+          font-size: 0.8em;
+          margin-top: -0.4em;
+          padding-top: 0.4em;
+        }
+        
+        #bkulogin {
+        min-height: 150px;
+        } 
+      }
+
+      @media screen and (max-width: 249px) and (min-width: 206px) {        
+        #bku_header h2 {
+          font-size: 0.9em;
+          margin-top: -0.45em;
+          padding-top: 0.45em;
+        }
+        
+        #bkulogin {
+          height: 180px;
+        }  
+      }
+
+      @media screen and (max-width: 299px) and (min-width: 250px) {
+        #bku_header h2 {
+          font-size: 1.1em;
+          margin-top: -0.55em;
+          padding-top: 0.55em;
+        } 
+      }
+      
+      @media screen and (max-width: 649px) and (min-width: 400px) {
+        #bku_header h2 {
+          font-size: 1.3em;
+          margin-top: -0.65em;
+          padding-top: 0.65em;
+        } 
+      }
+
+
+			
+			@media screen and (max-width: 649px) {
+				
+        body {
+					margin:0;
+					padding:0;
+					color : #000;
+			  	text-align: center;
+          font-size: 100%;
+			  	background-color: #MAIN_BACKGOUNDCOLOR#;
+				}
+        				
+			  #page {
+			     visibility: hidden;
+			     margin-top: 0%;
+			  }
+			  
+			  #page1 {
+			    visibility: hidden;
+			  }
+			  
+			  #main {
+			    visibility: hidden;
+			  }
+        
+        #validation {
+          visibility: hidden;
+          display: none;
+        }
+			  
+			  .OA_header {
+			    margin-bottom: 0px;
+			    margin-top: 0px;
+			    font-size: 0pt;
+			    visibility: hidden;
+			  }
+			
+			  #leftcontent {
+			    visibility: visible;
+			    margin-bottom: 0px;
+			    text-align: left;
+			    border:none;
+          vertical-align: middle;
+          min-height: 173px;
+          min-width: 204px;
+          
+			  }
+			  
+        #bku_header {
+          height: 10%;
+          min-height: 1.2em;
+          margin-top: 1%;
+        }
+        
+        h2#tabheader{
+          padding-left: 2%;
+          padding-right: 2%;
+          position: relative;
+          top: 50%;
+			  }
+        
+       	#bkulogin {	
+          min-width: 190px;
+          height: 155px;	
+			 }
+        
+			 .setAssertionButton_full {
+			     	background: #efefef;
+				    cursor: pointer;
+				    margin-top: 15px;
+			      width: 70px;
+			      height: 25px;
+			 }
+       
+        input[type=button] {
+/*          height: 11%;  */
+          width: 70%;
+        }
+			}
+			      
+			* {
+				margin: 0;
+				padding: 0;
+        font-family: #FONTTYPE#;
+			}
+							      			
+			#selectArea {
+				padding-top: 10px;
+				padding-bottom: 55px;
+				padding-left: 10px;
+			}
+			
+			.setAssertionButton {
+				background: #efefef;
+				cursor: pointer;
+				margin-top: 15px;
+			  width: 70px;
+			  height: 25px;
+			}
+			
+			#leftbutton  {
+				width: 35%; 
+				float:left; 
+				margin-left: 15px;
+			}
+			
+			#rightbutton {
+				width: 35%; 
+				float:right; 
+				margin-right: 25px; 
+				text-align: right;
+			}
+      
+      .verticalcenter {
+        vertical-align: middle;
+      }
+      
+			input {
+				/*border:1px solid #000;*/
+				cursor: pointer;
+			}
+      
+
+			#installJava, #BrowserNOK {
+				clear:both;
+				font-size:0.8em;
+				padding:4px;
+			}
+						
+			.selectText{
+			
+			}
+			
+			.selectTextHeader{
+			
+			}
+			
+			.sendButton {
+        width: 30%;
+        margin-bottom: 1%;	
+			}
+			
+			#leftcontent a {
+				text-decoration:none; 
+				color: #000;
+			/*	display:block;*/
+				padding:4px;	
+			}
+			
+			#leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active {
+				text-decoration:underline;
+				color: #000;	
+			}
+						
+			.infobutton {
+				background-color: #005a00;
+				color: white;
+				font-family: serif;
+				text-decoration: none;
+				padding-top: 2px;
+				padding-right: 4px;
+				padding-bottom: 2px;
+				padding-left: 4px;
+				font-weight: bold;
+			}
+			
+			.hell {
+				background-color : #MAIN_BACKGOUNDCOLOR#;
+        color: #MAIN_COLOR#;	
+			}
+			
+			.dunkel {
+				background-color: #HEADER_BACKGROUNDCOLOR#;
+        color: #HEADER_COLOR#;
+			}
+			      
+			.main_header {
+			   color: black;
+			    font-size: 32pt;
+			    position: absolute;
+			    right: 10%;
+			    top: 40px;
+				
+			}
+			
+			#controls {
+				text-align: right;
+			}
+      			                        
+    </style>       
+<!-- MOA-ID 2.x BKUSelection JavaScript fucnctions-->
+<script type="text/javascript">
+		function isIE() {
+			return (/MSIE (\d+\.\d+);/.test(navigator.userAgent));
+		}
+		function isFullscreen() {
+			try {
+				return ((top.innerWidth == screen.width) && (top.innerHeight == screen.height));
+			} catch (e) {
+				return false;
+			}
+		}
+		function isActivexEnabled() {
+			var supported = null;
+			try {
+				supported = !!new ActiveXObject("htmlfile");
+			} catch (e) {
+				supported = false;
+			}
+			return supported;
+		}
+		function generateIFrame(iFrameURL) {
+			var el = document.getElementById("bkulogin");
+      var width = el.clientWidth;
+      var heigth = el.clientHeight - 20;
+			var parent = el.parentNode;
+            
+      iFrameURL += "&heigth=" + heigth;
+      iFrameURL += "&width=" + width;
+      
+			var iframe = document.createElement("iframe");
+			iframe.setAttribute("src", iFrameURL);
+			iframe.setAttribute("width", el.clientWidth - 1);
+			iframe.setAttribute("height", el.clientHeight - 1);
+			iframe.setAttribute("frameborder", "0");
+			iframe.setAttribute("scrolling", "no");
+			iframe.setAttribute("title", "Login");
+			parent.replaceChild(iframe, el);
+		}
+		function onChangeChecks() {
+      if (top.innerWidth < 650) {
+         document.getElementById("moaidform").setAttribute("target","_parent");
+      } else {
+         document.getElementById("moaidform").removeAttribute("target");
+      }
+      
+    }
+	</script>
+<title>#HEADER_TEXT#</title>
+</head>
+<body onload="onChangeChecks();" onresize="onChangeChecks();">
+	<div id="page">
+		<div id="page1" class="case selected-case" role="main">
+			<h2 class="OA_header" role="heading">STORK Informationsfreigabe</h2>
+			<div id="main">
+				<div id="leftcontent" class="hell" role="application">
+					<form method="POST" action="${action}">
+						<div id="bku_header" class="dunkel">
+							<h2 id="tabheader" class="dunkel" role="heading">STORK Informationsfreigabe</h2>
+						</div>
+						<div id="bkulogin" class="hell" role="form">
+							Alle angehakten Daten werden an das fragende Drittland &uuml;bermittelt.
+	  						<table>
+	  							${tablecontent}
+							</table>
+						</div>
+						<div id="controls" class="hell">
+							<input type="submit" value="weiter" />
+						</div>
+					</form>
+				</div>
+			</div>
+		</div>
+		<div id="validation">
+			<a href="http://validator.w3.org/check?uri="> <img
+				style="border: 0; width: 88px; height: 31px"
+				src="#CONTEXTPATH#/img/valid-html5-blue.png" alt="HTML5 ist valide!" />
+			</a> <a href="http://jigsaw.w3.org/css-validator/"> <img
+				style="border: 0; width: 88px; height: 31px"
+				src="http://jigsaw.w3.org/css-validator/images/vcss-blue"
+				alt="CSS ist valide!" />
+			</a>
+		</div>
+	</div>
+</body>
+</html
\ No newline at end of file
-- 
cgit v1.2.3


From 3075521544ff79c5fa0d740c6b388bfeab58b8c5 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Wed, 12 Mar 2014 09:57:37 +0100
Subject: storing datacontainer in temporary storage before redirecting

---
 .../auth/src/main/webapp/WEB-INF/urlrewrite.xml    |  4 ++++
 .../moa/id/protocols/stork2/ConsentEvaluator.java  | 25 ++++++++++++++++++++++
 .../moa/id/protocols/stork2/STORKProtocol.java     |  4 ++--
 3 files changed, 31 insertions(+), 2 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
index d6df363c5..461ff7efc 100644
--- a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
+++ b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
@@ -60,6 +60,10 @@
         <from>^/stork2/ResumeAuthentication$</from>
         <to type="forward">/dispatcher?mod=id_stork2&amp;action=AttributeCollector&amp;%{query-string}</to>
     </rule>
+    <rule match-type="regex">
+        <from>^/stork2/CompleteAuthentication$</from>
+        <to type="forward">/dispatcher?mod=id_stork2&amp;action=ConsentEvaluator&amp;%{query-string}</to>
+    </rule>
     <rule match-type="regex">
         <from>^/stork2/SendPEPSAuthnRequest$</from>
         <to type="forward">/dispatcher?mod=id_stork2&amp;action=AuthenticationRequest&amp;%{query-string}</to>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
index 9745d81c5..8b7bcf0c6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
@@ -1,21 +1,27 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
 import java.io.StringWriter;
+import java.util.ArrayList;
+import java.util.HashMap;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.storage.AssertionStorage;
 import at.gv.egovernment.moa.logging.Logger;
 import eu.stork.peps.auth.commons.PEPSUtil;
+import eu.stork.peps.auth.commons.PersonalAttribute;
 import eu.stork.peps.auth.engine.STORKSAMLEngine;
 import eu.stork.peps.exceptions.STORKSAMLEngineException;
 import org.apache.velocity.Template;
 import org.apache.velocity.VelocityContext;
 import org.apache.velocity.app.VelocityEngine;
+import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
+
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
@@ -63,6 +69,25 @@ public class ConsentEvaluator implements IAction {
 	 */
 	public String requestConsent(DataContainer container, HttpServletResponse response, OAAuthParameter oaParam) throws MOAIDException {
 		// prepare redirect
+		String newArtifactId;
+		try {
+
+			// memorize the container again
+			Logger.debug("prepare putting the container into temporary storage...");
+
+			// - generate new key
+			newArtifactId = new SecureRandomIdentifierGenerator().generateIdentifier();
+
+			// - put container in temporary store.
+			AssertionStorage.getInstance().put(newArtifactId, container);
+
+			Logger.debug("...successful");
+
+		} catch (Exception e1) {
+			// TODO should we return the response as is to the PEPS?
+			Logger.error("Error putting incomplete Stork response into temporary storage", e1);
+			throw new MOAIDException("stork.17", null);
+		}
 
 		// ask for consent
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index b1c923b9f..19d1c7f15 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -33,7 +33,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
     static {
         actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest());
         actions.put(ATTRIBUTE_COLLECTOR, new AttributeCollector());
-        actions.put(CONSENT_EVALUATOR, new ConsentEvaluatorSepp());
+        actions.put(CONSENT_EVALUATOR, new ConsentEvaluator());
     }
 
     public String getName() {
@@ -65,7 +65,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
 
         MOASTORKRequest STORK2Request = new MOASTORKRequest();
 
-		if (AttributeCollector.class.getSimpleName().equals(action) || ConsentEvaluatorSepp.class.getSimpleName().equals(action))
+		if (AttributeCollector.class.getSimpleName().equals(action) || ConsentEvaluator.class.getSimpleName().equals(action))
 			return STORK2Request;
 
         //extract STORK Response from HTTP Request
-- 
cgit v1.2.3


From eb993b9da5938138373a3ad4a619bf2e290c6cfc Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Wed, 12 Mar 2014 09:58:22 +0100
Subject: render consent html page

---
 .../moa/id/protocols/stork2/ConsentEvaluator.java  | 23 ++++++++++++++++++++++
 1 file changed, 23 insertions(+)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
index 8b7bcf0c6..5b5c00b2a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
@@ -90,6 +90,29 @@ public class ConsentEvaluator implements IAction {
 		}
 
 		// ask for consent
+		try {
+			VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
+			Template template = velocityEngine.getTemplate("/resources/templates/stork2_consent.html");
+			VelocityContext context = new VelocityContext();
+
+			context.put("action", AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/stork2/CompleteAuthentication?" + ARTIFACT_ID + "=" + newArtifactId);
+
+			// assemble table
+			String table = "";
+			for (PersonalAttribute current : container.getResponse().getPersonalAttributeList())
+				if ("Available".equals(current.getStatus()))
+					table += "<tr><td><input type=\"checkbox\" checked=\"yes\" name=\"" + current.getName() + "\"></td><td>" + current.getName() + "</td></tr>\n";
+
+			context.put("tablecontent", table);
+
+			StringWriter writer = new StringWriter();
+			template.merge(context, writer);
+			response.getOutputStream().write(writer.getBuffer().toString().getBytes());
+
+		} catch (Exception e) {
+			Logger.error("Velocity error: " + e.getMessage());
+			throw new MOAIDException("stork.17", null);
+		}
 
 		return "12345"; // AssertionId
 	}
-- 
cgit v1.2.3


From 4ade7db6124eec07aebf087721d3d478f92bdaad Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Wed, 12 Mar 2014 09:59:19 +0100
Subject: added consent-checkbox to config ui

---
 .../moa/id/configuration/data/oa/OASTORKConfig.java         | 10 ++++++++++
 .../moa/id/configuration/struts/action/EditOAAction.java    |  1 +
 .../src/main/resources/applicationResources.properties      |  1 +
 id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp      |  6 ++++++
 .../gv/egovernment/moa/id/config/auth/OAAuthParameter.java  |  5 ++++-
 .../moa/id/protocols/stork2/AttributeCollector.java         |  7 ++++++-
 .../src/main/resources/config/moaid_config_2.0.xsd          | 13 +++++++++----
 7 files changed, 37 insertions(+), 6 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
index 929a3673c..d9f2a4d85 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java
@@ -84,6 +84,7 @@ public class OASTORKConfig {
 				
 				// fetch vidp config
 				setVidpEnabled(config.isVidpEnabled());
+				setRequireConsent(config.isRequireConsent());
 
 				attributeProviderPlugins = config.getAttributeProviders();
 				// - if no attribute providers are configured, add a dummy
@@ -150,6 +151,7 @@ public class OASTORKConfig {
 	 */
 	private boolean vidpEnabled = false;
 	private List<AttributeProviderPlugin> attributeProviderPlugins = new ArrayList<AttributeProviderPlugin>();
+	private boolean requireConsent;
 
 	public List<String> getAvailableAttributeProviderPlugins() {
 		return AttributeProviderFactory.getAvailablePlugins();
@@ -170,4 +172,12 @@ public class OASTORKConfig {
 	public void setVidpEnabled(boolean update) {
 		vidpEnabled = update;
 	}
+	
+	public boolean isRequireConsent() {
+		return requireConsent;
+	}
+	
+	public void setRequireConsent(boolean update) {
+		requireConsent = update;
+	}
 }
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
index 370923ca1..f8a12e58b 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
@@ -1036,6 +1036,7 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware,
         stork.setQaa(storkOA.getQaa());
         stork.setOAAttributes(storkOA.getAttributes());
         stork.setVidpEnabled(storkOA.isVidpEnabled());
+        stork.setRequireConsent(storkOA.isRequireConsent());
         stork.setAttributeProviders(storkOA.getAttributeProviderPlugins());
 
         try {
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources.properties b/id/ConfigWebTool/src/main/resources/applicationResources.properties
index ef52892b3..18d19c06b 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources.properties
@@ -278,6 +278,7 @@ webpages.oaconfig.oauth20.clientSecret=Client Passwort
 webpages.oaconfig.oauth20.redirectUri=Redirect Uri 
 
 webpages.oaconfig.vidp.enabled=VIDP interface aktiv
+webpages.oaconfig.vidp.requireconsent=Zustimmung f\u00FCr das Ausliefern der Attribute vom Benutzer einholen?
 webpages.oaconfig.vidp.ap.new=Neuen Attribut Provider erstellen
 webpages.oaconfig.vidp.ap.remove=Entfernen
 webpages.oaconfig.vidp.ap.list=Liste der konfigurierten Attribut Provider
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp
index 78ad500ef..6749b5131 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp
@@ -537,6 +537,12 @@
 								key="webpages.oaconfig.vidp.enabled"
 								cssClass="checkbox"
 								id="OAuseVidp" /></p>
+							<p><s:checkbox name="storkOA.requireConsent" 
+								value="%{storkOA.requireConsent}"
+								labelposition="left"
+								key="webpages.oaconfig.vidp.requireconsent"
+								cssClass="checkbox"
+								id="OArequireConsent" /></p>
 							<h5><%=LanguageHelper.getGUIString("webpages.oaconfig.vidp.ap.list", request) %></h5>
 							<table id="stork_aplist">
 								<tr><th>AP Plugin</th><th>URL</th><th>Attribute (CSV)</th></tr>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
index d1de20c4d..31ba64be0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
@@ -67,7 +67,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;
 import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
 import at.gv.egovernment.moa.id.config.ConfigurationUtils;
 import at.gv.egovernment.moa.id.config.OAParameter;
-import at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider;
 import at.gv.egovernment.moa.id.util.FormBuildUtils;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
@@ -350,6 +349,10 @@ public List<OAStorkAttribute> getRequestedAttributes() {
 	return oa_auth.getOASTORK().getOAAttributes();
 }
 
+public boolean isRequireConsentForStorkAttributes() {
+	return oa_auth.getOASTORK().isRequireConsent();
+}
+
 public List<AttributeProviderPlugin> getStorkAPs() {
 	return oa_auth.getOASTORK().getAttributeProviders();
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 5d972ba00..7dbbb5734 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -148,7 +148,12 @@ public class AttributeCollector implements IAction {
 					// else, update any existing attributes
 					addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes);
             }
-            	new ConsentEvaluatorSepp().requestConsent(container, response, oaParam);
+            
+            // ask for consent if necessary
+            if(oaParam.isRequireConsentForStorkAttributes())
+            	new ConsentEvaluator().requestConsent(container, response, oaParam);
+            else
+            	new ConsentEvaluator().generateSTORKResponse(response, container);
 
             return "12345"; // AssertionId
 
diff --git a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
index b7e8f6ff3..936363169 100644
--- a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
+++ b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
@@ -883,11 +883,16 @@
 	<xsd:element name="OA_STORK">
 		<xsd:complexType>
 			<xsd:sequence>
-				<xsd:element name="StorkLogonEnabled" type="xsd:boolean"/>
-				<xsd:element ref="Qaa" minOccurs="0" maxOccurs="1"/>
-				<xsd:element ref="OAAttributes" minOccurs="0" maxOccurs="unbounded"/>
+				<xsd:element name="StorkLogonEnabled"
+					type="xsd:boolean" />
+				<xsd:element ref="Qaa" minOccurs="0" maxOccurs="1" />
+				<xsd:element ref="OAAttributes" minOccurs="0"
+					maxOccurs="unbounded" />
 				<xsd:element name="VidpEnabled" type="xsd:boolean"></xsd:element>
-				<xsd:element ref="AttributeProviders" maxOccurs="unbounded" minOccurs="0"></xsd:element>
+				<xsd:element ref="AttributeProviders"
+					maxOccurs="unbounded" minOccurs="0">
+				</xsd:element>
+				<xsd:element name="requireConsent" type="xsd:boolean"></xsd:element>
 			</xsd:sequence>
 		</xsd:complexType>
 	</xsd:element>
-- 
cgit v1.2.3


From 8ad16443ec20f49e8f14b1dc79c72a8dff674a64 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Wed, 12 Mar 2014 09:59:46 +0100
Subject: evaluate consent page result

---
 .../gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
index 5b5c00b2a..79404d4f0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
@@ -50,7 +50,14 @@ public class ConsentEvaluator implements IAction {
 			throw new MOAIDException("stork.17", null);
 		}
 
-		// TODO evaluate response
+		// evaluate response
+		for(PersonalAttribute current : container.getResponse().getPersonalAttributeList()) {
+			if(null == httpReq.getParameter(current.getName())) {
+				current.setStatus("notAvailable");
+				current.setValue(new ArrayList<String>());
+				current.setComplexValue(new HashMap<String, String>());
+			}
+		}
 
         // build and send response
         generateSTORKResponse(httpResp, container);
-- 
cgit v1.2.3


From 3e301365d8329eca98e4bbb05fbfec1c2645ff16 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 14 Mar 2014 10:40:06 +0100
Subject: remove unused imports

---
 .../java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java    | 2 --
 1 file changed, 2 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index 5bfaaa899..ada0bfa8f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -22,8 +22,6 @@
  *******************************************************************************/
 package at.gv.egovernment.moa.id.protocols.saml1;
 
-import iaik.util.logging.Log;
-
 import java.util.HashMap;
 
 import javax.servlet.http.HttpServletRequest;
-- 
cgit v1.2.3


From f421f0b7ad5feb1354248f0d51386d0340886838 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 14 Mar 2014 10:41:29 +0100
Subject: log an error if AuthConfigLoader finds no MOAIDConfiguration

---
 .../moa/id/config/auth/AuthConfigLoader.java       | 32 ++++++++++++++--------
 1 file changed, 20 insertions(+), 12 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java
index 1674715d1..b02c0946c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java
@@ -42,21 +42,29 @@ public class AuthConfigLoader implements Runnable {
 						
 				Logger.info("check for new config.");
 				MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
-				Date dbdate = moaidconfig.getTimestampItem();
-				Date pvprefresh = moaidconfig.getPvp2RefreshItem();
-
-				Date date = AuthConfigurationProvider.getTimeStamp();
-			
-				if (dbdate != null && dbdate.after(date)) {
-					AuthConfigurationProvider instance = AuthConfigurationProvider.getInstance();
-					instance.reloadDataBaseConfig();
-				}
 				
-				Date pvpdate = MOAMetadataProvider.getTimeStamp();
-				if (pvprefresh != null && pvpdate != null && pvprefresh.after(pvpdate)) {
-					MOAMetadataProvider.reInitialize();
+				if (moaidconfig != null) {									
+					Date dbdate = moaidconfig.getTimestampItem();
+					Date pvprefresh = moaidconfig.getPvp2RefreshItem();
+	
+					Date date = AuthConfigurationProvider.getTimeStamp();
+				
+					if (dbdate != null && dbdate.after(date)) {
+						AuthConfigurationProvider instance = AuthConfigurationProvider.getInstance();
+						instance.reloadDataBaseConfig();
+					}
+					
+					Date pvpdate = MOAMetadataProvider.getTimeStamp();
+					if (pvprefresh != null && pvpdate != null && pvprefresh.after(pvpdate)) {
+						MOAMetadataProvider.reInitialize();
+					}
+					
+				} else {
+					Logger.warn("MOA-ID Configuration is actually not found. Reuse old configuration.");
+					
 				}
 				
+				
 			} catch (Throwable e) {
 				Logger.warn("MOA-ID Configuration is actually not loadable. Reuse old configuration.", e);
 				
-- 
cgit v1.2.3


From 6c9e452d5ab984c1ef221c4a2e746454aa41e014 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 14 Mar 2014 12:51:53 +0100
Subject: change PKIX chaining mode constant

---
 .../gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java   | 2 +-
 .../at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java | 5 ++++-
 .../moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd    | 2 +-
 3 files changed, 6 insertions(+), 3 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
index 7ecd7dde8..9d105f151 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
@@ -446,7 +446,7 @@ public class BuildFromLegacyConfig {
 	    	//set chaining modes
 	    	ChainingModes moa_chainingModes = new ChainingModes();
 	    	moaIDConfig.setChainingModes(moa_chainingModes);
-	    	
+	    	    	
 	    	ChainingModeType type = ChainingModeType.fromValue(builder.getDefaultChainingMode());
 	    	moa_chainingModes.setSystemDefaultMode(type);
 	    	
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java
index 6ad45d8c9..682b00702 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java
@@ -113,7 +113,7 @@ public class ConfigurationBuilder {
   // chaining mode constants appearing in the configuration file
   //
   /** an XPATH-Expression */ 
-  protected static final String CM_CHAINING = "chaining";
+  public static final String CM_CHAINING = "chaining";
   /** an XPATH-Expression */ 
   protected static final String CM_PKIX = "pkix";
   /** an XPATH-Expression */ 
@@ -939,10 +939,13 @@ public List getTrustedTemplateURLs() {
   protected String translateChainingMode(String chainingMode) {
     if (chainingMode.equals(CM_CHAINING)) {
       return ChainingModes.CHAIN_MODE;
+      
     } else if (chainingMode.equals(CM_PKIX)) {
       return ChainingModes.PKIX_MODE;
+      
     } else {
       return ChainingModes.CHAIN_MODE;
+      
     }
   }
   
diff --git a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
index e6705dbb8..269da4cd6 100644
--- a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
+++ b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
@@ -569,7 +569,7 @@
 	<xsd:element name="TrustProfileID" type="xsd:string"/>
 	<xsd:simpleType name="ChainingModeType">
 		<xsd:restriction base="xsd:string">
-			<xsd:enumeration value="chaining"/>
+			<xsd:enumeration value="chain"/>
 			<xsd:enumeration value="pkix"/>
 		</xsd:restriction>
 	</xsd:simpleType>
-- 
cgit v1.2.3


From 191bd90971b488bff16a5e08d0c1b2306da5876f Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 14 Mar 2014 12:52:35 +0100
Subject: bugfix possible NullPointerException in STORK config

---
 .../id/configuration/data/GeneralMOAIDConfig.java  |  8 ++++-
 .../struts/action/EditGeneralConfigAction.java     | 19 ++++++++++--
 .../moa/id/config/stork/STORKConfig.java           | 36 ++++++++++++----------
 3 files changed, 42 insertions(+), 21 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
index d6ede8fbf..a052f403b 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
@@ -55,6 +55,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
 import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor;
 import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock;
 import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink;
+import at.gv.egovernment.moa.id.config.legacy.ConfigurationBuilder;
 import at.gv.egovernment.moa.id.configuration.Constants;
 import at.gv.egovernment.moa.id.configuration.data.pvp2.ContactForm;
 import at.gv.egovernment.moa.util.MiscUtil;
@@ -305,7 +306,12 @@ public class GeneralMOAIDConfig {
 			if (modes != null) {
 				ChainingModeType defaultmode = modes.getSystemDefaultMode();
 				if (defaultmode != null) {
-					defaultchainigmode = defaultmode.value();
+					
+					if (ConfigurationBuilder.CM_CHAINING.equals(defaultmode.value()))
+						defaultchainigmode = ChainingModeType.CHAIN.value();
+					
+					else					
+						defaultchainigmode = defaultmode.value();
 					
 				}
 				
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
index 5df12a7a5..75e07a1a0 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
@@ -41,6 +41,7 @@ import org.apache.struts2.interceptor.ServletResponseAware;
 import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
 import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
 import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral;
+import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS;
 import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType;
 import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes;
 import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType;
@@ -62,6 +63,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates;
 import at.gv.egovernment.moa.id.commons.db.dao.config.SSO;
 import at.gv.egovernment.moa.id.commons.db.dao.config.STORK;
 import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer;
+import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
 import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts;
 import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
 import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor;
@@ -483,12 +485,23 @@ public class EditGeneralConfigAction extends ActionSupport
 			ForeignIdentities oldforeign = oldauth.getForeignIdentities();
 			if (oldforeign != null) {
 				STORK oldstork = oldforeign.getSTORK();
-				if (oldstork != null)
+				if (oldstork == null)
 					oldstork = new STORK();
 
 				oldstork.setQualityAuthenticationAssuranceLevel(storkconfig.getDefaultQaa());
-				oldstork.setAttributes(storkconfig.getAttributes());
-				oldstork.setCPEPS(storkconfig.getCpepslist());
+				
+				if (storkconfig.getAttributes() != null)
+					oldstork.setAttributes(storkconfig.getAttributes());
+				
+				else
+					oldstork.setAttributes((List<StorkAttribute>) (new ArrayList<StorkAttribute>()));
+				
+				if (storkconfig.getCpepslist() != null)
+					oldstork.setCPEPS(storkconfig.getCpepslist());
+				
+				else
+					oldstork.setCPEPS((List<CPEPS>) (new ArrayList<CPEPS>()));
+				
 				dbforeign.setSTORK(oldstork);
 			}
 		}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
index ff481b825..b3a4cca78 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
@@ -58,30 +58,32 @@ public class STORKConfig {
 		this.basedirectory = basedirectory;
 		this.props = props;
 
-		//create CPEPS map
-		List<at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS> cpeps = stork.getCPEPS();
-		
 		cpepsMap = new HashMap<String, CPEPS>();
+		attr = new ArrayList<StorkAttribute>();
+		
+		if (stork != null) {
+			//create CPEPS map
+			List<at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS> cpeps = stork.getCPEPS();
+		
+			if (cpeps != null) {
+				for(at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS cpep : cpeps) {
 
-		if (cpeps != null) {
-			for(at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS cpep : cpeps) {
-
-				try {
-					CPEPS moacpep = new CPEPS(cpep.getCountryCode(), new URL(cpep.getURL()));
+					try {
+						CPEPS moacpep = new CPEPS(cpep.getCountryCode(), new URL(cpep.getURL()));
 
-					cpepsMap.put(cpep.getCountryCode(), moacpep);
+						cpepsMap.put(cpep.getCountryCode(), moacpep);
 
-				} catch (MalformedURLException e) {
-					Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
-							+ cpep.getCountryCode() + " has an invalid URL and is ignored.");
+					} catch (MalformedURLException e) {
+						Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
+								+ cpep.getCountryCode() + " has an invalid URL and is ignored.");
+					}	
 				}
 			}
-		}
 
-		attr = new ArrayList<StorkAttribute>();
-		if (stork.getAttributes() != null) {
-			for(StorkAttribute current : stork.getAttributes()) {
-				attr.add(current);
+			if (stork.getAttributes() != null) {
+				for(StorkAttribute current : stork.getAttributes()) {
+					attr.add(current);
+				}
 			}
 		}
 
-- 
cgit v1.2.3


From 76dd4489a0b0b93ff08c7c684ca229df6f29c0cb Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 14 Mar 2014 13:39:50 +0100
Subject: Revert "change PKIX chaining mode constant"

This reverts commit 6c9e452d5ab984c1ef221c4a2e746454aa41e014.
---
 .../moa/id/configuration/data/GeneralMOAIDConfig.java       |  6 +-----
 .../moa/id/config/legacy/BuildFromLegacyConfig.java         | 13 +++++++++++--
 .../moa/id/config/legacy/ConfigurationBuilder.java          |  5 +----
 .../src/main/resources/config/moaid_config_2.0.xsd          |  2 +-
 4 files changed, 14 insertions(+), 12 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
index a052f403b..773dd8e7c 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
@@ -307,11 +307,7 @@ public class GeneralMOAIDConfig {
 				ChainingModeType defaultmode = modes.getSystemDefaultMode();
 				if (defaultmode != null) {
 					
-					if (ConfigurationBuilder.CM_CHAINING.equals(defaultmode.value()))
-						defaultchainigmode = ChainingModeType.CHAIN.value();
-					
-					else					
-						defaultchainigmode = defaultmode.value();
+					defaultchainigmode = defaultmode.value();
 					
 				}
 				
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
index 9d105f151..7039bdb7f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
@@ -446,8 +446,17 @@ public class BuildFromLegacyConfig {
 	    	//set chaining modes
 	    	ChainingModes moa_chainingModes = new ChainingModes();
 	    	moaIDConfig.setChainingModes(moa_chainingModes);
-	    	    	
-	    	ChainingModeType type = ChainingModeType.fromValue(builder.getDefaultChainingMode());
+	    	
+	    	
+	    	
+	    	String defaultmode = builder.getDefaultChainingMode();
+	    	ChainingModeType type;
+	    	if (defaultmode.equals(iaik.pki.pathvalidation.ChainingModes.CHAIN_MODE))
+	    		type = ChainingModeType.CHAINING;
+	    	else
+	    		type = ChainingModeType.PKIX;
+	    	
+	    	
 	    	moa_chainingModes.setSystemDefaultMode(type);
 	    	
 	    	Map<IssuerAndSerial, String> chainingModes = builder.buildChainingModes();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java
index 682b00702..6ad45d8c9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java
@@ -113,7 +113,7 @@ public class ConfigurationBuilder {
   // chaining mode constants appearing in the configuration file
   //
   /** an XPATH-Expression */ 
-  public static final String CM_CHAINING = "chaining";
+  protected static final String CM_CHAINING = "chaining";
   /** an XPATH-Expression */ 
   protected static final String CM_PKIX = "pkix";
   /** an XPATH-Expression */ 
@@ -939,13 +939,10 @@ public List getTrustedTemplateURLs() {
   protected String translateChainingMode(String chainingMode) {
     if (chainingMode.equals(CM_CHAINING)) {
       return ChainingModes.CHAIN_MODE;
-      
     } else if (chainingMode.equals(CM_PKIX)) {
       return ChainingModes.PKIX_MODE;
-      
     } else {
       return ChainingModes.CHAIN_MODE;
-      
     }
   }
   
diff --git a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
index 269da4cd6..e6705dbb8 100644
--- a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
+++ b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
@@ -569,7 +569,7 @@
 	<xsd:element name="TrustProfileID" type="xsd:string"/>
 	<xsd:simpleType name="ChainingModeType">
 		<xsd:restriction base="xsd:string">
-			<xsd:enumeration value="chain"/>
+			<xsd:enumeration value="chaining"/>
 			<xsd:enumeration value="pkix"/>
 		</xsd:restriction>
 	</xsd:simpleType>
-- 
cgit v1.2.3


From 60ac2a89fce86eb1e8344eb22535cfdd0b9aa147 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Fri, 14 Mar 2014 18:37:56 +0100
Subject: attr

---
 id/ConfigWebTool/ConfigurationInterface.iml        |  9 ++--
 id/pom.xml                                         |  5 +++
 id/server/auth/moa-id-auth.iml                     |  9 ++--
 id/server/idserverlib/moa-id-lib.iml               |  9 ++--
 id/server/idserverlib/pom.xml                      |  5 ++-
 .../id/protocols/stork2/AttributeCollector.java    |  1 +
 .../protocols/stork2/AttributeProviderFactory.java | 10 ++++-
 .../id/protocols/stork2/AuthenticationRequest.java | 32 ++++++++++++-
 .../moa/id/protocols/stork2/ConsentEvaluator.java  |  8 +++-
 .../stork2/MandateAttributeRequestProvider.java    | 52 ++++++++++++++++++++++
 .../src/main/resources/config/moaid_config_2.0.xsd |  2 +-
 id/server/pom.xml                                  |  2 +-
 id/server/proxy/moa-id-proxy.iml                   |  9 ++--
 pom.xml                                            |  2 +-
 14 files changed, 125 insertions(+), 30 deletions(-)
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/ConfigWebTool/ConfigurationInterface.iml b/id/ConfigWebTool/ConfigurationInterface.iml
index 13c327c84..77fafd064 100644
--- a/id/ConfigWebTool/ConfigurationInterface.iml
+++ b/id/ConfigWebTool/ConfigurationInterface.iml
@@ -35,7 +35,6 @@
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-log4j12:1.6.6" level="project" />
-    <orderEntry type="library" name="Maven: eu.medsea.mimeutil:mime-util:2.1.3" level="project" />
     <orderEntry type="library" scope="PROVIDED" name="Maven: javax.servlet:jstl:1.2" level="project" />
     <orderEntry type="library" scope="PROVIDED" name="Maven: javax.servlet:servlet-api:2.4" level="project" />
     <orderEntry type="library" name="Maven: log4j:log4j:1.2.14" level="project" />
@@ -106,8 +105,8 @@
     <orderEntry type="library" name="Maven: com.sun.xml.bind:jaxb-xjc:2.2.4-1" level="project" />
     <orderEntry type="library" name="Maven: mysql:mysql-connector-java:5.1.25" level="project" />
     <orderEntry type="module" module-name="moa-id-lib" />
-    <orderEntry type="module" module-name="SamlEngine" />
-    <orderEntry type="library" name="Maven: eu.stork:Commons:1.2.0" level="project" />
+    <orderEntry type="library" name="Maven: eu.stork:SamlEngine:1.4.0" level="project" />
+    <orderEntry type="library" name="Maven: eu.stork:Commons:1.4.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:opensaml:2.6.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:openws:1.5.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:xmltooling:1.4.0" level="project" />
@@ -125,7 +124,7 @@
     <orderEntry type="library" name="Maven: org.apache.velocity:velocity:1.7" level="project" />
     <orderEntry type="library" name="Maven: org.owasp.esapi:esapi:2.0.1" level="project" />
     <orderEntry type="library" name="Maven: org.bouncycastle:bcprov-jdk16:1.46" level="project" />
-    <orderEntry type="library" name="Maven: eu.stork:oasis-dss-api:1.0.0-SNAPSHOT" level="project" />
+    <orderEntry type="library" name="Maven: eu.stork:oasis-dss-api:1.0.0-RELEASE" level="project" />
     <orderEntry type="library" name="Maven: eu.medsea.mimeutil:mime-util:2.1.3" level="project" />
     <orderEntry type="module" module-name="moa-spss-lib" />
     <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
@@ -165,7 +164,7 @@
     <orderEntry type="library" name="Maven: iaik.prod:iaik_jsse:4.4" level="project" />
     <orderEntry type="library" name="Maven: com.sun:webservices-tools:2.0.1" level="project" />
     <orderEntry type="library" name="Maven: com.sun:webservices-rt:2.0.1" level="project" />
-    <orderEntry type="library" name="Maven: commons-fileupload:commons-fileupload:1.1.1" level="project" />
+    <orderEntry type="library" name="Maven: commons-fileupload:commons-fileupload:1.3" level="project" />
     <orderEntry type="library" name="Maven: dav4j:dav4j:0.1" level="project" />
     <orderEntry type="library" name="Maven: httpsclient:httpsclient:JSSE-1.0" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_X509TrustManager:0.3" level="project" />
diff --git a/id/pom.xml b/id/pom.xml
index bd3344638..5eb67cc9f 100644
--- a/id/pom.xml
+++ b/id/pom.xml
@@ -43,6 +43,11 @@
                                         <!-- <exclude>commons-logging</exclude> -->
                                         <exclude>org.slf4j:1.5*</exclude>
                                         <exclude>org.slf4j:1.6*</exclude>
+                                        <exclude>SamlEngine:1.1*</exclude>
+                                        <exclude>SamlEngine:1.2*</exclude>
+                                        <exclude>Commons:1.1*</exclude>
+                                        <exclude>Commons:1.2*</exclude>
+
                                         <!--   <exclude>org.springframework:2.*</exclude>
                                            <exclude>org.springframework:3.0.*</exclude>     -->
                                     </excludes>
diff --git a/id/server/auth/moa-id-auth.iml b/id/server/auth/moa-id-auth.iml
index 815c21ef2..c431a320c 100644
--- a/id/server/auth/moa-id-auth.iml
+++ b/id/server/auth/moa-id-auth.iml
@@ -23,7 +23,6 @@
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-log4j12:1.6.6" level="project" />
-    <orderEntry type="library" name="Maven: eu.medsea.mimeutil:mime-util:2.1.3" level="project" />
     <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
     <orderEntry type="library" name="Maven: org.tuckey:urlrewritefilter:4.0.3" level="project" />
     <orderEntry type="module" module-name="moa-spss-lib" />
@@ -78,8 +77,8 @@
     <orderEntry type="library" name="Maven: iaik.prod:iaik_xsect:1.1709142" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_jsse:4.4" level="project" />
     <orderEntry type="module" module-name="moa-id-lib" />
-    <orderEntry type="module" module-name="SamlEngine" />
-    <orderEntry type="library" name="Maven: eu.stork:Commons:1.2.0" level="project" />
+    <orderEntry type="library" name="Maven: eu.stork:SamlEngine:1.4.0" level="project" />
+    <orderEntry type="library" name="Maven: eu.stork:Commons:1.4.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:opensaml:2.6.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:openws:1.5.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:xmltooling:1.4.0" level="project" />
@@ -98,7 +97,7 @@
     <orderEntry type="library" name="Maven: org.apache.velocity:velocity:1.7" level="project" />
     <orderEntry type="library" name="Maven: org.owasp.esapi:esapi:2.0.1" level="project" />
     <orderEntry type="library" name="Maven: org.bouncycastle:bcprov-jdk16:1.46" level="project" />
-    <orderEntry type="library" name="Maven: eu.stork:oasis-dss-api:1.0.0-SNAPSHOT" level="project" />
+    <orderEntry type="library" name="Maven: eu.stork:oasis-dss-api:1.0.0-RELEASE" level="project" />
     <orderEntry type="library" scope="TEST" name="Maven: junit:junit:3.8.1" level="project" />
     <orderEntry type="library" name="Maven: eu.medsea.mimeutil:mime-util:2.1.3" level="project" />
     <orderEntry type="module" module-name="moa-id-commons" />
@@ -153,7 +152,7 @@
     <orderEntry type="library" name="Maven: mysql:mysql-connector-java:5.1.25" level="project" />
     <orderEntry type="library" name="Maven: com.sun:webservices-tools:2.0.1" level="project" />
     <orderEntry type="library" name="Maven: com.sun:webservices-rt:2.0.1" level="project" />
-    <orderEntry type="library" name="Maven: commons-fileupload:commons-fileupload:1.1.1" level="project" />
+    <orderEntry type="library" name="Maven: commons-fileupload:commons-fileupload:1.3" level="project" />
     <orderEntry type="library" name="Maven: dav4j:dav4j:0.1" level="project" />
     <orderEntry type="library" name="Maven: httpsclient:httpsclient:JSSE-1.0" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_X509TrustManager:0.3" level="project" />
diff --git a/id/server/idserverlib/moa-id-lib.iml b/id/server/idserverlib/moa-id-lib.iml
index 47c38c069..0bcb37f55 100644
--- a/id/server/idserverlib/moa-id-lib.iml
+++ b/id/server/idserverlib/moa-id-lib.iml
@@ -13,9 +13,8 @@
     <orderEntry type="sourceFolder" forTests="false" />
     <orderEntry type="library" name="Maven: eu.stork.mw.core:stork-saml-engine:2.0" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-log4j12:1.6.6" level="project" />
-    <orderEntry type="library" name="Maven: eu.medsea.mimeutil:mime-util:2.1.3" level="project" />
-    <orderEntry type="module" module-name="SamlEngine" />
-    <orderEntry type="library" name="Maven: eu.stork:Commons:1.2.0" level="project" />
+    <orderEntry type="library" name="Maven: eu.stork:SamlEngine:1.4.0" level="project" />
+    <orderEntry type="library" name="Maven: eu.stork:Commons:1.4.0" level="project" />
     <orderEntry type="library" name="Maven: joda-time:joda-time:2.3" level="project" />
     <orderEntry type="library" name="Maven: log4j:log4j:1.2.14" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:opensaml:2.6.0" level="project" />
@@ -42,7 +41,7 @@
     <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: commons-io:commons-io:1.3.2" level="project" />
-    <orderEntry type="library" name="Maven: eu.stork:oasis-dss-api:1.0.0-SNAPSHOT" level="project" />
+    <orderEntry type="library" name="Maven: eu.stork:oasis-dss-api:1.0.0-RELEASE" level="project" />
     <orderEntry type="library" scope="TEST" name="Maven: junit:junit:3.8.1" level="project" />
     <orderEntry type="library" name="Maven: eu.medsea.mimeutil:mime-util:2.1.3" level="project" />
     <orderEntry type="module" module-name="moa-id-commons" />
@@ -142,7 +141,7 @@
     <orderEntry type="library" name="Maven: iaik.prod:iaik_jsse:4.4" level="project" />
     <orderEntry type="library" name="Maven: com.sun:webservices-tools:2.0.1" level="project" />
     <orderEntry type="library" name="Maven: com.sun:webservices-rt:2.0.1" level="project" />
-    <orderEntry type="library" name="Maven: commons-fileupload:commons-fileupload:1.1.1" level="project" />
+    <orderEntry type="library" name="Maven: commons-fileupload:commons-fileupload:1.3" level="project" />
     <orderEntry type="library" name="Maven: dav4j:dav4j:0.1" level="project" />
     <orderEntry type="library" name="Maven: httpsclient:httpsclient:JSSE-1.0" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_X509TrustManager:0.3" level="project" />
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index 59275055f..f495ba9b3 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -56,12 +56,12 @@
         <dependency>
             <groupId>eu.stork</groupId>
             <artifactId>Commons</artifactId>
-            <version>1.2.0</version>
+            <version>1.4.0</version>
         </dependency>
         <dependency>
             <groupId>eu.stork</groupId>
             <artifactId>SamlEngine</artifactId>
-            <version>1.1.0</version>
+            <version>1.4.0</version>
         </dependency>
 
     <dependency>
@@ -195,6 +195,7 @@
 		<dependency>
 			<groupId>commons-fileupload</groupId>
 			<artifactId>commons-fileupload</artifactId>
+            <version>1.3</version>
 		</dependency>
 		<dependency>
 			<groupId>commons-httpclient</groupId>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 7dbbb5734..1dfccb6c0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -178,6 +178,7 @@ public class AttributeCollector implements IAction {
             } catch (Exception e1) {
                 // TODO should we return the response as is to the PEPS?
                 Logger.error("Error putting incomplete Stork response into temporary storage", e1);
+                e1.printStackTrace();
                 throw new MOAIDException("stork.11", null);
             }
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
index c998b5f69..a8a9d9677 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
@@ -1,6 +1,7 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
 import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin;
+import at.gv.egovernment.moa.logging.Logger;
 
 import java.util.ArrayList;
 import java.util.List;
@@ -20,6 +21,7 @@ public class AttributeProviderFactory {
         result.add("StorkAttributeRequestProvider");
         result.add("EHvdAttributeProvider");
         result.add("SignedDocAttributeRequestProvider");
+        result.add("MandateAttributeRequestProvider");
 
         return result;
     }
@@ -38,6 +40,8 @@ public class AttributeProviderFactory {
             return new EHvdAttributeProviderPlugin(url, attributes);
         } else if (shortname.equals("SignedDocAttributeRequestProvider")) {
             return new SignedDocAttributeRequestProvider(url, attributes);
+        } else if (shortname.equals("MandateAttributeRequestProvider")) {
+            return new MandateAttributeRequestProvider(url, attributes);
         } else {
             return null;
         }
@@ -51,10 +55,14 @@ public class AttributeProviderFactory {
      */
     public static List<AttributeProvider> getConfiguredPlugins(
             List<AttributeProviderPlugin> configuredAPs) {
+        Logger.setHierarchy("moa.id.protocols.stork2");
 
         List<AttributeProvider> result = new ArrayList<AttributeProvider>();
-        for (AttributeProviderPlugin current : configuredAPs)
+        for (AttributeProviderPlugin current : configuredAPs) {
+
             result.add(create(current.getName(), current.getUrl(), current.getAttributes()));
+            Logger.debug("Adding configured attribute provider: " + current.getClass().getName() + current.getName() + " at " + current.getUrl());
+        }
 
         return result;
     }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 3d5fbd337..442fa8a5b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -10,8 +10,11 @@ import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate;
 import at.gv.egovernment.moa.logging.Logger;
 import eu.stork.peps.auth.commons.*;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
 import org.apache.velocity.app.VelocityEngine;
 import org.apache.velocity.runtime.RuntimeConstants;
+import org.joda.time.DateTime;
 import org.w3c.dom.Element;
 import org.w3c.dom.NamedNodeMap;
 
@@ -61,13 +64,25 @@ public class AuthenticationRequest implements IAction {
             // check if we have authentication request
             else if (moaStorkRequest.isAuthnRequest()) {
                 Logger.debug("Starting AuthenticationRequest");
-
                 moaStorkResponse.setSTORKAuthnResponse(new STORKAuthnResponse());
+
                 // Get personal attributtes from MOA/IdentityLink
                 moaStorkResponse.setPersonalAttributeList(populateAttributes());
+
+
+                STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
+                STORKAuthnResponse authnResponse = new STORKAuthnResponse();
+
+                Logger.debug("Starting generation of SAML response");
+                try {
+                    moaStorkResponse.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(moaStorkRequest.getStorkAuthnRequest(), moaStorkResponse.getStorkAuthnResponse(),httpReq.getRemoteAddr(), false));
+                } catch (STORKSAMLEngineException ex) {
+                    // TODO
+                }
+
             }
             
-            moaStorkResponse.setCountry(moaStorkRequest.getSpCountry());
+            //moaStorkResponse.setCountry(moaStorkRequest.getSpCountry());
 
             // Prepare extended attributes
             Logger.debug("Preparing data container");
@@ -84,6 +99,19 @@ public class AuthenticationRequest implements IAction {
             container.setRemoteAddress(httpReq.getRemoteAddr());
 
 
+            STORKAuthnResponse arep = moaStorkResponse.getStorkAuthnResponse();
+
+
+            arep.setCountry("XX");
+            arep.setInResponseTo("xxxx");
+            arep.setMessage("xxxx");
+            arep.setSamlId("xxxx");
+            arep.setStatusCode("xxxx");
+
+           // arep.setNotBefore(new DateTime().withTimeAtStartOfDay());
+           // arep.setNotOnOrAfter(new DateTime().withTimeAtStartOfDay());
+
+
             Logger.debug("Data container prepared");
 
             return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
index 79404d4f0..19ec754ee 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
@@ -15,11 +15,13 @@ import at.gv.egovernment.moa.id.storage.AssertionStorage;
 import at.gv.egovernment.moa.logging.Logger;
 import eu.stork.peps.auth.commons.PEPSUtil;
 import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.STORKAuthnResponse;
 import eu.stork.peps.auth.engine.STORKSAMLEngine;
 import eu.stork.peps.exceptions.STORKSAMLEngineException;
 import org.apache.velocity.Template;
 import org.apache.velocity.VelocityContext;
 import org.apache.velocity.app.VelocityEngine;
+import org.joda.time.DateTime;
 import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
 
 import javax.servlet.http.HttpServletRequest;
@@ -92,7 +94,8 @@ public class ConsentEvaluator implements IAction {
 
 		} catch (Exception e1) {
 			// TODO should we return the response as is to the PEPS?
-			Logger.error("Error putting incomplete Stork response into temporary storage", e1);
+			e1.printStackTrace();
+            Logger.error("Error putting incomplete Stork response into temporary storage", e1);
 			throw new MOAIDException("stork.17", null);
 		}
 
@@ -143,7 +146,8 @@ public class ConsentEvaluator implements IAction {
 				response.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(request.getStorkAuthnRequest(), response.getStorkAuthnResponse(), container.getRemoteAddress(), false));
 			else
 				response.setSTORKAttrResponse(engine.generateSTORKAttrQueryResponse(request.getStorkAttrQueryRequest(), response.getStorkAttrQueryResponse(), container.getRemoteAddress(), "", false));
-				
+
+
             //generateSAML Token
             Logger.info("SAML response succesfully generated!");
         } catch (STORKSAMLEngineException e) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java
new file mode 100644
index 000000000..123999166
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java
@@ -0,0 +1,52 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.logging.Logger;
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ *  Provides mandate attribute from MIS
+ *
+ */
+public class MandateAttributeRequestProvider implements AttributeProvider {
+    /** The destination. */
+    private Object destination;
+
+    /** The attributes. */
+    private String attributes;
+
+    public MandateAttributeRequestProvider(String url, String supportedAttributes) {
+        Logger.setHierarchy("moa.id.protocols.stork2");
+        destination = url;
+        attributes = supportedAttributes;
+    }
+
+    public IPersonalAttributeList acquire(PersonalAttribute attribute, String spCountyCode, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException {
+        Logger.info("Acquiring attribute: " + this.getClass().getName());
+        // break if we cannot handle the requested attribute
+        if(!attributes.contains(attribute.getName()))
+            throw new UnsupportedAttributeException();
+        PersonalAttributeList result = new PersonalAttributeList();
+        //return result;
+        throw new ExternalAttributeRequestRequiredException(this);
+    }
+
+    public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException {
+        Logger.info("Redirecting: " + this.getClass().getName());
+
+    }
+
+    public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException {
+        Logger.info("Parsing attribute: " + this.getClass().getName());
+
+        return null;  //
+    }
+}
diff --git a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
index 936363169..3a2b8cc62 100644
--- a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
+++ b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
@@ -892,7 +892,7 @@
 				<xsd:element ref="AttributeProviders"
 					maxOccurs="unbounded" minOccurs="0">
 				</xsd:element>
-				<xsd:element name="requireConsent" type="xsd:boolean"></xsd:element>
+				<xsd:element name="requireConsent" type="xsd:boolean" ></xsd:element>
 			</xsd:sequence>
 		</xsd:complexType>
 	</xsd:element>
diff --git a/id/server/pom.xml b/id/server/pom.xml
index 056accdad..fbaeaeaf1 100644
--- a/id/server/pom.xml
+++ b/id/server/pom.xml
@@ -18,7 +18,7 @@
         <module>proxy</module>
         <module>auth</module>
         <module>moa-id-commons</module>
-        <module>stork2-saml-engine</module>
+        <!-- <module>stork2-saml-engine</module>-->
     </modules>
 
     <properties>
diff --git a/id/server/proxy/moa-id-proxy.iml b/id/server/proxy/moa-id-proxy.iml
index d0e7de0b2..ebb14c7b0 100644
--- a/id/server/proxy/moa-id-proxy.iml
+++ b/id/server/proxy/moa-id-proxy.iml
@@ -21,7 +21,6 @@
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-log4j12:1.6.6" level="project" />
-    <orderEntry type="library" name="Maven: eu.medsea.mimeutil:mime-util:2.1.3" level="project" />
     <orderEntry type="library" name="Maven: axis:axis:1.0_IAIK" level="project" />
     <orderEntry type="module" module-name="moa-spss-lib" />
     <orderEntry type="library" name="Maven: org.apache.axis:axis-jaxrpc:1.4" level="project" />
@@ -75,8 +74,8 @@
     <orderEntry type="library" name="Maven: iaik.prod:iaik_xsect:1.1709142" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_jsse:4.4" level="project" />
     <orderEntry type="module" module-name="moa-id-lib" />
-    <orderEntry type="module" module-name="SamlEngine" />
-    <orderEntry type="library" name="Maven: eu.stork:Commons:1.2.0" level="project" />
+    <orderEntry type="library" name="Maven: eu.stork:SamlEngine:1.4.0" level="project" />
+    <orderEntry type="library" name="Maven: eu.stork:Commons:1.4.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:opensaml:2.6.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:openws:1.5.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:xmltooling:1.4.0" level="project" />
@@ -95,7 +94,7 @@
     <orderEntry type="library" name="Maven: org.apache.velocity:velocity:1.7" level="project" />
     <orderEntry type="library" name="Maven: org.owasp.esapi:esapi:2.0.1" level="project" />
     <orderEntry type="library" name="Maven: org.bouncycastle:bcprov-jdk16:1.46" level="project" />
-    <orderEntry type="library" name="Maven: eu.stork:oasis-dss-api:1.0.0-SNAPSHOT" level="project" />
+    <orderEntry type="library" name="Maven: eu.stork:oasis-dss-api:1.0.0-RELEASE" level="project" />
     <orderEntry type="library" scope="TEST" name="Maven: junit:junit:3.8.1" level="project" />
     <orderEntry type="library" name="Maven: eu.medsea.mimeutil:mime-util:2.1.3" level="project" />
     <orderEntry type="module" module-name="moa-id-commons" />
@@ -150,7 +149,7 @@
     <orderEntry type="library" name="Maven: mysql:mysql-connector-java:5.1.25" level="project" />
     <orderEntry type="library" name="Maven: com.sun:webservices-tools:2.0.1" level="project" />
     <orderEntry type="library" name="Maven: com.sun:webservices-rt:2.0.1" level="project" />
-    <orderEntry type="library" name="Maven: commons-fileupload:commons-fileupload:1.1.1" level="project" />
+    <orderEntry type="library" name="Maven: commons-fileupload:commons-fileupload:1.3" level="project" />
     <orderEntry type="library" name="Maven: dav4j:dav4j:0.1" level="project" />
     <orderEntry type="library" name="Maven: httpsclient:httpsclient:JSSE-1.0" level="project" />
     <orderEntry type="library" name="Maven: iaik.prod:iaik_X509TrustManager:0.3" level="project" />
diff --git a/pom.xml b/pom.xml
index c4126fbfb..045c8b545 100644
--- a/pom.xml
+++ b/pom.xml
@@ -163,7 +163,7 @@
             <dependency>
                 <groupId>commons-fileupload</groupId>
                 <artifactId>commons-fileupload</artifactId>
-                <version>1.1.1</version>
+                <version>1.3</version>
             </dependency>
             <dependency>
                <groupId>commons-httpclient</groupId>
-- 
cgit v1.2.3


From a442134f88a2e766ea6fdce9b80075c5a9a8b420 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 17 Mar 2014 11:35:05 +0100
Subject: add additonal STORK error messages

---
 .../moa/id/auth/AuthenticationServer.java          | 37 ++++++++++++++++------
 .../resources/properties/id_messages_de.properties |  1 +
 2 files changed, 29 insertions(+), 9 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index fd47c5f53..766f6e984 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -1714,7 +1714,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 * @throws SZRGWClientException 
 	   */
 
-	     public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String gender, String citizenSignature, String represented, String representative, String mandateContent, String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, String filters) throws SZRGWClientException {
+	     public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String gender, String citizenSignature, String represented, String representative, String mandateContent, String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, List<String> filters) throws SZRGWClientException {
 
 			try {
 		    	AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance();
@@ -1751,7 +1751,9 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 			    	
 			    	Filters filterObject = new Filters();
 			    	MandateIdentifiers mandateIds = new MandateIdentifiers();
-			        for(String current : filters.split(","))
+			    	
+			    	//TODO!
+			        for(String current : filters)
 			        	mandateIds.getMandateIdentifier().add(current.trim());
 			    	filterObject.setMandateIdentifiers(mandateIds);
 			    	mis.setFilters(filterObject);
@@ -1815,7 +1817,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 */
 	public CreateIdentityLinkResponse getIdentityLink(String citizenSignature,
 			String representative, String represented, String mandateContent,
-			String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, String filters) throws SZRGWClientException {
+			String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, List<String> filters) throws SZRGWClientException {
 		return getIdentityLink(null, null, null, null, null,
 				citizenSignature, represented, representative, mandateContent, organizationAddress,
 				organizationType, targetType, targetValue, oaFriendlyName, filters);
@@ -1838,7 +1840,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 public CreateIdentityLinkResponse getIdentityLink(String eIdentifier,
  			String givenName, String lastName, String dateOfBirth, String gender,
  			String citizenSignature, String representative, String represented,
- 			String mandate, String targetType, String targetValue, String oaFriendlyName, String filters) throws SZRGWClientException {
+ 			String mandate, String targetType, String targetValue, String oaFriendlyName, List<String> filters) throws SZRGWClientException {
  		return getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, gender,
  				citizenSignature, representative, represented, mandate, null,
  				null, targetType, targetValue, oaFriendlyName, filters);
@@ -1959,12 +1961,27 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 
     	Logger.debug("STORK AuthnRequest succesfully assembled.");
 
-    	STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("outgoing");
+    	STORKSAMLEngine samlEngine = null;
+    	
+    	try {
+    		samlEngine = STORKSAMLEngine.getInstance("outgoing");
+    		
+    	} catch (Exception e) {
+    		Logger.error("STORK engine initialization FAILED with error " 
+    				+ e.getLocalizedMessage(), e);
+    		throw new MOAIDException("stork.11", null, e);
+  	    		
+    	}
+    	if (samlEngine == null)
+    		throw new MOAIDException("stork.11", null);
+    		
+    		
     	try {
     		authnRequest = samlEngine.generateSTORKAuthnRequest(authnRequest);
-    	} catch (STORKSAMLEngineException e) {
+    					
+		} catch (Exception e ) {
 			Logger.error("Could not sign STORK SAML AuthnRequest.", e);
-			throw new MOAIDException("stork.00", null);
+			throw new MOAIDException("stork.00", null, e);
 		}
 
 		Logger.info("STORK AuthnRequest successfully signed!");
@@ -1972,10 +1989,12 @@ public class AuthenticationServer implements MOAIDAuthConstants {
     	//validate AuthnRequest
 		try {
 			samlEngine.validateSTORKAuthnRequest(authnRequest.getTokenSaml());
-		} catch (STORKSAMLEngineException e) {
+			
+		} catch (Exception e) {
 			Logger.error("STORK SAML AuthnRequest not valid.", e);
 			throw new MOAIDException("stork.01", null);
-		}	
+			
+		}
 		
 		Logger.debug("STORK AuthnRequest successfully internally validated.");
 		
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
index 2559d3d18..ec787d745 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
@@ -205,6 +205,7 @@ stork.07=Es existiert kein STORK AuthnRequest f\u00FCr diese STORK Response
 stork.08=STORK SAML Assertion Validierung fehlgeschlagen
 stork.09=Fehler beim \u00FCberpr\u00FCfen der STORK B\u00FCrgerInnen Signatur
 stork.10=Fehler in der Verbindung zum SZR-Gateway
+stork.11=STORK-SAML Engine konnte nicht initialisiert werden.  
 
 pvp2.00={0} ist kein gueltiger consumer service index
 pvp2.01=Fehler beim kodieren der PVP2 Antwort
-- 
cgit v1.2.3


From ab9c1d3b201ca110f33831133a85ea2da353e5d8 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 17 Mar 2014 11:35:59 +0100
Subject: change mandate profile configuration

---
 .../id/configuration/data/oa/OAGeneralConfig.java  | 30 +++++++++++++++++-----
 .../configuration/struts/action/EditOAAction.java  | 19 ++++++++++++--
 .../servlet/VerifyAuthenticationBlockServlet.java  | 13 +++++-----
 .../moa/id/auth/stork/STORKResponseProcessor.java  |  2 +-
 .../moa/id/config/auth/OAAuthParameter.java        | 28 +++++++++++++++++---
 .../id/config/legacy/BuildFromLegacyConfig.java    | 21 +++++++++++++--
 .../id/util/client/mis/simple/MISSimpleClient.java |  8 +++---
 .../src/main/resources/config/moaid_config_2.0.xsd |  3 ++-
 8 files changed, 98 insertions(+), 26 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
index ba58701fc..990227738 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
@@ -37,6 +37,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
 import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
 import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector;
 import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates;
+import at.gv.egovernment.moa.id.commons.db.dao.config.MandatesProfileNameItem;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
 import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
 import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;
@@ -212,15 +213,32 @@ public class OAGeneralConfig {
 			Mandates mandates = oaauth.getMandates();
 			if (mandates != null) {
 				
-				if (MiscUtil.isNotEmpty(mandates.getProfiles())) {
-					mandateProfiles = mandates.getProfiles();
-					useMandates = true;
+				mandateProfiles = null;
+				
+				List<MandatesProfileNameItem> profileList = mandates.getProfileNameItems();
+				for (MandatesProfileNameItem el : profileList) {
+					if (mandateProfiles == null)
+						mandateProfiles = el.getItem();
 					
-				} else {
-					mandateProfiles = new String();
-					useMandates = false;
+					else
+						mandateProfiles += "," + el.getItem();
 				}
 				
+				//TODO: only for RC1
+				if (MiscUtil.isNotEmpty(mandates.getProfiles())) {
+					if (mandateProfiles == null)
+						mandateProfiles = mandates.getProfiles();
+					
+					else
+						mandateProfiles += "," + mandates.getProfiles();
+					
+				} 
+				
+				if (mandateProfiles != null)
+					useMandates = true;
+				
+				else
+					useMandates = false;
 				
 			}
 			
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
index fd4030937..131a27935 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
@@ -45,6 +45,7 @@ import javax.servlet.http.HttpSession;
 import org.apache.log4j.Logger;
 import org.apache.struts2.interceptor.ServletRequestAware;
 import org.apache.struts2.interceptor.ServletResponseAware;
+import org.bouncycastle.asn1.InMemoryRepresentable;
 
 import at.gv.egovernment.moa.id.auth.builder.LoginFormBuilder;
 import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
@@ -57,6 +58,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
 import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
 import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector;
 import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates;
+import at.gv.egovernment.moa.id.commons.db.dao.config.MandatesProfileNameItem;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1;
@@ -909,10 +911,23 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware,
 		
 		Mandates mandates = new Mandates();
 		if (generalOA.isUseMandates()) {
-			mandates.setProfiles(generalOA.getMandateProfiles());
+			if (MiscUtil.isNotEmpty(generalOA.getMandateProfiles())) {
+				List<MandatesProfileNameItem> profileList = new ArrayList<MandatesProfileNameItem>();
+				String[] inputList = generalOA.getMandateProfiles().split(",");
+				for (int i=0; i<inputList.length; i++) {
+					
+					MandatesProfileNameItem item = new MandatesProfileNameItem();
+					item.setItem(inputList[i]);
+					profileList.add(item);
+				}
+				mandates.setProfileNameItems(profileList );
+				mandates.setProfiles(null);
+			}
+			
 			
 		} else {
-			mandates.setProfiles(new String());
+			mandates.setProfiles(null);
+			mandates.setProfileNameItems(null);
 		}
 		
 		authoa.setMandates(mandates);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
index 4f722c8b3..7a4bc03f8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
@@ -50,6 +50,7 @@ import iaik.pki.PKIException;
 
 import java.io.IOException;
 import java.security.GeneralSecurityException;
+import java.util.List;
 import java.util.Map;
 
 import javax.net.ssl.SSLSocketFactory;
@@ -220,17 +221,17 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
 					
 			        String oaURL = session.getOAURLRequested();
 			        OAAuthParameter oaParam = authConf.getOnlineApplicationParameter(oaURL);
-			        String profiles = oaParam.getMandateProfiles();
+			        List<String> profiles = oaParam.getMandateProfiles();
 
 			        if (profiles == null) {
 			      	  Logger.error("No Mandate/Profile for OA configured.");
 			      	  throw new AuthenticationException("auth.16", new Object[] { GET_MIS_SESSIONID});
 			        }
 			        
-			        String profilesArray[] = profiles.split(",");  	 		 
-			        for(int i = 0; i < profilesArray.length; i++) {
-			      	  profilesArray[i] = profilesArray[i].trim();
-			        }
+//			        String profilesArray[] = profiles.split(",");  	 		 
+//			        for(int i = 0; i < profilesArray.length; i++) {
+//			      	  profilesArray[i] = profilesArray[i].trim();
+//			        }
 			        
 			        String oaFriendlyName = oaParam.getFriendlyName();
 			        String mandateReferenceValue = session.getMandateReferenceValue();
@@ -249,7 +250,7 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
 			        	targetType = AuthenticationSession.TARGET_PREFIX_ + oaParam.getTarget();
 			        }
 			        
-			        MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest(connectionParameters.getUrl(), idl, cert, oaFriendlyName, redirectURL, mandateReferenceValue, profilesArray, targetType, sslFactory);
+			        MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest(connectionParameters.getUrl(), idl, cert, oaFriendlyName, redirectURL, mandateReferenceValue, profiles, targetType, sslFactory);
 			        
 			        if (misSessionID == null) {
 			      	  Logger.error("Fehler bei Anfrage an Vollmachten Service. MIS Session ID ist null.");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
index c5f0dbd49..fd0d2298a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
@@ -125,7 +125,7 @@ public class STORKResponseProcessor {
 	 * @return Identity Link
 	 * @throws STORKException the sTORK exception
 	 */
-	public static IdentityLink connectToSZRGateway(IPersonalAttributeList attributeList, String oaFriendlyName, String targetType, String targetValue, String filters) throws STORKException {
+	public static IdentityLink connectToSZRGateway(IPersonalAttributeList attributeList, String oaFriendlyName, String targetType, String targetValue, List<String> filters) throws STORKException {
 		Logger.trace("Calling SZR Gateway with the following attributes:");
 
 		CreateIdentityLinkResponse identityLinkResponse = null;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
index 8e7ca0779..50b870c98 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
@@ -56,6 +56,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.BKUSelectionCustomizationT
 import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS;
 import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
 import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates;
+import at.gv.egovernment.moa.id.commons.db.dao.config.MandatesProfileNameItem;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO;
@@ -221,13 +222,32 @@ public List<String> getTransformsInfos() {
 /**
  * @return the mandateProfiles
  */
-public String getMandateProfiles() {
+public List<String> getMandateProfiles() {
 	
 	Mandates mandates = oa_auth.getMandates();
 	
-	if (mandates != null)
-		return mandates.getProfiles();
-	else
+	List<String> list = new ArrayList<String>();
+	
+	if (mandates != null) {
+		String oldProfilList = mandates.getProfiles();		
+		
+		List<MandatesProfileNameItem> profileList = mandates.getProfileNameItems();
+		for (MandatesProfileNameItem el : profileList) {
+			list.add(el.getItem());
+			
+		}
+
+		//only for RC1 
+		if (MiscUtil.isNotEmpty(oldProfilList)) {
+	        String profilesArray[] = oldProfilList.split(",");  	 		 
+	        for(int i = 0; i < profilesArray.length; i++) {
+	      	  list.add(profilesArray[i].trim());
+	        }
+		}
+		
+		return list;
+		
+	} else
 		return null;
 }
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
index 7039bdb7f..68d934036 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
@@ -28,6 +28,8 @@ import java.io.FileInputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.math.BigInteger;
+import java.net.URL;
+import java.nio.file.Path;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collections;
@@ -55,6 +57,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
 import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector;
 import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP;
 import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates;
+import at.gv.egovernment.moa.id.commons.db.dao.config.MandatesProfileNameItem;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO;
@@ -83,6 +86,7 @@ import at.gv.egovernment.moa.id.data.IssuerAndSerial;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Base64Utils;
 import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.FileUtils;
 import at.gv.egovernment.moa.util.MiscUtil;
 
 public class BuildFromLegacyConfig {
@@ -237,7 +241,9 @@ public class BuildFromLegacyConfig {
 	    		for (int i=0; i<transformsInfos.length; i++) {
 
 	    			TransformsInfoType transforminfotype = new TransformsInfoType();
-	    			transforminfotype.setFilename(transformsInfoFileNames[i]);
+	    				    			
+	    			Path fileName_ = new File(transformsInfoFileNames[i]).toPath().getFileName();	    				    			
+	    			transforminfotype.setFilename(fileName_.toString());
 	    		
 	    			transforminfotype.setTransformation(Base64Utils.encode(transformsInfos[i].getBytes("UTF-8")).getBytes("UTF-8"));
 	    			auth_transformInfos.add(transforminfotype); 
@@ -407,7 +413,18 @@ public class BuildFromLegacyConfig {
 	        	//set Mandates
 	        	Mandates oa_mandates = new Mandates();
 	        	oa_auth.setMandates(oa_mandates);
-	        	oa_mandates.setProfiles(oa.getMandateProfiles());
+	        	List<MandatesProfileNameItem> profileList = new ArrayList<MandatesProfileNameItem>();
+	        	
+	        	String oldProfiles = oa.getMandateProfiles();
+	        	if (MiscUtil.isNotEmpty(oldProfiles)) {
+		        	String[] oldprofileList = oldProfiles.split(",");
+		        	for (int i=0; i<oldprofileList.length; i++) {
+		        		MandatesProfileNameItem item = new MandatesProfileNameItem();
+		        		item.setItem(oldprofileList[i].trim());
+		        		profileList.add(item);
+		        	}
+					oa_mandates.setProfileNameItems(profileList );
+	        	}
 	        	
 	        	//STORK
 	        	//TODO: OA specific STORK config is deactivated in MOA 1.5.2
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java
index c0fde8146..200c60578 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java
@@ -157,7 +157,7 @@ public class MISSimpleClient {
 		} 
 	}
 	
-	public static MISSessionId sendSessionIdRequest(String webServiceURL, byte[] idl, byte[] cert, String oaFriendlyName, String redirectURL, String referenceValue, String mandateIdentifier[], String targetType, SSLSocketFactory sSLSocketFactory) throws MISSimpleClientException {
+	public static MISSessionId sendSessionIdRequest(String webServiceURL, byte[] idl, byte[] cert, String oaFriendlyName, String redirectURL, String referenceValue, List<String> mandateIdentifier, String targetType, SSLSocketFactory sSLSocketFactory) throws MISSimpleClientException {
 		if (webServiceURL == null) {
 			throw new NullPointerException("Argument webServiceURL must not be null.");
 		}
@@ -205,12 +205,12 @@ public class MISSimpleClient {
 			referenceValueElement.appendChild(doc.createTextNode(referenceValue));
 			mirElement.appendChild(referenceValueElement);
 			
-			if (mandateIdentifier != null && mandateIdentifier.length > 0) {
+			if (mandateIdentifier != null && mandateIdentifier.size() > 0) {
 				Element filtersElement = doc.createElementNS(MIS_NS, "Filters");
 				Element mandateIdentifiersElement = doc.createElementNS(MIS_NS, "MandateIdentifiers");
-				for (int i=0; i<mandateIdentifier.length; i++) {
+				for (int i=0; i<mandateIdentifier.size(); i++) {
 					Element mandateIdentifierElement = doc.createElementNS(MIS_NS, "MandateIdentifier");
-					mandateIdentifierElement.appendChild(doc.createTextNode(mandateIdentifier[i]));
+					mandateIdentifierElement.appendChild(doc.createTextNode(mandateIdentifier.get(i)));
 					mandateIdentifiersElement.appendChild(mandateIdentifierElement);
 				}
 				filtersElement.appendChild(mandateIdentifiersElement);
diff --git a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
index e6705dbb8..7d84cfce7 100644
--- a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
+++ b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
@@ -506,7 +506,8 @@
 						<xsd:element name="Mandates" minOccurs="0">
 							<xsd:complexType>
 								<xsd:sequence>
-									<xsd:element name="Profiles" type="xsd:string"/>
+										<xsd:element name="Profiles" type="xsd:string"/>
+										<xsd:element name="ProfileName" type="xsd:string" minOccurs="0" maxOccurs="unbounded"></xsd:element>
 								</xsd:sequence>
 							</xsd:complexType>
 						</xsd:element>
-- 
cgit v1.2.3


From 9aa438639862ccdc4f9523195df04131cc1913b8 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 17 Mar 2014 18:50:19 +0100
Subject: Add KeyInfo element with certificate to SAML2 signature

---
 .../opemsaml/MOAKeyStoreX509CredentialAdapter.java | 52 ++++++++++++++++++++++
 .../moa/id/protocols/pvp2x/MetadataAction.java     |  6 ++-
 .../id/protocols/pvp2x/binding/PostBinding.java    |  4 +-
 .../protocols/pvp2x/binding/RedirectBinding.java   |  3 +-
 .../MOADefaultSecurityConfigurationBootstrap.java  | 23 ++++++++++
 .../protocols/pvp2x/signer/CredentialProvider.java | 14 +++---
 6 files changed, 93 insertions(+), 9 deletions(-)
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/opemsaml/MOAKeyStoreX509CredentialAdapter.java

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/opemsaml/MOAKeyStoreX509CredentialAdapter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/opemsaml/MOAKeyStoreX509CredentialAdapter.java
new file mode 100644
index 000000000..81afcfbc1
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/opemsaml/MOAKeyStoreX509CredentialAdapter.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.opemsaml;
+
+import java.security.KeyStore;
+
+import org.opensaml.xml.security.x509.X509Credential;
+
+
+/**
+ * @author tlenz
+ *
+ */
+public class MOAKeyStoreX509CredentialAdapter extends
+		org.opensaml.xml.security.x509.KeyStoreX509CredentialAdapter {
+
+	/**
+	 * @param store
+	 * @param alias
+	 * @param password
+	 */
+	public MOAKeyStoreX509CredentialAdapter(KeyStore store, String alias,
+			char[] password) {
+		super(store, alias, password);
+	}
+	
+	public Class<? extends X509Credential> getCredentialType() {
+		return X509Credential.class;
+	}
+	
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
index 1668c31ce..9a5623ca0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
@@ -46,6 +46,7 @@ import org.opensaml.saml2.metadata.KeyDescriptor;
 import org.opensaml.saml2.metadata.NameIDFormat;
 import org.opensaml.saml2.metadata.SingleSignOnService;
 import org.opensaml.xml.io.Marshaller;
+import org.opensaml.xml.security.SecurityHelper;
 import org.opensaml.xml.security.credential.Credential;
 import org.opensaml.xml.security.credential.UsageType;
 import org.opensaml.xml.security.keyinfo.KeyInfoGenerator;
@@ -114,7 +115,10 @@ public class MetadataAction implements IAction {
 			Credential metadataSigningCredential = CredentialProvider.getIDPMetaDataSigningCredential();
 			Signature signature = CredentialProvider
 					.getIDPSignature(metadataSigningCredential);
-						
+			
+			//set KeyInfo Element
+			SecurityHelper.prepareSignatureParams(signature, metadataSigningCredential, null, null);
+			
 			idpEntitiesDescriptor.setSignature(signature);
 			
 //			//set SignatureMethode
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
index d00b1cc16..aebd94a29 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
@@ -45,6 +45,8 @@ import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
 import org.opensaml.xml.parse.BasicParserPool;
 import org.opensaml.xml.security.SecurityException;
 import org.opensaml.xml.security.credential.Credential;
+import org.opensaml.xml.security.x509.KeyStoreX509CredentialAdapter;
+import org.opensaml.xml.security.x509.X509Credential;
 
 import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider;
 import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider;
@@ -65,7 +67,7 @@ public class PostBinding implements IDecoder, IEncoder {
 			throws MessageEncodingException, SecurityException {
 
 		try {
-			Credential credentials = CredentialProvider
+			X509Credential credentials = CredentialProvider
 					.getIDPAssertionSigningCredential();
 
 			Logger.debug("create SAML POSTBinding response");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
index f09178f55..5155d6958 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
@@ -48,6 +48,7 @@ import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
 import org.opensaml.xml.parse.BasicParserPool;
 import org.opensaml.xml.security.SecurityException;
 import org.opensaml.xml.security.credential.Credential;
+import org.opensaml.xml.security.x509.X509Credential;
 
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol;
 import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider;
@@ -69,7 +70,7 @@ public class RedirectBinding implements IDecoder, IEncoder {
 			StatusResponseType response, String targetLocation)
 			throws MessageEncodingException, SecurityException {
 		try {
-			Credential credentials = CredentialProvider
+			X509Credential credentials = CredentialProvider
 					.getIDPAssertionSigningCredential();
 
 			Logger.debug("create SAML RedirectBinding response");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/MOADefaultSecurityConfigurationBootstrap.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/MOADefaultSecurityConfigurationBootstrap.java
index 1563ba9be..f878b95d3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/MOADefaultSecurityConfigurationBootstrap.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/MOADefaultSecurityConfigurationBootstrap.java
@@ -25,6 +25,10 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.config;
 import org.opensaml.xml.encryption.EncryptionConstants;
 import org.opensaml.xml.security.BasicSecurityConfiguration;
 import org.opensaml.xml.security.DefaultSecurityConfigurationBootstrap;
+import org.opensaml.xml.security.credential.BasicKeyInfoGeneratorFactory;
+import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorManager;
+import org.opensaml.xml.security.keyinfo.NamedKeyInfoGeneratorManager;
+import org.opensaml.xml.security.x509.X509KeyInfoGeneratorFactory;
 import org.opensaml.xml.signature.SignatureConstants;
 
 /**
@@ -46,6 +50,25 @@ public class MOADefaultSecurityConfigurationBootstrap extends
 		return config;
 	}
 
+	protected static void populateKeyInfoGeneratorManager(
+			BasicSecurityConfiguration config) {
+		NamedKeyInfoGeneratorManager namedManager = new NamedKeyInfoGeneratorManager();
+		config.setKeyInfoGeneratorManager(namedManager);
+
+		namedManager.setUseDefaultManager(true);
+		KeyInfoGeneratorManager defaultManager = namedManager
+				.getDefaultManager();
+
+		BasicKeyInfoGeneratorFactory basicFactory = new BasicKeyInfoGeneratorFactory();
+		basicFactory.setEmitPublicKeyValue(true);
+
+		X509KeyInfoGeneratorFactory x509Factory = new X509KeyInfoGeneratorFactory();
+		x509Factory.setEmitEntityCertificate(true);
+
+		defaultManager.registerFactory(basicFactory);
+		defaultManager.registerFactory(x509Factory);
+	}
+	
 	protected static void populateSignatureParams(
 			BasicSecurityConfiguration config) {
 		
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java
index e3e25b1a9..d95e21a0e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java
@@ -30,9 +30,11 @@ import org.opensaml.xml.security.credential.Credential;
 import org.opensaml.xml.security.credential.UsageType;
 import org.opensaml.xml.security.x509.BasicX509Credential;
 import org.opensaml.xml.security.x509.KeyStoreX509CredentialAdapter;
+import org.opensaml.xml.security.x509.X509Credential;
 import org.opensaml.xml.signature.Signature;
 import org.opensaml.xml.signature.SignatureConstants;
 
+import at.gv.egovernment.moa.id.opemsaml.MOAKeyStoreX509CredentialAdapter;
 import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
 import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
 import at.gv.egovernment.moa.logging.Logger;
@@ -42,7 +44,7 @@ public class CredentialProvider {
 	
 	private static KeyStore keyStore = null;
 	
-	public static Credential getIDPMetaDataSigningCredential()
+	public static X509Credential getIDPMetaDataSigningCredential()
 			throws CredentialsNotAvailableException {
 		PVPConfiguration config = PVPConfiguration.getInstance();
 		try {
@@ -51,7 +53,7 @@ public class CredentialProvider {
 				keyStore = KeyStoreUtils.loadKeyStore(config.getIDPKeyStoreFilename(), 
 						config.getIDPKeyStorePassword());
 
-			KeyStoreX509CredentialAdapter credentials = new KeyStoreX509CredentialAdapter(
+			MOAKeyStoreX509CredentialAdapter credentials = new MOAKeyStoreX509CredentialAdapter(
 					keyStore, config.getIDPKeyAliasMetadata(), config
 							.getIDPKeyPasswordMetadata().toCharArray());
 
@@ -64,7 +66,7 @@ public class CredentialProvider {
 		}
 	}
 
-	public static Credential getIDPAssertionSigningCredential()
+	public static X509Credential getIDPAssertionSigningCredential()
 			throws CredentialsNotAvailableException {
 		PVPConfiguration config = PVPConfiguration.getInstance();
 		try {
@@ -72,12 +74,12 @@ public class CredentialProvider {
 				keyStore = KeyStoreUtils.loadKeyStore(config.getIDPKeyStoreFilename(), 
 						config.getIDPKeyStorePassword());
 
-			KeyStoreX509CredentialAdapter credentials = new KeyStoreX509CredentialAdapter(
+			MOAKeyStoreX509CredentialAdapter credentials = new MOAKeyStoreX509CredentialAdapter(
 					keyStore, config.getIDPKeyAliasAssertionSign(), config
 							.getIDPKeyPasswordAssertionSign().toCharArray());
-
+			
 			credentials.setUsageType(UsageType.SIGNING);
-			return credentials;
+			return (X509Credential) credentials;
 		} catch (Exception e) {
 			Logger.error("Failed to generate IDP Assertion Signing credentials");
 			e.printStackTrace();
-- 
cgit v1.2.3


From 9f6a8a59fe28702e097c23c8b8bee4123b1af12d Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 17 Mar 2014 18:51:20 +0100
Subject: solve legacy configuration import error

---
 .../moa/id/config/legacy/BuildFromLegacyConfig.java   | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
index 68d934036..e6e77911a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
@@ -28,6 +28,7 @@ import java.io.FileInputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.math.BigInteger;
+import java.net.URI;
 import java.net.URL;
 import java.nio.file.Path;
 import java.util.ArrayList;
@@ -241,8 +242,9 @@ public class BuildFromLegacyConfig {
 	    		for (int i=0; i<transformsInfos.length; i++) {
 
 	    			TransformsInfoType transforminfotype = new TransformsInfoType();
-	    				    			
-	    			Path fileName_ = new File(transformsInfoFileNames[i]).toPath().getFileName();	    				    			
+	    			
+	    			String fileURL = FileUtils.makeAbsoluteURL(transformsInfoFileNames[i], rootConfigFileDir);	    			    			
+	    			Path fileName_ = new File(new URI(fileURL)).toPath().getFileName();
 	    			transforminfotype.setFilename(fileName_.toString());
 	    		
 	    			transforminfotype.setTransformation(Base64Utils.encode(transformsInfos[i].getBytes("UTF-8")).getBytes("UTF-8"));
@@ -398,15 +400,14 @@ public class BuildFromLegacyConfig {
 	        	templates.setTemplate(template_list);
 	        	
 	        	
-	        	//set TransformsInfo
+	        	//TransformsInfo not supported by MOAID 2.0
 	        	String[] transforminfos = oa.getTransformsInfos();
-	        	ArrayList<TransformsInfoType> oa_transforminfos = new ArrayList<TransformsInfoType>();
-	        	for (String e1 : transforminfos) {
-	        		TransformsInfoType transforminfo = new TransformsInfoType();
-	        		transforminfo.setFilename(e1);
-	        		oa_transforminfos.add(transforminfo);
+	        	for (String e1 : transforminfos) {	        		
+	        		if (MiscUtil.isNotEmpty(e1)) {
+	        			Logger.warn("OA specific transformation for OA " + oa.getPublicURLPrefix()
+	        					+ " are not supported. USE AdditionalAuthBlock text!");
+	        		}
 	        	}
-	        	oa_auth.setTransformsInfo(oa_transforminfos);
 	        	
 	        	//VerifyInfoBoxes not supported by MOAID 2.0
 	        	
-- 
cgit v1.2.3


From cb7942a2d5f13744b114fd6d4fad49aefdac12f1 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Mon, 17 Mar 2014 19:06:54 +0100
Subject: attr not working completely

---
 id/server/SamlEngine-VIDP/target/SamlEngine-1.4.0.jar  | Bin 154269 -> 0 bytes
 .../moa/id/protocols/stork2/MOAAttributeProvider.java  |   6 ++++--
 2 files changed, 4 insertions(+), 2 deletions(-)
 delete mode 100644 id/server/SamlEngine-VIDP/target/SamlEngine-1.4.0.jar

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/SamlEngine-VIDP/target/SamlEngine-1.4.0.jar b/id/server/SamlEngine-VIDP/target/SamlEngine-1.4.0.jar
deleted file mode 100644
index 2e549afd5..000000000
Binary files a/id/server/SamlEngine-VIDP/target/SamlEngine-1.4.0.jar and /dev/null differ
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
index d89fb8cb2..44b140548 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
@@ -43,7 +43,7 @@ public class MOAAttributeProvider {
 
     public void populateAttribute(PersonalAttributeList attributeList, PersonalAttribute requestedAttribute ) {
         String storkAttribute = requestedAttribute.getName();
-
+        Logger.setHierarchy("moa.id.protocols.stork2");
         if (storkAttributeSimpleMapping.containsKey(storkAttribute)) {
             Logger.debug("Trying to get value for attribute using simple mapping [" + storkAttribute + "]");
             try {
@@ -70,6 +70,7 @@ public class MOAAttributeProvider {
     }
 
     private String geteIdentifier() {
+        Logger.setHierarchy("moa.id.protocols.stork2");
         Logger.debug("Using base urn for identification value: " + identityLink.getIdentificationType() + " and target country: " + moastorkRequest.getStorkAuthnRequest().getSpCountry());
         try {
             return new BPKBuilder().buildStorkbPK(identityLink.getIdentificationValue(), moastorkRequest.getStorkAuthnRequest().getSpCountry());
@@ -81,6 +82,7 @@ public class MOAAttributeProvider {
 
 
     private void populateAttributeWithMethod(Method method, Object object, PersonalAttributeList attributeList, String storkAttribute, Boolean isRequired) {
+        Logger.setHierarchy("moa.id.protocols.stork2");
         try {
             String attributeValue = method.invoke(object, new Class[]{}).toString();
             PersonalAttribute newAttribute = new PersonalAttribute();
@@ -88,7 +90,7 @@ public class MOAAttributeProvider {
 
             newAttribute.setStatus("Available");
             newAttribute.setIsRequired(isRequired);
-            Logger.debug("Got attribute value: " + attributeValue);
+            Logger.info("Got attribute value: " + attributeValue);
             newAttribute.setValue(new ArrayList<String>(edu.emory.mathcs.backport.java.util.Collections.singletonList(attributeValue)));
             attributeList.add(newAttribute);
         } catch (InvocationTargetException e) {
-- 
cgit v1.2.3


From 3f3108fc808f53c3c8bc001de6ff19ce962bdc9b Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 18 Mar 2014 14:11:52 +0100
Subject: check if redirect target is an valid online-application

---
 .../moa/id/auth/servlet/RedirectServlet.java       | 25 +++++++++++++++++++++-
 1 file changed, 24 insertions(+), 1 deletion(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
index 7c51e7d6b..02028bf1a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
@@ -30,6 +30,9 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import at.gv.egovernment.moa.id.auth.builder.RedirectFormBuilder;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
 import at.gv.egovernment.moa.util.URLEncoder;
@@ -45,12 +48,29 @@ public class RedirectServlet extends AuthServlet{
 	
 	protected void doGet(HttpServletRequest req, HttpServletResponse resp)
 			throws ServletException, IOException {
-		Logger.info("Receive " + RedirectServlet.class + " Request");
+		Logger.debug("Receive " + RedirectServlet.class + " Request");
 		
 		String url = req.getParameter(REDIRCT_PARAM_URL);
 		String target = req.getParameter(PARAM_TARGET);
 		String artifact = req.getParameter(PARAM_SAMLARTIFACT);
 		
+		Logger.debug("Check URL against online-applications");
+		try {
+			OnlineApplication oa = ConfigurationDBRead.getActiveOnlineApplication(url);
+			if (oa == null) {		
+				resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Request not allowed.");
+				return;
+				
+			}
+		} catch (Throwable e) {
+			resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Request not allowed.");
+			return;
+						
+		} finally {
+			ConfigurationDBUtils.closeSession();
+			
+		}
+					
 		Logger.info("Redirect to " + url);
 		
 		if (MiscUtil.isNotEmpty(target)) {
@@ -71,6 +91,9 @@ public class RedirectServlet extends AuthServlet{
 		PrintWriter out = new PrintWriter(resp.getOutputStream()); 
 		out.write(redirect_form);
 		out.flush();
+		
+
 	}
+	
 
 }
-- 
cgit v1.2.3


From 7f896d543b412062935db895c9a951d64d638b5d Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Tue, 18 Mar 2014 16:02:05 +0100
Subject: correcting mandate request

---
 .../auth/src/main/webapp/WEB-INF/urlrewrite.xml    |   4 +-
 .../id/protocols/stork2/AttributeCollector.java    |   2 +-
 .../protocols/stork2/AttributeProviderFactory.java |   7 +-
 .../id/protocols/stork2/AuthenticationRequest.java |   8 +-
 .../stork2/MandateAttributeRequestProvider.java    | 109 +++++++++++++++++----
 5 files changed, 105 insertions(+), 25 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
index 461ff7efc..5ed7739ec 100644
--- a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
+++ b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
@@ -69,11 +69,11 @@
         <to type="forward">/dispatcher?mod=id_stork2&amp;action=AuthenticationRequest&amp;%{query-string}</to>
     </rule>
     <rule match-type="regex">
-        <from>^/moa-id-auth/SendPEPSAuthnRequest$</from>
+        <from>^/stork2/SendPEPSAuthnRequest$</from>
         <to type="forward">/dispatcher?mod=id_stork2&amp;action=AuthenticationRequest&amp;%{query-string}</to>
     </rule>
     <rule match-type="regex">
-        <from>^/moa-id-auth/RetrieveMandate$</from>
+        <from>^/stork2/RetrieveMandate$</from>
         <to type="forward">/dispatcher?mod=id_stork2&amp;action=MandateRetrievalRequest&amp;%{query-string}</to>
     </rule>
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 1dfccb6c0..e0f14c41d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -194,7 +194,7 @@ public class AttributeCollector implements IAction {
      * @throws MOAIDException 
      */
 	private void addOrUpdateAll(IPersonalAttributeList target, IPersonalAttributeList source) throws MOAIDException {
-		Logger.info("Updating " + source.size() + " attributes...");
+		Logger.info("Updating " + source.size() + " attribute(s)...");
 		for (PersonalAttribute current : source) {
 			Logger.debug("treating " + current.getName());
 	        
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
index a8a9d9677..7fb7a7bc6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
@@ -41,7 +41,12 @@ public class AttributeProviderFactory {
         } else if (shortname.equals("SignedDocAttributeRequestProvider")) {
             return new SignedDocAttributeRequestProvider(url, attributes);
         } else if (shortname.equals("MandateAttributeRequestProvider")) {
-            return new MandateAttributeRequestProvider(url, attributes);
+            try {
+                return new MandateAttributeRequestProvider(url, attributes);
+            } catch (Exception ex) {
+                ex.printStackTrace();
+                return null;
+            }
         } else {
             return null;
         }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 442fa8a5b..88c0e889d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -66,12 +66,8 @@ public class AuthenticationRequest implements IAction {
                 Logger.debug("Starting AuthenticationRequest");
                 moaStorkResponse.setSTORKAuthnResponse(new STORKAuthnResponse());
 
-                // Get personal attributtes from MOA/IdentityLink
-                moaStorkResponse.setPersonalAttributeList(populateAttributes());
-
 
                 STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
-                STORKAuthnResponse authnResponse = new STORKAuthnResponse();
 
                 Logger.debug("Starting generation of SAML response");
                 try {
@@ -80,6 +76,10 @@ public class AuthenticationRequest implements IAction {
                     // TODO
                 }
 
+                // Get personal attributtes from MOA/IdentityLink
+                moaStorkResponse.setPersonalAttributeList(populateAttributes());
+
+
             }
             
             //moaStorkResponse.setCountry(moaStorkRequest.getSpCountry());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java
index 123999166..d3eded934 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java
@@ -1,52 +1,127 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
-import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.util.HTTPUtils;
 import at.gv.egovernment.moa.logging.Logger;
-import eu.stork.peps.auth.commons.IPersonalAttributeList;
-import eu.stork.peps.auth.commons.PersonalAttribute;
-import eu.stork.peps.auth.commons.PersonalAttributeList;
+import at.gv.egovernment.moa.util.StringUtils;
+import eu.stork.peps.auth.commons.*;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
+import org.apache.velocity.Template;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import java.io.StringWriter;
 
 /**
- *  Provides mandate attribute from MIS
- *
+ * Provides mandate attribute from MIS
  */
 public class MandateAttributeRequestProvider implements AttributeProvider {
-    /** The destination. */
-    private Object destination;
+    /**
+     * The destination.
+     */
+    private String destination;
 
-    /** The attributes. */
+    /**
+     * The attributes.
+     */
     private String attributes;
 
-    public MandateAttributeRequestProvider(String url, String supportedAttributes) {
+    private String spCountryCode;
+
+    private PersonalAttributeList requestedAttributes;
+
+    public MandateAttributeRequestProvider(String aPurl, String supportedAttributes) throws MOAIDException {
         Logger.setHierarchy("moa.id.protocols.stork2");
-        destination = url;
+        destination = aPurl;
         attributes = supportedAttributes;
     }
 
-    public IPersonalAttributeList acquire(PersonalAttribute attribute, String spCountyCode, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException {
-        Logger.info("Acquiring attribute: " + this.getClass().getName());
+    public String getAttrProviderName() {
+        return "MandateAttributeRequestProvider";
+    }
+
+    public IPersonalAttributeList acquire(PersonalAttribute attribute, String spCountryCode, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException {
+        Logger.info("Acquiring attribute: " + attribute.getName() + ", by: " + getAttrProviderName());
+        this.spCountryCode = spCountryCode;
+        requestedAttributes = new PersonalAttributeList(1);
+        requestedAttributes.add(attribute);
+
         // break if we cannot handle the requested attribute
-        if(!attributes.contains(attribute.getName()))
+        if (!attributes.contains(attribute.getName())) {
+            Logger.info("Attribute " + attribute.getName() + " not supported by the provider: " + getAttrProviderName());
             throw new UnsupportedAttributeException();
+        }
         PersonalAttributeList result = new PersonalAttributeList();
         //return result;
+        Logger.info("Thrown external request by: " + getAttrProviderName());
         throw new ExternalAttributeRequestRequiredException(this);
     }
 
     public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException {
-        Logger.info("Redirecting: " + this.getClass().getName());
+        Logger.setHierarchy("moa.id.protocols.stork2");
+
+        String spSector = "Business";
+        String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName();
+        String spApplication = spInstitution;
+
+        //generate AuthnRquest
+        STORKAttrQueryRequest attributeRequest = new STORKAttrQueryRequest();
+        attributeRequest.setDestination(destination);
+        attributeRequest.setAssertionConsumerServiceURL(url);
+        attributeRequest.setIssuer(HTTPUtils.getBaseURL(req));
+        attributeRequest.setQaa(oaParam.getQaaLevel());
+        attributeRequest.setSpInstitution(spInstitution);
+        attributeRequest.setCountry(spCountryCode);
+        attributeRequest.setSpCountry(spCountryCode);
+        attributeRequest.setSpApplication(spApplication);
+        attributeRequest.setSpSector(spSector);
+        attributeRequest.setPersonalAttributeList(requestedAttributes);
+
+        attributeRequest.setCitizenCountryCode("AT");
+
+
+        Logger.info("STORK AttrRequest successfully assembled.");
+
+        STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("VIDP");
+        try {
+            attributeRequest = samlEngine.generateSTORKAttrQueryRequest(attributeRequest);
+        } catch (STORKSAMLEngineException e) {
+            Logger.error("Could not sign STORK SAML AttrRequest.", e);
+            throw new MOAIDException("stork.00", null);
+        }
+
+        Logger.info("STORK AttrRequest successfully signed!");
+
+        try {
+            Logger.trace("Initialize VelocityEngine...");
+
+            VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
+            Template template = velocityEngine.getTemplate("/resources/templates/saml2-post-binding-moa.vm");
+            VelocityContext context = new VelocityContext();
+            context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(attributeRequest.getTokenSaml()));
+            context.put("action", destination);
+
+            StringWriter writer = new StringWriter();
+            template.merge(context, writer);
+
+            resp.getOutputStream().write(writer.toString().getBytes());
+        } catch (Exception e) {
+            Logger.error("Error sending STORK SAML AttrRequest.", e);
+            throw new MOAIDException("stork.11", null);
+        }
+        Logger.info("STORK AttrRequest successfully rendered!");
 
     }
 
     public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException {
-        Logger.info("Parsing attribute: " + this.getClass().getName());
-
         return null;  //
     }
+
 }
+
-- 
cgit v1.2.3


From e928a8ba66724466dc613ff4bf0320d1d1ef9e98 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Tue, 18 Mar 2014 19:35:11 +0100
Subject: mandaterequest

---
 .../protocols/stork2/MandateRetrievalRequest.java  | 29 ++++++++++++++++++++++
 .../moa/id/protocols/stork2/STORKProtocol.java     |  3 ++-
 2 files changed, 31 insertions(+), 1 deletion(-)
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java
new file mode 100644
index 000000000..4e99cc8aa
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java
@@ -0,0 +1,29 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.moduls.IAction;
+import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.logging.Logger;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ *
+ */
+public class MandateRetrievalRequest implements IAction {
+    public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {
+        Logger.setHierarchy("moa.id.protocols.stork2");
+        Logger.info("Entering mandateretrievalrequest");
+        return null;  //
+    }
+
+    public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) {
+        return true;  //
+    }
+
+    public String getDefaultActionName() {
+        return STORKProtocol.MANDATERETRIEVALREQUEST;
+    }
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index 19d1c7f15..ec77109af 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -34,6 +34,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest());
         actions.put(ATTRIBUTE_COLLECTOR, new AttributeCollector());
         actions.put(CONSENT_EVALUATOR, new ConsentEvaluator());
+        actions.put(MANDATERETRIEVALREQUEST, new MandateRetrievalRequest());
     }
 
     public String getName() {
@@ -58,7 +59,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
          */
     public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action) throws MOAIDException {
     	Logger.setHierarchy("moa.id.protocols.stork2");
-        Logger.debug("Starting preprocessing");
+        Logger.info("Starting preprocessing for Stork2 protocol");
         Logger.debug("Request method: " + request.getMethod());
         Logger.debug("Request content length: " + request.getContentLength());
         Logger.debug("Initiating action: " + action);
-- 
cgit v1.2.3


From 0cb71f9ca56032f5608b0a3af9ffb35d34715e4f Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 19 Mar 2014 07:18:09 +0100
Subject: change PVP2.1 metadata only include certificat

---
 .../java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
index 9a5623ca0..99cba3277 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
@@ -107,7 +107,7 @@ public class MetadataAction implements IAction {
 					.getIDPOrganisation());
 
 			X509KeyInfoGeneratorFactory keyInfoFactory = new X509KeyInfoGeneratorFactory();
-			keyInfoFactory.setEmitPublicKeyValue(true);
+			//keyInfoFactory.setEmitPublicKeyValue(true);
 			keyInfoFactory.setEmitEntityIDAsKeyName(true);
 			keyInfoFactory.setEmitEntityCertificate(true);
 			KeyInfoGenerator keyInfoGenerator = keyInfoFactory.newInstance();
-- 
cgit v1.2.3


From 0ebfb92d43e8333705c8058039d2334476d61f6c Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 19 Mar 2014 07:19:21 +0100
Subject: use default AssertionConsumingService from metadata if no specific is
 requested

---
 .../builder/assertion/PVP2AssertionBuilder.java    | 105 ++++++++-------------
 .../pvp2x/requestHandler/AuthnRequestHandler.java  |  50 +++++-----
 2 files changed, 67 insertions(+), 88 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
index 51f3cf4a7..9def5d22c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
@@ -86,7 +86,7 @@ import at.gv.egovernment.moa.util.Constants;
 
 public class PVP2AssertionBuilder implements PVPConstants {
 	public static Assertion buildAssertion(AuthnRequest authnRequest,
-			AuthenticationSession authSession, EntityDescriptor peerEntity, DateTime date)
+			AuthenticationSession authSession, EntityDescriptor peerEntity, DateTime date, AssertionConsumerService assertionConsumerService)
 			throws MOAIDException {
 		Assertion assertion = SAML2Utils.createSAMLObject(Assertion.class);
 
@@ -151,28 +151,6 @@ public class PVP2AssertionBuilder implements PVPConstants {
 				throw new QAANotSupportedException(STORK_QAA_1_4);
 			}
 		}
-
-//		reqAuthnContextClassRefIt = reqAuthnContext.getAuthnContextClassRefs()
-//				.iterator();
-//		
-//		StringBuilder authContextsb = new StringBuilder();
-//		
-//		while (reqAuthnContextClassRefIt.hasNext()) {
-//			AuthnContextClassRef authnClassRef = reqAuthnContextClassRefIt
-//					.next();
-//			String[] qaa_uris = authnClassRef.getAuthnContextClassRef().split(
-//					"\\s+");
-//			for (int i = 0; i < qaa_uris.length; i++) {
-//				if (qaa_uris[i].trim().equals(STORK_QAA_1_4)
-//						|| qaa_uris[i].trim().equals(STORK_QAA_1_3)
-//						|| qaa_uris[i].trim().equals(STORK_QAA_1_2)
-//						|| qaa_uris[i].trim().equals(STORK_QAA_1_1)) {
-//					authContextsb.append(qaa_uris[i].trim());
-//					authContextsb.append(" ");
-//				}
-//			}
-//
-//		}
 		
 		AuthnContext authnContext = SAML2Utils
 				.createSAMLObject(AuthnContext.class);
@@ -191,14 +169,6 @@ public class PVP2AssertionBuilder implements PVPConstants {
 		SPSSODescriptor spSSODescriptor = peerEntity
 				.getSPSSODescriptor(SAMLConstants.SAML20P_NS);
 		
-		Integer aIdx = authnRequest.getAttributeConsumingServiceIndex();
-		int idx = 0;
-
-		if (aIdx != null) {
-			idx = aIdx.intValue();
-			
-		} 
-
 		AttributeStatement attributeStatement = SAML2Utils
 				.createSAMLObject(AttributeStatement.class);
 
@@ -208,34 +178,52 @@ public class PVP2AssertionBuilder implements PVPConstants {
 				.buildAuthenticationData(authSession, oaParam,
 						oaParam.getTarget());
 
+		//add Attributes to Assertion
 		if (spSSODescriptor.getAttributeConsumingServices() != null && 
 				spSSODescriptor.getAttributeConsumingServices().size() > 0) {
 		
-			AttributeConsumingService attributeConsumingService = spSSODescriptor
-					.getAttributeConsumingServices().get(idx);
+			Integer aIdx = authnRequest.getAttributeConsumingServiceIndex();
+			int idx = 0;
+
+			AttributeConsumingService attributeConsumingService = null;
 			
-			Iterator<RequestedAttribute> it = attributeConsumingService
-					.getRequestAttributes().iterator();
-			while (it.hasNext()) {
-				RequestedAttribute reqAttribut = it.next();
-				try {
-					Attribute attr = PVPAttributeBuilder.buildAttribute(
-							reqAttribut.getName(), authSession, oaParam, authData);
-					if (attr == null) {
+			if (aIdx != null) {
+				idx = aIdx.intValue();
+				attributeConsumingService = spSSODescriptor
+						.getAttributeConsumingServices().get(idx);
+				
+			} else {
+				List<AttributeConsumingService> attrConsumingServiceList = spSSODescriptor.getAttributeConsumingServices();
+				for (AttributeConsumingService el : attrConsumingServiceList) {
+					if (el.isDefault())
+						attributeConsumingService = el;
+				}				
+			}
+				
+			if (attributeConsumingService != null) {
+				Iterator<RequestedAttribute> it = attributeConsumingService
+						.getRequestAttributes().iterator();
+				while (it.hasNext()) {
+					RequestedAttribute reqAttribut = it.next();
+					try {
+						Attribute attr = PVPAttributeBuilder.buildAttribute(
+								reqAttribut.getName(), authSession, oaParam, authData);
+						if (attr == null) {
+							if (reqAttribut.isRequired()) {
+								throw new UnprovideableAttributeException(
+										reqAttribut.getName());
+							}
+						} else {
+							attributeStatement.getAttributes().add(attr);
+						}
+					} catch (PVP2Exception e) {
+						Logger.error(
+								"Attribute generation failed! for "
+										+ reqAttribut.getFriendlyName(), e);
 						if (reqAttribut.isRequired()) {
 							throw new UnprovideableAttributeException(
 									reqAttribut.getName());
 						}
-					} else {
-						attributeStatement.getAttributes().add(attr);
-					}
-				} catch (PVP2Exception e) {
-					Logger.error(
-							"Attribute generation failed! for "
-									+ reqAttribut.getFriendlyName(), e);
-					if (reqAttribut.isRequired()) {
-						throw new UnprovideableAttributeException(
-								reqAttribut.getName());
 					}
 				}
 			}
@@ -358,16 +346,8 @@ public class PVP2AssertionBuilder implements PVPConstants {
 				.createSAMLObject(SubjectConfirmationData.class);
 		subjectConfirmationData.setInResponseTo(authnRequest.getID());
 		subjectConfirmationData.setNotOnOrAfter(date.plusMinutes(5));
-		
-		//TL: change from entityID to destination URL 
-		AssertionConsumerService consumerService = spSSODescriptor
-				.getAssertionConsumerServices().get(idx);
-
-		if (consumerService == null) {
-			throw new InvalidAssertionConsumerServiceException(idx);
-		}
-		
-		subjectConfirmationData.setRecipient(consumerService.getLocation());
+				
+		subjectConfirmationData.setRecipient(assertionConsumerService.getLocation());
 
 		subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
 
@@ -383,7 +363,6 @@ public class PVP2AssertionBuilder implements PVPConstants {
 		conditions.setNotBefore(date);
 		
 		conditions.setNotOnOrAfter(date.plusMinutes(5));
-//		conditions.setNotOnOrAfter(new DateTime());
 		
 		conditions.getAudienceRestrictions().add(audienceRestriction);
 
@@ -391,8 +370,6 @@ public class PVP2AssertionBuilder implements PVPConstants {
 
 		Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class);
 		
-		//TODO: check!
-		//change to entity value from entity name to IDP EntityID (URL)
 		issuer.setValue(PVPConfiguration.getInstance().getIDPPublicPath());
 		issuer.setFormat(NameID.ENTITY);
 		
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
index b6ab357b8..7bf188e53 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
@@ -85,12 +85,35 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
 			throw new MOAIDException("pvp2.13", null);
 		}
 
+		//get basic information
 		AuthnRequest authnRequest = (AuthnRequest) obj.getSamlRequest();
-		EntityDescriptor peerEntity = obj.getEntityMetadata();
+		EntityDescriptor peerEntity = obj.getEntityMetadata();		
+		SPSSODescriptor spSSODescriptor = peerEntity
+				.getSPSSODescriptor(SAMLConstants.SAML20P_NS);
+		
+		//get AssertionConsumingService
+		Integer aIdx = authnRequest.getAssertionConsumerServiceIndex();
+		int idx = 0;
+
+		if (aIdx != null) {
+			idx = aIdx.intValue();
+			
+		} else {				
+			idx = SAML2Utils.getDefaultAssertionConsumerServiceIndex(spSSODescriptor);
+		}
+
+		AssertionConsumerService consumerService = spSSODescriptor
+				.getAssertionConsumerServices().get(idx);
+
+		if (consumerService == null) {			
+			throw new InvalidAssertionConsumerServiceException(idx);
+			
+		}
 		
 		DateTime date = new DateTime();
 		
-		Assertion assertion = PVP2AssertionBuilder.buildAssertion(authnRequest, authSession, peerEntity, date);
+		//build Assertion
+		Assertion assertion = PVP2AssertionBuilder.buildAssertion(authnRequest, authSession, peerEntity, date, consumerService);
 		
 		Response authResponse = SAML2Utils.createSAMLObject(Response.class);
 
@@ -111,28 +134,7 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
 		authResponse.setIssueInstant(date);
 		
 		authResponse.setStatus(SAML2Utils.getSuccessStatus());
-
-		SPSSODescriptor spSSODescriptor = peerEntity
-				.getSPSSODescriptor(SAMLConstants.SAML20P_NS);
-		
-		Integer aIdx = authnRequest.getAssertionConsumerServiceIndex();
-		int idx = 0;
-
-		if (aIdx != null) {
-			idx = aIdx.intValue();
-			
-		} else {				
-			idx = SAML2Utils.getDefaultAssertionConsumerServiceIndex(spSSODescriptor);
-		}
-
-		AssertionConsumerService consumerService = spSSODescriptor
-				.getAssertionConsumerServices().get(idx);
-
-		if (consumerService == null) {			
-			throw new InvalidAssertionConsumerServiceException(idx);
-			
-		}
-		
+				
 		String oaURL = consumerService.getLocation();
 
 		//check, if metadata includes an encryption key				
-- 
cgit v1.2.3


From 76b43178f068650e8df40c3f7eb4993ff709499c Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 19 Mar 2014 12:17:32 +0100
Subject: Add advanced parameter validation. Redirect is only allowed if
 Redirect URL maps to OA configuration. Load redirectTarget from OA
 configuration.

---
 .../moa/id/auth/builder/RedirectFormBuilder.java   |  6 ++++--
 .../moa/id/auth/servlet/RedirectServlet.java       | 22 +++++++++++++++++++---
 .../resources/templates/redirectForm.html          |  2 +-
 3 files changed, 24 insertions(+), 6 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/RedirectFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/RedirectFormBuilder.java
index e2a736330..2a5c8d418 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/RedirectFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/RedirectFormBuilder.java
@@ -31,7 +31,8 @@ import at.gv.egovernment.moa.logging.Logger;
 
 public class RedirectFormBuilder {
 	
-	private static String URL = "#URL#";	
+	private static String URL = "#URL#";
+	private static String TARGET = "#TARGET#";
 	private static String template;
 
 	private static String getTemplate() {
@@ -53,9 +54,10 @@ public class RedirectFormBuilder {
 		return template;
 	}
 
-	public static String buildLoginForm(String url) {
+	public static String buildLoginForm(String url, String redirectTarget) {
 		String value = getTemplate();
 		value = value.replace(URL, url);
+		value = value.replace(TARGET, redirectTarget);
 		
 		return value;
 	}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
index 02028bf1a..671151bbe 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
@@ -54,14 +54,30 @@ public class RedirectServlet extends AuthServlet{
 		String target = req.getParameter(PARAM_TARGET);
 		String artifact = req.getParameter(PARAM_SAMLARTIFACT);
 		
+		if (MiscUtil.isEmpty(artifact)) {
+			resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Parameters not valid");
+			return;
+		}
+		
 		Logger.debug("Check URL against online-applications");
+		OnlineApplication oa = null;
+		String redirectTarget = "_parent";
 		try {
-			OnlineApplication oa = ConfigurationDBRead.getActiveOnlineApplication(url);
+			oa = ConfigurationDBRead.getActiveOnlineApplication(url);			
 			if (oa == null) {		
-				resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Request not allowed.");
+				resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Parameters not valid");
 				return;
 				
+			} else {
+				try {
+					redirectTarget = oa.getAuthComponentOA().getTemplates().getBKUSelectionCustomization().getAppletRedirectTarget();
+					
+				} catch (Exception e) {
+					Logger.debug("Use default redirectTarget.");
+				}
+				
 			}
+			
 		} catch (Throwable e) {
 			resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Request not allowed.");
 			return;
@@ -85,7 +101,7 @@ public class RedirectServlet extends AuthServlet{
 				URLEncoder.encode(artifact, "UTF-8"));
 		url = resp.encodeRedirectURL(url);
 		
-		String redirect_form = RedirectFormBuilder.buildLoginForm(url);
+		String redirect_form = RedirectFormBuilder.buildLoginForm(url, redirectTarget);
 		
 		resp.setContentType("text/html;charset=UTF-8");
 		PrintWriter out = new PrintWriter(resp.getOutputStream()); 
diff --git a/id/server/idserverlib/src/main/resources/resources/templates/redirectForm.html b/id/server/idserverlib/src/main/resources/resources/templates/redirectForm.html
index 517f207ff..9bddee931 100644
--- a/id/server/idserverlib/src/main/resources/resources/templates/redirectForm.html
+++ b/id/server/idserverlib/src/main/resources/resources/templates/redirectForm.html
@@ -7,7 +7,7 @@
 
 
 <body onload="document.getElementById('link').click();">
-	<a href="#URL#" target="_parent" id="link">CLICK to perform a
+	<a href="#URL#" target="#TARGET#" id="link">CLICK to perform a
 		redirect back to Online Application</a>
 </body>
 </html>
-- 
cgit v1.2.3


From b158b0b5a5b0bf65e8c5624216fcf23d5c683d64 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 19 Mar 2014 12:18:56 +0100
Subject: add configuration parameter to disable PVP2.1 assertion encryption

---
 .../gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java | 5 +++++
 .../moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java   | 4 +++-
 2 files changed, 8 insertions(+), 1 deletion(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index f9a038d9f..8d1fc7979 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -998,6 +998,11 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
 	  return publicURLPreFix;
   }
   
+  public boolean isPVP2AssertionEncryptionActive() {
+	  String prop = props.getProperty("protocols.pvp2.assertion.encryption.active", "true");
+	  return Boolean.valueOf(prop);
+  }
+  
   /**
    * Retruns the STORK Configuration
    * @return STORK Configuration
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
index 7bf188e53..c5afbabe5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
@@ -58,6 +58,7 @@ import org.opensaml.xml.security.x509.X509Credential;
 
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.ArtifactBinding;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder;
@@ -156,7 +157,8 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
 			
 		}
 	
-		if (encryptionCredentials != null) {
+		boolean isEncryptionActive = AuthConfigurationProvider.getInstance().isPVP2AssertionEncryptionActive();		
+		if (encryptionCredentials != null && isEncryptionActive) {
 			//encrypt SAML2 assertion
 				
 			try {
-- 
cgit v1.2.3


From e82769f47f422e4042a9fbf9c9fcc2f571a48781 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 19 Mar 2014 12:59:42 +0100
Subject: store AuthBlock for ForeignIdentities in MOASession

---
 .../moa/id/auth/servlet/GetForeignIDServlet.java         | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
index f4212cc78..dd40534be 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
@@ -67,6 +67,7 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
 import at.gv.egovernment.moa.id.auth.data.IdentityLink;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.auth.exception.ParseException;
 import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
 import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
 import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
@@ -176,6 +177,21 @@ public class GetForeignIDServlet extends AuthServlet {
 	    	CreateXMLSignatureResponse csresp =
 	    	      new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse).parseResponseDsig();
 
+			try {
+				String serializedAssertion = DOMUtils.serializeNode(csresp
+						.getSamlAssertion());
+				session.setAuthBlock(serializedAssertion);
+				
+			} catch (TransformerException e) {
+				throw new ParseException("parser.04", new Object[] {
+						REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE });
+				
+			} catch (IOException e) {
+				throw new ParseException("parser.04", new Object[] {
+						REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE });
+				
+			}
+	    	
 	    	Element signature = csresp.getDsigSignature();
 	    	
 	    	try {
-- 
cgit v1.2.3


From c3be24f091fb555ee67a7c6a1db3c5e70643585c Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 19 Mar 2014 13:16:01 +0100
Subject: add MISClient error messages

---
 .../moa/id/util/client/mis/simple/MISSimpleClient.java        | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java
index 200c60578..b9c4e88b7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java
@@ -306,15 +306,24 @@ public class MISSimpleClient {
 			//Element elem = parse(post.getResponseBodyAsStream());
 			Document doc = DOMUtils.parseDocumentSimple(post.getResponseBodyAsStream());
 			return unpackFromSOAP(doc.getDocumentElement());
+			
 		} catch(IOException e) {
-			throw new MISSimpleClientException(e);
+			throw new MISSimpleClientException(e.getLocalizedMessage(), e);
+			
 		} catch (TransformerException e) {
 			throw new MISSimpleClientException(e);
+			
 		} catch (SAXException e) {
 			throw new MISSimpleClientException(e);
+			
 		} catch (ParserConfigurationException e) {
 			throw new MISSimpleClientException(e);
+			
+		} catch (Exception e) {
+			throw new MISSimpleClientException(e.getLocalizedMessage(), e);
+			
 		}
+		
 	}
 	
 	private static Element packIntoSOAP(Element element) throws MISSimpleClientException {
-- 
cgit v1.2.3


From 1f53ee51d6f6f4be0e12732b7495e036636eb536 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 19 Mar 2014 13:16:51 +0100
Subject: change MOASessionID in every servlet request processing

---
 .../at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java  | 3 ++-
 .../gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java  | 3 +++
 .../moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java       | 6 ++++--
 .../egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java   | 2 ++
 .../egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java  | 4 ++++
 5 files changed, 15 insertions(+), 3 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
index dd40534be..5ad937b2a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
@@ -170,7 +170,8 @@ public class GetForeignIDServlet extends AuthServlet {
 
 	    	session = AuthenticationServer.getSession(sessionID);
 	    	
-	    	
+			//change MOASessionID
+		    sessionID = AuthenticationSessionStoreage.changeSessionID(session);
 	    	
 	    	Logger.debug(xmlCreateXMLSignatureResponse);
 	    	
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
index 8bf437cca..5733cee85 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
@@ -174,6 +174,9 @@ public class GetMISSessionIDServlet extends AuthServlet {
 			
 			session = AuthenticationServer.getSession(sessionID);
 
+			//change MOASessionID
+		    sessionID = AuthenticationSessionStoreage.changeSessionID(session);
+			
 			String misSessionID = session.getMISSessionID();
 
 			AuthConfigurationProvider authConf = AuthConfigurationProvider
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
index 7a4bc03f8..2b46c8ff2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
@@ -175,9 +175,8 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
 
 		// escape parameter strings
 		sessionID = StringEscapeUtils.escapeHtml(sessionID);
-
 		pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
-		
+	   		
 		String redirectURL = null;
 		try {
          // check parameter
@@ -188,6 +187,9 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
 
 			AuthenticationSession session = AuthenticationServer.getSession(sessionID);
 
+			//change MOASessionID
+		    sessionID = AuthenticationSessionStoreage.changeSessionID(session);
+			
 			String samlArtifactBase64 = AuthenticationServer.getInstance().verifyAuthenticationBlock(session, createXMLSignatureResponse);
 			
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java
index 80b1547c9..fddd0d6b9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java
@@ -157,6 +157,8 @@ public class VerifyCertificateServlet extends AuthServlet {
 	       
 	    	session = AuthenticationServer.getSession(sessionID);
 	    	
+	        //change MOASessionID
+	        sessionID = AuthenticationSessionStoreage.changeSessionID(session);
 	    	
     		X509Certificate cert = AuthenticationServer.getInstance().getCertificate(sessionID, parameters);
     		if (cert == null) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
index 72b479112..10a41c487 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
@@ -66,6 +66,7 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.exception.ParseException;
 import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
 import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
@@ -166,6 +167,9 @@ public class VerifyIdentityLinkServlet extends AuthServlet {
        
        
        AuthenticationSession session = AuthenticationServer.getSession(sessionID);
+       
+       //change MOASessionID
+       sessionID = AuthenticationSessionStoreage.changeSessionID(session);
     	  
     	String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyIdentityLink(session, parameters);
 
-- 
cgit v1.2.3


From f0edd064cb7dab5ac6477926e5c9854c03ddd9c5 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 20 Mar 2014 11:47:01 +0100
Subject: fixed velocity engine logging issue

---
 .../main/java/at/gv/egovernment/moa/id/auth/stork/VelocityProvider.java | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/VelocityProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/VelocityProvider.java
index b923727f9..534121443 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/VelocityProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/VelocityProvider.java
@@ -103,6 +103,8 @@ public class VelocityProvider {
 		VelocityEngine velocityEngine = new VelocityEngine();
         velocityEngine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
         velocityEngine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
+        velocityEngine.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS,
+				"org.apache.velocity.runtime.log.SimpleLog4JLogSystem");
         
         return velocityEngine;
 	}
-- 
cgit v1.2.3


From 81e83a4889ea8a3c2a1cd645bc02b5b72604e71f Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 20 Mar 2014 11:47:52 +0100
Subject: logging statements tweaked

---
 .../moa/id/protocols/stork2/AttributeCollector.java            | 10 +++++++---
 .../egovernment/moa/id/protocols/stork2/ConsentEvaluator.java  |  4 ++--
 2 files changed, 9 insertions(+), 5 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index e0f14c41d..4bf193e9e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -109,6 +109,7 @@ public class AttributeCollector implements IAction {
             if (!responseAttributeList.containsKey(current.getName()))
                 missingAttributes.add(current);
 
+        Logger.info("collecting attributes...");
 		Logger.debug("found " + missingAttributes.size() + " missing attributes");
 
         // Try to get all missing attributes
@@ -135,8 +136,10 @@ public class AttributeCollector implements IAction {
                         break;
                     } catch (UnsupportedAttributeException e) {
                         // ok, try the next attributeprovider
+                    	Logger.info(currentProvider.getClass().getSimpleName() + " could not handle attribute '" + currentAttribute.getName() + "'");
                     } catch (MOAIDException e) {
                         // the current plugin had an error. Try the next one.
+                    	Logger.info(currentProvider.getClass().getSimpleName() + " could not handle attribute '" + currentAttribute.getName() + "' due to an error");
                     }
                 }
                 
@@ -148,6 +151,7 @@ public class AttributeCollector implements IAction {
 					// else, update any existing attributes
 					addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes);
             }
+            Logger.info("collecting attributes done");
             
             // ask for consent if necessary
             if(oaParam.isRequireConsentForStorkAttributes())
@@ -194,9 +198,9 @@ public class AttributeCollector implements IAction {
      * @throws MOAIDException 
      */
 	private void addOrUpdateAll(IPersonalAttributeList target, IPersonalAttributeList source) throws MOAIDException {
-		Logger.info("Updating " + source.size() + " attribute(s)...");
+		Logger.debug("Updating " + source.size() + " attributes...");
 		for (PersonalAttribute current : source) {
-			Logger.debug("treating " + current.getName());
+			Logger.trace("treating " + current.getName());
 	        
 			// check if we need to update the current pa
 			if (target.containsKey(current.getName())) {
@@ -213,7 +217,7 @@ public class AttributeCollector implements IAction {
 			} else
 				target.add(current);
 
-			Logger.debug("...successfully treated " + current.getName());
+			Logger.trace("...successfully treated " + current.getName());
 		}
 	}
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
index 19ec754ee..bcf086b56 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
@@ -137,6 +137,8 @@ public class ConsentEvaluator implements IAction {
     public void generateSTORKResponse(HttpServletResponse httpResp, DataContainer container) throws MOAIDException {
     	MOASTORKRequest request = container.getRequest();
         MOASTORKResponse response = container.getResponse();
+        
+        Logger.info("generating stork response...");
 
         try {
             //Get SAMLEngine instance
@@ -155,8 +157,6 @@ public class ConsentEvaluator implements IAction {
             throw new MOAIDException("stork.05", null);
         }
 
-        Logger.info("STORK SAML Response message succesfully generated ");
-
         // preparing redirection for the client
         try {
             VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
-- 
cgit v1.2.3


From 415364d6b7ff51e643e7eba03d0d8a20d83409c1 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 20 Mar 2014 12:15:23 +0100
Subject: add STORK attribute fiscalNumber to SZR-Gateway request

---
 .../egovernment/moa/id/auth/AuthenticationServer.java   | 17 +++++++++--------
 .../moa/id/auth/stork/STORKResponseProcessor.java       | 12 ++++++------
 2 files changed, 15 insertions(+), 14 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 766f6e984..34a327861 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -1714,7 +1714,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 * @throws SZRGWClientException 
 	   */
 
-	     public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String gender, String citizenSignature, String represented, String representative, String mandateContent, String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, List<String> filters) throws SZRGWClientException {
+	     public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String gender, String citizenSignature, String represented, String representative, String mandateContent, String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, List<String> filters, String PEPSFiscalNumber) throws SZRGWClientException {
 
 			try {
 		    	AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance();
@@ -1731,6 +1731,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 		    	data.setFamilyname(PEPSFamilyname);
 		    	data.setFirstname(PEPSFirstname);
 		    	data.setIdentifier(PEPSIdentifier);
+		    	data.setFiscalNumber(PEPSFiscalNumber);
 
 		    	data.setRepresentative(representative);
 		    	data.setRepresented(represented);
@@ -1784,7 +1785,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 * @throws ConfigurationException the configuration exception
 	 */
 	public CreateIdentityLinkResponse getIdentityLink(Element signature) throws SZRGWClientException, ConfigurationException {
-		return getIdentityLink(null, null, null, null, XMLHelper.nodeToString(signature));
+		return getIdentityLink(null, null, null, null, XMLHelper.nodeToString(signature), null);
 	}
 
 	/**
@@ -1799,8 +1800,8 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 * @throws SZRGWClientException the sZRGW client exception
 	 * @throws ConfigurationException the configuration exception
 	 */
-	public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String signature) throws SZRGWClientException {
-		return getIdentityLink(PEPSIdentifier, PEPSFirstname, PEPSFamilyname, PEPSDateOfBirth, null, signature, null, null, null, null, null, null, null);
+	public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String signature, String PEPSFiscalNumber) throws SZRGWClientException {
+		return getIdentityLink(PEPSIdentifier, PEPSFirstname, PEPSFamilyname, PEPSDateOfBirth, null, signature, null, null, null, null, null, null, null, PEPSFiscalNumber);
 	}
 
 	/**
@@ -1817,10 +1818,10 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 */
 	public CreateIdentityLinkResponse getIdentityLink(String citizenSignature,
 			String representative, String represented, String mandateContent,
-			String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, List<String> filters) throws SZRGWClientException {
+			String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, List<String> filters, String PEPSFiscalNumber) throws SZRGWClientException {
 		return getIdentityLink(null, null, null, null, null,
 				citizenSignature, represented, representative, mandateContent, organizationAddress,
-				organizationType, targetType, targetValue, oaFriendlyName, filters);
+				organizationType, targetType, targetValue, oaFriendlyName, filters, PEPSFiscalNumber);
 	}
 	
  	/**
@@ -1840,10 +1841,10 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 public CreateIdentityLinkResponse getIdentityLink(String eIdentifier,
  			String givenName, String lastName, String dateOfBirth, String gender,
  			String citizenSignature, String representative, String represented,
- 			String mandate, String targetType, String targetValue, String oaFriendlyName, List<String> filters) throws SZRGWClientException {
+ 			String mandate, String targetType, String targetValue, String oaFriendlyName, List<String> filters, String PEPSFiscalNumber) throws SZRGWClientException {
  		return getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, gender,
  				citizenSignature, representative, represented, mandate, null,
- 				null, targetType, targetValue, oaFriendlyName, filters);
+ 				null, targetType, targetValue, oaFriendlyName, filters, PEPSFiscalNumber);
  	}
 
 	/**
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
index fd0d2298a..dbb184e43 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
@@ -133,9 +133,9 @@ public class STORKResponseProcessor {
 		try {
 			Logger.trace("Starting call...");
 
-			
 			// if there is no signedDoc attribute, we cannot go on
 			String citizenSignature = getAttributeValue("signedDoc", attributeList);
+			String fiscalNumber = getAttributeValue("fiscalNumber", attributeList);
 			
 			// if we have a signedDoc we test for a representation case
 			if(hasAttribute("mandateContent", attributeList) || hasAttribute("representative", attributeList) || hasAttribute("represented", attributeList)) {
@@ -148,15 +148,15 @@ public class STORKResponseProcessor {
 					// if we get here, we have a natural person representing a legal person
 					String organizationAddress = getAttributeValue("canonicalRegisteredAddress", attributeList);
 					String organizationType = getAttributeValue("translateableType", attributeList);
-					
-					identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(citizenSignature, representative, represented, mandate, organizationAddress, organizationType, targetType, targetValue, oaFriendlyName, filters);
+									
+					identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(citizenSignature, representative, represented, mandate, organizationAddress, organizationType, targetType, targetValue, oaFriendlyName, filters, fiscalNumber);
 				} else {
 					// if we get here, we have a natural person representing another natural person
 					String eIdentifier = getAttributeValue("eIdentifier", attributeList);
 					String givenName = getAttributeValue("givenName", attributeList);
 					String lastName = getAttributeValue("surname", attributeList);
 					String dateOfBirth = getAttributeValue("dateOfBirth", attributeList);
-					
+			
 					// gender attribute is mandatory here because of some legal stuff
 					String gender = getAttributeValue("gender", attributeList);
 					
@@ -165,7 +165,7 @@ public class STORKResponseProcessor {
 
 					identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(eIdentifier, 
 							givenName, lastName, dateOfBirth, gender, citizenSignature, representative,
-							represented, mandate, targetType, targetValue, oaFriendlyName, filters);
+							represented, mandate, targetType, targetValue, oaFriendlyName, filters, fiscalNumber);
 				}
 			} else {
 				// we do not have a representation case
@@ -175,7 +175,7 @@ public class STORKResponseProcessor {
 				String dateOfBirth = getAttributeValue("dateOfBirth", attributeList);
 				if (!StringUtils.isEmpty(dateOfBirth))
 					dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth);
-				identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, citizenSignature);
+				identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, citizenSignature, fiscalNumber);
 			}
 	    	
 	    	if (null != identityLinkResponse.getErrorResponse()){
-- 
cgit v1.2.3


From c54fd74a0ac1c03beb6870abf4710daddfd16a33 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 20 Mar 2014 12:19:56 +0100
Subject: adapted inbound mandate handling to samlengine

---
 .../moa/id/auth/stork/STORKResponseProcessor.java  | 32 +++++++++++++++++++++-
 1 file changed, 31 insertions(+), 1 deletion(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
index 57843d0f3..ab9decde0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
@@ -138,7 +138,37 @@ public class STORKResponseProcessor {
 			String citizenSignature = getAttributeValue("signedDoc", attributeList);
 			
 			// if we have a signedDoc we test for a representation case
-			if(hasAttribute("mandateContent", attributeList) || hasAttribute("representative", attributeList) || hasAttribute("represented", attributeList)) {
+			// - according to stork samlengine and commons
+			if(hasAttribute("mandate", attributeList)) {
+				// we have a representation case
+				String mandate = getAttributeValue("mandate", attributeList);
+				
+				if(!hasAttribute("dateOfBirth", attributeList)) {
+					// if we get here, we have a natural person representing a legal person
+					String organizationAddress = getAttributeValue("canonicalRegisteredAddress", attributeList);
+					String organizationType = getAttributeValue("translateableType", attributeList);
+					
+					identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(citizenSignature, null, null, mandate, organizationAddress, organizationType, targetType, targetValue, oaFriendlyName, filters);
+				} else {
+					// if we get here, we have a natural person representing another natural person
+					String eIdentifier = getAttributeValue("eIdentifier", attributeList);
+					String givenName = getAttributeValue("givenName", attributeList);
+					String lastName = getAttributeValue("surname", attributeList);
+					String dateOfBirth = getAttributeValue("dateOfBirth", attributeList);
+					
+					// gender attribute is mandatory here because of some legal stuff
+					String gender = getAttributeValue("gender", attributeList);
+					
+					if (!StringUtils.isEmpty(dateOfBirth))
+						dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth);
+
+					identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(eIdentifier, 
+							givenName, lastName, dateOfBirth, gender, citizenSignature, null,
+							null, mandate, targetType, targetValue, oaFriendlyName, filters);
+				}
+			}
+			// - according to stork spec
+			else if(hasAttribute("mandateContent", attributeList) || hasAttribute("representative", attributeList) || hasAttribute("represented", attributeList)) {
 				// we have a representation case
 				String representative = getAttributeValue("representative", attributeList);
 				String represented = getAttributeValue("represented", attributeList);
-- 
cgit v1.2.3


From eab3194053237391030f8c363ca072766e19faf9 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Thu, 20 Mar 2014 12:34:16 +0100
Subject: bpk

---
 .../main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java   | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
index 226d05520..603d924d8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
@@ -47,6 +47,7 @@
 package at.gv.egovernment.moa.id.auth.builder;
 
 import at.gv.egovernment.moa.id.auth.exception.BuildException;
+import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Base64Utils;
 import at.gv.egovernment.moa.util.Constants;
 
@@ -171,11 +172,12 @@ public class BPKBuilder {
         }
 
         String basisbegriff = identificationValue + "+" + Constants.URN_PREFIX_STORK + "+" + sourceCountry + "+" + destinationCountry;
-
+        Logger.info("Building STORK identification from:" + basisbegriff);
         try {
             MessageDigest md = MessageDigest.getInstance("SHA-1");
             byte[] hash = md.digest(basisbegriff.getBytes("ISO-8859-1"));
             String hashBase64 = Base64Utils.encode(hash);
+            Logger.info("STORK identification defined as: " + hashBase64);
             return hashBase64;
         } catch (Exception ex) {
             throw new BuildException("builder.00", new Object[]{"storkid", ex.toString()}, ex);
-- 
cgit v1.2.3


From 97535aec057fa529c5e7bb16799e33831c1f5e87 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 20 Mar 2014 13:27:39 +0100
Subject: bugfix Organwalter(OW) -> mandate -> BPK: only set OW-BPK if OW use
 the OW function.

---
 .../java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 34a327861..1e4faed66 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -1503,14 +1503,15 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 
 		try {
 
-			if (session.getUseMandate() && session.isOW()) {
-				MISMandate mandate = session.getMISMandate();
+			MISMandate mandate = session.getMISMandate();
+			
+			if (session.getUseMandate() && session.isOW() 
+					&& mandate != null && MiscUtil.isNotEmpty(mandate.getOWbPK())) {				
 				authData.setBPK(mandate.getOWbPK());
 				authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + "OW");
 				authData.setIdentityLink(identityLink);
-
 				Logger.trace("Authenticated User is OW: " + mandate.getOWbPK());
-
+					
 			} else {
 
 				if (businessService) {
-- 
cgit v1.2.3


From 70e3ac3a5a76c430f453019eba72a1f291069913 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Thu, 20 Mar 2014 13:35:29 +0100
Subject: adjust bpk builder

---
 id/ConfigWebTool/ConfigurationInterface.iml                        | 2 +-
 id/server/auth/moa-id-auth.iml                                     | 6 +++---
 id/server/idserverlib/moa-id-lib.iml                               | 2 +-
 .../java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java     | 7 ++++++-
 .../egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java | 4 +++-
 .../moa/id/protocols/stork2/StorkAttributeRequestProvider.java     | 1 +
 id/server/moa-id-commons/moa-id-commons.iml                        | 4 ++--
 id/server/pom.xml                                                  | 5 +++--
 id/server/proxy/moa-id-proxy.iml                                   | 6 +++---
 id/server/stork2-saml-engine/pom.xml                               | 4 ++--
 10 files changed, 25 insertions(+), 16 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/ConfigWebTool/ConfigurationInterface.iml b/id/ConfigWebTool/ConfigurationInterface.iml
index 7af1731c8..0006e531e 100644
--- a/id/ConfigWebTool/ConfigurationInterface.iml
+++ b/id/ConfigWebTool/ConfigurationInterface.iml
@@ -106,7 +106,7 @@
     <orderEntry type="library" name="Maven: mysql:mysql-connector-java:5.1.25" level="project" />
     <orderEntry type="module" module-name="moa-id-lib" />
     <orderEntry type="module" module-name="SamlEngine" />
-    <orderEntry type="library" name="Maven: eu.stork:Commons:1.4.0" level="project" />
+    <orderEntry type="module" module-name="Commons" />
     <orderEntry type="library" name="Maven: org.opensaml:opensaml:2.6.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:openws:1.5.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:xmltooling:1.4.0" level="project" />
diff --git a/id/server/auth/moa-id-auth.iml b/id/server/auth/moa-id-auth.iml
index 73af6885e..a82e8089d 100644
--- a/id/server/auth/moa-id-auth.iml
+++ b/id/server/auth/moa-id-auth.iml
@@ -14,8 +14,8 @@
     </facet>
   </component>
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/target/classes" />
-    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+    <output url="file://$MODULE_DIR$/../../target/classes" />
+    <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/resources" type="java-resource" />
       <excludeFolder url="file://$MODULE_DIR$/target" />
@@ -78,7 +78,7 @@
     <orderEntry type="library" name="Maven: iaik.prod:iaik_jsse:4.4" level="project" />
     <orderEntry type="module" module-name="moa-id-lib" />
     <orderEntry type="module" module-name="SamlEngine" />
-    <orderEntry type="library" name="Maven: eu.stork:Commons:1.4.0" level="project" />
+    <orderEntry type="module" module-name="Commons" />
     <orderEntry type="library" name="Maven: org.opensaml:opensaml:2.6.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:openws:1.5.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:xmltooling:1.4.0" level="project" />
diff --git a/id/server/idserverlib/moa-id-lib.iml b/id/server/idserverlib/moa-id-lib.iml
index dba9b563f..5dae15c18 100644
--- a/id/server/idserverlib/moa-id-lib.iml
+++ b/id/server/idserverlib/moa-id-lib.iml
@@ -14,7 +14,7 @@
     <orderEntry type="library" name="Maven: eu.stork.mw.core:stork-saml-engine:2.0" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-log4j12:1.6.6" level="project" />
     <orderEntry type="module" module-name="SamlEngine" />
-    <orderEntry type="library" name="Maven: eu.stork:Commons:1.4.0" level="project" />
+    <orderEntry type="module" module-name="Commons" />
     <orderEntry type="library" name="Maven: joda-time:joda-time:2.3" level="project" />
     <orderEntry type="library" name="Maven: log4j:log4j:1.2.14" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:opensaml:2.6.0" level="project" />
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
index 603d924d8..866c5a923 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
@@ -170,9 +170,12 @@ public class BPKBuilder {
                     new Object[]{"storkid", "Unvollständige Parameterangaben: identificationValue=" +
                             identificationValue + ", Zielland=" + destinationCountry + ", Ursprungsland=" + sourceCountry});
         }
+        Logger.info("Building STORK identification from: " + sourceCountry+"/"+destinationCountry+"/" + "[identValue]");
+        String eIdentifier = sourceCountry+"/"+destinationCountry+"/"+identificationValue;
 
+        /* Commented - it is already done by BKU, we need only to add Stork values
         String basisbegriff = identificationValue + "+" + Constants.URN_PREFIX_STORK + "+" + sourceCountry + "+" + destinationCountry;
-        Logger.info("Building STORK identification from:" + basisbegriff);
+        Logger.info("Building STORK identification from: [identValue]+" + Constants.URN_PREFIX_STORK + "+" + sourceCountry + "+" + destinationCountry);
         try {
             MessageDigest md = MessageDigest.getInstance("SHA-1");
             byte[] hash = md.digest(basisbegriff.getBytes("ISO-8859-1"));
@@ -182,6 +185,8 @@ public class BPKBuilder {
         } catch (Exception ex) {
             throw new BuildException("builder.00", new Object[]{"storkid", ex.toString()}, ex);
         }
+        */
+        return eIdentifier;
     }
 
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java
index ba347c9e5..81ef5e408 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java
@@ -46,6 +46,7 @@
 
 package at.gv.egovernment.moa.id.auth.builder;
 
+import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Constants;
 
 /**
@@ -79,7 +80,7 @@ public class InfoboxReadRequestBuilder implements Constants {
      * @return <code>&lt;InfoboxReadRequest&gt;</code> as String
      */
     public String build(boolean businessService, String identityLinkDomainIdentifier) {
-
+        Logger.info("Building InfoBoxReadRequest");
         String slPrefix;
         String slNsDeclaration;
 
@@ -144,6 +145,7 @@ public class InfoboxReadRequestBuilder implements Constants {
      *
      */
     public String buildStorkReadRequest(String identityLinkDomainIdentifier) {
+        Logger.info("Building Stork InfoBoxReadRequest for " + identityLinkDomainIdentifier);
 
         String slPrefix;
         String slNsDeclaration;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
index b3d831b80..618311a28 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
@@ -162,3 +162,4 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 	}
 
 }
+
diff --git a/id/server/moa-id-commons/moa-id-commons.iml b/id/server/moa-id-commons/moa-id-commons.iml
index aeb4ad88c..387cfa900 100644
--- a/id/server/moa-id-commons/moa-id-commons.iml
+++ b/id/server/moa-id-commons/moa-id-commons.iml
@@ -26,8 +26,8 @@
     </facet>
   </component>
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/target/classes" />
-    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+    <output url="file://$MODULE_DIR$/../../target/classes" />
+    <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
       <sourceFolder url="file://$MODULE_DIR$/src/main/resources/config" type="java-resource" />
diff --git a/id/server/pom.xml b/id/server/pom.xml
index c44773994..dfe5d33af 100644
--- a/id/server/pom.xml
+++ b/id/server/pom.xml
@@ -18,8 +18,9 @@
         <module>proxy</module>
         <module>auth</module>
         <module>moa-id-commons</module>
-        <!-- <module>stork2-saml-engine</module>-->
-        <module>SamlEngine-VIDP</module>
+        <module>stork2-saml-engine</module>
+        <module>stork2-commons</module>
+       <!-- <module>SamlEngine-VIDP</module> -->
     </modules>
 
     <properties>
diff --git a/id/server/proxy/moa-id-proxy.iml b/id/server/proxy/moa-id-proxy.iml
index 083fd2df8..f22728405 100644
--- a/id/server/proxy/moa-id-proxy.iml
+++ b/id/server/proxy/moa-id-proxy.iml
@@ -13,8 +13,8 @@
     </facet>
   </component>
   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
-    <output url="file://$MODULE_DIR$/target/classes" />
-    <output-test url="file://$MODULE_DIR$/target/test-classes" />
+    <output url="file://$MODULE_DIR$/../../target/classes" />
+    <output-test url="file://$MODULE_DIR$/../../target/test-classes" />
     <content url="file://$MODULE_DIR$">
       <excludeFolder url="file://$MODULE_DIR$/target" />
     </content>
@@ -75,7 +75,7 @@
     <orderEntry type="library" name="Maven: iaik.prod:iaik_jsse:4.4" level="project" />
     <orderEntry type="module" module-name="moa-id-lib" />
     <orderEntry type="module" module-name="SamlEngine" />
-    <orderEntry type="library" name="Maven: eu.stork:Commons:1.4.0" level="project" />
+    <orderEntry type="module" module-name="Commons" />
     <orderEntry type="library" name="Maven: org.opensaml:opensaml:2.6.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:openws:1.5.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:xmltooling:1.4.0" level="project" />
diff --git a/id/server/stork2-saml-engine/pom.xml b/id/server/stork2-saml-engine/pom.xml
index cead61eb8..c1992b3fb 100644
--- a/id/server/stork2-saml-engine/pom.xml
+++ b/id/server/stork2-saml-engine/pom.xml
@@ -131,8 +131,8 @@
 					<artifactId>maven-compiler-plugin</artifactId>
 					<version>2.3.2</version>
 					<configuration>
-						<source>1.6</source>
-						<target>1.6</target>
+						<source>1.7</source>
+						<target>1.7</target>
 					</configuration>
 				</plugin>
 
-- 
cgit v1.2.3


From 2364aa253e1ea8e6d578450674028c6724cfbabc Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 20 Mar 2014 15:27:15 +0100
Subject: fixed nullpointerex in SignedDocAPPlugin

---
 .../moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java
index f629db5a4..43f6a5984 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java
@@ -84,7 +84,7 @@ public class SignedDocAttributeRequestProvider implements AttributeProvider {
 			values.add(signResponse);
 
 			Logger.debug("Assembling signedDoc attribute");
-			PersonalAttribute signedDocAttribute = new PersonalAttribute(requestedAttribute.getName(), requestedAttribute.isRequired(), values,
+			PersonalAttribute signedDocAttribute = new PersonalAttribute("signedDoc", false, values,
 					"Available");
 
 			// pack and return the result
-- 
cgit v1.2.3


From 97c4024c8ab745cdd5bd8126bb4af18f11387040 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 20 Mar 2014 15:27:47 +0100
Subject: refactored velocityprovider location

---
 .../moa/id/auth/AuthenticationServer.java          |   2 +-
 .../moa/id/auth/servlet/PEPSConnectorServlet.java  |   2 +-
 .../moa/id/auth/stork/VelocityProvider.java        | 112 ---------------------
 .../id/protocols/pvp2x/binding/PostBinding.java    |  15 +--
 .../id/protocols/stork2/AttributeCollector.java    |   2 +-
 .../moa/id/protocols/stork2/ConsentEvaluator.java  |   2 +-
 .../stork2/MandateAttributeRequestProvider.java    |   2 +-
 .../stork2/SignedDocAttributeRequestProvider.java  |   2 +-
 .../stork2/StorkAttributeRequestProvider.java      |   2 +-
 .../egovernment/moa/id/util/VelocityProvider.java  | 112 +++++++++++++++++++++
 10 files changed, 121 insertions(+), 132 deletions(-)
 delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/VelocityProvider.java
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/VelocityProvider.java

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 67a29f81a..306b0489d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -75,7 +75,6 @@ import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
 import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
 import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
 import at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet;
-import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
 import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator;
 import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator;
 import at.gv.egovernment.moa.id.auth.validator.InfoboxValidator;
@@ -104,6 +103,7 @@ import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl;
 import at.gv.egovernment.moa.id.util.HTTPUtils;
 import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
 import at.gv.egovernment.moa.id.util.Random;
+import at.gv.egovernment.moa.id.util.VelocityProvider;
 import at.gv.egovernment.moa.id.util.XMLUtil;
 import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate;
 import at.gv.egovernment.moa.logging.LogMsg;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index 197e4cda7..fb0d4cd1b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -51,7 +51,6 @@ import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.stork.STORKException;
 import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor;
-import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
@@ -59,6 +58,7 @@ import at.gv.egovernment.moa.id.moduls.ModulUtils;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
 import at.gv.egovernment.moa.id.util.HTTPUtils;
+import at.gv.egovernment.moa.id.util.VelocityProvider;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.StringUtils;
 import at.gv.util.xsd.xmldsig.SignatureType;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/VelocityProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/VelocityProvider.java
deleted file mode 100644
index 534121443..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/VelocityProvider.java
+++ /dev/null
@@ -1,112 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- * 
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- * 
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-/**
- * 
- */
-package at.gv.egovernment.moa.id.auth.stork;
-
-import org.apache.velocity.app.VelocityEngine;
-import org.apache.velocity.runtime.RuntimeConstants;
-
-/**
- * Gets a Velocity Engine
- * 
- * @author bzwattendorfer
- *
- */
-public class VelocityProvider {
-
-	/**
-	 * Gets velocityEngine from Classpath
-	 * @return VelocityEngine
-	 * @throws Exception
-	 */
-	public static VelocityEngine getClassPathVelocityEngine() throws Exception {
-		VelocityEngine velocityEngine = getBaseVelocityEngine();
-        velocityEngine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath");
-        velocityEngine.setProperty("classpath.resource.loader.class",
-                "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader");
-        
-		velocityEngine.init();
-		
-		return velocityEngine;
-	}
-	
-	/**
-	 * Gets VelocityEngine from File
-	 * @param rootPath File Path to template file
-	 * @return VelocityEngine
-	 * @throws Exception
-	 */
-	public static VelocityEngine getFileVelocityEngine(String rootPath) throws Exception {
-		VelocityEngine velocityEngine = getBaseVelocityEngine();
-        velocityEngine.setProperty(RuntimeConstants.RESOURCE_LOADER, "file");
-        velocityEngine.setProperty("file.resource.loader.class",
-                "org.apache.velocity.runtime.resource.loader.FileResourceLoader");
-        velocityEngine.setProperty("file.resource.loader.path", rootPath);
-        
-		velocityEngine.init();
-		
-		return velocityEngine;
-	}
-	
-	/**
-	 * Gets a basic VelocityEngine
-	 * @return VelocityEngine
-	 */
-	private static VelocityEngine getBaseVelocityEngine() {
-		VelocityEngine velocityEngine = new VelocityEngine();
-        velocityEngine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
-        velocityEngine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
-        velocityEngine.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS,
-				"org.apache.velocity.runtime.log.SimpleLog4JLogSystem");
-        
-        return velocityEngine;
-	}
-	
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
index af29054e1..6bbbee302 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
@@ -26,7 +26,6 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import org.apache.velocity.app.VelocityEngine;
-import org.apache.velocity.runtime.RuntimeConstants;
 import org.opensaml.common.SAMLObject;
 import org.opensaml.common.binding.BasicSAMLMessageContext;
 import org.opensaml.common.xml.SAMLConstants;
@@ -49,6 +48,7 @@ import org.opensaml.xml.security.credential.Credential;
 import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider;
 import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider;
 import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException;
+import at.gv.egovernment.moa.id.util.VelocityProvider;
 import at.gv.egovernment.moa.logging.Logger;
 
 public class PostBinding implements IDecoder, IEncoder {
@@ -70,18 +70,7 @@ public class PostBinding implements IDecoder, IEncoder {
 
 			Logger.debug("create SAML POSTBinding response");
 			
-			// VelocityEngine engine =
-			// VelocityProvider.getClassPathVelocityEngine();
-			VelocityEngine engine = new VelocityEngine();
-			engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
-			engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
-			engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
-			engine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath");
-			engine.setProperty("classpath.resource.loader.class",
-					"org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader");
-			engine.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS,
-					"org.apache.velocity.runtime.log.SimpleLog4JLogSystem");
-			engine.init();
+			 VelocityEngine engine = VelocityProvider.getClassPathVelocityEngine();
 
 			HTTPPostEncoder encoder = new HTTPPostEncoder(engine,
 					"resources/templates/pvp_postbinding_template.html");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 4bf193e9e..31114a319 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -7,13 +7,13 @@ import java.util.List;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.storage.AssertionStorage;
+import at.gv.egovernment.moa.id.util.VelocityProvider;
 import at.gv.egovernment.moa.logging.Logger;
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.PEPSUtil;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
index bcf086b56..9a3376e4c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
@@ -5,13 +5,13 @@ import java.util.ArrayList;
 import java.util.HashMap;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.storage.AssertionStorage;
+import at.gv.egovernment.moa.id.util.VelocityProvider;
 import at.gv.egovernment.moa.logging.Logger;
 import eu.stork.peps.auth.commons.PEPSUtil;
 import eu.stork.peps.auth.commons.PersonalAttribute;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java
index d3eded934..e691f87e1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java
@@ -2,9 +2,9 @@ package at.gv.egovernment.moa.id.protocols.stork2;
 
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.util.HTTPUtils;
+import at.gv.egovernment.moa.id.util.VelocityProvider;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.StringUtils;
 import eu.stork.peps.auth.commons.*;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java
index 43f6a5984..01297c963 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java
@@ -15,8 +15,8 @@ import org.apache.velocity.app.VelocityEngine;
 
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.util.VelocityProvider;
 import at.gv.egovernment.moa.logging.Logger;
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.PersonalAttribute;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
index 618311a28..449fef1cb 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
@@ -10,9 +10,9 @@ import org.apache.velocity.app.VelocityEngine;
 
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.util.HTTPUtils;
+import at.gv.egovernment.moa.id.util.VelocityProvider;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.StringUtils;
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/VelocityProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/VelocityProvider.java
new file mode 100644
index 000000000..231f36fa8
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/VelocityProvider.java
@@ -0,0 +1,112 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ * 
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ * 
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2011 by Graz University of Technology, Austria
+ * The Austrian STORK Modules have been developed by the E-Government
+ * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
+ * Austria and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+/**
+ * 
+ */
+package at.gv.egovernment.moa.id.util;
+
+import org.apache.velocity.app.VelocityEngine;
+import org.apache.velocity.runtime.RuntimeConstants;
+
+/**
+ * Gets a Velocity Engine
+ * 
+ * @author bzwattendorfer
+ *
+ */
+public class VelocityProvider {
+
+	/**
+	 * Gets velocityEngine from Classpath
+	 * @return VelocityEngine
+	 * @throws Exception
+	 */
+	public static VelocityEngine getClassPathVelocityEngine() throws Exception {
+		VelocityEngine velocityEngine = getBaseVelocityEngine();
+        velocityEngine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath");
+        velocityEngine.setProperty("classpath.resource.loader.class",
+                "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader");
+        
+		velocityEngine.init();
+		
+		return velocityEngine;
+	}
+	
+	/**
+	 * Gets VelocityEngine from File
+	 * @param rootPath File Path to template file
+	 * @return VelocityEngine
+	 * @throws Exception
+	 */
+	public static VelocityEngine getFileVelocityEngine(String rootPath) throws Exception {
+		VelocityEngine velocityEngine = getBaseVelocityEngine();
+        velocityEngine.setProperty(RuntimeConstants.RESOURCE_LOADER, "file");
+        velocityEngine.setProperty("file.resource.loader.class",
+                "org.apache.velocity.runtime.resource.loader.FileResourceLoader");
+        velocityEngine.setProperty("file.resource.loader.path", rootPath);
+        
+		velocityEngine.init();
+		
+		return velocityEngine;
+	}
+	
+	/**
+	 * Gets a basic VelocityEngine
+	 * @return VelocityEngine
+	 */
+	private static VelocityEngine getBaseVelocityEngine() {
+		VelocityEngine velocityEngine = new VelocityEngine();
+        velocityEngine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
+        velocityEngine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
+        velocityEngine.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS,
+				"org.apache.velocity.runtime.log.SimpleLog4JLogSystem");
+        
+        return velocityEngine;
+	}
+	
+}
-- 
cgit v1.2.3


From 3974cdadf7e40ce7fd6b2bc7e067dc77ab51ee0b Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 20 Mar 2014 15:54:11 +0100
Subject: add SAML1 sourceID received from StartAuthentication request

---
 id/server/doc/handbook/protocol/protocol.html                |  5 +++++
 .../moa/id/protocols/saml1/GetArtifactAction.java            |  9 ++++++++-
 .../moa/id/protocols/saml1/SAML1AuthenticationServer.java    |  4 ++--
 .../gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java | 12 +++++++++++-
 4 files changed, 26 insertions(+), 4 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/doc/handbook/protocol/protocol.html b/id/server/doc/handbook/protocol/protocol.html
index 450df0aad..ebe0dbdca 100644
--- a/id/server/doc/handbook/protocol/protocol.html
+++ b/id/server/doc/handbook/protocol/protocol.html
@@ -1083,6 +1083,11 @@ Folgende Parameter m
     <td>BE, SI, </td>
     <td><strong>Optional:</strong> Gibt an ob die Anmeldung mittels STORK im angegebenen Land erfolgen soll. Die Angabe erfolgt mit dem L&auml;ndercode (Bsp: PT, LU, ES, ...) des jeweiligen Landes.</td>
   </tr>
+  <tr>
+    <td>sourceID=&lt;xxxxxxx&gt;</td>
+    <td>abcdef141245</td>
+    <td><strong>Optional:</strong> Die sourceID flie&szlig;t in die Genierung des SAML1 Artifacts, welches an den Service Provider returniert wird, ein. Detailinformationen zur Genierierung des SAML1 Artifacts und zur sourceID finden Sie in der <a href="#referenzierte_spezifikation">SAML1 Spezifikation</a>.</td>
+  </tr>
 </table>
 <h2><a name="saml1_getassertion" id="saml1_zugang3"></a>3.4 GetAuthenticationData Request</h2>
 <p>Nach erfolgter Authentisierung stehen in MOA-ID-AUTH Anmeldedaten zum Abholen bereit,    und MOA-ID-AUTH veranlasst einen Redirect zur Online-Applikation (OA). <br>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
index c22f6d25f..c337433b6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
@@ -52,6 +52,13 @@ public class GetArtifactAction implements IAction {
 		String oaURL = (String) req.getOAURL();
 		String target = (String) req.getTarget();
 		
+		String sourceID = null;
+		if (req instanceof SAML1RequestImpl) {
+			SAML1RequestImpl saml1req = (SAML1RequestImpl) req;
+			sourceID = saml1req.getSourceID();
+			
+		}
+		
 		try {
 		
 			
@@ -84,7 +91,7 @@ public class GetArtifactAction implements IAction {
 				Logger.info("MOA assertion assembled and SAML Artifact generated.");
 			}
 			
-			String samlArtifactBase64 = saml1server.BuildSAMLArtifact(session, oaParam, authData);
+			String samlArtifactBase64 = saml1server.BuildSAMLArtifact(session, oaParam, authData, sourceID);
 			
 			if (AuthenticationSessionStoreage.isSSOSession(session.getSessionID())) {
 				String url = "RedirectServlet";
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
index 7c91026bf..6391860ff 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
@@ -165,7 +165,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 	
 	public String BuildSAMLArtifact(AuthenticationSession session, 
 			OAAuthParameter oaParam, 
-			AuthenticationData authData) 
+			AuthenticationData authData, String sourceID) 
 					throws ConfigurationException, BuildException, AuthenticationException {
 		
 		//Load SAML1 Parameter from OA config
@@ -326,7 +326,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 				
 			String samlArtifact = new SAMLArtifactBuilder().build(
 			session.getAuthURL(), Random.nextRandom(),
-			saml1parameter.getSourceID());
+			sourceID);
 			
 			storeAuthenticationData(samlArtifact, authData);
 	
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index ada0bfa8f..b6a2ac0b6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -82,7 +82,7 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
 
 	public IRequest preProcess(HttpServletRequest request,
 			HttpServletResponse response, String action) throws MOAIDException {
-		RequestImpl config = new RequestImpl();
+		SAML1RequestImpl config = new SAML1RequestImpl();
 		
 		if (!AuthConfigurationProvider.getInstance().getAllowedProtocols().isSAML1Active()) {
 			Logger.info("SAML1 is deaktivated!");
@@ -96,6 +96,9 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
 		String target = (String) request.getParameter(PARAM_TARGET);
 		target = StringEscapeUtils.escapeHtml(target);
 		
+		String sourceID = request.getParameter(PARAM_SOURCEID);
+		sourceID = StringEscapeUtils.escapeHtml(sourceID);
+		
 		//the target parameter is used to define the OA in SAML1 standard
 		if (target != null && target.startsWith("http")) {
 			oaURL = target;
@@ -112,10 +115,15 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
 		if (!ParamValidatorUtils.isValidOA(oaURL))
 			throw new WrongParametersException("StartAuthentication", PARAM_OA,
 					"auth.12");
+	
 		config.setOAURL(oaURL);
 		
 		Logger.info("Dispatch SAML1 Request: OAURL=" + oaURL);
 		
+	    if (!ParamValidatorUtils.isValidSourceID(sourceID))
+            throw new WrongParametersException("StartAuthentication", PARAM_SOURCEID, "auth.12");
+		
+		
 		//load Target only from OA config
 		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
 				.getOnlineApplicationParameter(oaURL);
@@ -131,6 +139,8 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
 					new Object[] { oaURL });
 		}
 		
+		config.setSourceID(sourceID);
+		
 		config.setTarget(oaParam.getTarget());
 		
 //		request.getSession().setAttribute(PARAM_OA, oaURL);
-- 
cgit v1.2.3


From 185aa361aec65c967d2908f69db4abbe9d3d9b2e Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Thu, 20 Mar 2014 18:32:14 +0100
Subject: introduced log4j logging system

---
 .../java/at/gv/egovernment/moa/logging/Logger.java | 67 +++++++++-------------
 .../id/protocols/stork2/AttributeCollector.java    |  1 -
 .../protocols/stork2/AttributeProviderFactory.java |  1 -
 .../id/protocols/stork2/AuthenticationRequest.java |  1 -
 .../stork2/EHvdAttributeProviderPlugin.java        |  1 -
 .../id/protocols/stork2/MOAAttributeProvider.java  |  3 -
 .../stork2/MandateAttributeRequestProvider.java    |  2 -
 .../protocols/stork2/MandateRetrievalRequest.java  |  1 -
 .../moa/id/protocols/stork2/STORKProtocol.java     |  1 -
 .../stork2/SignedDocAttributeRequestProvider.java  |  3 -
 .../stork2/StorkAttributeRequestProvider.java      |  3 -
 11 files changed, 27 insertions(+), 57 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java b/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java
index 07f9e27af..2e76325a5 100644
--- a/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java
+++ b/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java
@@ -24,9 +24,6 @@
 
 package at.gv.egovernment.moa.logging;
 
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
 /**
  * A utility class acting as a facade to the logging subsystem.
  * 
@@ -39,35 +36,13 @@ import org.apache.commons.logging.LogFactory;
  */
 public class Logger {
   
-  /** The default logging hierarchy. */
-  private static String defaultHierarchy = "";
-  
-  /**
-   * Get the <code>Log</code> object for the default hierarchy.
-   * 
-   * @return The <code>Log</code> object to write log messages to.
-   */
-  private static Log getLog() {
-    return LogFactory.getLog(defaultHierarchy);
-  }
-
-  /**
-   * Get the <code>Log</code> object for a given hierarchy.
-   * 
-   * @param hierarchy The logging hierarchy for which to return the logger. 
-   * @return The <code>Log</code> object to write log messages to.
-   */
-  private static Log getLog(String hierarchy) {
-    return LogFactory.getLog(hierarchy);
-  }
-  
   /**
    * Set the default hierarchy to which the <code>Logger</code> should send its
    * logging output.
    * @param hierarchy The logging defaultHierarchy.
    */
   public static void setHierarchy(String hierarchy) {
-    defaultHierarchy = hierarchy;
+	  // there is no need for that anymore
   }
 
   /**
@@ -77,7 +52,8 @@ public class Logger {
    * <code>false</code> otherwise.
    */
   public static boolean isTraceEnabled() {
-    return getLog().isTraceEnabled();
+		org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName());
+		return logger.isTraceEnabled();
   }
   
   /**
@@ -88,7 +64,8 @@ public class Logger {
    * <code>false</code> otherwise.
    */
   public static boolean isTraceEnabled(String hierarchy) {
-    return getLog(hierarchy).isTraceEnabled();
+		org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName());
+		return logger.isTraceEnabled();
   }
   
   /**
@@ -97,7 +74,8 @@ public class Logger {
    * @param message The message to trace.
    */
   public static void trace(Object message) {
-    getLog().trace(message);
+		org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName());
+		logger.trace(message);
   }
   
   /**
@@ -107,7 +85,8 @@ public class Logger {
    * <code>false</code> otherwise.
    */
   public static boolean isDebugEnabled() {
-    return getLog().isDebugEnabled();
+		org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName());
+		return logger.isDebugEnabled();
   }
   
   /**
@@ -118,7 +97,8 @@ public class Logger {
    * <code>false</code> otherwise.
    */
   public static boolean isDebugEnabled(String hierarchy) {
-    return getLog(hierarchy).isDebugEnabled();
+		org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName());
+		return logger.isDebugEnabled();
   }
   
   /**
@@ -127,7 +107,8 @@ public class Logger {
    * @param message The message to log.
    */
   public static void debug(Object message) {
-    getLog().debug(message);
+		org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName());
+		logger.debug(message);
   }
   
   /**
@@ -136,7 +117,8 @@ public class Logger {
    * @param message The message to log.
    */
   public static void info(Object message) {
-    getLog().info(message);
+		org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName());
+		logger.info(message);
   }
   
   /**
@@ -145,7 +127,8 @@ public class Logger {
    * @param message The message to log.
    */
   public static void warn(Object message) {
-    getLog().warn(message);
+		org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName());
+		logger.warn(message);
   }
 
   /**
@@ -155,7 +138,8 @@ public class Logger {
    * @param t An exception that may be the cause of the warning.
    */
   public static void warn(Object message, Throwable t) {
-    getLog().warn(message, t);
+		org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName());
+		logger.warn(message, t);
   }
   
   /**
@@ -164,7 +148,8 @@ public class Logger {
    * @param message The message to log.
    */
   public static void error(Object message) {
-    getLog().error(message);
+		org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName());
+		logger.error(message);
   }
 
   /**
@@ -174,7 +159,8 @@ public class Logger {
    * @param t An exception that may be the cause of the error.
    */
   public static void error(Object message, Throwable t) {
-    getLog().error(message, t);
+		org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName());
+		logger.error(message, t);
   }
   
   /**
@@ -183,7 +169,8 @@ public class Logger {
    * @param message The message to log.
    */
   public static void fatal(Object message) {
-    getLog().fatal(message);
+		org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName());
+		logger.fatal(message);
   }
 
   /**
@@ -193,7 +180,7 @@ public class Logger {
    * @param t An exception that may be the cause of the error.
    */
   public static void fatal(Object message, Throwable t) {
-    getLog().fatal(message, t);
+		org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(Thread.currentThread().getStackTrace()[2].getClassName());
+		logger.fatal(message, t);
   }
-
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 31114a319..1d9e31674 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -99,7 +99,6 @@ public class AttributeCollector implements IAction {
      * @throws MOAIDException
      */
     public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, AuthenticationSession moasession, OAAuthParameter oaParam) throws MOAIDException {
-		Logger.setHierarchy("moa.id.protocols.stork2");
         // check if there are attributes we need to fetch
 
         IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
index 7fb7a7bc6..a339cff23 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
@@ -60,7 +60,6 @@ public class AttributeProviderFactory {
      */
     public static List<AttributeProvider> getConfiguredPlugins(
             List<AttributeProviderPlugin> configuredAPs) {
-        Logger.setHierarchy("moa.id.protocols.stork2");
 
         List<AttributeProvider> result = new ArrayList<AttributeProvider>();
         for (AttributeProviderPlugin current : configuredAPs) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 88c0e889d..5e49fe413 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -39,7 +39,6 @@ public class AuthenticationRequest implements IAction {
 
     public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {
 
-    	Logger.setHierarchy("moa.id.protocols.stork2");
         this.moaSession = moasession;
 
         if (req instanceof MOASTORKRequest) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
index f7d105ab8..a257474e3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
@@ -71,7 +71,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 			throw new UnsupportedAttributeException();
 		
 		try {
-	    	Logger.setHierarchy("moa.id.protocols.stork2");
 	    	Logger.debug("initializing SOAP connections...");
 			// create SOAP connection
 			SOAPConnection soapConnection = SOAPConnectionFactory.newInstance().createConnection();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
index 44b140548..873ec1e26 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
@@ -43,7 +43,6 @@ public class MOAAttributeProvider {
 
     public void populateAttribute(PersonalAttributeList attributeList, PersonalAttribute requestedAttribute ) {
         String storkAttribute = requestedAttribute.getName();
-        Logger.setHierarchy("moa.id.protocols.stork2");
         if (storkAttributeSimpleMapping.containsKey(storkAttribute)) {
             Logger.debug("Trying to get value for attribute using simple mapping [" + storkAttribute + "]");
             try {
@@ -70,7 +69,6 @@ public class MOAAttributeProvider {
     }
 
     private String geteIdentifier() {
-        Logger.setHierarchy("moa.id.protocols.stork2");
         Logger.debug("Using base urn for identification value: " + identityLink.getIdentificationType() + " and target country: " + moastorkRequest.getStorkAuthnRequest().getSpCountry());
         try {
             return new BPKBuilder().buildStorkbPK(identityLink.getIdentificationValue(), moastorkRequest.getStorkAuthnRequest().getSpCountry());
@@ -82,7 +80,6 @@ public class MOAAttributeProvider {
 
 
     private void populateAttributeWithMethod(Method method, Object object, PersonalAttributeList attributeList, String storkAttribute, Boolean isRequired) {
-        Logger.setHierarchy("moa.id.protocols.stork2");
         try {
             String attributeValue = method.invoke(object, new Class[]{}).toString();
             PersonalAttribute newAttribute = new PersonalAttribute();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java
index e691f87e1..0e94600db 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java
@@ -37,7 +37,6 @@ public class MandateAttributeRequestProvider implements AttributeProvider {
     private PersonalAttributeList requestedAttributes;
 
     public MandateAttributeRequestProvider(String aPurl, String supportedAttributes) throws MOAIDException {
-        Logger.setHierarchy("moa.id.protocols.stork2");
         destination = aPurl;
         attributes = supportedAttributes;
     }
@@ -64,7 +63,6 @@ public class MandateAttributeRequestProvider implements AttributeProvider {
     }
 
     public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException {
-        Logger.setHierarchy("moa.id.protocols.stork2");
 
         String spSector = "Business";
         String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java
index 4e99cc8aa..3bd1686b4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java
@@ -14,7 +14,6 @@ import javax.servlet.http.HttpServletResponse;
  */
 public class MandateRetrievalRequest implements IAction {
     public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {
-        Logger.setHierarchy("moa.id.protocols.stork2");
         Logger.info("Entering mandateretrievalrequest");
         return null;  //
     }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index ec77109af..5b844580d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -58,7 +58,6 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         and other info are obtained, in the second step the request will be processed and the user redirected
          */
     public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action) throws MOAIDException {
-    	Logger.setHierarchy("moa.id.protocols.stork2");
         Logger.info("Starting preprocessing for Stork2 protocol");
         Logger.debug("Request method: " + request.getMethod());
         Logger.debug("Request content length: " + request.getContentLength());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java
index 01297c963..89eb07815 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java
@@ -75,7 +75,6 @@ public class SignedDocAttributeRequestProvider implements AttributeProvider {
 	 * .servlet.http.HttpServletRequest)
 	 */
 	public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException, UnsupportedAttributeException {
-    	Logger.setHierarchy("moa.id.protocols.stork2");
 		Logger.debug("Beginning to extract OASIS-DSS response out of HTTP Request");
 
 		try {
@@ -107,8 +106,6 @@ public class SignedDocAttributeRequestProvider implements AttributeProvider {
 	public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam)
 			throws MOAIDException {
 
-    	Logger.setHierarchy("moa.id.protocols.stork2");
-    	
 		try {
 			Logger.trace("Initialize VelocityEngine...");
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
index 449fef1cb..c0e613b82 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java
@@ -73,7 +73,6 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 	 */
 	public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException, UnsupportedAttributeException {
 
-    	Logger.setHierarchy("moa.id.protocols.stork2");
 		Logger.info(this.getClass().getSimpleName() + " tries to extract SAMLResponse out of HTTP Request");
 		
 		//extract STORK Response from HTTP Request
@@ -107,8 +106,6 @@ public class StorkAttributeRequestProvider implements AttributeProvider {
 	 */
 	public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException {
 
-    	Logger.setHierarchy("moa.id.protocols.stork2");
-    			
     	String spSector = "Business";
     	String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName();
     	String spApplication = spInstitution;
-- 
cgit v1.2.3


From 05f8b895f82b67637e5758810139c30c29be9f1a Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Fri, 21 Mar 2014 08:34:53 +0100
Subject: refactored eHVD plugin to use jaxb

---
 .../stork2/EHvdAttributeProviderPlugin.java        | 67 +++++++---------------
 1 file changed, 22 insertions(+), 45 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
index a257474e3..5e9d9404c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
@@ -8,8 +8,8 @@ import java.util.Map;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import javax.xml.namespace.QName;
-import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.Marshaller;
 import javax.xml.soap.MessageFactory;
 import javax.xml.soap.SOAPBody;
 import javax.xml.soap.SOAPConnection;
@@ -18,16 +18,6 @@ import javax.xml.soap.SOAPElement;
 import javax.xml.soap.SOAPEnvelope;
 import javax.xml.soap.SOAPMessage;
 import javax.xml.soap.SOAPPart;
-import javax.xml.transform.Result;
-import javax.xml.transform.Source;
-import javax.xml.transform.Transformer;
-import javax.xml.transform.TransformerFactory;
-import javax.xml.transform.dom.DOMSource;
-import javax.xml.transform.stream.StreamResult;
-
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-
 import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
@@ -36,6 +26,8 @@ import at.gv.egovernment.moa.logging.Logger;
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.PersonalAttribute;
 import eu.stork.peps.auth.commons.PersonalAttributeList;
+import eu.stork.peps.complex.attributes.IsHealthCareProfessionalType;
+import eu.stork.peps.complex.attributes.ObjectFactory;
 
 /**
  * Fetches the attribute IsHealthcareProfessional from the BAGDAD SOAP service
@@ -141,7 +133,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 			SOAPElement resultElement = (SOAPElement) responseElement.getChildElements().next();
 
 			// collect all info in a map
-			Iterator it = resultElement.getChildElements();
+			Iterator<?> it = resultElement.getChildElements();
 			Map<String, String> collection = new HashMap<String, String>();
 			while (it.hasNext()) {
 				SOAPElement current = (SOAPElement) it.next();
@@ -168,43 +160,29 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 				acquiredAttribute = new PersonalAttribute("isHealthCareProfessional", false, new ArrayList<String>(), "NotAvailable");
 			} else {
 				// go on and parse the data
+				IsHealthCareProfessionalType result = new IsHealthCareProfessionalType();
+				result.setNameOfOrganisation(collection.get("NameOfOrganisation"));
 
-				Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument();
-				
-				// create the root element
-				Element root = doc.createElement("isHealthCareProfessional");
-				doc.appendChild(root);
-
-				Element orgname = doc.createElement("nameOfOrganisation");
-				orgname.appendChild(doc.createTextNode(collection.get("NameOfOrganisation")));
-				root.appendChild(orgname);
-
-				Element type = doc.createElement("HCP");
-				// TODO fix value mapping
 				if (collection.get("Type").equals("Medical doctor"))
-					type.appendChild(doc.createTextNode("D"));
-				root.appendChild(type);
+					result.setHCPType("D");
+				else
+					result.setHCPType("?");
 
-				Element specialization = doc.createElement("specialisation");
 				if (collection.get("Specialization").contains("Arzt für Allgemeinmedizin"))
-					specialization.appendChild(doc.createTextNode("GP"));
-				root.appendChild(specialization);
-				
-				Element aqaa = doc.createElement("AQAA");
-				aqaa.appendChild(doc.createTextNode("4"));
-				root.appendChild(aqaa);
+					result.setSpecialisation("GP");
+				else
+					result.setSpecialisation("??");
 
-				// get string from dom tree
-				Source source = new DOMSource(doc);
-				StringWriter out = new StringWriter();
-				Result result = new StreamResult(out);
-
-				TransformerFactory tFactory = TransformerFactory.newInstance();
-				Transformer transformer = tFactory.newTransformer();
-				transformer.transform(source, result);
+				result.setAQAA(4);
 
+				final Marshaller m = JAXBContext.newInstance(IsHealthCareProfessionalType.class).createMarshaller();
+			    m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true);
+			    
+			    StringWriter stringWriter = new StringWriter();
+			    m.marshal(new ObjectFactory().createIsHealthCareProfessional(result), stringWriter);		    
+				
 				ArrayList<String> value = new ArrayList<String>();
-				value.add(out.toString());
+				value.add(stringWriter.toString());
 
 				acquiredAttribute = new PersonalAttribute("isHealthCareProfessional", false, value, "Available");
 			}
@@ -212,12 +190,11 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
 			// pack and return the result
 			PersonalAttributeList result = new PersonalAttributeList();
 			result.add(acquiredAttribute);
-			
+
 			// add stork id for verification
 			ArrayList<String> value = new ArrayList<String>();
 			value.add(new BPKBuilder().buildStorkbPK(moasession.getIdentityLink().getIdentificationValue(), spCountryCode));
 			result.add(new PersonalAttribute("eIdentifier", false, value, "Available"));
-			
 
 			return result;
 		} catch (Exception e) {
-- 
cgit v1.2.3


From bab8c73085806024c05435f632341634d4dce465 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 21 Mar 2014 11:03:21 +0100
Subject: add relayState from SAML2 request to SAML2 response

---
 .../moa/id/protocols/pvp2x/PVP2XProtocol.java           |  7 ++++++-
 .../moa/id/protocols/pvp2x/PVPTargetConfiguration.java  |  1 -
 .../moa/id/protocols/pvp2x/binding/ArtifactBinding.java |  2 +-
 .../moa/id/protocols/pvp2x/binding/IEncoder.java        |  2 +-
 .../moa/id/protocols/pvp2x/binding/MOARequest.java      | 17 +++++++++++++++++
 .../moa/id/protocols/pvp2x/binding/PostBinding.java     |  6 +++++-
 .../moa/id/protocols/pvp2x/binding/RedirectBinding.java |  2 +-
 .../moa/id/protocols/pvp2x/binding/SoapBinding.java     |  2 +-
 .../pvp2x/requestHandler/ArtifactResolution.java        |  2 +-
 .../pvp2x/requestHandler/AuthnRequestHandler.java       |  2 +-
 10 files changed, 34 insertions(+), 9 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index db83233fe..2b9e72782 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -321,7 +321,12 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 			encoder = new RedirectBinding();
 		}
 
-		encoder.encodeRespone(request, response, samlResponse, pvpRequest.getConsumerURL());
+		String relayState = null;
+		if (pvpRequest.getRequest() != null)
+			relayState = pvpRequest.getRequest().getRelayState();
+		
+		encoder.encodeRespone(request, response, samlResponse, pvpRequest.getConsumerURL(), 
+				relayState);
 		return true;
 	}
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java
index 18d757208..b3887a444 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java
@@ -57,5 +57,4 @@ public class PVPTargetConfiguration extends RequestImpl {
 		this.consumerURL = consumerURL;
 	}
 	
-	
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java
index a0fba918c..43a17af23 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java
@@ -55,7 +55,7 @@ public class ArtifactBinding implements IDecoder, IEncoder {
 	}
 
 	public void encodeRespone(HttpServletRequest req, HttpServletResponse resp,
-			StatusResponseType response, String targetLocation)
+			StatusResponseType response, String targetLocation, String relayState)
 			throws MessageEncodingException, SecurityException {
 		try {
 			Credential credentials = CredentialProvider
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/IEncoder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/IEncoder.java
index 8b888e806..f7dfd055c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/IEncoder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/IEncoder.java
@@ -47,6 +47,6 @@ public interface IEncoder {
 	 * @throws SecurityException
 	 */
 	public void encodeRespone(HttpServletRequest req, 
-			HttpServletResponse resp, StatusResponseType response, String targetLocation) 
+			HttpServletResponse resp, StatusResponseType response, String targetLocation, String relayState) 
 					throws MessageEncodingException, SecurityException, PVP2Exception;
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/MOARequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/MOARequest.java
index c1104f9f5..11054fd57 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/MOARequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/MOARequest.java
@@ -48,6 +48,7 @@ public class MOARequest implements Serializable{
 	private Element samlRequest;
 	private boolean verified = false;
 	private String entityID = null;
+	private String relayState = null;
 	
 	public MOARequest(RequestAbstractType request) {
 		samlRequest = request.getDOM();
@@ -67,6 +68,22 @@ public class MOARequest implements Serializable{
 		
 	}
 
+	
+	
+	/**
+	 * @return the relayState
+	 */
+	public String getRelayState() {
+		return relayState;
+	}
+
+	/**
+	 * @param relayState the relayState to set
+	 */
+	public void setRelayState(String relayState) {
+		this.relayState = relayState;
+	}
+
 	public void setSamlRequest(RequestAbstractType request) {
 		this.samlRequest = request.getDOM();
 	}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
index aebd94a29..a609942f3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
@@ -63,7 +63,7 @@ public class PostBinding implements IDecoder, IEncoder {
 	}
 
 	public void encodeRespone(HttpServletRequest req, HttpServletResponse resp,
-			StatusResponseType response, String targetLocation)
+			StatusResponseType response, String targetLocation, String relayState)
 			throws MessageEncodingException, SecurityException {
 
 		try {
@@ -99,6 +99,7 @@ public class PostBinding implements IDecoder, IEncoder {
 			// context.setOutboundMessage(authReq);
 			context.setOutboundSAMLMessage(response);
 			context.setOutboundMessageTransport(responseAdapter);
+			context.setRelayState(relayState);
 
 			encoder.encode(context);
 		} catch (CredentialsNotAvailableException e) {
@@ -128,9 +129,12 @@ public class PostBinding implements IDecoder, IEncoder {
 		RequestAbstractType inboundMessage = (RequestAbstractType) messageContext
 				.getInboundMessage();
 		
+
+		
 		MOARequest request = new MOARequest(inboundMessage);
 		request.setVerified(false);
 		request.setEntityID(messageContext.getPeerEntityMetadata().getEntityID());
+		request.setRelayState(messageContext.getRelayState());
 		return request;
 
 	}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
index 5155d6958..dc6a1f637 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
@@ -67,7 +67,7 @@ public class RedirectBinding implements IDecoder, IEncoder {
 	}
 
 	public void encodeRespone(HttpServletRequest req, HttpServletResponse resp,
-			StatusResponseType response, String targetLocation)
+			StatusResponseType response, String targetLocation, String relayState)
 			throws MessageEncodingException, SecurityException {
 		try {
 			X509Credential credentials = CredentialProvider
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java
index 9fe75618d..1d41654eb 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java
@@ -83,7 +83,7 @@ public class SoapBinding implements IDecoder, IEncoder {
 	}
 
 	public void encodeRespone(HttpServletRequest req, HttpServletResponse resp,
-			StatusResponseType response, String targetLocation)
+			StatusResponseType response, String targetLocation, String relayState)
 			throws MessageEncodingException, SecurityException, PVP2Exception {
 		try {
 			Credential credentials = CredentialProvider
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/ArtifactResolution.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/ArtifactResolution.java
index f84e6e588..04ef4cdbf 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/ArtifactResolution.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/ArtifactResolution.java
@@ -67,7 +67,7 @@ public class ArtifactResolution implements IRequestHandler {
 				response.setMessage(assertion.getSamlMessage());
 				response.setIssueInstant(new DateTime());
 				SoapBinding encoder = new SoapBinding();
-				encoder.encodeRespone(req, resp, response, null);
+				encoder.encodeRespone(req, resp, response, null, null);
 			} catch (Exception e) {
 				Logger.error("Failed to resolve artifact", e);
 			}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
index c5afbabe5..fd7ff9885 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
@@ -220,7 +220,7 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
 		}
 
 		try {
-			binding.encodeRespone(req, resp, authResponse, oaURL);
+			binding.encodeRespone(req, resp, authResponse, oaURL, obj.getRelayState());
 			// TODO add remoteSessionID to AuthSession ExternalPVPSessionStore
 			
 //			Logger logger = new Logger();
-- 
cgit v1.2.3


From 902bfea4afd98046fd1327942b8f5de96edaceb3 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 21 Mar 2014 12:14:24 +0100
Subject: add QC validation

---
 .../moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java    | 4 ++++
 .../src/main/resources/resources/properties/id_messages_de.properties | 1 +
 2 files changed, 5 insertions(+)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
index 0d39a4bc5..5f39abf73 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
@@ -130,6 +130,10 @@ public class VerifyXMLSignatureResponseValidator {
         throw new ValidateException("validator.19", new Object[] { checkFailedReason } );
     }
     
+    //check QC
+    if (!verifyXMLSignatureResponse.isQualifiedCertificate())
+        throw new ValidateException("validator.71", null);
+    
     if (ignoreManifestValidationResult) {
       Logger.debug("OA type is business service, thus ignoring DSIG manifest validation result");
     } else {
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
index ec787d745..0cb431df1 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
@@ -192,6 +192,7 @@ validator.67=Der Specialtext ({0}) stimmt nicht mit dem f\u00FCr diese Applikati
 validator.68=SigningTime im AUTH-Block konnte nicht eruiert werden.
 validator.69=SigningTime im AUTH-Block und Serverzeit weichen zu stark ab ({0}).
 validator.70=Das einmale Tokken im signierten AuthBlock ({0}) stimmt nicht mit dem von generierten Tokken ({1}) \u00FCberein.
+validator.71=Das Signaturzertifikat ist nicht qualifiziert.
 
 ssl.01=Validierung des SSL-Server-Endzertifikates hat fehlgeschlagen
 
-- 
cgit v1.2.3


From 05212e955f2c44bd3150b47d9d534c5a73eb71d1 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 21 Mar 2014 13:16:38 +0100
Subject: add global QC check deactivation for testing

---
 id/server/doc/handbook/config/config.html          | 68 ++++++++++++++--------
 .../VerifyXMLSignatureResponseValidator.java       | 11 +++-
 .../id/config/auth/AuthConfigurationProvider.java  |  5 ++
 3 files changed, 58 insertions(+), 26 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/doc/handbook/config/config.html b/id/server/doc/handbook/config/config.html
index 9aed46fd1..58214bb44 100644
--- a/id/server/doc/handbook/config/config.html
+++ b/id/server/doc/handbook/config/config.html
@@ -52,29 +52,30 @@
         <li><a href="#uebersicht_bekanntmachung">Bekanntmachung der Konfigurationsdatei</a></li>
             <li><a href="#basisconfig_moa_id_auth_param">Konfigurationsparameter</a>
 <ol>
-            <li><a href="#basisconfig_moa_id_auth_param_general">Allgemeine Konfigurationsparameter</a></li>
-                <li><a href="#basisconfig_moa_id_auth_param_services">Externe Services</a>
-<ol>
-                <li><a href="#basisconfig_moa_id_auth_param_services_moasp">MOA-SP</a></li>
-                    <li><a href="#basisconfig_moa_id_auth_param_services_mandates">Online-Vollmachen</a></li>
-                    <li><a href="#">Foreign Identities</a></li>
-                  </ol>
-                </li>
-                <li><a href="#basisconfig_moa_id_auth_param_protocol">Protokolle</a>
-<ol>
-                <li><a href="#basisconfig_moa_id_auth_param_protocol_pvp21">PVP 2.1</a></li>
-                    <li><a href="#basisconfig_moa_id_auth_param_protocol_openid">OpenID Connect</a></li>
-                  </ol>
-                </li>
-                <li><a href="#basisconfig_moa_id_auth_param_database">Datenbank </a>
-<ol>
-                <li><a href="#basisconfig_moa_id_auth_param_database_conf">Konfiguration</a></li>
-                    <li><a href="#basisconfig_moa_id_auth_param_database_session">Session Informationen</a></li>
-                    <li><a href="#basisconfig_moa_id_auth_param_database_info">Statistikdaten</a></li>
-                  </ol>
-                </li>
-              </ol>
-            </li>
+  <li><a href="#basisconfig_moa_id_auth_param_general">Allgemeine Konfigurationsparameter</a></li>
+  <li><a href="#basisconfig_moa_id_auth_param_services">Externe Services</a>
+  <ol>
+    <li><a href="#basisconfig_moa_id_auth_param_services_moasp">MOA-SP</a></li>
+    <li><a href="#basisconfig_moa_id_auth_param_services_mandates">Online-Vollmachen</a></li>
+    <li><a href="#">Foreign Identities</a></li>
+    </ol>
+    </li>
+  <li><a href="#basisconfig_moa_id_auth_param_protocol">Protokolle</a>
+  <ol>
+    <li><a href="#basisconfig_moa_id_auth_param_protocol_pvp21">PVP 2.1</a></li>
+    <li><a href="#basisconfig_moa_id_auth_param_protocol_openid">OpenID Connect</a></li>
+    </ol>
+    </li>
+  <li><a href="#basisconfig_moa_id_auth_param_database">Datenbank </a>
+  <ol>
+    <li><a href="#basisconfig_moa_id_auth_param_database_conf">Konfiguration</a></li>
+    <li><a href="#basisconfig_moa_id_auth_param_database_session">Session Informationen</a></li>
+    <li><a href="#basisconfig_moa_id_auth_param_database_info">Statistikdaten</a></li>
+  </ol>
+    </li>
+  <li>  <a href="#basisconfig_moa_id_auth_param_testing">Testing</a></li>
+</ol>
+</li>
           </ol>
         </li>
         <li><a href="#uebersicht_logging">Konfiguration des Loggings</a></li>
@@ -839,6 +840,27 @@ https://&lt;host&gt;:&lt;port&gt;/moa-id-auth/MonitoringServlet</pre>
 </table>
 <p>&nbsp;</p>
   <p>Die Beispielkonfiguration beinhaltet noch zus&auml;tzliche Konfigurationsparameter f&uuml;r den Datenbankzugriff der einzelnen Schema welche direkt aus der Beispielkonfiguration &uuml;bernommen werden k&ouml;nnen. Eine detaillierte Beschreibung der einzelnen Einstellungsparameter kann der <a href="http://docs.jboss.org/hibernate/core/4.2/manual/en-US/html/">Hibernate Dokumention</a> entnommen werden.</p>
+<h4><a name="basisconfig_moa_id_auth_param_testing" id="uebersicht_bekanntmachung15"></a>2.2.2.5 Testing</h4>
+  <p>Diese Parameter dienen auf Testsystemen zur Deaktivierung einzelner Verarbeitungs- oder Pr&uuml;fschritte. Standardm&auml;&szlig;ig ist jeweils die sichere Variante aktiviert.</p>
+  <table width="1247" border="1">
+    <tr>
+      <th width="281" scope="col">Name</th>
+      <th width="261" scope="col">Beispielwert</th>
+      <th width="683" scope="col">Beschreibung</th>
+    </tr>
+    <tr>
+      <td>configuration.validation.certificate.QC.ignore</td>
+      <td><p>true / false</p></td>
+      <td><p>Deaktiviert die QC Pr&uuml;fung von Signaturzertifikaten. Da manche Testzertifikate oder Testkarten keine QC Erweiterung aufweisen und somit eine Anmeldung mit diesen Zertifikaten nicht m&ouml;glich ist, kann die QC Pr&uuml;fung je Instanz deaktiviert werden.</p>
+      <p><strong>Defaultwert:</strong> false</p></td>
+    </tr>
+    <tr>
+      <td>protocols.pvp2.assertion.encryption.active</td>
+      <td>true / false</td>
+      <td><p>Mit diesem Parameter kann die Verschl&uuml;sselung der PVP2.1 Assertion f&uuml;r diese MOA-ID-Auth Instanz vollst&auml;ndig deaktiviert werden.</p>
+      <p><strong>Defaultwert:</strong> true</p></td>
+    </tr>
+  </table>
   <p>&nbsp;</p>
 <h2><a name="uebersicht_logging" id="uebersicht_logging"></a>2.3 Konfiguration des Loggings</h2>
   <p>Die Module MOA-ID-Auth und MOA-ID-Configuration verwendet als Framework f&uuml;r Logging-Information die Open Source Software <code>log4j</code>. Die Konfiguration der Logging-Information erfolgt  nicht direkt durch die einzelnen Module, sondern &uuml;ber eine eigene Konfigurationsdatei, die der <span class="term">Java Virtual Machine</span> durch eine <span class="term">System Property </span>  mitgeteilt wird. Der Name der <span class="term">System Property </span>  lautet <code>log4j.configuration</code>; als Wert der <span class="term">System Property </span>  ist eine URL anzugeben, die auf die <code>log4j</code>-Konfigurationsdatei verweist, z.B.  </p>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
index 5f39abf73..ccaa7bbbb 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
@@ -60,6 +60,8 @@ import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.data.IdentityLink;
 import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
 import at.gv.egovernment.moa.id.auth.exception.ValidateException;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
 import at.gv.egovernment.moa.logging.Logger;
 
@@ -101,12 +103,13 @@ public class VerifyXMLSignatureResponseValidator {
    *                                       manifest has to be ignored (identityLink validation if
    *                                       the OA is a business service) or not
    * @throws ValidateException on any validation error
+ * @throws ConfigurationException 
    */
   public void validate(VerifyXMLSignatureResponse verifyXMLSignatureResponse,
                        List<String> identityLinkSignersSubjectDNNames, 
                        String whatToCheck,
                        boolean ignoreManifestValidationResult)
-    throws ValidateException {
+    throws ValidateException, ConfigurationException {
 
     if (verifyXMLSignatureResponse.getSignatureCheckCode() != 0)
       throw new ValidateException("validator.06", null);
@@ -130,8 +133,10 @@ public class VerifyXMLSignatureResponseValidator {
         throw new ValidateException("validator.19", new Object[] { checkFailedReason } );
     }
     
-    //check QC
-    if (!verifyXMLSignatureResponse.isQualifiedCertificate())
+    //check QC 
+    if (AuthConfigurationProvider.getInstance().isCertifiacteQCActive() &&
+    		!whatToCheck.equals(CHECK_IDENTITY_LINK) &&
+    		!verifyXMLSignatureResponse.isQualifiedCertificate())
         throw new ValidateException("validator.71", null);
     
     if (ignoreManifestValidationResult) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index 8d1fc7979..8b5c8d796 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -1003,6 +1003,11 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
 	  return Boolean.valueOf(prop);
   }
   
+  public boolean isCertifiacteQCActive() {
+	  String prop = props.getProperty("configuration.validation.certificate.QC.ignore", "false");
+	  return !Boolean.valueOf(prop);	  
+  }
+  
   /**
    * Retruns the STORK Configuration
    * @return STORK Configuration
-- 
cgit v1.2.3


From fe4cd5b18aab602ed030ea2a42b47875e85e380b Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 21 Mar 2014 14:55:51 +0100
Subject: update JaxB Binding to solve configuration update problemes -> use
 Boolean instead of boolean

---
 .../gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java  | 4 ++--
 id/server/moa-id-commons/src/main/resources/config/bindings.xjb       | 1 -
 2 files changed, 2 insertions(+), 3 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index ba2c08bb5..8b5c8d796 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -398,11 +398,11 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
 			
 			MOAIDConfiguration moaconfig = BuildFromLegacyConfig.build(new File(legacyconfig), rootConfigFileDir, null);
 			
-			List<OnlineApplication> oas = moaconfig.getOnlineApplications();
+			List<OnlineApplication> oas = moaconfig.getOnlineApplication();
 			for (OnlineApplication oa : oas)
 				ConfigurationDBUtils.save(oa);
 
-			moaconfig.setOnlineApplications(null);	
+			moaconfig.setOnlineApplication(null);	
 			ConfigurationDBUtils.save(moaconfig);
 			
 			Logger.info("Legacy Configuration load is completed.");
diff --git a/id/server/moa-id-commons/src/main/resources/config/bindings.xjb b/id/server/moa-id-commons/src/main/resources/config/bindings.xjb
index bb063a73c..f2701bec4 100644
--- a/id/server/moa-id-commons/src/main/resources/config/bindings.xjb
+++ b/id/server/moa-id-commons/src/main/resources/config/bindings.xjb
@@ -6,7 +6,6 @@
 	<jaxb:bindings schemaLocation="moaid_config_2.0.xsd" node="/xsd:schema">
 		<jaxb:globalBindings localScoping="toplevel">
 			<jaxb:serializable/>
-			<xjc:simple/>
        <xjc:javaType  name="java.lang.Boolean" 
                       xmlType="xsd:boolean" 
                       adapter="com.sun.tools.xjc.runtime.ZeroOneBooleanAdapter"/>
-- 
cgit v1.2.3


From 41fc7040ef72b61cf5bd67b44981d564cab1fbd1 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 24 Mar 2014 12:29:45 +0100
Subject: remove Debug messages

---
 .../src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java     | 4 +---
 .../gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java   | 1 -
 2 files changed, 1 insertion(+), 4 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
index 82de940db..684c6630a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
@@ -147,9 +147,7 @@ public class SSOManager {
 	public String createSSOSessionInformations(String moaSessionID, String OAUrl) {
 		
 		String newSSOId = Random.nextRandom();
-		
-		System.out.println("generate new SSO Tokken (" + newSSOId + ")");
-		
+				
 		if (MiscUtil.isEmpty(moaSessionID) || MiscUtil.isEmpty(OAUrl)) {
 			Logger.warn("MoaSessionID or OAUrl are empty -> SSO is not enabled!");
 			return null;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java
index f0d503d88..10618071a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java
@@ -36,7 +36,6 @@ public class AuthenticationAction implements IAction {
 	public String processRequest(IRequest req, HttpServletRequest httpReq,
 			HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {
 		
-		System.out.println("Process PVP2 auth request!");
 		PVPTargetConfiguration pvpRequest = (PVPTargetConfiguration) req;
 		return RequestManager.getInstance().handle(pvpRequest.request, httpReq, httpResp, moasession);
 	}
-- 
cgit v1.2.3


From ce9135079031d7717ae75730293b77329f314698 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 24 Mar 2014 12:36:28 +0100
Subject: Close ConfigDB session

---
 .../at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java  | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index ae9348a0b..328a441cd 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -53,6 +53,7 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
 import at.gv.egovernment.moa.id.auth.stork.STORKException;
 import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
@@ -387,6 +388,10 @@ public class PEPSConnectorServlet extends AuthServlet {
 			handleError(null, e, request, response, pendingRequestID);
 		}
 		
+	    finally {
+	    	ConfigurationDBUtils.closeSession();
+	    }
+		
 	}
 
 }
-- 
cgit v1.2.3


From 1ed3ebc7e1901d528ea169658bb896c3958eec0f Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 24 Mar 2014 13:51:34 +0100
Subject: update JavaDoc

---
 id/server/idserverlib/pom.xml                      |  6 ++----
 .../CreateXMLSignatureRequestBuilderForeign.java   |  4 ++--
 .../auth/builder/GetIdentityLinkFormBuilder.java   | 23 +++++++++++-----------
 pom.xml                                            |  4 ++--
 4 files changed, 18 insertions(+), 19 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index 8d77ee481..84d2ef6c7 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -82,7 +82,6 @@
 		<dependency>
 			<groupId>axis</groupId>
 			<artifactId>axis</artifactId>
-			<version>1.1</version>
 		</dependency>
 		
 		<dependency>
@@ -190,8 +189,7 @@
 		<dependency>
 			<groupId>commons-fileupload</groupId>
 			<artifactId>commons-fileupload</artifactId>
-            <version>1.3</version>
-		</dependency>
+    </dependency>
 		<dependency>
 			<groupId>commons-httpclient</groupId>
 			<artifactId>commons-httpclient</artifactId>
@@ -322,7 +320,7 @@
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-javadoc-plugin</artifactId>
-				<version>2.5</version>
+				<version>2.9.1</version>
 				<configuration>
 					<charset>UTF-8</charset>
 					<docencoding>UTF-8</docencoding>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilderForeign.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilderForeign.java
index e7e1e5cbd..f4b5cb4c9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilderForeign.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilderForeign.java
@@ -144,7 +144,7 @@ public class CreateXMLSignatureRequestBuilderForeign extends Builder {
         else if (ch == '<')
           out.write("&lt;");
         else if (ch == '>')
-          out.write("&gt;");
+          out.write("&gt;"); 
         else if (ch == 'ä')
           out.write("&auml;");
         else if (ch == 'ö')
@@ -164,7 +164,7 @@ public class CreateXMLSignatureRequestBuilderForeign extends Builder {
       }
     }
     catch (IOException ex) {
-      throw new BuildException("builder.00", new Object[] {"GetIdentityLinkForm", ex.toString()});
+      throw new BuildException("builder.00", new Object[] {"CreateXMLSignatureRequest", ex.toString()});
     }
     return out.toString();
   }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
index c09cde787..ab93f509c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
@@ -212,28 +212,29 @@ public class GetIdentityLinkFormBuilder extends Builder {
     StringWriter out = new StringWriter();
     try {
       for (int ch = in.read(); ch >= 0; ch = in.read()) {
-        if (ch == '"')
+        if (ch == '"') {
           out.write("&quot;");
-        else if (ch == '<')
+        } else if (ch == '<') {
           out.write("&lt;");
-        else if (ch == '>')
+        } else if (ch == '>') {
           out.write("&gt;");
-        else if (ch == 'ä')
+    	} else if (ch == 'ä') {
           out.write("&auml;");
-        else if (ch == 'ö')
+  		} else if (ch == 'ö') {
           out.write("&ouml;");
-        else if (ch == 'ü')
+		} else if (ch == 'ü') {
           out.write("&uuml;");
-        else if (ch == 'Ä')
+		} else if (ch == 'Ä') {
           out.write("&Auml;");
-        else if (ch == 'Ö')
+		} else if (ch == 'Ö') {
           out.write("&Ouml;");
-        else if (ch == 'Ü')
+		} else if (ch == 'Ü') {
           out.write("&Uuml;");
-        else if (ch == 'ß')
+		} else if (ch == 'ß') {
           out.write("&szlig;");
-        else
+		} else  {
           out.write(ch);
+		}
       }
     }
     catch (IOException ex) {
diff --git a/pom.xml b/pom.xml
index 034ea88de..236655298 100644
--- a/pom.xml
+++ b/pom.xml
@@ -70,8 +70,8 @@
                 <configuration>
                     <finalName>moa</finalName>
                     <descriptors>
-              <!--          <descriptor>id/assembly-auth.xml</descriptor>
-                        <descriptor>id/assembly-proxy.xml</descriptor>-->                         
+                        <descriptor>id/assembly-auth.xml</descriptor>
+                        <descriptor>id/assembly-proxy.xml</descriptor>                         
                         <descriptor>spss/assembly.xml</descriptor>
                         <descriptor>spss/assembly-lib.xml</descriptor>
                     </descriptors>
-- 
cgit v1.2.3


From b5b43216a7425b0634ed890607c6ce358c01467f Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 25 Mar 2014 11:43:47 +0100
Subject: add default redirect URL

---
 .../at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java     | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
index 12cf54e16..800393b30 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
@@ -54,12 +54,14 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
 import at.gv.egovernment.moa.id.moduls.RequestStorage;
 import at.gv.egovernment.moa.id.moduls.SSOManager;
 import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
 import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
 import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
 
 public class LogOutServlet extends AuthServlet {
 
@@ -80,6 +82,11 @@ public class LogOutServlet extends AuthServlet {
 		//get SSO token from request
 		String ssoid = ssomanager.getSSOSessionID(req);
 		
+		if (MiscUtil.isEmpty(redirectUrl))
+			//set default redirect Target
+			Logger.debug("Set default RedirectURL back to MOA-ID-Auth");
+			redirectUrl = AuthConfigurationProvider.getInstance().getPublicURLPrefix();
+		
 		if (ssomanager.isValidSSOSession(ssoid, req)) {
 	
 			//TODO: Single LogOut Implementation
@@ -104,7 +111,7 @@ public class LogOutServlet extends AuthServlet {
 	}
 		
 	//Redirect to Application
-    resp.setStatus(301);
+    resp.setStatus(302);
     resp.addHeader("Location", redirectUrl);
   }
 
-- 
cgit v1.2.3


From 55dec20f9fbf793f9c54cc03388c8e79ad4e9b8a Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 25 Mar 2014 15:01:52 +0100
Subject: log full PVP2.1 request if preProcess failed

---
 .../at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java     | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index 2b9e72782..e81b23d41 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -252,8 +252,10 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 		} catch (PVP2Exception e) {
 			throw e;
 			
-		} catch (Throwable e) {
-			e.printStackTrace();
+		} catch (Throwable e) {			
+			String samlRequest = request.getParameter("SAMLRequest");			
+			Logger.warn("Receive INVALID protocol request: " + samlRequest, e);
+						
 			throw new MOAIDException(e.getMessage(), new Object[] {});
 		}
 	}
-- 
cgit v1.2.3