From 9ebec8cfa0e56467314bbd983d87640411b12ce3 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 24 Nov 2014 17:19:27 +0100
Subject: rebuild SAML1 target parameter functionality for legacy applications

---
 .../id/auth/builder/AuthenticationDataBuilder.java | 27 ++++++++++++++--------
 .../servlet/GenerateIFrameTemplateServlet.java     | 17 ++++++++++----
 .../moa/id/protocols/saml1/GetArtifactAction.java  |  4 ++--
 .../moa/id/protocols/saml1/SAML1Protocol.java      | 11 ++++++---
 4 files changed, 39 insertions(+), 20 deletions(-)

(limited to 'id/server/idserverlib/src/main/java')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index 731925c1b..5fb4d6be8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -215,7 +215,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 			
 		} else {
 			//build AuthenticationData from MOASession
-			buildAuthDataFormMOASession(authdata, session, oaParam);
+			buildAuthDataFormMOASession(authdata, session, oaParam, protocolRequest);
 					
 		}
 		
@@ -323,7 +323,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 				
 			}
 			//parse response information to authData
-			buildAuthDataFormInterfederationResponse(authdata, session, extractor, oaParam);			
+			buildAuthDataFormInterfederationResponse(authdata, session, extractor, oaParam, req);			
 			
 		} catch (SOAPException e) {
 			throw new BuildException("builder.06", null, e);
@@ -350,7 +350,8 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 			AuthenticationData authData, 
 			AuthenticationSession session, 
 			AssertionAttributeExtractor extractor,
-			IOAAuthParameters oaParam) 
+			IOAAuthParameters oaParam,
+			IRequest req) 
 					throws BuildException, AssertionAttributeExtractorExeption {
 		
 		Logger.debug("Build AuthData from assertion starts ....");
@@ -536,7 +537,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 			}
 			
 			//build OA specific bPK/wbPK information
-			buildOAspecificbPK(oaParam, authData, 
+			buildOAspecificbPK(req, oaParam, authData, 
 					authData.getIdentificationValue(), 
 					authData.getIdentificationType());
 			
@@ -544,7 +545,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 		
 		if (MiscUtil.isEmpty(authData.getBPK())) {
 			Logger.debug("Calcutlate bPK from baseID");
-			buildOAspecificbPK(oaParam, authData, 
+			buildOAspecificbPK(req, oaParam, authData, 
 					authData.getIdentificationValue(), 
 					authData.getIdentificationType());
 			
@@ -845,7 +846,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 	}
 
 	private static void buildAuthDataFormMOASession(AuthenticationData authData, AuthenticationSession session, 
-			IOAAuthParameters oaParam) throws BuildException, ConfigurationException {
+			IOAAuthParameters oaParam, IRequest protocolRequest) throws BuildException, ConfigurationException {
 		
 		IdentityLink identityLink = session.getIdentityLink();
 
@@ -959,7 +960,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 				Logger.trace("Authenticated User is OW: " + mandate.getOWbPK());
 
             } else {
-            	buildOAspecificbPK(oaParam, authData, 
+            	buildOAspecificbPK(protocolRequest, oaParam, authData, 
             			identityLink.getIdentificationValue(), 
             			identityLink.getIdentificationType());
             	
@@ -1003,7 +1004,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 		
 	}		
 	
-	private static void buildOAspecificbPK(IOAAuthParameters oaParam, AuthenticationData authData, String baseID, String baseIDType) throws BuildException  {
+	private static void buildOAspecificbPK(IRequest protocolRequest, IOAAuthParameters oaParam, AuthenticationData authData, String baseID, String baseIDType) throws BuildException  {
 		
         if (oaParam.getBusinessService()) {
             //since we have foreigner, wbPK is not calculated in BKU
@@ -1024,9 +1025,15 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 
             if (baseIDType.equals(Constants.URN_PREFIX_BASEID)) {
                 // only compute bPK if online application is a public service and we have the Stammzahl
-                String bpkBase64 = new BPKBuilder().buildBPK(baseID, oaParam.getTarget());
+            	String target = null;
+            	if (protocolRequest instanceof SAML1RequestImpl)
+            		target = protocolRequest.getTarget();
+            	else
+            		target = oaParam.getTarget();
+            	
+                String bpkBase64 = new BPKBuilder().buildBPK(baseID, target);
                 authData.setBPK(bpkBase64);
-                authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + oaParam.getTarget());
+                authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + target);
             }
 
             Logger.trace("Authenticate user with bPK " + authData.getBPK());           
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
index 2ef8ab5ec..99a7dce89 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
@@ -45,6 +45,9 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.id.moduls.RequestStorage;
+import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol;
 import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
 import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
 import at.gv.egovernment.moa.logging.Logger;
@@ -116,11 +119,15 @@ public class GenerateIFrameTemplateServlet extends AuthServlet {
 			
 			else {
 	    	
-				//load Parameters from config
-		    	String target = oaParam.getTarget();
-
-
-
+				//get Target from config or from request in case of SAML 1				
+				String target = null;
+				IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID);
+				if (MiscUtil.isNotEmpty(pendingReq.getTarget()) && 
+						pendingReq.requestedModule().equals(SAML1Protocol.PATH))
+					target = pendingReq.getTarget();
+				else
+					target = oaParam.getTarget();
+				
 		    	String bkuURL = oaParam.getBKUURL(bkuid);
 		    	if (MiscUtil.isEmpty(bkuURL)) {
 		    		Logger.info("No OA specific BKU defined. Use BKU from default configuration");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
index 67f780b3a..4cdd1db01 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
@@ -83,7 +83,7 @@ public class GetArtifactAction implements IAction {
 				String url = AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/RedirectServlet";
 				url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(oaURL, "UTF-8"));
 				if (!oaParam.getBusinessService())
-					url = addURLParameter(url, PARAM_TARGET, URLEncoder.encode(oaParam.getTarget(), "UTF-8"));
+					url = addURLParameter(url, PARAM_TARGET, URLEncoder.encode(req.getTarget(), "UTF-8"));
 				url = addURLParameter(url, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
 				url = httpResp.encodeRedirectURL(url);
 				
@@ -95,7 +95,7 @@ public class GetArtifactAction implements IAction {
 				String redirectURL = oaURL;		
 				if (!oaParam.getBusinessService()) {
 					redirectURL = addURLParameter(redirectURL, PARAM_TARGET,
-					URLEncoder.encode(oaParam.getTarget(), "UTF-8"));
+					URLEncoder.encode(req.getTarget(), "UTF-8"));
 
 				}
 				
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index 8f7f17e2e..9934c339d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -132,7 +132,7 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
 		if (!ParamValidatorUtils.isValidOA(oaURL))
 			throw new WrongParametersException("StartAuthentication", PARAM_OA,
 					"auth.12");
-	
+		
 		config.setOAURL(oaURL);
 		
 		Logger.info("Dispatch SAML1 Request: OAURL=" + oaURL);
@@ -156,8 +156,13 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
 					new Object[] { null });
 		}
 		
-		config.setSourceID(sourceID);		
-		config.setTarget(oaParam.getTarget());
+		config.setSourceID(sourceID);
+		if (MiscUtil.isNotEmpty(target))
+			config.setTarget(target);
+		
+		else
+			config.setTarget(oaParam.getTarget());
+			
 				
 		return config;
 	}
-- 
cgit v1.2.3