From 7ae642ec1857d0c796ba21ffcd6b5466285c92af Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 18 Apr 2014 12:48:33 +0200
Subject: create methodes to parse interfederated assertions into authData

---
 .../id/auth/builder/AuthenticationDataBuilder.java | 49 +++++++++++++++++++---
 .../id/storage/AuthenticationSessionStoreage.java  | 20 +++++++++
 2 files changed, 63 insertions(+), 6 deletions(-)

(limited to 'id/server/idserverlib/src')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index 00528f7a1..1e0089a53 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -38,6 +38,8 @@ import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.data.AuthenticationData;
 import at.gv.egovernment.moa.id.data.IAuthData;
 import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption;
+import at.gv.egovernment.moa.id.protocols.pvp2x.utils.AssertionAttributeExtractor;
 import at.gv.egovernment.moa.id.protocols.saml1.SAML1AuthenticationData;
 import at.gv.egovernment.moa.id.protocols.saml1.SAML1RequestImpl;
 import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
@@ -72,12 +74,6 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 
 		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
 			.getOnlineApplicationParameter(oaID);
-
-		 
-		/* TODO: Support Mandate MODE!
-		 * Insert functionality to translate mandates in case of SSO  
-		 */
-		
 		
 		AuthenticationData authdata = null;
 		if (protocolRequest instanceof SAML1RequestImpl) {
@@ -95,6 +91,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 			
 		if (protocolRequest.getInterfederationResponse() != null) {
 			//get attributes from interfederated IDP
+			buildAuthDataFromInterfederationResponse(authdata, session, oaParam, protocolRequest);
 			
 			
 		} else {
@@ -106,6 +103,40 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 		return authdata;								
 	}
 	
+	/**
+	 * @param authdata
+	 * @param session
+	 * @param oaParam
+	 */
+	private static void buildAuthDataFromInterfederationResponse(
+			AuthenticationData authdata, AuthenticationSession session,
+			OAAuthParameter oaParam, IRequest req) {
+
+		try {
+			AssertionAttributeExtractor extract = 
+					new AssertionAttributeExtractor(req.getInterfederationResponse().getResponse());
+		
+			if (oaParam.isInderfederationIDP()) {
+				//only set minimal response attributes
+				authdata.setQAALevel(extract.getQAALevel());
+				authdata.setBPK(extract.getNameID());			
+			
+			} else {
+				//IDP response to service provider 
+				//    --> collect attributes by using BackChannel communication
+			
+				//TODO: get protocol specific requested attributes
+				
+				
+			
+			}
+			 
+		} catch (AssertionAttributeExtractorExeption e) {
+			Logger.error("Build authData from interfederated PVP2.1 assertion FAILED.", e);
+			
+		}
+	}
+	
 	private static void buildAuthDataFormMOASession(AuthenticationData authData, AuthenticationSession session, 
 			OAAuthParameter oaParam) throws BuildException {
 
@@ -147,6 +178,12 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 
 			authData.setSsoSession(AuthenticationSessionStoreage.isSSOSession(session.getSessionID()));
 			
+			
+			/* TODO: Support SSO Mandate MODE!
+			 * Insert functionality to translate mandates in case of SSO  
+			 */
+
+			
 			MISMandate mandate = session.getMISMandate();
 			authData.setMISMandate(mandate);
 			authData.setUseMandate(session.getUseMandate());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
index 69167c75d..e18d9786d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
@@ -154,6 +154,26 @@ public class AuthenticationSessionStoreage {
 		return id;
 	}
 	
+	public static void setInterfederationAttributCollectorUsed(AuthenticationSession session, String idpID) throws MOADatabaseException {				
+		AuthenticatedSessionStore dbsession = searchInDatabase(session.getSessionID());
+		List<InterfederationSessionStore> idpList = dbsession.getInderfederation();
+		for (InterfederationSessionStore idp : idpList) {
+			if (idp.getIdpurlprefix().endsWith(idpID))
+				idp.setAttributesRequested(true);			
+		}
+		
+		//store AssertionStore element to Database
+		try {
+			MOASessionDBUtils.saveOrUpdate(dbsession);
+			Logger.info("MOASession with sessionID=" + session.getSessionID() 
+					+ " is stored in Database");
+			
+		} catch (MOADatabaseException e) {
+			Logger.warn("MOASession could not stored.",e);
+			throw e;
+		}
+	}
+	
 	
 	public static void storeSession(AuthenticationSession session) throws MOADatabaseException, BuildException {
 		
-- 
cgit v1.2.3