From cd5cef47db73c85cbb2defdec3b283655fdc859b Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 5 Jun 2018 10:46:41 +0200
Subject: update SL20 implementation

---
 .../validator/VerifyXMLSignatureResponseValidator.java |  7 ++++---
 .../moa/id/moduls/AuthenticationManager.java           | 18 +++++++++++-------
 .../pvp2x/utils/AssertionAttributeExtractor.java       |  1 -
 3 files changed, 15 insertions(+), 11 deletions(-)

(limited to 'id/server/idserverlib/src')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
index 832aa58c6..407454c2a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
@@ -57,12 +57,12 @@ import java.util.Set;
 import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
 import at.gv.egovernment.moa.id.auth.exception.ValidateException;
 import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
 import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
 import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink;
 import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse;
 import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
 import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
 import at.gv.egovernment.moa.logging.Logger;
 import iaik.asn1.structures.Name;
 import iaik.security.ec.common.ECPublicKey;
@@ -113,7 +113,8 @@ public class VerifyXMLSignatureResponseValidator {
   public void validate(IVerifiyXMLSignatureResponse verifyXMLSignatureResponse,
                        List<String> identityLinkSignersSubjectDNNames, 
                        String whatToCheck,
-                       IOAAuthParameters oaParam)
+                       IOAAuthParameters oaParam,
+                       AuthConfiguration authConfig)
     throws ValidateException, ConfigurationException {
 
     if (verifyXMLSignatureResponse.getSignatureCheckCode() != 0)
@@ -140,7 +141,7 @@ public class VerifyXMLSignatureResponseValidator {
     }
     
     //check QC 
-    if (AuthConfigurationProviderFactory.getInstance().isCertifiacteQCActive() &&
+    if (authConfig.isCertifiacteQCActive() &&
     		!whatToCheck.equals(CHECK_IDENTITY_LINK) &&
     		!verifyXMLSignatureResponse.isQualifiedCertificate()) {
     	    	
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index a24683545..e093ce1e2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -317,9 +317,10 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 	 * @param httpReqParam http parameter name, but never null
 	 */
 	public void addParameterNameToWhiteList(String httpReqParam) {
-		if (MiscUtil.isNotEmpty(httpReqParam))
-			reqParameterWhiteListeForModules.add(httpReqParam);
-		
+		if (MiscUtil.isNotEmpty(httpReqParam)) {
+			if (!reqParameterWhiteListeForModules.contains(httpReqParam))
+				reqParameterWhiteListeForModules.add(httpReqParam);
+		}
 	}
 	
 	/**
@@ -328,8 +329,11 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 	 * @param httpReqParam http header name, but never null
 	 */
 	public void addHeaderNameToWhiteList(String httpReqParam) {
-		if (MiscUtil.isNotEmpty(httpReqParam))
-			reqHeaderWhiteListeForModules.add(httpReqParam.toLowerCase());
+		if (MiscUtil.isNotEmpty(httpReqParam)) {
+			if (!reqHeaderWhiteListeForModules.contains(httpReqParam.toLowerCase()))
+				reqHeaderWhiteListeForModules.add(httpReqParam.toLowerCase());
+			
+		}
 		
 	}
 	
@@ -439,8 +443,8 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 			while(reqHeaderNames.hasMoreElements()) { 
 				String paramName = reqHeaderNames.nextElement();
 				if (MiscUtil.isNotEmpty(paramName) && reqHeaderWhiteListeForModules.contains(paramName.toLowerCase()) ) {
-					executionContext.put(paramName, 
-							StringEscapeUtils.escapeHtml(httpReq.getHeader(paramName)));				
+					executionContext.put(paramName.toLowerCase(), 
+							StringEscapeUtils.escapeHtml(httpReq.getHeader(paramName.toLowerCase())));				
 				}
 			}			
 		}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java
index 5b1d952ff..4a0cec6e4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java
@@ -309,7 +309,6 @@ public class AssertionAttributeExtractor {
 	}
 	
 	private void internalInitialize() {
-		internalInitialize();
 		if (assertion.getAttributeStatements() != null &&
 				assertion.getAttributeStatements().size() > 0) {
 			AttributeStatement attrStat = assertion.getAttributeStatements().get(0);
-- 
cgit v1.2.3