From fd49902f62d361acb1102024c98c304fac265fa1 Mon Sep 17 00:00:00 2001 From: kstranacher Date: Mon, 28 Nov 2011 15:33:51 +0000 Subject: Update SAML-Assertion (OID, RepresentationType, Konfig-Attribut: provideStammzahl, etc.) git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1232 d688527b-c9ab-4aba-bd8d-4036d912da1d --- .../moa/id/auth/AuthenticationServer.java | 57 +++++++++++++++------- 1 file changed, 39 insertions(+), 18 deletions(-) (limited to 'id/server/idserverlib/src') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index 7caa45347..68e6b950a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -48,6 +48,8 @@ import javax.xml.transform.TransformerException; import org.apache.xpath.XPathAPI; import org.w3c.dom.Document; import org.w3c.dom.Element; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; import org.xml.sax.SAXException; import at.gv.egovernment.moa.id.AuthenticationException; @@ -112,6 +114,7 @@ import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.DateTimeUtils; import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.StringUtils; +import at.gv.egovernment.moa.util.XPathUtils; /** @@ -632,7 +635,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { if (oaParam.getProvideFullMandatorData()) { try { // set extended SAML attributes if provideMandatorData is true - setExtendedSAMLAttributeForMandates(session, mandate, oaParam.getBusinessService()); + setExtendedSAMLAttributeForMandates(session, mandate, oaParam.getBusinessService(), oaParam.getProvideStammzahl()); } catch (SAXException e) { throw new AuthenticationException("auth.16", new Object[] { GET_MIS_SESSIONID}, e); } catch (IOException e) { @@ -1077,11 +1080,11 @@ public class AuthenticationServer implements MOAIDAuthConstants { * @throws SAXException */ private void setExtendedSAMLAttributeForMandates( - AuthenticationSession session, MISMandate mandate, boolean business) + AuthenticationSession session, MISMandate mandate, boolean business, boolean provideStammzahl) throws ValidateException, ConfigurationException, SAXException, IOException, ParserConfigurationException, TransformerException { - ExtendedSAMLAttribute[] extendedSamlAttributes = addExtendedSamlAttributes(mandate, business); + ExtendedSAMLAttribute[] extendedSamlAttributes = addExtendedSamlAttributes(mandate, business, provideStammzahl); AddAdditionalSAMLAttributes(session, extendedSamlAttributes, "MISService", "MISService"); @@ -1241,16 +1244,14 @@ public class AuthenticationServer implements MOAIDAuthConstants { * @throws SAXException * @throws TransformerException */ - private static ExtendedSAMLAttribute[] addExtendedSamlAttributes(MISMandate mandate, boolean business) throws SAXException, IOException, ParserConfigurationException, TransformerException { + private static ExtendedSAMLAttribute[] addExtendedSamlAttributes(MISMandate mandate, boolean business, boolean provideStammzahl) throws SAXException, IOException, ParserConfigurationException, TransformerException { Vector extendedSamlAttributes = new Vector(); extendedSamlAttributes.clear(); //extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_RAW, mandate, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); - // RepresentationType - extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_REPRESENTATIONTYPE, ParepValidator.EXT_SAML_MANDATE_REPRESENTATIONTEXT, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); // Name Element domMandate = mandateToElement(mandate); @@ -1261,18 +1262,19 @@ public class AuthenticationServer implements MOAIDAuthConstants { Element mandator = (Element) XPathAPI.selectSingleNode(domMandate, "//md:Mandate/md:Mandator", nameSpaceNode); // first check if physical person - Element name = (Element) XPathAPI.selectSingleNode(mandator, "descendant-or-self::pr:Name/pr:GivenName", nameSpaceNode); - String mandatorname = ParepUtils.extractMandatorName(mandator); + //Element name = (Element) XPathAPI.selectSingleNode(mandator, "descendant-or-self::pr:Name/pr:GivenName", nameSpaceNode); + //String mandatorname = ParepUtils.extractMandatorName(mandator); - extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_NAME, mandatorname, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); + //extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_NAME, mandatorname, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); // Geburtsdatum - String dob = ParepUtils.extractMandatorDateOfBirth(mandator); - if (dob != null && !"".equals(dob)) { - extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_DOB, dob, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); - } + //String dob = ParepUtils.extractMandatorDateOfBirth(mandator); + //if (dob != null && !"".equals(dob)) { + // extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_DOB, dob, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); + //} // Mandate extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_RAW, domMandate, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); + // (w)bpk String wbpk = ParepUtils.extractMandatorWbpk(mandator); @@ -1288,11 +1290,11 @@ public class AuthenticationServer implements MOAIDAuthConstants { } } - String oid = mandate.getProfRep(); - if (oid != null) { - String oidDescription = mandate.getTextualDescriptionOfOID(); - extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION, oidDescription, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); - } +// String oid = mandate.getProfRep(); +// if (oid != null) { +// String oidDescription = mandate.getTextualDescriptionOfOID(); +// extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION, oidDescription, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); +// } ExtendedSAMLAttribute[] ret = new ExtendedSAMLAttribute[extendedSamlAttributes.size()]; extendedSamlAttributes.copyInto(ret); @@ -1319,6 +1321,10 @@ public class AuthenticationServer implements MOAIDAuthConstants { extendedSamlAttributes.clear(); + // RepresentationType + extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_REPRESENTATIONTYPE, ParepValidator.EXT_SAML_MANDATE_REPRESENTATIONTEXT, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); + + String oid = mandate.getProfRep(); if (oid != null) { @@ -1639,6 +1645,21 @@ public class AuthenticationServer implements MOAIDAuthConstants { Element mandatePerson = tempIdentityLink.getPrPerson(); String mandateData = null; try { + OAAuthParameter oaParam = + AuthConfigurationProvider.getInstance().getOnlineApplicationParameter( + session.getPublicOAURLPrefix()); + boolean provideStammzahl = oaParam.getProvideStammzahl(); + if (!provideStammzahl) { + String isPrPerson = mandatePerson.getAttribute("xsi:type"); + + if (!StringUtils.isEmpty(isPrPerson)) { + if (isPrPerson.equalsIgnoreCase("pr:PhysicalPerson")) { + Node prIdentification = mandatePerson.getFirstChild(); + prIdentification.getFirstChild().setTextContent(""); + } + } + + } mandateData = DOMUtils.serializeNode(mandatePerson); } catch (TransformerException e1) { throw new AuthenticationException("auth.16", new Object[] { GET_MIS_SESSIONID}); -- cgit v1.2.3