From b76b6e6212784d622ca79bd258fa3e529b353346 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 28 Sep 2018 14:19:50 +0200
Subject: add first code for eID4U

---
 .../moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java    | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java')

diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java
index 1788facf0..274a23674 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java
@@ -57,11 +57,14 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
 			ProtocolEngineI engine = SAMLEngineUtils.createSAMLEngine(eIDASMetadataProvider);
 						
 			//validate SAML token
+			//TODO: maybe add whitelist
 			IAuthenticationResponse samlResp = engine.unmarshallResponseAndValidate(decSamlToken, 
 					request.getRemoteHost(), 
 					Constants.CONFIG_PROPS_SKEWTIME_BEFORE, 
 					Constants.CONFIG_PROPS_SKEWTIME_AFTER,
-					pendingReq.getAuthURL() + Constants.eIDAS_HTTP_ENDPOINT_METADATA);
+					pendingReq.getAuthURL() + Constants.eIDAS_HTTP_ENDPOINT_METADATA,
+					null,
+					false);
 												
 			if (samlResp.isEncrypted()) {
 				Logger.info("Received encrypted eIDAS SAML-Response.");
-- 
cgit v1.2.3