From f21e806fb7f377ba89f2e4b168fe5945f1ea1668 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 16 Nov 2016 15:31:51 +0100 Subject: fix bug in eIDAS SAML-engine: generate metadata extensions element from wrong schema definition --- .../id/auth/modules/eidas/utils/MOAeIDASMetadataGenerator.java | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'id/server/modules/moa-id-module-eIDAS') diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAeIDASMetadataGenerator.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAeIDASMetadataGenerator.java index 09c3dff38..ab41c2369 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAeIDASMetadataGenerator.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAeIDASMetadataGenerator.java @@ -35,6 +35,7 @@ import org.joda.time.DurationFieldType; import org.opensaml.Configuration; import org.opensaml.common.xml.SAMLConstants; import org.opensaml.saml2.common.Extensions; +import org.opensaml.saml2.common.impl.ExtensionsBuilder; import org.opensaml.saml2.core.Attribute; import org.opensaml.saml2.core.AttributeValue; import org.opensaml.saml2.metadata.AssertionConsumerService; @@ -514,7 +515,14 @@ public class MOAeIDASMetadataGenerator extends MetadataGenerator { } private Extensions generateExtensions() throws EIDASSAMLEngineException { - Extensions eidasExtensions = BuilderFactoryUtil.generateExtension(); + /**FIXME: BuilderFactoryUtil.generateExtension() generates extensions from SAML2 request namespace + * but SAML2 metadata namespace is required + **/ + //Extensions eidasExtensions = BuilderFactoryUtil.generateExtension(); + + ExtensionsBuilder extensionsBuilder = new ExtensionsBuilder(); + Extensions eidasExtensions = extensionsBuilder.buildObject("urn:oasis:names:tc:SAML:2.0:metadata", "Extensions", "md"); + if (params.getAssuranceLevel() != null) { generateLoA(eidasExtensions); } -- cgit v1.2.3