From b248f9ddedb23fa27cd59bc46ae0beb4c7d22967 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 4 Feb 2019 07:57:29 +0100 Subject: inject SignerCertificate in SL20 authentication --- .../sl20_auth/tasks/VerifyQualifiedeIDTask.java | 30 ++++++++++++---------- 1 file changed, 16 insertions(+), 14 deletions(-) (limited to 'id/server/modules/moa-id-module-sl20_authentication/src/main/java') diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/VerifyQualifiedeIDTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/VerifyQualifiedeIDTask.java index 6811d1016..0c97641c7 100644 --- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/VerifyQualifiedeIDTask.java +++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/VerifyQualifiedeIDTask.java @@ -77,15 +77,20 @@ public class VerifyQualifiedeIDTask extends AbstractAuthServletTask { //validate eID data QualifiedeIDVerifier.verifyIdentityLink(idl, pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class), - (AuthConfiguration) authConfig); + (AuthConfiguration) authConfig); + revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_IDL_VALIDATED); + + //validate AuthBlock authBlockVerificationResult = QualifiedeIDVerifier.verifyAuthBlock( authBlockB64, pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class), (AuthConfiguration) authConfig); - + QualifiedeIDVerifier.checkConsistencyOfeIDData(sl20ReqId, idl, authBlockExtractor, authBlockVerificationResult); - + revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_AUTHBLOCK_VALIDATED); + + //TODO: add LoA verification } catch (MOAIDException e) { @@ -97,24 +102,21 @@ public class VerifyQualifiedeIDTask extends AbstractAuthServletTask { throw e; } - - revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_IDL_VALIDATED); - revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_AUTHBLOCK_VALIDATED); - - - + //add into session AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class); moasession.setIdentityLink(idl); moasession.setBkuURL(ccsURL); - //TODO: from AuthBlock - if (authBlockVerificationResult != null) + moasession.setQAALevel(LoA); + + if (authBlockVerificationResult != null) { moasession.setIssueInstant(DateTimeUtils.buildDateTimeUTC(authBlockVerificationResult.getSigningDateTime())); - else + moasession.setSignerCertificate(authBlockVerificationResult.getX509certificate()); + + } else moasession.setIssueInstant(DateTimeUtils.buildDateTimeUTC(Calendar.getInstance())); - moasession.setQAALevel(LoA); - + //store pending request requestStoreage.storePendingRequest(pendingReq); -- cgit v1.2.3