From b248f9ddedb23fa27cd59bc46ae0beb4c7d22967 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 4 Feb 2019 07:57:29 +0100
Subject: inject SignerCertificate in SL20 authentication

---
 .../sl20_auth/tasks/VerifyQualifiedeIDTask.java    | 30 ++++++++++++----------
 1 file changed, 16 insertions(+), 14 deletions(-)

(limited to 'id/server/modules/moa-id-module-sl20_authentication/src/main/java')

diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/VerifyQualifiedeIDTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/VerifyQualifiedeIDTask.java
index 6811d1016..0c97641c7 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/VerifyQualifiedeIDTask.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/VerifyQualifiedeIDTask.java
@@ -77,15 +77,20 @@ public class VerifyQualifiedeIDTask extends AbstractAuthServletTask {
 				//validate eID data			
 				QualifiedeIDVerifier.verifyIdentityLink(idl, 
 						pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class), 
-						(AuthConfiguration) authConfig);
+						(AuthConfiguration) authConfig);				
+				revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_IDL_VALIDATED);
 				
+				
+				//validate AuthBlock
 				authBlockVerificationResult = QualifiedeIDVerifier.verifyAuthBlock(
 							authBlockB64, 
 							pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class), 
 							(AuthConfiguration) authConfig);
-				
+
 				QualifiedeIDVerifier.checkConsistencyOfeIDData(sl20ReqId, idl, authBlockExtractor, authBlockVerificationResult);
-			
+				revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_AUTHBLOCK_VALIDATED);
+								
+
 				//TODO: add LoA verification
 				
 			} catch (MOAIDException e) {
@@ -97,24 +102,21 @@ public class VerifyQualifiedeIDTask extends AbstractAuthServletTask {
 					throw e;
 				
 			}
-			
-			revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_IDL_VALIDATED);
-			revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_AUTHBLOCK_VALIDATED);
-			
-			
-			
+						
 			//add into session
 			AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);			
 			moasession.setIdentityLink(idl);
 			moasession.setBkuURL(ccsURL);
-			//TODO: from AuthBlock
-			if (authBlockVerificationResult != null)
+			moasession.setQAALevel(LoA);
+			
+			if (authBlockVerificationResult != null) {
 				moasession.setIssueInstant(DateTimeUtils.buildDateTimeUTC(authBlockVerificationResult.getSigningDateTime()));
-			else
+				moasession.setSignerCertificate(authBlockVerificationResult.getX509certificate());
+			
+			} else
 				moasession.setIssueInstant(DateTimeUtils.buildDateTimeUTC(Calendar.getInstance()));
 			
-			moasession.setQAALevel(LoA);
-
+			
 			//store pending request
 			requestStoreage.storePendingRequest(pendingReq);
 						
-- 
cgit v1.2.3


From 19613c89cb1e4680af4dde6c623c42cd00c65f8a Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 18 Feb 2019 08:31:36 +0100
Subject: set UTF-8 encoding as default add additional trace logging

---
 .../moa/id/configuration/config/ConfigurationProvider.java   |  3 +++
 .../at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java  | 12 +++---------
 .../interceptor/UniqueSessionIdentifierInterceptor.java      |  7 ++++++-
 .../moa/id/auth/modules/sl20_auth/SL20SignalServlet.java     |  1 +
 4 files changed, 13 insertions(+), 10 deletions(-)

(limited to 'id/server/modules/moa-id-module-sl20_authentication/src/main/java')

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
index 41a86cef2..39cd0980b 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
@@ -111,6 +111,9 @@ public class ConfigurationProvider {
 		
 	private void inizialize() throws ConfigurationException {
 		
+		log.info("Set SystemProperty for UTF-8 file.encoding as default");
+		System.setProperty("file.encoding", "UTF-8");
+		
 		configFileName = System.getProperty(SYSTEM_PROP_CONFIG);
 		
 	    if (configFileName == null) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
index 66093b851..a35b45af2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
@@ -63,10 +63,8 @@ public class MOAIDAuthInitializer {
      */
     public static void initialize(GenericWebApplicationContext rootContext) throws ConfigurationException,
             PKIException, IOException, GeneralSecurityException {
-        Logger.setHierarchy("moa.id.auth");
-        Logger.info("Default java file.encoding: "
-                + System.getProperty("file.encoding"));
-
+        Logger.info("Set SystemProperty for UTF-8 file.encoding as default");
+		System.setProperty("file.encoding", "UTF-8");
                 
         //JDK bug workaround according to:
         // http://jce.iaik.tugraz.at/products/03_cms/faq/index.php#JarVerifier
@@ -149,11 +147,7 @@ public class MOAIDAuthInitializer {
              throw new ConfigurationException("config.10", new Object[] { e
                       .toString() }, e);
 		}
-        	        	
-				
-        //IAIK.addAsProvider();                
-        //ECCProvider.addAsProvider();
-        
+        	        				        
         Security.insertProviderAt(IAIK.getInstance(), 0);
         
         ECCelerate eccProvider = ECCelerate.getInstance();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/UniqueSessionIdentifierInterceptor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/UniqueSessionIdentifierInterceptor.java
index 5aa3a691f..791aa51b7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/UniqueSessionIdentifierInterceptor.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/UniqueSessionIdentifierInterceptor.java
@@ -38,6 +38,7 @@ import at.gv.egiz.eaaf.core.impl.utils.Random;
 import at.gv.egiz.eaaf.core.impl.utils.TransactionIDUtils;
 import at.gv.egovernment.moa.id.moduls.SSOManager;
 import at.gv.egovernment.moa.util.MiscUtil;
+import at.gv.egovernment.moaspss.logging.Logger;
 
 /**
  * @author tlenz
@@ -58,6 +59,8 @@ public class UniqueSessionIdentifierInterceptor implements HandlerInterceptor {
 		
 		String uniqueSessionIdentifier = null;
 		
+		Logger.trace("PreProcess req. in " + UniqueSessionIdentifierInterceptor.class.getName());
+		
 		//if SSOManager is available, search SessionIdentifier in SSO session
 		if (ssomanager != null) {
 			String ssoId = ssomanager.getSSOSessionID(request);			
@@ -78,8 +81,10 @@ public class UniqueSessionIdentifierInterceptor implements HandlerInterceptor {
 		}
 		
 		//if NO SSOSession and no PendingRequest create new SessionIdentifier
-		if (StringUtils.isEmpty(uniqueSessionIdentifier))
+		if (StringUtils.isEmpty(uniqueSessionIdentifier)) {
 			uniqueSessionIdentifier = Random.nextHexRandom16();
+			Logger.debug("Set new UniqueSessionIdentifier: " + uniqueSessionIdentifier);
+		}
 		
 		TransactionIDUtils.setSessionId(uniqueSessionIdentifier);		
 		request.setAttribute(EAAFConstants.UNIQUESESSIONIDENTIFIER, uniqueSessionIdentifier);		
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20SignalServlet.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20SignalServlet.java
index 87e9e933d..a8c4a941e 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20SignalServlet.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20SignalServlet.java
@@ -55,6 +55,7 @@ public class SL20SignalServlet extends AbstractProcessEngineSignalController {
 							}, 
 					method = {RequestMethod.POST, RequestMethod.GET})
 	public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+		Logger.trace("Receive req. on SL2.0 servlet with pendingReqId ... ");		
 		signalProcessManagement(req, resp);
 	}
 	
-- 
cgit v1.2.3