From ffb4fc9f4ff9e1779ae4da8017fc686881a3e8ae Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 18 Feb 2019 08:30:49 +0100 Subject: add 'Austrian eID' demo-mode to simulate attribute behavior from 2020 --- .../protocols/saml1/SAML1AuthenticationServer.java | 38 +++++++++++++++++++++- 1 file changed, 37 insertions(+), 1 deletion(-) (limited to 'id/server/modules/moa-id-modules-saml1') diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java index c8f01f67d..23d214d3e 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java @@ -71,7 +71,11 @@ import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.data.MOAAuthenticationData; +import at.gv.egovernment.moa.id.protocols.builder.attributes.BPKListAttributeBuilder; +import at.gv.egovernment.moa.id.protocols.builder.attributes.EncryptedBPKAttributeBuilder; +import at.gv.egovernment.moa.id.protocols.builder.attributes.SimpleStringAttributeGenerator; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; @@ -338,7 +342,39 @@ public class SAML1AuthenticationServer extends AuthenticationServer { ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); } - + + //add additional bPKs and foreign bPKs in case of Austrian eID demo-mode + if (Boolean.parseBoolean( + oaParam.getConfigurationValue( + MOAIDConfigurationConstants.SERVICE_AUTH_AUSTRIAN_EID_DEMO_MODE, + String.valueOf(false)))) { + Logger.info("Demo-mode for 'New Austrian eID' is active. Add additonal attributes ... "); + + if (oaAttributes == null) + oaAttributes = new ArrayList(); + + String additionalBpks = new BPKListAttributeBuilder().build( + oaParam, + authData, + new SimpleStringAttributeGenerator()); + Logger.trace("Adding additional bPKs: " + additionalBpks + " as attribute into SAML1 assertion ... "); + oaAttributes.add(new ExtendedSAMLAttributeImpl( + PVPAttributeDefinitions.BPK_LIST_FRIENDLY_NAME, additionalBpks, + Constants.MOA_NS_URI, + ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); + + String encryptedBpks = new EncryptedBPKAttributeBuilder().build( + oaParam, + authData, + new SimpleStringAttributeGenerator()); + Logger.trace("Adding foreign bPKs: " + encryptedBpks + " as attribute into SAML1 assertion ... "); + oaAttributes.add(new ExtendedSAMLAttributeImpl( + PVPAttributeDefinitions.ENC_BPK_LIST_FRIENDLY_NAME, encryptedBpks, + Constants.MOA_NS_URI, + ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); + + } + String samlAssertion = null; //add mandate info's if (authData.isUseMandate()) { -- cgit v1.2.3