From bf49d6489758c29f5ddd2279bdd64695651912f7 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 19 Jan 2016 06:55:20 +0100 Subject: fix problem with STORK citizen country-code selector --- .../tasks/CreateStorkAuthRequestFormTask.java | 49 +++++++++++----------- 1 file changed, 25 insertions(+), 24 deletions(-) (limited to 'id/server/modules/module-stork/src') diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java index ad1df27da..138776976 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java @@ -1,6 +1,6 @@ package at.gv.egovernment.moa.id.auth.modules.stork.tasks; -import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*; +import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_SESSIONID; import java.io.IOException; import java.io.StringWriter; @@ -17,7 +17,6 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.io.IOUtils; -import org.apache.commons.lang.StringEscapeUtils; import org.apache.commons.lang3.BooleanUtils; import org.apache.commons.lang3.StringUtils; import org.apache.velocity.Template; @@ -27,22 +26,8 @@ import org.opensaml.common.IdentifierGenerator; import org.opensaml.common.impl.SecureRandomIdentifierGenerator; import org.w3c.dom.DOMException; -import eu.stork.oasisdss.api.AdditionalProfiles; -import eu.stork.oasisdss.api.ApiUtils; -import eu.stork.oasisdss.api.Profiles; -import eu.stork.oasisdss.api.QualityLevels; -import eu.stork.oasisdss.api.SignatureTypes; -import eu.stork.oasisdss.api.exceptions.ApiUtilsException; -import eu.stork.oasisdss.profile.AnyType; -import eu.stork.oasisdss.profile.DocumentType; -import eu.stork.oasisdss.profile.SignRequest; -import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; - +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer; import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; @@ -51,7 +36,6 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; - import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; @@ -59,9 +43,6 @@ import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.config.stork.CPEPS; import at.gv.egovernment.moa.id.config.stork.STORKConfig; import at.gv.egovernment.moa.id.config.stork.StorkAttribute; - -import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; -import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.moduls.RequestStorage; import at.gv.egovernment.moa.id.process.api.ExecutionContext; @@ -69,6 +50,21 @@ import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.id.util.VelocityProvider; import at.gv.egovernment.moa.logging.Logger; +import eu.stork.oasisdss.api.AdditionalProfiles; +import eu.stork.oasisdss.api.ApiUtils; +import eu.stork.oasisdss.api.Profiles; +import eu.stork.oasisdss.api.QualityLevels; +import eu.stork.oasisdss.api.SignatureTypes; +import eu.stork.oasisdss.api.exceptions.ApiUtilsException; +import eu.stork.oasisdss.profile.AnyType; +import eu.stork.oasisdss.profile.DocumentType; +import eu.stork.oasisdss.profile.SignRequest; +import eu.stork.peps.auth.commons.PEPSUtil; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; /** * Creates a SAML2 STORK authentication request, embeds it in a form (in order to satisfy saml post binging) and returns the form withing the HttpServletResponse.

@@ -118,6 +114,8 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask { sessionID = (String) executionContext.get(PARAM_SESSIONID); pendingRequestID = (String) executionContext.get("pendingRequestID"); + String ccc = (String) executionContext.get("CCC"); + // check parameter if (!ParamValidatorUtils.isValidSessionID(sessionID)) { @@ -126,7 +124,7 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask { AuthenticationSession moasession = BaseAuthenticationServer.getSession(sessionID); IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID); - if (StringUtils.isEmpty(moasession.getCcc())) { + if (StringUtils.isEmpty(ccc)) { // illegal state; task should not have been executed without a selected country throw new AuthenticationException("stork.22", new Object[] { sessionID }); @@ -140,10 +138,13 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask { // STORK authentication // cpeps cannot be null - CPEPS cpeps = storkConfig.getCPEPS(moasession.getCcc()); + CPEPS cpeps = storkConfig.getCPEPS(ccc); Logger.debug("Found C-PEPS configuration for citizen of country: " + moasession.getCcc()); executionContext.put(PROCESS_CTX_KEY_CPEPS_ISXMLSIGSUPPORTED, cpeps.isXMLSignatureSupported()); + //add selected Country-Code to MOASession DAO + moasession.setCcc(ccc); + Logger.info("Starting STORK authentication for a citizen of country: " + moasession.getCcc()); startSTORKAuthentication(req, resp, moasession, pendingReq); -- cgit v1.2.3