From 6643ced716ab24bf270c27dfb6d8876fd52358cb Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Thu, 8 Feb 2018 10:31:45 +0100
Subject: fix bug in AuthBlock processing if no bPK is included

---
 .../id/auth/builder/AuthenticationBlockAssertionBuilder.java | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

(limited to 'id/server/modules')

diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
index 80702795b..bc28d4f0e 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
@@ -228,8 +228,13 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion
       String usedwbPKbPKNamespaceDeclaration = org.apache.commons.lang3.StringUtils.EMPTY;
 	  String publicSectorIdOrwbPK = org.apache.commons.lang3.StringUtils.EMPTY;
 
-	 	  
-	  if (!sectorSpecificUniqueIdType.startsWith(MOAIDAuthConstants.PREFIX_CDID)) {
+	  if (MiscUtil.isEmpty(sectorSpecificUniqueIdType) 
+			  && MiscUtil.isEmpty(sectorSpecificUniqueId) ) {
+		  //bPK or wbPK is not provided --> SAML attribute is not needed
+		  session.setSAMLAttributeGebeORwbpk(false);
+		  Logger.trace("No bPK or TargetIdentifier --> do not set bPK or Target into AuthBlock");
+		  
+	  } else if (!sectorSpecificUniqueIdType.startsWith(MOAIDAuthConstants.PREFIX_CDID)) {
 		  //service provider has not an sector Id from Austrian public-domain --> build AuthBlock like a wbPK
 		 
 		  if (!Constants.URN_PREFIX_HPI.equals(sectorSpecificUniqueIdType)) {
@@ -247,7 +252,8 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion
 			  // We do not have a wbPK, therefore no SAML-Attribute is provided
 			  session.setSAMLAttributeGebeORwbpk(false);
 			  
-		  }      
+		  }
+		  
 	  } else {		  
 		  // OA is a govermental application
 		  
-- 
cgit v1.2.3