From b3aa8b6d444e7dee51e1145e3192b191ae24b1d4 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 23 Jun 2016 10:16:46 +0200
Subject: fix some problems in eIDAS module

---
 .../modules/eidas/tasks/CreateIdentityLinkTask.java   |  9 +++++++--
 .../moa/id/protocols/eidas/EIDASProtocol.java         |  6 ++++--
 .../protocols/eidas/eIDASAuthenticationRequest.java   | 19 +++++++++++--------
 3 files changed, 22 insertions(+), 12 deletions(-)

(limited to 'id/server/modules')

diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java
index 5d7430dd7..a56e6c3cd 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java
@@ -87,12 +87,17 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
 			    // replace data
 	            Element idlassertion = identityLink.getSamlAssertion();
 	            
-	            // - set bpk/wpbk;
+	            // - set fake baseID;
 		        Node prIdentification = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH);		        		        
 		        if(!eIDASAttributes.containsKey(Constants.eIDAS_ATTR_PERSONALIDENTIFIER))
 		        	throw new eIDASAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
-		        String eIdentifier = eIDASAttributes.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER).getValue().get(0);
+		        String eIdentifier = eIDASAttributes.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER).getValue().get(0);		        		        		        
 		        prIdentification.getFirstChild().setNodeValue(eIdentifier);
+		        
+		        //build personal identifier which looks like a baseID		        
+//		        String fakeBaseID = new BPKBuilder().buildBPK(eIdentifier, "baseID");
+//		        Logger.info("Map eIDAS eIdentifier:" + eIdentifier + " to fake baseID:" + fakeBaseID);
+//		        prIdentification.getFirstChild().setNodeValue(fakeBaseID);
 
 		        // - set last name
 		        Node prFamilyName = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_FAMILY_NAME_XPATH);
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
index 85fb1626f..fc935e2ef 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
@@ -169,9 +169,11 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController {
 			Logger.warn("No eIDAS SAMLRequest found in http request.");
 			throw new MOAIDException("HTTP request includes no eIDAS SAML-Request element.", null);
 		}						
-		byte[] decSamlToken = EIDASUtil.decodeSAMLToken(base64SamlToken);	
-
+			
 		try {
+			//decode SAML2 token
+			byte[] decSamlToken = EIDASUtil.decodeSAMLToken(base64SamlToken);
+			
 			//get eIDAS SAML-engine
 			EIDASSAMLEngine engine = SAMLEngineUtils.createSAMLEngine(eIDASMetadataProvider);
 
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java
index 8289e18d2..2beb419fb 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java
@@ -49,6 +49,7 @@ import at.gv.egovernment.moa.id.data.IAuthData;
 import at.gv.egovernment.moa.id.data.SLOInformationInterface;
 import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
 import eu.eidas.auth.commons.EIDASAuthnResponse;
 import eu.eidas.auth.commons.EIDASStatusCode;
 import eu.eidas.auth.commons.EIDASUtil;
@@ -87,20 +88,21 @@ public class eIDASAuthenticationRequest implements IAction {
 			
 			// TODO make use of proper builder
 			switch(current.getKey()) {
-			case Constants.eIDAS_ATTR_DATEOFBIRTH: newValue = new SimpleDateFormat("YYYY-MM-dd").format(authData.getDateOfBirth()); break;
-			case Constants.eIDAS_ATTR_CURRENTFAMILYNAME: newValue = authData.getFamilyName();break;
-			case Constants.eIDAS_ATTR_CURRENTGIVENNAME: newValue = authData.getGivenName();break;
-			
-			//TODO: change bPK builder !!!!!!
-			case Constants.eIDAS_ATTR_PERSONALIDENTIFIER: newValue = authData.getBPK(); break;
+				case Constants.eIDAS_ATTR_DATEOFBIRTH: newValue = new SimpleDateFormat("YYYY-MM-dd").format(authData.getDateOfBirth()); break;
+				case Constants.eIDAS_ATTR_CURRENTFAMILYNAME: newValue = authData.getFamilyName();break;
+				case Constants.eIDAS_ATTR_CURRENTGIVENNAME: newValue = authData.getGivenName();break;			
+				case Constants.eIDAS_ATTR_PERSONALIDENTIFIER: newValue = authData.getBPK(); break;
+				
 			}
 			
-			if("".equals(newValue))
+			if(MiscUtil.isEmpty(newValue))
 				current.getValue().setStatus(EIDASStatusCode.STATUS_NOT_AVAILABLE.toString());
+			
 			else {
 				current.getValue().getValue().clear();
 				current.getValue().getValue().add(newValue);
 				current.getValue().setStatus(EIDASStatusCode.STATUS_AVAILABLE.toString());
+				
 			}
 		}
 		
@@ -138,8 +140,9 @@ public class eIDASAuthenticationRequest implements IAction {
 			
 			token = EIDASUtil.encodeSAMLToken(response.getTokenSaml());
 			
-		} catch(Exception e) {
+		} catch(Exception e) {			
 			e.printStackTrace();
+			
 		}
 		
 		revisionsLogger.logEvent(req, Constants.eIDAS_REVERSIONSLOG_IDP_AUTHREQUEST);
-- 
cgit v1.2.3