From 1d813a6b91f22fdf53098cc1f0ba59b81f3c5c98 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 20 Aug 2014 11:21:11 +0200 Subject: add SAML1 'PersonData' attribute builder if no identitylink is available --- .../moa/id/auth/MOAIDAuthConstants.java | 1 + .../protocols/saml1/SAML1AuthenticationServer.java | 93 ++++++++++++++++++---- 2 files changed, 78 insertions(+), 16 deletions(-) (limited to 'id/server') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java index 4cec99b9a..db8b4dd80 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java @@ -164,5 +164,6 @@ public interface MOAIDAuthConstants { } }); + public static final String REGEX_PATTERN_TARGET = "^[A-Za-z]{2}(-.*)?$"; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java index fe0d27804..7d3c72630 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java @@ -22,15 +22,22 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.saml1; +import java.io.ByteArrayOutputStream; import java.io.IOException; import java.util.List; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.Marshaller; +import javax.xml.namespace.QName; import javax.xml.parsers.ParserConfigurationException; import javax.xml.transform.TransformerException; import org.w3c.dom.Element; import org.xml.sax.SAXException; +import com.sun.xml.bind.marshaller.NamespacePrefixMapper; + import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder; import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; @@ -60,6 +67,11 @@ import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.StringUtils; +import at.gv.util.xsd.persondata.IdentificationType; +import at.gv.util.xsd.persondata.IdentificationType.Value; +import at.gv.util.xsd.persondata.PersonNameType; +import at.gv.util.xsd.persondata.PersonNameType.FamilyName; +import at.gv.util.xsd.persondata.PhysicalPersonType; public class SAML1AuthenticationServer extends AuthenticationServer { @@ -185,26 +197,75 @@ public class SAML1AuthenticationServer extends AuthenticationServer { //set prPersion boolean provideStammzahl = saml1parameter.isProvideStammzahl() || oaParam.getBusinessService(); - String prPerson = new PersonDataBuilder().build(authData.getIdentityLink(), - provideStammzahl); - //set Authblock - String authBlock = saml1parameter.isProvideAUTHBlock() ? authData - .getAuthBlock() : ""; - - //set IdentityLink for assortion + String prPerson = ""; String ilAssertion = ""; - if (saml1parameter.isProvideIdentityLink()) { - ilAssertion = authData.getIdentityLink().getSerializedSamlAssertion(); - - if (!provideStammzahl) - ilAssertion = StringUtils.replaceAll(ilAssertion, authData.getIdentityLink() - .getIdentificationValue(), ""); - } - + if (authData.getIdentityLink() != null) { + prPerson = new PersonDataBuilder().build(authData.getIdentityLink(), + provideStammzahl); - String samlAssertion; + //set IdentityLink for assortion + if (saml1parameter.isProvideIdentityLink()) { + ilAssertion = authData.getIdentityLink().getSerializedSamlAssertion(); + + if (!provideStammzahl) + ilAssertion = StringUtils.replaceAll(ilAssertion, authData.getIdentityLink() + .getIdentificationValue(), ""); + } + } else { + Logger.info("No IdentityLink available! Build attribute 'PersonDate' from givenname, familyname and dateofbirth. "); + PhysicalPersonType person = new PhysicalPersonType(); + PersonNameType name = new PersonNameType(); + person.setName(name); + FamilyName familyName = new FamilyName(); + name.getFamilyName().add(familyName ); + IdentificationType id = new IdentificationType(); + person.getIdentification().add(id ); + Value value = new Value(); + id.setValue(value ); + + id.setType(Constants.URN_PREFIX_BASEID); + value.setValue(""); + familyName.setValue(authData.getFamilyName()); + familyName.setPrimary("undefined"); + name.getGivenName().add(authData.getGivenName()); + person.setDateOfBirth(authData.getFormatedDateOfBirth()); + + JAXBContext jc = JAXBContext.newInstance("at.gv.util.xsd.persondata"); + Marshaller m = jc.createMarshaller(); + m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); + + m.setProperty("com.sun.xml.bind.namespacePrefixMapper", new NamespacePrefixMapper() { + public String getPreferredPrefix(String arg0, String arg1, boolean arg2) { + if (Constants.PD_NS_URI.equals(arg0)) + return Constants.PD_PREFIX; + else + return arg1; + } + }); + + ByteArrayOutputStream stream = new ByteArrayOutputStream(); + m.marshal( + new JAXBElement(new QName(Constants.PD_NS_URI,"Person"), PhysicalPersonType.class, person), + stream); + prPerson = StringUtils.removeXMLDeclaration(new String(stream.toByteArray(), "UTF-8")); + stream.close(); + + + + } + + //set Authblock + String authBlock = ""; + if (authData.getAuthBlock() != null) { + authBlock = saml1parameter.isProvideAUTHBlock() ? authData.getAuthBlock() : ""; + + } else { + Logger.info("\"provideAuthBlock\" is \"true\", but no authblock available"); + + } + String samlAssertion; if (authData.isUseMandate()) { List oaAttributes = authData.getExtendedSAMLAttributesOA(); -- cgit v1.2.3