From 5f01c76acc4bcb0539f3de39b3e38e0bd25e336f Mon Sep 17 00:00:00 2001
From: Alexander Marsalek <amarsalek@iaik.tugraz.at>
Date: Tue, 8 Jul 2014 14:58:58 +0200
Subject: szrg connector now extracts signature form Signresponse

---
 .../PEPSConnectorWithLocalSigningServlet.java      |  8 +--
 .../moa/id/auth/stork/STORKResponseProcessor.java  | 78 ++++++++++++++++------
 2 files changed, 61 insertions(+), 25 deletions(-)

(limited to 'id/server')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
index 129494cbe..bf2df9d7a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
@@ -205,15 +205,15 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
 			moaSession.setXMLVerifySignatureResponse(tmp);
 			try{
 				IPersonalAttributeList personalAttributeList = moaSession.getAuthnResponseGetPersonalAttributeList();
-				//Add signResponse
+				//Add SignResponse   TODO Add signature (extracted from signResponse)?
 				List<String> values = new ArrayList<String>();
-				//values.add(signResponseString);
-				values.add(citizenSignature);
+				values.add(signResponseString);
+//				values.add(citizenSignature);
 				Logger.debug("Assembling signedDoc attribute");
 				PersonalAttribute signedDocAttribute = new PersonalAttribute("signedDoc", false, values,
 						"Available");
 				personalAttributeList.add(signedDocAttribute);
-
+				
 				String authnContextClassRef = moaSession.getAuthnContextClassRef();
 				SZRGInsertion(moaSession, personalAttributeList, authnContextClassRef);
 			} catch (STORKException e) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
index 46fd06741..5d7eefe0a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
@@ -26,28 +26,19 @@
 package at.gv.egovernment.moa.id.auth.stork;
 
 import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
 import java.util.List;
 import java.util.Vector;
 
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.xml.namespace.QName;
+import javax.activation.DataSource;
+import javax.xml.transform.Source;
+import javax.xml.transform.TransformerConfigurationException;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactoryConfigurationError;
+import javax.xml.transform.stream.StreamSource;
 
-import org.opensaml.common.binding.BasicSAMLMessageContext;
-import org.opensaml.saml2.binding.decoding.HTTPPostDecoder;
-import org.opensaml.saml2.core.Assertion;
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.ws.transport.http.HTTPInTransport;
-import org.opensaml.ws.transport.http.HTTPOutTransport;
-import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
-import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.schema.XSAny;
-import org.opensaml.xml.schema.XSString;
-import org.opensaml.xml.util.Base64;
-import org.opensaml.xml.util.XMLHelper;
-import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
+import org.apache.commons.io.IOUtils;
 
 import at.gv.egovernment.moa.id.auth.AuthenticationServer;
 import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
@@ -57,12 +48,16 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.exception.ParseException;
 import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
 import at.gv.egovernment.moa.id.client.SZRGWClientException;
-import at.gv.egovernment.moa.id.util.XMLUtil;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Constants;
 import at.gv.egovernment.moa.util.DateTimeUtils;
 import at.gv.egovernment.moa.util.StringUtils;
 import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse;
+import eu.stork.oasisdss.api.ApiUtils;
+import eu.stork.oasisdss.api.LightweightSourceResolver;
+import eu.stork.oasisdss.api.exceptions.ApiUtilsException;
+import eu.stork.oasisdss.api.exceptions.UtilsException;
+import eu.stork.oasisdss.profile.SignResponse;
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.PersonalAttribute;
 
@@ -142,7 +137,13 @@ public class STORKResponseProcessor {
 			Logger.trace("Starting call...");
 
 			// if there is no signedDoc attribute, we cannot go on
-			String citizenSignature = getAttributeValue("signedDoc", attributeList);
+			String signResponseString = getAttributeValue("signedDoc", attributeList);
+			
+			//Extract signature from SIgnResponse
+			Source response1 = new StreamSource(new java.io.StringReader(signResponseString));
+			SignResponse dssSignResponse = ApiUtils.unmarshal(response1, SignResponse.class);
+			String citizenSignature = getCitizienSignatureFromSignResponse(dssSignResponse);
+			
 			String fiscalNumber = getAttributeValue("fiscalNumber", attributeList, false);
 			
 			// if we have a signedDoc we test for a representation case
@@ -235,7 +236,27 @@ public class STORKResponseProcessor {
 		} catch (ParseException e) {
 			Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
 			throw new MOAIDException("auth.25", null, e);
-			
+		} catch (ApiUtilsException e) {
+			Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
+			throw new MOAIDException("auth.25", null, e);
+		} catch (IllegalArgumentException e) {
+			Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
+			throw new MOAIDException("auth.25", null, e);
+		} catch (TransformerConfigurationException e) {
+			Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
+			throw new MOAIDException("auth.25", null, e);
+		} catch (UtilsException e) {
+			Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
+			throw new MOAIDException("auth.25", null, e);
+		} catch (TransformerException e) {
+			Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
+			throw new MOAIDException("auth.25", null, e);
+		} catch (TransformerFactoryConfigurationError e) {
+			Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
+			throw new MOAIDException("auth.25", null, e);
+		} catch (IOException e) {
+			Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
+			throw new MOAIDException("auth.25", null, e);
 		} 
     		    
     	return identityLink;
@@ -272,5 +293,20 @@ public class STORKResponseProcessor {
 		
 		return moaExtendedSAMLAttributeList;
 	}
+	
+	private static String getCitizienSignatureFromSignResponse(SignResponse dssSignResponse) throws IllegalArgumentException, TransformerConfigurationException, UtilsException, TransformerException, TransformerFactoryConfigurationError, IOException, ApiUtilsException
+	{
+		// fetch signed doc
+		DataSource ds = LightweightSourceResolver.getDataSource(dssSignResponse);
+		if(ds == null){
+			throw new ApiUtilsException("No datasource found in response");
+		}				
+
+		InputStream incoming  = ds.getInputStream();
+		String citizenSignature = IOUtils.toString(incoming);
+		incoming.close();
+
+		return citizenSignature;
+	}
 
 }
-- 
cgit v1.2.3