From b8b01a93311156704c9c003e3128c544a5e2ba48 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 14 Jan 2016 17:26:07 +0100 Subject: moa learned how to trigger an authentication after receiving an eidas request --- .../id/protocols/eidas/AuthenticationRequest.java | 3 +- .../moa/id/protocols/eidas/EIDASProtocol.java | 48 +++++++++++----------- 2 files changed, 26 insertions(+), 25 deletions(-) (limited to 'id/server') diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/AuthenticationRequest.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/AuthenticationRequest.java index 6a13cba60..3144d08e8 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/AuthenticationRequest.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/AuthenticationRequest.java @@ -48,8 +48,7 @@ public class AuthenticationRequest implements IAction { @Override public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { - // TODO Auto-generated method stub - return false; + return true; } @Override diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java index 01052c698..3e2122315 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java @@ -23,29 +23,19 @@ package at.gv.egovernment.moa.id.protocols.eidas; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.modules.eidas.utils.MOAPersonalAttributeList; import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IModulInfo; import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.moduls.RequestStorage; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; import eu.eidas.auth.commons.EIDASAuthnRequest; -import eu.eidas.auth.commons.EIDASAuthnResponse; import eu.eidas.auth.commons.EIDASUtil; import eu.eidas.auth.engine.EIDASSAMLEngine; -import eu.stork.peps.auth.commons.*; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -92,31 +82,43 @@ public class EIDASProtocol extends MOAIDAuthConstants implements IModulInfo { */ public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action, String sessionId, String transactionId) throws MOAIDException { - + Logger.info("received an eIDaS request"); - + //get SAML Response and decode it String base64SamlToken = request.getParameter("SAMLRequest"); if (MiscUtil.isEmpty(base64SamlToken)) { Logger.warn("No eIDAS SAMLRequest found in http request."); throw new MOAIDException("HTTP request includes no eIDAS SAML-Request element.", null); - } byte[] decSamlToken = EIDASUtil.decodeSAMLToken(base64SamlToken); - + try { - //get eIDAS SAML-engine - EIDASSAMLEngine engine = SAMLEngineUtils.createSAMLEngine(); - - //validate SAML token - EIDASAuthnRequest samlReq = engine.validateEIDASAuthnRequest(decSamlToken); + //get eIDAS SAML-engine + EIDASSAMLEngine engine = SAMLEngineUtils.createSAMLEngine(); + + //validate SAML token + EIDASAuthnRequest samlReq = engine.validateEIDASAuthnRequest(decSamlToken); + + // memorize important stuff + EIDASRequest result = new EIDASRequest(); + // - memorize requested attributes + // TODO memorize requested attributes + + // - memorize OA url + result.setOAURL("https://demo.a-sit.at/EidasNode"); // TODO use metadata url? + + // - memorize OA config + OAAuthParameter oaConfig = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(result.getOAURL()); + if (oaConfig == null) + throw new AuthenticationException("stork.12", new Object[]{result.getOAURL()}); + result.setOnlineApplicationConfiguration(oaConfig); - + return result; } catch(Exception e) { - + Logger.error("error in preprocessing step", e); + throw new MOAIDException("error in preprocessing step", null); } - - return null; } public IAction canHandleRequest(HttpServletRequest request, HttpServletResponse response) { -- cgit v1.2.3