From f18b50f5924b12dc7ab751889125784f4ba8a8d6 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 22 May 2014 16:55:26 +0200
Subject: always store interfederated IDPs for SLO

---
 .../moa/id/auth/builder/AuthenticationDataBuilder.java | 11 +++--------
 .../moa/id/storage/AuthenticationSessionStoreage.java  | 14 ++++++++++++++
 .../db/dao/session/AuthenticatedSessionStore.java      |  2 +-
 .../db/dao/session/InterfederationSessionStore.java    | 18 ++++++++++++++++++
 4 files changed, 36 insertions(+), 9 deletions(-)

(limited to 'id/server')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index 792b6cdd7..632227d79 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -175,14 +175,9 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 				
 				//mark attribute request as used 				
 				try {
-					if (idp.isInterfederationSSOStorageAllowed()) {
-						interfIDP.setAttributesRequested(true);
-						MOASessionDBUtils.saveOrUpdate(interfIDP);
-						
-					} else {
-						MOASessionDBUtils.delete(interfIDP);
-					}
-										
+					interfIDP.setAttributesRequested(true);
+					MOASessionDBUtils.saveOrUpdate(interfIDP);
+															
 				} catch (MOADatabaseException e) {
 					Logger.error("MOASession interfederation information can not stored to database.", e);
 					
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
index 26922a13b..6c2900752 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
@@ -42,6 +42,9 @@ import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionSto
 import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore;
 import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.data.EncryptedData;
 import at.gv.egovernment.moa.id.data.SLOInformationInterface;
 import at.gv.egovernment.moa.id.moduls.IRequest;
@@ -704,6 +707,17 @@ public class AuthenticationSessionStoreage {
 			idp = new InterfederationSessionStore();
 			idp.setCreated(now);
 			idp.setIdpurlprefix(req.getInterfederationResponse().getEntityID());
+			
+			try {
+				OAAuthParameter oa = AuthConfigurationProvider.getInstance().
+						getOnlineApplicationParameter(idp.getIdpurlprefix());			
+				idp.setStoreSSOInformation(oa.isInterfederationSSOStorageAllowed());
+								
+			} catch (ConfigurationException e) {
+				Logger.warn("MOASession could not be created.");
+				throw new MOADatabaseException(e);
+				
+			}						
 			idp.setMoasession(dbsession);
 			idpList.add(idp);
 						
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java
index 5cfb1bb92..8bad43431 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java
@@ -59,7 +59,7 @@ import org.hibernate.annotations.DynamicUpdate;
     @NamedQuery(name="getActiveOAWithSessionIDandOAIDandProtocol", query = "select authenticatedsessionstore from AuthenticatedSessionStore authenticatedsessionstore join fetch authenticatedsessionstore.activeOAsessions activeOAsessions where activeOAsessions.oaurlprefix = :oaID and activeOAsessions.protocolType = :protocol and authenticatedsessionstore.sessionid = :sessionID"),
     @NamedQuery(name="getMOASessionWithNameIDandOAID", query = "select authenticatedsessionstore from AuthenticatedSessionStore authenticatedsessionstore join fetch authenticatedsessionstore.activeOAsessions activeOAsessions where activeOAsessions.oaurlprefix = :oaID and activeOAsessions.userNameID = :nameID"),
     @NamedQuery(name="getInterfederatedIDPForAttributeQueryWithSessionID", query = "select authenticatedsessionstore from AuthenticatedSessionStore authenticatedsessionstore join fetch authenticatedsessionstore.inderfederation inderfederations where inderfederations.attributesRequested is false and authenticatedsessionstore.sessionid = :sessionID"),
-    @NamedQuery(name="getInterfederatedIDPForSSOWithSessionID", query = "select authenticatedsessionstore from AuthenticatedSessionStore authenticatedsessionstore join fetch authenticatedsessionstore.inderfederation inderfederations where inderfederations.attributesRequested is true and authenticatedsessionstore.sessionid = :sessionID order by inderfederations.QAALevel DESC"),
+    @NamedQuery(name="getInterfederatedIDPForSSOWithSessionID", query = "select authenticatedsessionstore from AuthenticatedSessionStore authenticatedsessionstore join fetch authenticatedsessionstore.inderfederation inderfederations where inderfederations.attributesRequested is true and inderfederations.storeSSOInformation is true and authenticatedsessionstore.sessionid = :sessionID order by inderfederations.QAALevel DESC"),
     @NamedQuery(name="getInterfederatedIDPForSSOWithSessionIDIDPID", query = "select authenticatedsessionstore from AuthenticatedSessionStore authenticatedsessionstore join fetch authenticatedsessionstore.inderfederation inderfederations where inderfederations.attributesRequested is true and authenticatedsessionstore.sessionid = :sessionID and inderfederations.idpurlprefix = :idpID")
 })
 
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/InterfederationSessionStore.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/InterfederationSessionStore.java
index 1fcdd9b9b..448754f76 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/InterfederationSessionStore.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/InterfederationSessionStore.java
@@ -65,6 +65,9 @@ public class InterfederationSessionStore implements Serializable{
 	@Column(name = "attributesRequested", unique=false, nullable=true)
 	private boolean attributesRequested;
 	
+	@Column(name = "storeSSOInformation", unique=false, nullable=true)
+	private boolean storeSSOInformation = false;
+	
 	@Column(name = "created", updatable=false, nullable=false)
 //    @Temporal(TemporalType.TIMESTAMP)
     private Date created;
@@ -190,6 +193,21 @@ public class InterfederationSessionStore implements Serializable{
 		QAALevel = qAALevel;
 	}
 
+	/**
+	 * @return the storeSSOInformation
+	 */
+	public boolean isStoreSSOInformation() {
+		return storeSSOInformation;
+	}
+
+	/**
+	 * @param storeSSOInformation the storeSSOInformation to set
+	 */
+	public void setStoreSSOInformation(boolean storeSSOInformation) {
+		this.storeSSOInformation = storeSSOInformation;
+	}
+
+	
 
 }
 
-- 
cgit v1.2.3