package at.gv.egovernment.moa.id.auth.builder; import java.text.MessageFormat; import java.util.List; import at.gv.egovernment.moa.id.BuildException; import at.gv.egovernment.moa.id.ParseException; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; /** * Builder for the authentication block <saml:Assertion> * to be included in a <CreateXMLSignatureResponse>. * * @author Paul Ivancsics * @version $Id$ */ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertionBuilder implements Constants { /** template for the Auth-Block */ private static String AUTH_BLOCK = "" + NL + " " + NL + " " + NL + " {3}" + NL + " " + NL + "{4}" + " " + NL + " {5}" + NL + " " + NL + " " + NL + " {6}" + NL + " " + NL + "{7}" + " " + NL + ""; private static String GESCHAEFTS_BEREICH_ATTRIBUTE = " " + NL + " {0}" + NL + " " + NL; private static String WBPK_ATTRIBUTE = " " + NL + " " + NL + " " + NL + " {0}" + NL + " {1}" + NL + " " + NL + " " + NL + " " + NL; /** * The number of SAML attributes included in this AUTH-Block (without the extended SAML attributes). */ public static final int NUM_OF_SAML_ATTRIBUTES = 3; /** * Constructor for AuthenticationBlockAssertionBuilder. */ public AuthenticationBlockAssertionBuilder() { super(); } /** * Builds the authentication block <saml:Assertion> * * @param issuer authentication block issuer; "GivenName FamilyName" * @param issueInstant current timestamp * @param authURL URL of MOA-ID authentication component * @param target "Geschäftsbereich"; maybe null if the application * is a business application * @param identityLinkValue the content of the <pr:Value> * child element of the <pr:Identification> * element derived from the Identitylink; this is the * value of the wbPK; * maybe null if the application is a public service * @param identityLinkType the content of the <pr:Type> * child element of the <pr:Identification> * element derived from the Identitylink; this includes the * URN prefix and the identification number of the business * application used as input for wbPK computation; * maybe null if the application is a public service * @param oaURL public URL of online application requested * @param gebDat The date of birth from the identity link. * @param extendedSAMLAttributes The SAML attributes to be appended to the AUTHBlock. * * @return String representation of authentication block * <saml:Assertion> built * * @throws BuildException If an error occurs on serializing an extended SAML attribute * to be appended to the AUTH-Block. */ public String buildAuthBlock( String issuer, String issueInstant, String authURL, String target, String identityLinkValue, String identityLinkType, String oaURL, String gebDat, List extendedSAMLAttributes, AuthenticationSession session) throws BuildException { session.setSAMLAttributeGebeORwbpk(true); String gebeORwbpk = ""; String wbpkNSDeclaration = ""; if (target == null) { // OA is a business application if (!Constants.URN_PREFIX_HPI.equals(identityLinkType)) { // Only add wbPKs to AUTH-Block. HPIs can be added to the AUTH-Block by the corresponding Validator gebeORwbpk = MessageFormat.format(WBPK_ATTRIBUTE, new Object[] { identityLinkValue, identityLinkType }); wbpkNSDeclaration = " xmlns:pr=\"" + PD_NS_URI + "\""; } else { // We do not have a wbPK, therefore no SAML-Attribute is provided session.setSAMLAttributeGebeORwbpk(false); } } else { gebeORwbpk = MessageFormat.format(GESCHAEFTS_BEREICH_ATTRIBUTE, new Object[] { target }); } String assertion; try { assertion = MessageFormat.format( AUTH_BLOCK, new Object[] { wbpkNSDeclaration, issuer, issueInstant, authURL, gebeORwbpk, oaURL, gebDat, buildExtendedSAMLAttributes(extendedSAMLAttributes)}); } catch (ParseException e) { Logger.error("Error on building AUTH-Block: " + e.getMessage()); throw new BuildException("builder.00", new Object[] { "AUTH-Block", e.toString()}); } return assertion; } }