package at.gv.egovernment.moa.id.auth.builder; import java.text.MessageFormat; import java.util.List; import at.gv.egovernment.moa.id.BuildException; import at.gv.egovernment.moa.id.ParseException; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.StringUtils; /** * Builder for the authentication data <saml:Assertion> * to be provided by the MOA ID Auth component. * * @author Paul Ivancsics * @version $Id$ */ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionBuilder implements Constants { /** private static String NL contains the NewLine representation in Java*/ private static final String NL = "\n"; /** * XML template for the <saml:Assertion> to be built */ private static final String AUTH_DATA = "" + NL + "" + NL + " " + NL + " " + NL + " {4}" + NL + " " + NL + " " + MOA_NS_URI + "cm" + NL + " {5}{6}" + NL + " " + NL + " " + NL + " " + NL + " {7}" + NL + " " + NL + " " + NL + " {8}" + NL + " " + NL + " " + NL + " {9}" + NL + " " + NL + "{10}" + "{11}" + "{12}" + " " + NL + ""; /** * XML template for the <saml:Attribute> named "isPublicAuthority", * to be inserted into the <saml:Assertion> */ private static final String PUBLIC_AUTHORITY_ATT = " " + NL + " {0}" + NL + " " + NL; private static final String SIGNER_CERTIFICATE_ATT = " " + NL + " {0}" + NL + " " + NL; /** * Constructor for AuthenticationDataAssertionBuilder. */ public AuthenticationDataAssertionBuilder() { super(); } /** * Builds the authentication data <saml:Assertion>. * * @param authData the AuthenticationData to build the * <saml:Assertion> from * @param xmlPersonData lt;pr:Person> element as a String * @param xmlAuthBlock authentication block to be included in a * lt;saml:SubjectConfirmationData> element; may include * the "Stammzahl" or not; may be empty * @param xmlIdentityLink the IdentityLink * @param signerCertificateBase64 Base64 encoded certificate of the signer. Maybe * an empty string if the signer certificate should not be provided. * Will be ignored if the businessService parameter is * set to false. * @param businessService true if the online application is a * business service, otherwise false * @return the <saml:Assertion> * @throws BuildException if an error occurs during the build process */ public String build( AuthenticationData authData, String xmlPersonData, String xmlAuthBlock, String xmlIdentityLink, String bkuURL, String signerCertificateBase64, boolean businessService, List extendedSAMLAttributes) throws BuildException { String isQualifiedCertificate = authData.isQualifiedCertificate() ? "true" : "false"; String publicAuthorityAttribute = ""; if (authData.isPublicAuthority()) { String publicAuthorityIdentification = authData.getPublicAuthorityCode(); if (publicAuthorityIdentification == null) publicAuthorityIdentification = "True"; publicAuthorityAttribute = MessageFormat.format( PUBLIC_AUTHORITY_ATT, new Object[] { publicAuthorityIdentification }); } String signerCertificateAttribute = ""; if (signerCertificateBase64 != "") { signerCertificateAttribute = MessageFormat.format( SIGNER_CERTIFICATE_ATT, new Object[] { signerCertificateBase64 }); } String pkType; String pkValue; if (businessService) { pkType = authData.getIdentificationType(); pkValue = authData.getWBPK(); } else { pkType = URN_PREFIX_BPK; pkValue = authData.getBPK(); } String assertion; try { assertion = MessageFormat.format(AUTH_DATA, new Object[] { authData.getAssertionID(), authData.getIssuer(), authData.getIssueInstant(), pkType, pkValue, StringUtils.removeXMLDeclaration(xmlAuthBlock), StringUtils.removeXMLDeclaration(xmlIdentityLink), StringUtils.removeXMLDeclaration(xmlPersonData), isQualifiedCertificate, bkuURL, publicAuthorityAttribute, signerCertificateAttribute, buildExtendedSAMLAttributes(extendedSAMLAttributes)}); } catch (ParseException e) { Logger.error("Error on building Authentication Data Assertion: " + e.getMessage()); throw new BuildException("builder.00", new Object[] { "Authentication Data Assertion", e.toString()}); } return assertion; } }