package test.abnahme.A;

import java.util.Calendar;

import org.w3c.dom.Element;
import test.abnahme.AbnahmeTestCase;

import at.gv.egovernment.moa.id.AuthenticationException;
import at.gv.egovernment.moa.id.BuildException;
import at.gv.egovernment.moa.id.ParseException;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder;
import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder;
import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
import at.gv.egovernment.moa.id.auth.data.IdentityLink;
import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator;
import at.gv.egovernment.moa.id.auth.validator.ValidateException;
import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator;
import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.data.AuthenticationData;
import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.DateTimeUtils;

/**
 * @author Stefan Knirsch
 * @version $Id$
 * 
 */

public class Test300VerifyAuthBlock extends AbnahmeTestCase {

  public Test300VerifyAuthBlock(String name) {
    super(name);
  }

  public void testA301() throws Exception {
    try {
      String sessionID = startAuthentication();
      AuthenticationData authData = initServer(sessionID);
      //authDataWriter(authData,this.getName()+"new.xml");
      assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
      System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");      
    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }

  public void testA302() throws Exception {
    try {
      String sessionID = startAuthentication();
      AuthenticationData authData = initServer(sessionID);
      //authDataWriter(authData,this.getName()+"new.xml");
      assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
      System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }
  public void testA303() throws Exception {
    try {
      String sessionID = startAuthentication();
      AuthenticationData authData = initServer(sessionID);
      assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
      System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }
  public void testA304() throws Exception {
    try {
      String sessionID = startAuthentication();
      AuthenticationData authData = initServer(sessionID);
      assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
      System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }
  public void testA305() throws Exception {
    try {
      String sessionID = startAuthentication();
      AuthenticationData authData = initServer(sessionID);
      assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
      System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }
  public void testA306() throws Exception {
    try {
      String sessionID = startAuthentication();
      AuthenticationData authData = initServer(sessionID);
      assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
      System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }
  public void testA307() throws Exception {
    try {
      String sessionID = startAuthentication();
      AuthenticationData authData = initServer(sessionID);
      assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
      System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }
  public void testA308() throws Exception {
    try {
      String sessionID = startAuthentication();
      AuthenticationData authData = initServer(sessionID);
      assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
      System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }

  }

  public void testA309() throws Exception {
    try {
      String sessionID = startAuthentication();
      AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID);
      assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
      System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }
  public void testA310() throws Exception {
    try {
      String sessionID = startAuthentication();
      AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID);
      assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
      System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }
  public void testA311() throws Exception {
    try {
      String sessionID = startAuthentication();
      AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID);
      assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
      System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }

  public void testA351() throws Exception {
    try {
      String sessionID = startAuthentication();
      System.out.println(sessionID);
      String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
      server.verifyIdentityLink(sessionID, infoboxReadResponse);
      InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
      IdentityLink idl = irrp.parseIdentityLink();
      Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID());
      Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
      new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
      //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
      //    System.out.println(createXMLSignatureRequest);
      String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");

      // nicht existierende Session....
      try {
        server.verifyAuthenticationBlock("0", createXMLSignatureResponse);
        fail();
      }
      catch (AuthenticationException e) {
        System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
      }

    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }

  public void testA352() throws Exception {
    try {
      String sessionID = startAuthentication();
      System.out.println(sessionID);
      String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
      server.verifyIdentityLink(sessionID, infoboxReadResponse);
      server.setSecondsSessionTimeOut(-100);
      server.cleanup();
      InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
      IdentityLink idl = irrp.parseIdentityLink();
      Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID());
      Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
      new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
      //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
      //    System.out.println(createXMLSignatureRequest);
      String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");

      // abgelaufene Session....
      server.setSecondsSessionTimeOut(1000);
      try {
        server.verifyAuthenticationBlock("0", createXMLSignatureResponse);
        fail();
      }
      catch (AuthenticationException e) {
        System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
      }

    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }

  public void testA353() throws Exception {
    try {
      String sessionID = startAuthentication();
      System.out.println(sessionID);

      String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");

      // Session for VerifyIdentityLink-Aufruf
      try {

        server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
        fail();
      }
      //NOCH SEHR UNSCH�N..... (fliegt raus im AuthenticationServer, Methode buildAuthenticationData 
      // ( IdentityLink identityLink = session.getIdentityLink(); ==> liefert dann NULL...
      catch (NullPointerException e) {
        System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
      }
    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }

  public void testA354() throws Exception {
    try {
      String sessionID = startAuthentication();
      System.out.println(sessionID);
      String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
      server.verifyIdentityLink(sessionID, infoboxReadResponse);
      InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
      IdentityLink idl = irrp.parseIdentityLink();
      Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID());
      Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
      new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
      //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
      //    System.out.println(createXMLSignatureRequest);
      String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");

      // nicht existierende Session....

      server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
      try {
        server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
        fail();
      }
      catch (AuthenticationException e) {
        System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
      }
    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }

  public void testA355() throws Exception {
    try {
      String sessionID = startAuthentication();
      try {
        initServer(sessionID);
        fail();
      }
      catch (ParseException e) {
        System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
      }
    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }

  public void testA356() throws Exception {
    try {
      String sessionID = startAuthentication();
      try {
        initServer(sessionID);
        fail();
      }
      catch (ParseException e) {
        System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
      }
    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }
  public void testA357() throws Exception {
    try {
      String sessionID = startAuthentication();
      try {
        initServer(sessionID);
        fail();
      }
      catch (ValidateException e) {
        System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
      }
    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }
  public void testA358() throws Exception {
    try {
      String sessionID = startAuthentication();
      try {
        initServer(sessionID);
        fail();
      }
      catch (ValidateException e) {
        System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
      }
    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }
  public void testA359() throws Exception {
    try {
      String sessionID = startAuthentication();
      try {
        initServer(sessionID);
        fail();
      }
      catch (ValidateException e) {
        System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
      }
    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }
  public void testA360() throws Exception {
    try {
      String sessionID = startAuthentication();
      try {
        initServer(sessionID);
        fail();
      }
      catch (ValidateException e) {
        System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
      }
    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }
  public void testA361() throws Exception {
    try {
      String sessionID = startAuthentication();
      try {
        initServer(sessionID);
        fail();
      }
      catch (ValidateException e) {
        System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
      }
    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }
  public void testA362() throws Exception {
    try {
      String sessionID = startAuthentication();
      try {
        initServer(sessionID);
        fail();
      }
      catch (ValidateException e) {
        System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
      }
    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }

  public void testA363() throws Exception {
    try {
      String sessionID = startAuthentication();
      try {
        initServer(sessionID);
        fail();
      }
      catch (ValidateException e) {
        System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
      }
    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }

  public void testA364() throws Exception {
    try {
      String sessionID = startAuthentication();
      try {

        initServer(sessionID);
        fail();
      }
      catch (ValidateException e) {
        System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
      }
    }
    catch (Exception e) {
      System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
      throw e;
    }
  }

  /* public void testA365() throws Exception {
     String sessionID = startAuthentication();
     try {
      // wegen sinnlosigkeit gestrichen
        initServer(sessionID);
       fail();      
      }
      catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");}
    }*/

  public void testA366() throws Exception {
  
     String sessionID = startAuthentication();
     try {
       initServer(sessionID);
       fail();      
      }
      catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");}
    }
  public void testA367() throws Exception {
     String sessionID = startAuthentication();
     try {
       initServer(sessionID);
       fail();      
      }
      catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");}
    }
   
  
  private AuthenticationData initServer(String sessionID) throws Exception {
    String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
    server.verifyIdentityLink(sessionID, infoboxReadResponse);
    InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
    IdentityLink idl = irrp.parseIdentityLink();
    Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1");
    Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
    new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
    //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
    //    System.out.println(createXMLSignatureRequest);
    String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
    // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/");
    String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
    AuthenticationData authData = server.getAuthenticationData(samlArtifact);
    return authData;
  }
  
  private AuthenticationData initServerWithoutValidateAuthBlock(String sessionID) throws Exception {
    String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
    server.verifyIdentityLink(sessionID, infoboxReadResponse);
    InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
    IdentityLink idl = irrp.parseIdentityLink();
    Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1");
    Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
    new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
    //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
    //    System.out.println(createXMLSignatureRequest);
    String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
    // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/");

    AuthenticationSession session = AuthenticationServer.getSession(sessionID);
    AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance();
    // parses <CreateXMLSignatureResponse>
    CreateXMLSignatureResponse csresp = 
      new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse();
    // validates <CreateXMLSignatureResponse>
    new CreateXMLSignatureResponseValidator().validate(csresp, session.getTarget(), session.getPublicOAURLPrefix());
    // builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call
    String[] vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs();
    String tpid = authConf.getMoaSpAuthBlockTrustProfileID();
    Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp, vtids, tpid);
    // invokes the call
    Element domVsresp = new SignatureVerificationInvoker().verifyXMLSignature(domVsreq);
    // parses the <VerifyXMLSignatureResponse>
    VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser(domVsresp).parseData();
    // validates the <VerifyXMLSignatureResponse>
    VerifyXMLSignatureResponseValidator.getInstance().validate(vsresp, null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK);
    // compares the public keys from the identityLink with the AuthBlock
   
    // builds authentication data and stores it together with a SAML artifact
    AuthenticationData authData = buildAuthenticationData(session, vsresp);
    return authData;
  }
    private AuthenticationData buildAuthenticationData(
    AuthenticationSession session,
    VerifyXMLSignatureResponse verifyXMLSigResp) 
    throws ConfigurationException, BuildException {
    
    IdentityLink identityLink = session.getIdentityLink();
    AuthenticationData authData = new AuthenticationData();
    authData.setMajorVersion(1);
    authData.setMinorVersion(0);
    authData.setAssertionID(Random.nextRandom());
    authData.setIssuer(session.getAuthURL());
    authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar.getInstance()));
    String vpkBase64 = new BPKBuilder().buildBPK(
      identityLink.getIdentificationValue(), session.getTarget());
    authData.setPBK(vpkBase64);
    authData.setGivenName(identityLink.getGivenName());
    authData.setFamilyName(identityLink.getFamilyName());
    authData.setDateOfBirth(identityLink.getDateOfBirth());
    authData.setQualifiedCertificate(verifyXMLSigResp.isQualifiedCertificate());
    authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority());
    authData.setPublicAuthorityCode(verifyXMLSigResp.getPublicAuthorityCode());
    OAAuthParameter oaParam = 
      AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(
        session.getPublicOAURLPrefix());
    String prPerson = new PersonDataBuilder().build(
      identityLink, oaParam.getProvideStammzahl());
      
    try {     
      String ilAssertion = 
        oaParam.getProvideIdentityLink() ? DOMUtils.serializeNode(identityLink.getSamlAssertion()) : "";
      String authBlock = oaParam.getProvideAuthBlock() ? session.getAuthBlock() : "";
      String samlAssertion = new AuthenticationDataAssertionBuilder().build(
        authData, prPerson, authBlock, ilAssertion);
      authData.setSamlAssertion(samlAssertion);
      return authData;
    }
    catch (Throwable ex) {
      throw new BuildException(
        "builder.00",
        new Object[] { "AuthenticationData", ex.getMessage() },
        ex);
    }
    }
}