* @param infocard
* @return
* @throws Exception
*/
public InfoCardSignInDTO signInWithInfoCard(InfoCardDTO infocard) throws Exception {
SAMLTokenVerifier verifier = new SAMLTokenVerifier();
MessageContext msgCtx = MessageContext.getCurrentMessageContext();
HttpServletRequest request = (HttpServletRequest) msgCtx
.getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST);
HttpSession httpSession = request.getSession();
Hashtable<String, String> attributes = null;
InfoCardSignInDTO dto = new InfoCardSignInDTO();
ByteArrayInputStream bais = new ByteArrayInputStream(infocard.getXmlToken().getBytes());
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
Document doc = dbf.newDocumentBuilder().parse(bais);
Element token = doc.getDocumentElement();
boolean isAuthenticated = false;
if (verifier.verifyDecryptedToken(token, RelyingPartyData.getInstance())) {
attributes = verifier.getAttributeTable();
String ppid = null;
String user = null;
if (validateIssuerInfoPolicy(verifier, RelyingPartyData.getInstance())) {
ppid = attributes.get(IdentityConstants.CLAIM_PPID);
String tenant = attributes.get(IdentityConstants.CLAIM_TENANT_DOMAIN);
user = getUserName(ppid, tenant);
String tenatAwareUserNameFromOpenID = UserCoreUtil.getTenantLessUsername(OpenIDUtil
.getUserName(infocard.getOpenId()));
String tenantFromOpenID = null;
tenantFromOpenID = TenantUtils.getDomainNameFromOpenId(infocard.getOpenId());
String supperTenant = IdentityConstants.DEFAULT_SUPER_TENAT;
if (tenantFromOpenID == null) {
tenantFromOpenID = supperTenant;
}
if (tenant.equals(tenantFromOpenID) && tenatAwareUserNameFromOpenID.equals(user)) {
if (IdentityConstants.SELF_ISSUED_ISSUER.equals(verifier.getIssuerName())) {
dto.setPpid(ppid);
}
if (httpSession != null) {
httpSession.setAttribute(OPENID_LOGGEDIN_USER, user);
}