diff options
| author | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-09-24 09:59:28 +0200 |
|---|---|---|
| committer | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-09-24 09:59:28 +0200 |
| commit | 8337cf665a74b05ff24703485e4895545b713ca6 (patch) | |
| tree | df74d62251de2a659edf1e6115a3593ca8334fe6 | |
| parent | 4e1b8da3e3672b35ae9b24080b7d638bbcf6041d (diff) | |
| download | EAAF-Components-8337cf665a74b05ff24703485e4895545b713ca6.tar.gz EAAF-Components-8337cf665a74b05ff24703485e4895545b713ca6.tar.bz2 EAAF-Components-8337cf665a74b05ff24703485e4895545b713ca6.zip | |
extract bPK target from bPK-Value attribute of no EID-AUTH-TARGET attribute was found
2 files changed, 115 insertions, 42 deletions
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java index 2108e041..ffa1e3f0 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java @@ -32,6 +32,10 @@ import java.io.InputStream; import java.util.ArrayList; import java.util.Collection; import java.util.Map.Entry; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +import javax.annotation.Nullable; import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; @@ -576,7 +580,8 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati */ @Deprecated protected boolean matchsReceivedbPKToOnlineApplication(ISPConfiguration oaParam, String bPKType) { - return oaParam.getAreaSpecificTargetIdentifier().equals(bPKType); + return normalizeBpkTargetIdentifierToCommonFormat(oaParam.getAreaSpecificTargetIdentifier()).equals( + normalizeBpkTargetIdentifierToCommonFormat(bPKType)); } @@ -672,53 +677,93 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati */ @Deprecated private String getbPKTypeFromPVPAttribute(IAuthProcessDataContainer session) { - final String pvpbPKTypeAttr = session.getGenericDataFromSession(PVPAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME, String.class); + final String pvpbPKTypeAttr = session.getGenericDataFromSession(PVPAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME, String.class); + String pvpbPKValueAttr = session.getGenericDataFromSession(PVPAttributeDefinitions.BPK_NAME, String.class); if (StringUtils.isNotEmpty(pvpbPKTypeAttr)) { -// //fix a wrong bPK-Type encoding, which was used in some PVP Standardportal implementations -// if (pvpbPKTypeAttr.startsWith(EAAFConstants.URN_PREFIX_CDID) && -// !pvpbPKTypeAttr.substring(EAAFConstants.URN_PREFIX_CDID.length(), -// EAAFConstants.URN_PREFIX_CDID.length() + 1).equals("+")) { -// log.warn("Receive uncorrect encoded bBKType attribute " + pvpbPKTypeAttr + " Starting attribute value correction ... "); -// pvpbPKTypeAttr = EAAFConstants.URN_PREFIX_CDID + "+" + pvpbPKTypeAttr.substring(EAAFConstants.URN_PREFIX_CDID.length() + 1); -// -// } - log.debug("Find PVP-Attr: " + PVPAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME); + log.debug("Find PVP-Attr: {}", PVPAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME); return pvpbPKTypeAttr; + + } else if (StringUtils.isNotEmpty(pvpbPKValueAttr)) { + log.info("Find no PVP-Attr: {} Checking if bPK Target can be extracted from bPK value ... ", + PVPAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME); + String[] spitted = pvpbPKValueAttr.split(":"); + + if (spitted.length == 2) { + //exract bPK/wbPK type from bpk attribute value prefix if type is + //not transmitted as single attribute + Pattern pattern = Pattern.compile("[a-zA-Z]{2}(-[a-zA-Z]+)?"); + Matcher matcher = pattern.matcher(spitted[0]); + String target; + if (matcher.matches()) { + //find public service bPK + target = EAAFConstants.URN_PREFIX_CDID + "+" + spitted[0]; + + } else { + //find business service wbPK + target = EAAFConstants.URN_PREFIX_WBPK+ "+" + spitted[0]; + + } + + log.debug("Found bPK prefix. Set target to {}", target); + return target; + + } else { + log.warn("Can NOT extract bPK-Type from PVP-Attributes. Auth.Process will be FAIL!"); + + } } return null; - - - /* - * INFO: This code could be used to extract the bPKType from 'PVPConstants.BPK_NAME', - * because the prefix of BPK_NAME attribute contains the postfix of the bPKType - * - * Now, all PVP Standardportals should be able to send 'EID_SECTOR_FOR_IDENTIFIER' - * PVP attributes - */ -// String pvpbPKValueAttr = session.getGenericDataFromSession(PVPConstants.BPK_NAME, String.class); -// String[] spitted = pvpbPKValueAttr.split(":"); -// if (MiscUtil.isEmpty(authData.getBPKType())) { -// Logger.debug("PVP assertion contains NO bPK/wbPK target attribute. " + -// "Starting target extraction from bPK/wbPK prefix ..."); -// //exract bPK/wbPK type from bpk attribute value prefix if type is -// //not transmitted as single attribute -// Pattern pattern = Pattern.compile("[a-zA-Z]{2}(-[a-zA-Z]+)?"); -// Matcher matcher = pattern.matcher(spitted[0]); -// if (matcher.matches()) { -// //find public service bPK -// authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + spitted[0]); -// Logger.debug("Found bPK prefix. Set target to " + authData.getBPKType()); -// -// } else { -// //find business service wbPK -// authData.setBPKType(Constants.URN_PREFIX_WBPK+ "+" + spitted[0]); -// Logger.debug("Found wbPK prefix. Set target to " + authData.getBPKType()); -// -// } -// } } + /** + * Normalize wbPK target identifier for FN, ZVR, and ERSB to XFN, XZVR, and XERSB. + * + * <p>If the target is not of this types the target will be returned as it is</p> + * @param targetIdentifier bPK input target + * @return XFN, XZVR, XERSB, or targetIdentfier if no normalization is required + */ + @Nullable + public static String normalizeBpkTargetIdentifierToCommonFormat(@Nullable String targetIdentifier) { + if (targetIdentifier != null + && !targetIdentifier.startsWith(EAAFConstants.URN_PREFIX_WBPK_TARGET_WITH_X)) { + for (Entry<String, String> mapper : EAAFConstants.URN_WBPK_TARGET_X_TO_NONE_MAPPER.entrySet()) { + if (targetIdentifier.startsWith(mapper.getValue())) { + String wbpkTarget = mapper.getKey() + targetIdentifier.substring(mapper.getValue().length()); + log.trace("Normalize wbPK target: {} to {}", targetIdentifier, wbpkTarget); + return wbpkTarget; + + } + } + } + + return targetIdentifier; + } + + /** + * Normalize wbPK target identifier for XFN, XZVR, and XERSB to bPK calculation format like, FN, ZVR, and ERSB. + * + * <p>If the target is not of this types the target will be returned as it is</p> + * + * @param targetIdentifier bPK input target + * @return FN, ZVR, ERSB, or targetIdentfier if no normalization is required + */ + @Nullable + public static String normalizeBpkTargetIdentifierToCalculationFormat(@Nullable String targetIdentifier) { + if (targetIdentifier != null && targetIdentifier.startsWith(EAAFConstants.URN_PREFIX_WBPK)) { + for (Entry<String, String> mapper : EAAFConstants.URN_WBPK_TARGET_X_TO_NONE_MAPPER.entrySet()) { + if (targetIdentifier.startsWith(mapper.getKey())) { + String wbpkTarget = mapper.getValue() + targetIdentifier.substring(mapper.getKey().length()); + log.trace("Find new wbPK target: {}. Replace it by: {}", targetIdentifier, wbpkTarget); + return wbpkTarget; + + } + } + } + + return targetIdentifier; + } + } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EAAFConstants.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EAAFConstants.java index 32ea7a6f..316fd640 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EAAFConstants.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/EAAFConstants.java @@ -26,6 +26,9 @@ *******************************************************************************/ package at.gv.egiz.eaaf.core.api.data; +import java.util.Collections; +import java.util.LinkedHashMap; +import java.util.Map; public class EAAFConstants { @@ -57,7 +60,32 @@ public class EAAFConstants { public static final String URN_PREFIX_WBPK = URN_PREFIX + ":" + URN_PART_WBPK; public static final String URN_PREFIX_EIDAS = URN_PREFIX + ":" + URN_PART_EIDAS; public static final String URN_PREFIX_OW_BPK = URN_PREFIX_CDID + "OW"; - + + public static final String URN_PREFIX_WBPK_TARGET_WITH_X = URN_PREFIX_WBPK + "X"; + private static final String WBPK_TARGET_FN = "FN"; + private static final String WBPK_TARGET_ZVR = "ZVR"; + private static final String WBPK_TARGET_ERSB = "ERSB"; + private static final String URN_PREFIX_WBPK_TARGET_XFN_TARGET = + URN_PREFIX_WBPK_TARGET_WITH_X + WBPK_TARGET_FN; + private static final String URN_PREFIX_WBPK_TARGET_XZVR_TARGET = + URN_PREFIX_WBPK_TARGET_WITH_X + WBPK_TARGET_ZVR; + private static final String URN_PREFIX_WBPK_TARGET_XERSB_TARGET = + URN_PREFIX_WBPK_TARGET_WITH_X + WBPK_TARGET_ERSB; + + private static final String URN_PREFIX_WBPK_TARGET_FN_TARGET = URN_PREFIX_WBPK + WBPK_TARGET_FN; + private static final String URN_PREFIX_WBPK_TARGET_ZVR_TARGET = URN_PREFIX_WBPK + WBPK_TARGET_ZVR; + private static final String URN_PREFIX_WBPK_TARGET_ERSB_TARGET = URN_PREFIX_WBPK + WBPK_TARGET_ERSB; + + public static final Map<String, String> URN_WBPK_TARGET_X_TO_NONE_MAPPER; + + static { + final Map<String, String> intMap = new LinkedHashMap<>(); + intMap.put(URN_PREFIX_WBPK_TARGET_XFN_TARGET, URN_PREFIX_WBPK_TARGET_FN_TARGET); + intMap.put(URN_PREFIX_WBPK_TARGET_XZVR_TARGET, URN_PREFIX_WBPK_TARGET_ZVR_TARGET); + intMap.put(URN_PREFIX_WBPK_TARGET_XERSB_TARGET, URN_PREFIX_WBPK_TARGET_ERSB_TARGET); + URN_WBPK_TARGET_X_TO_NONE_MAPPER = Collections.unmodifiableMap(intMap); + + } //Authentication process data_constants public static final String UNIQUESESSIONIDENTIFIER = "eaaf_uniqueSessionIdentifier"; |