inject authType parameter in VDA request to select a specific authentication method

2 files changed, 75 insertions, 0 deletions

diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java
index 1d97b167..6a5e1ef0 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java
@@ -1,5 +1,6 @@
 package at.gv.egiz.eaaf.modules.auth.sl20.tasks;
 
+import java.io.Serializable;
 import java.security.cert.CertificateEncodingException;
 import java.util.ArrayList;
 import java.util.List;
@@ -39,6 +40,7 @@ import at.gv.egiz.eaaf.modules.auth.sl20.data.VerificationResult;
 import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SL20Exception;
 import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SlCommandoParserException;
 import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20Constants;
+import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20Constants.VdaAuthMethod;
 import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20HttpBindingUtils;
 import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JsonBuilderUtils;
 import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JsonExtractorUtils;
@@ -95,6 +97,15 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl
       final List<NameValuePair> parameters = new ArrayList<>();
       parameters.add(new BasicNameValuePair(SL20Constants.PARAM_SL20_REQ_COMMAND_PARAM,
           Base64Url.encode(sl20Req.toString().getBytes("UTF-8"))));
+      
+      //set specific authentication method if it was selection by process step before
+      VdaAuthMethod authMethod = getVdaAuthMethodFromContext(executionContext);
+      if (authMethod != null) {
+        log.debug("Request VDA with authType: {}", authMethod);
+        parameters.add(new BasicNameValuePair(SL20Constants.PARAM_SL20_REQ_AUTH_METHOD_PARAM,
+            authMethod.getAuthMethod()));
+      }
+      
       httpReq.setEntity(new UrlEncodedFormEntity(parameters));
 
       // build http GET request
@@ -191,6 +202,13 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl
   }
 
   /**
+   * Get ExecutionContext parameter-key for VDA AuthMethod information. 
+   * 
+   * @return Key to get AuthMethod from {@link ExecutionContext}
+   */
+  protected abstract String getAuthMethodContextParamKey();
+
+  /**
    * Create a implementation specific qualified eID SL2.0 command
    *
    * @param oaConfig
@@ -201,6 +219,18 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl
    */
   protected abstract String buildSignedQualifiedEidCommand() throws CertificateEncodingException, SL20Exception;
 
+  
+  private VdaAuthMethod getVdaAuthMethodFromContext(ExecutionContext executionContext) {
+    Serializable authMethodRaw = executionContext.get(getAuthMethodContextParamKey());
+    if (authMethodRaw instanceof String) {
+      log.trace("Find authMethod parameter: {} on context", authMethodRaw);
+      return VdaAuthMethod.fromString((String) authMethodRaw);
+      
+    }
+    
+    return null;
+  }
+  
   private String extractVdaUrlForSpecificOa(final ISpConfiguration oaConfig, final ExecutionContext executionContext) {
 
     // load SP specific config for development and testing purposes
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java
index 01316b9b..ec5dbf2e 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java
@@ -4,6 +4,8 @@ import java.util.Arrays;
 import java.util.Collections;
 import java.util.List;
 
+import javax.annotation.Nonnull;
+
 import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers;
 import org.jose4j.jwe.KeyManagementAlgorithmIdentifiers;
 import org.jose4j.jws.AlgorithmIdentifiers;
@@ -11,10 +13,53 @@ import org.jose4j.jws.AlgorithmIdentifiers;
 public class SL20Constants {
   public static final int CURRENT_SL20_VERSION = 10;
 
+  
   // http binding parameters
   public static final String PARAM_SL20_REQ_COMMAND_PARAM = "slcommand";
   public static final String PARAM_SL20_REQ_COMMAND_PARAM_OLD = "sl2command";
 
+  public static final String PARAM_SL20_REQ_AUTH_METHOD_PARAM = "authtype";
+  public enum VdaAuthMethod {
+    ANY("any"), MOBILEPHONE("handy"), CARD("card");
+
+    private final String authMethod;
+
+    VdaAuthMethod(final String method) {
+      this.authMethod = method;
+    }
+
+    /**
+     * Get VDA AuthMethod.
+     *
+     * @return
+     */
+    public String getAuthMethod() {
+      return this.authMethod;
+    }
+
+    /**
+     * Get VDA authmethod from String representation.
+     *
+     * @param s authMethod parameter
+     * @return AuthMethod, or VdaAuthMethod.ANY if the parameter is unknown
+     */
+    public static VdaAuthMethod fromString(@Nonnull final String s) {
+      try {
+        return VdaAuthMethod.valueOf(s.toUpperCase());
+
+      } catch (IllegalArgumentException | NullPointerException e) {
+        return VdaAuthMethod.ANY;
+        
+      }
+    }
+
+    @Override
+    public String toString() {
+      return getAuthMethod();
+
+    }
+  }
+  
   public static final String PARAM_SL20_REQ_ICP_RETURN_URL_PARAM = "slIPCReturnUrl";
   public static final String PARAM_SL20_REQ_TRANSACTIONID = "slTransactionID";