add demo-mode functionality for 'Austria eID'

7 files changed, 92 insertions, 28 deletions

diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthData.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthData.java
index 3d566980..e8e41999 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthData.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/IAuthData.java
@@ -45,8 +45,10 @@
 package at.gv.egiz.eaaf.core.api.idp;
 
 import java.util.Date;
+import java.util.List;
 
 import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
 
 /**
  * @author tlenz
@@ -126,7 +128,14 @@ public interface IAuthData {
 	 * @return Sector identifier with prefix
 	 */
 	String getBPKType();
-	 	 	 	
+
+	
+	/**
+	 * Get List of bPK/bPKType tuples for this service provider  
+	 * @return List of Pairs<bPK, bPKType>
+	 */
+	List<Pair<String, String>> getAdditionalbPKs();
+	
 	/**
 	 * Get baseId of this user
 	 * 
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/AuthenticationData.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/AuthenticationData.java
index 5762e1dd..392ed9a9 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/AuthenticationData.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/AuthenticationData.java
@@ -30,7 +30,9 @@ import java.io.Serializable;
 import java.text.DateFormat;
 import java.text.ParseException;
 import java.text.SimpleDateFormat;
+import java.util.ArrayList;
 import java.util.Date;
+import java.util.List;
 import java.util.Map;
 import java.util.TimeZone;
 
@@ -42,6 +44,7 @@ import org.slf4j.LoggerFactory;
 import at.gv.egiz.eaaf.core.api.idp.IAuthData;
 import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
 import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
 
 /**
  * @author tlenz
@@ -68,7 +71,8 @@ public class AuthenticationData  implements IAuthData, Serializable {
 	private String givenName;
 	private Date dateOfBirth;
 	private String bPK;	 
-	private String bPKType;
+	private String bPKType;	
+	private List<Pair<String, String>> additionalBpks;
 	
 	private String ccc = null;
 	  
@@ -436,5 +440,24 @@ public class AuthenticationData  implements IAuthData, Serializable {
 	public void seteIDASLoA(String eIDASLoA) {
 		this.eIDASLoA = eIDASLoA;
 	}
+
+	@Override
+	public List<Pair<String, String>> getAdditionalbPKs() {
+		return this.additionalBpks;
+	}
 	
+
+	/**
+	 * Add an additional bPK Pair<bPK, bPKType> into authdata
+	 * 
+	 * @param bPK Pair<bPK, bPKType>
+	 */
+	public void addAdditionalbPKPair(Pair<String, String> bPK) {
+		if (this.additionalBpks == null) {
+			this.additionalBpks = new ArrayList<Pair<String, String>>();
+			
+		}
+		
+		this.additionalBpks.add(bPK);
+	}  
 }
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/BPKAttributeBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/BPKAttributeBuilder.java
index 261fd211..a5c1e7d4 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/BPKAttributeBuilder.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/BPKAttributeBuilder.java
@@ -41,7 +41,8 @@ import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
 @PVPMETADATA
 public class BPKAttributeBuilder implements IPVPAttributeBuilder {
 	
-	private static final Logger log = LoggerFactory.getLogger(BPKAttributeBuilder.class);
+	private static final Logger log = LoggerFactory.getLogger(BPKAttributeBuilder.class);	
+	protected static final String DELIMITER_BPKTYPE_BPK = ":";
 	
 	public String getName() {
 		return BPK_NAME;
@@ -49,32 +50,66 @@ public class BPKAttributeBuilder implements IPVPAttributeBuilder {
 	
 	public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData,
 			IAttributeGenerator<ATT> g) throws AttributeBuilderException {
-		String bpk = authData.getBPK();
-		String type = authData.getBPKType();
+		String result = getBpkForSP(authData);				
+		log.trace("Authenticate user with bPK/wbPK: " + result);		
+		return g.buildStringAttribute(BPK_FRIENDLY_NAME, BPK_NAME, result);
+		
+	}
+	
+	public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) {
+		return g.buildEmptyAttribute(BPK_FRIENDLY_NAME, BPK_NAME);
+	}
+	
+	/**
+	 * Generate the bPK String for this specific SP
+	 * 
+	 * @param authData
+	 * @return
+	 * @throws UnavailableAttributeException
+	 */
+	protected String getBpkForSP(IAuthData authData) throws UnavailableAttributeException {
+		String bpk = attrMaxSize(authData.getBPK());
+		String type = removeBpkTypePrefix(authData.getBPKType());
 		
 		if (StringUtils.isEmpty(bpk))
 			throw new UnavailableAttributeException(BPK_NAME);
-			
+								
+		return type + DELIMITER_BPKTYPE_BPK + bpk;
+		
+	}
+	
+	/**
+	 * Limit the attribute value to maximum size
+	 * 
+	 * @param attr
+	 * @return
+	 */
+	protected String attrMaxSize(String attr) {
+		if (attr != null && attr.length() > BPK_MAX_LENGTH) {
+			attr = attr.substring(0, BPK_MAX_LENGTH);
+		}
+		return attr;
+		
+	}
+	
+	/**
+	 * Remove bPKType prefix if available
+	 * 
+	 * @param type
+	 * @return
+	 */
+	protected String removeBpkTypePrefix(String type) {
 		if (type.startsWith(EAAFConstants.URN_PREFIX_WBPK))
-			type = type.substring((EAAFConstants.URN_PREFIX_WBPK).length());
+			return type.substring((EAAFConstants.URN_PREFIX_WBPK).length());
 		
 		else if (type.startsWith(EAAFConstants.URN_PREFIX_CDID)) 
-			type = type.substring((EAAFConstants.URN_PREFIX_CDID).length());
+			return type.substring((EAAFConstants.URN_PREFIX_CDID).length());
 		
 		else if (type.startsWith(EAAFConstants.URN_PREFIX_EIDAS)) 
-			type = type.substring((EAAFConstants.URN_PREFIX_EIDAS).length());
-		
-		if (bpk.length() > BPK_MAX_LENGTH) {
-			bpk = bpk.substring(0, BPK_MAX_LENGTH);
-		}
+			return type.substring((EAAFConstants.URN_PREFIX_EIDAS).length());
 		
-		log.trace("Authenticate user with bPK/wbPK " + bpk + " and Type=" + type);
+		else
+			return type;
 		
-		return g.buildStringAttribute(BPK_FRIENDLY_NAME, BPK_NAME, type + ":" + bpk);
 	}
-	
-	public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) {
-		return g.buildEmptyAttribute(BPK_FRIENDLY_NAME, BPK_NAME);
-	}
-	
 }
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDIdentityLinkBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDIdentityLinkBuilder.java
index a3e22ea3..8a2cabbc 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDIdentityLinkBuilder.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDIdentityLinkBuilder.java
@@ -39,7 +39,7 @@ import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
 import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
 import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
 
-
+@Deprecated
 @PVPMETADATA
 public class EIDIdentityLinkBuilder implements IPVPAttributeBuilder {
 	private static final Logger log = LoggerFactory.getLogger(EIDIdentityLinkBuilder.class);
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDSourcePIN.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDSourcePIN.java
index 4e5f8505..0db3f1fe 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDSourcePIN.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDSourcePIN.java
@@ -36,6 +36,7 @@ import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
 import at.gv.egiz.eaaf.core.exceptions.AttributePolicyException;
 import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
 
+@Deprecated
 @PVPMETADATA
 public class EIDSourcePIN implements IPVPAttributeBuilder  {
 
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDSourcePINType.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDSourcePINType.java
index f55f5fb4..42e47a42 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDSourcePINType.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/builder/attributes/EIDSourcePINType.java
@@ -33,6 +33,7 @@ import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
 import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
 import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
 
+@Deprecated
 @PVPMETADATA
 public class EIDSourcePINType implements IPVPAttributeBuilder {
 
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/SPConfigurationImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/SPConfigurationImpl.java
index 6c827489..1b99ce50 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/SPConfigurationImpl.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/conf/SPConfigurationImpl.java
@@ -58,17 +58,12 @@ public class SPConfigurationImpl implements ISPConfiguration {
 				  					CONFIG_KEY_RESTRICTIONS_BASEID_INTERNAL, 
 				  					EAAFConstants.URN_PREFIX_CDID)));
 		  
-		  if (!authConfig.getBasicMOAIDConfigurationBoolean(CONFIG_KEY_RESTRICTIONS_EID_DEMO_MODE, false)) {
-			  targetAreasWithNoBaseIdTransmissionRestriction = Collections.unmodifiableList(
+		  targetAreasWithNoBaseIdTransmissionRestriction = Collections.unmodifiableList(
 					  KeyValueUtils.getListOfCSVValues(
 							  authConfig.getBasicConfiguration(
 									  CONFIG_KEY_RESTRICTIONS_BASEID_TRANSMISSION, 
 		    						EAAFConstants.URN_PREFIX_CDID)));
-			  
-		  } else
-			  targetAreasWithNoBaseIdTransmissionRestriction = Collections.emptyList();
-			  
-		  
+			  			 		  
 		  if (log.isTraceEnabled()) {
 			  log.trace("Internal policy for OA: " + getUniqueIdentifier());
 			  for (String el : targetAreasWithNoInteralBaseIdRestriction)