diff options
author | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-03-19 15:59:15 +0100 |
---|---|---|
committer | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-03-19 15:59:15 +0100 |
commit | 5742681b60c6f99efa0040c42e514005596ffb34 (patch) | |
tree | ad5c9a5294e08538815ec8cbebb749f06a21f2f5 /eaaf_modules/eaaf_module_auth_sl20/src/main | |
parent | f95a1fb3982395ccbc7e139cb5bd8a1c106bbb48 (diff) | |
download | EAAF-Components-5742681b60c6f99efa0040c42e514005596ffb34.tar.gz EAAF-Components-5742681b60c6f99efa0040c42e514005596ffb34.tar.bz2 EAAF-Components-5742681b60c6f99efa0040c42e514005596ffb34.zip |
inject authType parameter in VDA request to select a specific authentication method
Diffstat (limited to 'eaaf_modules/eaaf_module_auth_sl20/src/main')
2 files changed, 75 insertions, 0 deletions
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java index 1d97b167..6a5e1ef0 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java @@ -1,5 +1,6 @@ package at.gv.egiz.eaaf.modules.auth.sl20.tasks; +import java.io.Serializable; import java.security.cert.CertificateEncodingException; import java.util.ArrayList; import java.util.List; @@ -39,6 +40,7 @@ import at.gv.egiz.eaaf.modules.auth.sl20.data.VerificationResult; import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SL20Exception; import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SlCommandoParserException; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20Constants; +import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20Constants.VdaAuthMethod; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20HttpBindingUtils; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JsonBuilderUtils; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JsonExtractorUtils; @@ -95,6 +97,15 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl final List<NameValuePair> parameters = new ArrayList<>(); parameters.add(new BasicNameValuePair(SL20Constants.PARAM_SL20_REQ_COMMAND_PARAM, Base64Url.encode(sl20Req.toString().getBytes("UTF-8")))); + + //set specific authentication method if it was selection by process step before + VdaAuthMethod authMethod = getVdaAuthMethodFromContext(executionContext); + if (authMethod != null) { + log.debug("Request VDA with authType: {}", authMethod); + parameters.add(new BasicNameValuePair(SL20Constants.PARAM_SL20_REQ_AUTH_METHOD_PARAM, + authMethod.getAuthMethod())); + } + httpReq.setEntity(new UrlEncodedFormEntity(parameters)); // build http GET request @@ -191,6 +202,13 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl } /** + * Get ExecutionContext parameter-key for VDA AuthMethod information. + * + * @return Key to get AuthMethod from {@link ExecutionContext} + */ + protected abstract String getAuthMethodContextParamKey(); + + /** * Create a implementation specific qualified eID SL2.0 command * * @param oaConfig @@ -201,6 +219,18 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl */ protected abstract String buildSignedQualifiedEidCommand() throws CertificateEncodingException, SL20Exception; + + private VdaAuthMethod getVdaAuthMethodFromContext(ExecutionContext executionContext) { + Serializable authMethodRaw = executionContext.get(getAuthMethodContextParamKey()); + if (authMethodRaw instanceof String) { + log.trace("Find authMethod parameter: {} on context", authMethodRaw); + return VdaAuthMethod.fromString((String) authMethodRaw); + + } + + return null; + } + private String extractVdaUrlForSpecificOa(final ISpConfiguration oaConfig, final ExecutionContext executionContext) { // load SP specific config for development and testing purposes diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java index 01316b9b..ec5dbf2e 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java @@ -4,6 +4,8 @@ import java.util.Arrays; import java.util.Collections; import java.util.List; +import javax.annotation.Nonnull; + import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; import org.jose4j.jwe.KeyManagementAlgorithmIdentifiers; import org.jose4j.jws.AlgorithmIdentifiers; @@ -11,10 +13,53 @@ import org.jose4j.jws.AlgorithmIdentifiers; public class SL20Constants { public static final int CURRENT_SL20_VERSION = 10; + // http binding parameters public static final String PARAM_SL20_REQ_COMMAND_PARAM = "slcommand"; public static final String PARAM_SL20_REQ_COMMAND_PARAM_OLD = "sl2command"; + public static final String PARAM_SL20_REQ_AUTH_METHOD_PARAM = "authtype"; + public enum VdaAuthMethod { + ANY("any"), MOBILEPHONE("handy"), CARD("card"); + + private final String authMethod; + + VdaAuthMethod(final String method) { + this.authMethod = method; + } + + /** + * Get VDA AuthMethod. + * + * @return + */ + public String getAuthMethod() { + return this.authMethod; + } + + /** + * Get VDA authmethod from String representation. + * + * @param s authMethod parameter + * @return AuthMethod, or VdaAuthMethod.ANY if the parameter is unknown + */ + public static VdaAuthMethod fromString(@Nonnull final String s) { + try { + return VdaAuthMethod.valueOf(s.toUpperCase()); + + } catch (IllegalArgumentException | NullPointerException e) { + return VdaAuthMethod.ANY; + + } + } + + @Override + public String toString() { + return getAuthMethod(); + + } + } + public static final String PARAM_SL20_REQ_ICP_RETURN_URL_PARAM = "slIPCReturnUrl"; public static final String PARAM_SL20_REQ_TRANSACTIONID = "slTransactionID"; |