summaryrefslogtreecommitdiff
path: root/eaaf_modules/eaaf_module_auth_sl20/src/main
diff options
context:
space:
mode:
authorThomas Lenz <thomas.lenz@egiz.gv.at>2020-03-19 15:59:15 +0100
committerThomas Lenz <thomas.lenz@egiz.gv.at>2020-03-19 15:59:15 +0100
commit5742681b60c6f99efa0040c42e514005596ffb34 (patch)
treead5c9a5294e08538815ec8cbebb749f06a21f2f5 /eaaf_modules/eaaf_module_auth_sl20/src/main
parentf95a1fb3982395ccbc7e139cb5bd8a1c106bbb48 (diff)
downloadEAAF-Components-5742681b60c6f99efa0040c42e514005596ffb34.tar.gz
EAAF-Components-5742681b60c6f99efa0040c42e514005596ffb34.tar.bz2
EAAF-Components-5742681b60c6f99efa0040c42e514005596ffb34.zip
inject authType parameter in VDA request to select a specific authentication method
Diffstat (limited to 'eaaf_modules/eaaf_module_auth_sl20/src/main')
-rw-r--r--eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java30
-rw-r--r--eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java45
2 files changed, 75 insertions, 0 deletions
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java
index 1d97b167..6a5e1ef0 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java
@@ -1,5 +1,6 @@
package at.gv.egiz.eaaf.modules.auth.sl20.tasks;
+import java.io.Serializable;
import java.security.cert.CertificateEncodingException;
import java.util.ArrayList;
import java.util.List;
@@ -39,6 +40,7 @@ import at.gv.egiz.eaaf.modules.auth.sl20.data.VerificationResult;
import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SL20Exception;
import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SlCommandoParserException;
import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20Constants;
+import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20Constants.VdaAuthMethod;
import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20HttpBindingUtils;
import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JsonBuilderUtils;
import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JsonExtractorUtils;
@@ -95,6 +97,15 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl
final List<NameValuePair> parameters = new ArrayList<>();
parameters.add(new BasicNameValuePair(SL20Constants.PARAM_SL20_REQ_COMMAND_PARAM,
Base64Url.encode(sl20Req.toString().getBytes("UTF-8"))));
+
+ //set specific authentication method if it was selection by process step before
+ VdaAuthMethod authMethod = getVdaAuthMethodFromContext(executionContext);
+ if (authMethod != null) {
+ log.debug("Request VDA with authType: {}", authMethod);
+ parameters.add(new BasicNameValuePair(SL20Constants.PARAM_SL20_REQ_AUTH_METHOD_PARAM,
+ authMethod.getAuthMethod()));
+ }
+
httpReq.setEntity(new UrlEncodedFormEntity(parameters));
// build http GET request
@@ -191,6 +202,13 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl
}
/**
+ * Get ExecutionContext parameter-key for VDA AuthMethod information.
+ *
+ * @return Key to get AuthMethod from {@link ExecutionContext}
+ */
+ protected abstract String getAuthMethodContextParamKey();
+
+ /**
* Create a implementation specific qualified eID SL2.0 command
*
* @param oaConfig
@@ -201,6 +219,18 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl
*/
protected abstract String buildSignedQualifiedEidCommand() throws CertificateEncodingException, SL20Exception;
+
+ private VdaAuthMethod getVdaAuthMethodFromContext(ExecutionContext executionContext) {
+ Serializable authMethodRaw = executionContext.get(getAuthMethodContextParamKey());
+ if (authMethodRaw instanceof String) {
+ log.trace("Find authMethod parameter: {} on context", authMethodRaw);
+ return VdaAuthMethod.fromString((String) authMethodRaw);
+
+ }
+
+ return null;
+ }
+
private String extractVdaUrlForSpecificOa(final ISpConfiguration oaConfig, final ExecutionContext executionContext) {
// load SP specific config for development and testing purposes
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java
index 01316b9b..ec5dbf2e 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java
@@ -4,6 +4,8 @@ import java.util.Arrays;
import java.util.Collections;
import java.util.List;
+import javax.annotation.Nonnull;
+
import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers;
import org.jose4j.jwe.KeyManagementAlgorithmIdentifiers;
import org.jose4j.jws.AlgorithmIdentifiers;
@@ -11,10 +13,53 @@ import org.jose4j.jws.AlgorithmIdentifiers;
public class SL20Constants {
public static final int CURRENT_SL20_VERSION = 10;
+
// http binding parameters
public static final String PARAM_SL20_REQ_COMMAND_PARAM = "slcommand";
public static final String PARAM_SL20_REQ_COMMAND_PARAM_OLD = "sl2command";
+ public static final String PARAM_SL20_REQ_AUTH_METHOD_PARAM = "authtype";
+ public enum VdaAuthMethod {
+ ANY("any"), MOBILEPHONE("handy"), CARD("card");
+
+ private final String authMethod;
+
+ VdaAuthMethod(final String method) {
+ this.authMethod = method;
+ }
+
+ /**
+ * Get VDA AuthMethod.
+ *
+ * @return
+ */
+ public String getAuthMethod() {
+ return this.authMethod;
+ }
+
+ /**
+ * Get VDA authmethod from String representation.
+ *
+ * @param s authMethod parameter
+ * @return AuthMethod, or VdaAuthMethod.ANY if the parameter is unknown
+ */
+ public static VdaAuthMethod fromString(@Nonnull final String s) {
+ try {
+ return VdaAuthMethod.valueOf(s.toUpperCase());
+
+ } catch (IllegalArgumentException | NullPointerException e) {
+ return VdaAuthMethod.ANY;
+
+ }
+ }
+
+ @Override
+ public String toString() {
+ return getAuthMethod();
+
+ }
+ }
+
public static final String PARAM_SL20_REQ_ICP_RETURN_URL_PARAM = "slIPCReturnUrl";
public static final String PARAM_SL20_REQ_TRANSACTIONID = "slTransactionID";