From 5742681b60c6f99efa0040c42e514005596ffb34 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Thu, 19 Mar 2020 15:59:15 +0100 Subject: inject authType parameter in VDA request to select a specific authentication method --- .../tasks/AbstractCreateQualEidRequestTask.java | 30 +++++++++++++++ .../modules/auth/sl20/utils/SL20Constants.java | 45 ++++++++++++++++++++++ 2 files changed, 75 insertions(+) diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java index 1d97b167..6a5e1ef0 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/tasks/AbstractCreateQualEidRequestTask.java @@ -1,5 +1,6 @@ package at.gv.egiz.eaaf.modules.auth.sl20.tasks; +import java.io.Serializable; import java.security.cert.CertificateEncodingException; import java.util.ArrayList; import java.util.List; @@ -39,6 +40,7 @@ import at.gv.egiz.eaaf.modules.auth.sl20.data.VerificationResult; import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SL20Exception; import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SlCommandoParserException; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20Constants; +import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20Constants.VdaAuthMethod; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20HttpBindingUtils; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JsonBuilderUtils; import at.gv.egiz.eaaf.modules.auth.sl20.utils.SL20JsonExtractorUtils; @@ -95,6 +97,15 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl final List parameters = new ArrayList<>(); parameters.add(new BasicNameValuePair(SL20Constants.PARAM_SL20_REQ_COMMAND_PARAM, Base64Url.encode(sl20Req.toString().getBytes("UTF-8")))); + + //set specific authentication method if it was selection by process step before + VdaAuthMethod authMethod = getVdaAuthMethodFromContext(executionContext); + if (authMethod != null) { + log.debug("Request VDA with authType: {}", authMethod); + parameters.add(new BasicNameValuePair(SL20Constants.PARAM_SL20_REQ_AUTH_METHOD_PARAM, + authMethod.getAuthMethod())); + } + httpReq.setEntity(new UrlEncodedFormEntity(parameters)); // build http GET request @@ -190,6 +201,13 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl } + /** + * Get ExecutionContext parameter-key for VDA AuthMethod information. + * + * @return Key to get AuthMethod from {@link ExecutionContext} + */ + protected abstract String getAuthMethodContextParamKey(); + /** * Create a implementation specific qualified eID SL2.0 command * @@ -201,6 +219,18 @@ public abstract class AbstractCreateQualEidRequestTask extends AbstractAuthServl */ protected abstract String buildSignedQualifiedEidCommand() throws CertificateEncodingException, SL20Exception; + + private VdaAuthMethod getVdaAuthMethodFromContext(ExecutionContext executionContext) { + Serializable authMethodRaw = executionContext.get(getAuthMethodContextParamKey()); + if (authMethodRaw instanceof String) { + log.trace("Find authMethod parameter: {} on context", authMethodRaw); + return VdaAuthMethod.fromString((String) authMethodRaw); + + } + + return null; + } + private String extractVdaUrlForSpecificOa(final ISpConfiguration oaConfig, final ExecutionContext executionContext) { // load SP specific config for development and testing purposes diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java index 01316b9b..ec5dbf2e 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20Constants.java @@ -4,6 +4,8 @@ import java.util.Arrays; import java.util.Collections; import java.util.List; +import javax.annotation.Nonnull; + import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; import org.jose4j.jwe.KeyManagementAlgorithmIdentifiers; import org.jose4j.jws.AlgorithmIdentifiers; @@ -11,10 +13,53 @@ import org.jose4j.jws.AlgorithmIdentifiers; public class SL20Constants { public static final int CURRENT_SL20_VERSION = 10; + // http binding parameters public static final String PARAM_SL20_REQ_COMMAND_PARAM = "slcommand"; public static final String PARAM_SL20_REQ_COMMAND_PARAM_OLD = "sl2command"; + public static final String PARAM_SL20_REQ_AUTH_METHOD_PARAM = "authtype"; + public enum VdaAuthMethod { + ANY("any"), MOBILEPHONE("handy"), CARD("card"); + + private final String authMethod; + + VdaAuthMethod(final String method) { + this.authMethod = method; + } + + /** + * Get VDA AuthMethod. + * + * @return + */ + public String getAuthMethod() { + return this.authMethod; + } + + /** + * Get VDA authmethod from String representation. + * + * @param s authMethod parameter + * @return AuthMethod, or VdaAuthMethod.ANY if the parameter is unknown + */ + public static VdaAuthMethod fromString(@Nonnull final String s) { + try { + return VdaAuthMethod.valueOf(s.toUpperCase()); + + } catch (IllegalArgumentException | NullPointerException e) { + return VdaAuthMethod.ANY; + + } + } + + @Override + public String toString() { + return getAuthMethod(); + + } + } + public static final String PARAM_SL20_REQ_ICP_RETURN_URL_PARAM = "slIPCReturnUrl"; public static final String PARAM_SL20_REQ_TRANSACTIONID = "slTransactionID"; -- cgit v1.2.3