From 3fada6cef21c9b16467177d866df778203b51b4d Mon Sep 17 00:00:00 2001 From: Thomas Date: Thu, 5 Dec 2019 09:52:48 +0100 Subject: some code code-style modifications active code-quality checks! --- .../builder/AbstractAuthenticationDataBuilder.java | 257 +++++++++++---------- 1 file changed, 129 insertions(+), 128 deletions(-) (limited to 'eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java') diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java index b12658f5..f5c687f1 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java @@ -25,14 +25,26 @@ import java.io.InputStream; import java.util.ArrayList; import java.util.Collection; import java.util.Map.Entry; + +import org.apache.commons.lang3.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.lang.NonNull; +import org.springframework.util.Assert; +import org.springframework.util.Base64Utils; +import org.w3c.dom.DOMException; +import org.w3c.dom.Element; +import org.w3c.dom.Node; + import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.data.EAAFConstants; -import at.gv.egiz.eaaf.core.api.data.ExtendedPVPAttributeDefinitions; -import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.IAuthenticationDataBuilder; import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; -import at.gv.egiz.eaaf.core.api.idp.IspConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.api.idp.auth.data.IAuthProcessDataContainer; import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; @@ -47,17 +59,6 @@ import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData; import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; import at.gv.egiz.eaaf.core.impl.utils.XPathUtils; -import org.apache.commons.lang3.StringUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.lang.NonNull; -import org.springframework.util.Assert; -import org.springframework.util.Base64Utils; -import org.w3c.dom.DOMException; -import org.w3c.dom.Element; -import org.w3c.dom.Node; - public abstract class AbstractAuthenticationDataBuilder implements IAuthenticationDataBuilder { private static final Logger log = @@ -83,7 +84,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati pendingReq.getSessionData(AuthProcessDataWrapper.class); try { - if (authProcessData.isEIDProcess()) { + if (authProcessData.isEidProcess()) { log.debug("Building AuthData from new E-ID information ... "); authData = getAuthDataInstance(pendingReq); Assert.notNull(authData, "AuthData is null"); @@ -107,7 +108,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati } catch (XPathException | DOMException | EaafException e) { log.warn("Can not build authentication data from auth. process information"); - throw new EaafAuthenticationException("builder.11", new Object[] {e.getMessage()}, e); + throw new EaafAuthenticationException("builder.11", new Object[] { e.getMessage() }, e); } @@ -127,8 +128,8 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati protected abstract IAuthData getAuthDataInstance(IRequest pendingReq) throws EaafException; /** - * Build service-specific AuthData by using information from E-ID This builder uses vSZ, MDS and - * Consent as input information. + * Build service-specific AuthData by using information from E-ID This builder + * uses vSZ, MDS and Consent as input information. * * @param pendingReq current pendingRequest * @return {@link IAuthData} but never null @@ -137,13 +138,13 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati protected abstract void buildServiceSpecificAuthenticationData(IAuthData authData, IRequest pendingReq) throws EaafException; - /** * Add generic E-ID information into already existing AuthData. * - * @param authData AuthData object - * @param authProcessData Authentication information holder from current pending request - * @param pendingReq current pending request + * @param authData AuthData object + * @param authProcessData Authentication information holder from current pending + * request + * @param pendingReq current pending request */ private void buildInternalAuthDataGeneric(@NonNull final IAuthData authData, @NonNull final IAuthProcessDataContainer authProcessData, @@ -164,7 +165,8 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati // TODO: check if it is needed // if (authProcessData.getGenericSessionDataStorage() != null && // !authProcessData.getGenericSessionDataStorage().isEmpty()) - // includedToGenericAuthData = authProcessData.getGenericSessionDataStorage().keySet(); + // includedToGenericAuthData = + // authProcessData.getGenericSessionDataStorage().keySet(); // else includedToGenericAuthData = new ArrayList<>(); @@ -178,31 +180,28 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati // #################################################### // set MDS and vSZ internalAuthData.setFamilyName(authProcessData - .getGenericDataFromSession(PVPAttributeDefinitions.PRINCIPAL_NAME_NAME, String.class)); + .getGenericDataFromSession(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, String.class)); internalAuthData.setGivenName(authProcessData - .getGenericDataFromSession(PVPAttributeDefinitions.GIVEN_NAME_NAME, String.class)); + .getGenericDataFromSession(PvpAttributeDefinitions.GIVEN_NAME_NAME, String.class)); internalAuthData.setDateOfBirth(authProcessData - .getGenericDataFromSession(PVPAttributeDefinitions.BIRTHDATE_NAME, String.class)); + .getGenericDataFromSession(PvpAttributeDefinitions.BIRTHDATE_NAME, String.class)); internalAuthData.setEncSourceId(authProcessData.getGenericDataFromSession( - ExtendedPVPAttributeDefinitions.EID_ENCRYPTED_SOURCEID_NAME, String.class)); + ExtendedPvpAttributeDefinitions.EID_ENCRYPTED_SOURCEID_NAME, String.class)); internalAuthData.setEncSourceIdType(authProcessData.getGenericDataFromSession( - ExtendedPVPAttributeDefinitions.EID_ENCRYPTED_SOURCEID_TYPE_NAME, String.class)); + ExtendedPvpAttributeDefinitions.EID_ENCRYPTED_SOURCEID_TYPE_NAME, String.class)); // #################################################### // set QAA level setQaaLevel(internalAuthData, authProcessData); - // #################################################### // set isForeigner flag setFlagForeigner(internalAuthData, authProcessData); - // #################################################### // set citizen country-code setCitizenCountryCode(internalAuthData, authProcessData); - // set generic authProcessData to authdata for (final Entry el : authProcessData.getGenericSessionDataStorage() .entrySet()) { @@ -220,33 +219,33 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati } - } /** * Parse citzen country-code into AuthData. * - * @param authData Current authentication data - * @param authProcessData Authentication information holder from current pending request + * @param authData Current authentication data + * @param authProcessData Authentication information holder from current pending + * request */ private void setCitizenCountryCode(final AuthenticationData authData, final IAuthProcessDataContainer authProcessData) { - includedToGenericAuthData.remove(PVPAttributeDefinitions.EID_ISSUING_NATION_NAME); + includedToGenericAuthData.remove(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME); final String pvpCccAttr = authProcessData - .getGenericDataFromSession(PVPAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class); + .getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class); if (StringUtils.isNotEmpty(pvpCccAttr)) { authData.setCiticenCountryCode(pvpCccAttr); - log.debug("Find PVP-Attr: " + PVPAttributeDefinitions.EID_ISSUING_NATION_FRIENDLY_NAME); + log.debug("Find PVP-Attr: " + PvpAttributeDefinitions.EID_ISSUING_NATION_FRIENDLY_NAME); } else { if (authData.isForeigner()) { - //TODO: + // TODO: log.warn("Foreign citizen country NOT set yet!"); } else { authData.setCiticenCountryCode(basicConfig.getBasicConfiguration( IConfigurationWithSP.CONFIG_PROPS_AUTH_DEFAULT_COUNTRYCODE, - EAAFConstants.COUNTRYCODE_AUSTRIA)); + EaafConstants.COUNTRYCODE_AUSTRIA)); } } @@ -256,28 +255,29 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati /** * parse QAA Level into AuthData. * - * @param authData current authentication data - * @param authProcessData Authentication information holder from current pending request - * @param pendingReq current pending request + * @param authData current authentication data + * @param authProcessData Authentication information holder from current pending + * request + * @param pendingReq current pending request */ private void setQaaLevel(@NonNull final AuthenticationData authData, @NonNull final IAuthProcessDataContainer authProcessData) { - includedToGenericAuthData.remove(PVPAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME); + includedToGenericAuthData.remove(PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME); String currentLoA = null; - if (StringUtils.isNotEmpty(authProcessData.getQAALevel())) { - currentLoA = authProcessData.getQAALevel(); + if (StringUtils.isNotEmpty(authProcessData.getQaaLevel())) { + currentLoA = authProcessData.getQaaLevel(); } else { currentLoA = authProcessData.getGenericDataFromSession( - PVPAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, String.class); + PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, String.class); if (StringUtils.isNotEmpty(currentLoA)) { log.debug( - "Find PVP-Attr '" + PVPAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_FRIENDLY_NAME + "Find PVP-Attr '" + PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_FRIENDLY_NAME + "':" + currentLoA + " --> Parse QAA-Level from that attribute."); } } if (StringUtils.isNotEmpty(currentLoA)) { - if (currentLoA.startsWith(EAAFConstants.EIDAS_LOA_PREFIX)) { + if (currentLoA.startsWith(EaafConstants.EIDAS_LOA_PREFIX)) { authData.setEidasLoa(currentLoA); } else { @@ -285,20 +285,19 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati } } else { - log.info("No QAA level found. Set to default level " + EAAFConstants.EIDAS_LOA_LOW); - authData.setEidasLoa(EAAFConstants.EIDAS_LOA_LOW); + log.info("No QAA level found. Set to default level " + EaafConstants.EIDAS_LOA_LOW); + authData.setEidasLoa(EaafConstants.EIDAS_LOA_LOW); } } - private void setFlagForeigner(final AuthenticationData authData, final IAuthProcessDataContainer authProcessData) { // TODO: change to new eIDAS-token attribute identifier if (authProcessData - .getGenericDataFromSession(PVPAttributeDefinitions.EID_STORK_TOKEN_NAME) != null) { - log.debug("Find PVP-Attr: " + PVPAttributeDefinitions.EID_STORK_TOKEN_FRIENDLY_NAME + .getGenericDataFromSession(PvpAttributeDefinitions.EID_STORK_TOKEN_NAME) != null) { + log.debug("Find PVP-Attr: " + PvpAttributeDefinitions.EID_STORK_TOKEN_FRIENDLY_NAME + " --> Set 'isForeigner' flag to TRUE"); authData.setForeigner(true); @@ -309,8 +308,9 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati } /** - * Build authentication data by using information from citizen-card or mobile-phone signature This - * builder uses IdentityLink, AuthBlock, full MIS mandate as input information. + * Build authentication data by using information from citizen-card or + * mobile-phone signature This builder uses IdentityLink, AuthBlock, full MIS + * mandate as input information. * * @param pendingReq current pendingRequest * @return {@link IAuthData} but never null @@ -340,7 +340,6 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati authData.setBaseIdTransferRestrication( pendingReq.getServiceProviderConfiguration().hasBaseIdTransferRestriction()); - // #################################################### // parse user info's from identityLink IIdentityLink idlFromPvpAttr = null; @@ -351,10 +350,10 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati } else { // identityLink is not direct in MOASession final String pvpAttrIdl = authProcessData - .getGenericDataFromSession(PVPAttributeDefinitions.EID_IDENTITY_LINK_NAME, String.class); + .getGenericDataFromSession(PvpAttributeDefinitions.EID_IDENTITY_LINK_NAME, String.class); // find PVP-Attr. which contains the IdentityLink if (StringUtils.isNotEmpty(pvpAttrIdl)) { - log.debug("Find PVP-Attr: " + PVPAttributeDefinitions.EID_IDENTITY_LINK_FRIENDLY_NAME + log.debug("Find PVP-Attr: " + PvpAttributeDefinitions.EID_IDENTITY_LINK_FRIENDLY_NAME + " --> Parse basic user info's from that attribute."); InputStream idlStream = null; try { @@ -373,7 +372,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati } finally { try { - includedToGenericAuthData.remove(PVPAttributeDefinitions.EID_IDENTITY_LINK_NAME); + includedToGenericAuthData.remove(PvpAttributeDefinitions.EID_IDENTITY_LINK_NAME); if (idlStream != null) { idlStream.close(); } @@ -390,28 +389,28 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati log.debug( "No IdentityLink found or not parseable --> Parse basic user info's from single PVP-Attributes."); authData.setFamilyName(authProcessData - .getGenericDataFromSession(PVPAttributeDefinitions.PRINCIPAL_NAME_NAME, String.class)); + .getGenericDataFromSession(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, String.class)); authData.setGivenName(authProcessData - .getGenericDataFromSession(PVPAttributeDefinitions.GIVEN_NAME_NAME, String.class)); + .getGenericDataFromSession(PvpAttributeDefinitions.GIVEN_NAME_NAME, String.class)); authData.setDateOfBirth(authProcessData - .getGenericDataFromSession(PVPAttributeDefinitions.BIRTHDATE_NAME, String.class)); + .getGenericDataFromSession(PvpAttributeDefinitions.BIRTHDATE_NAME, String.class)); authData.setIdentificationValue(authProcessData - .getGenericDataFromSession(PVPAttributeDefinitions.EID_SOURCE_PIN_NAME, String.class)); + .getGenericDataFromSession(PvpAttributeDefinitions.EID_SOURCE_PIN_NAME, String.class)); authData.setIdentificationType(authProcessData.getGenericDataFromSession( - PVPAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME, String.class)); + PvpAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME, String.class)); // remove corresponding keys from genericSessionData if exists - includedToGenericAuthData.remove(PVPAttributeDefinitions.PRINCIPAL_NAME_NAME); - includedToGenericAuthData.remove(PVPAttributeDefinitions.GIVEN_NAME_NAME); - includedToGenericAuthData.remove(PVPAttributeDefinitions.BIRTHDATE_NAME); - includedToGenericAuthData.remove(PVPAttributeDefinitions.EID_SOURCE_PIN_NAME); - includedToGenericAuthData.remove(PVPAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME); + includedToGenericAuthData.remove(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME); + includedToGenericAuthData.remove(PvpAttributeDefinitions.GIVEN_NAME_NAME); + includedToGenericAuthData.remove(PvpAttributeDefinitions.BIRTHDATE_NAME); + includedToGenericAuthData.remove(PvpAttributeDefinitions.EID_SOURCE_PIN_NAME); + includedToGenericAuthData.remove(PvpAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME); } } if (authData.getIdentificationType() != null - && !authData.getIdentificationType().equals(EAAFConstants.URN_PREFIX_BASEID)) { + && !authData.getIdentificationType().equals(EaafConstants.URN_PREFIX_BASEID)) { log.trace("IdentificationType is not a baseID --> clear it. "); authData.setBpk(authData.getIdentificationValue()); authData.setBpkType(authData.getIdentificationType()); @@ -420,22 +419,18 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati authData.setIdentificationType(null); } - // #################################################### // set QAA level setQaaLevel(authData, authProcessData); - // #################################################### // set isForeigner flag setFlagForeigner(authData, authProcessData); - // #################################################### // set citizen country-code setCitizenCountryCode(authData, authProcessData); - // #################################################### // set bPK and IdentityLink final String pvpBpkValue = getBpkValueFromPvpAttribute(authProcessData); @@ -449,12 +444,12 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati log.info( "Can not build authData, because moaSession include no bPK, encrypted bPK or baseID"); throw new EaafBuilderException("builder.08", - new Object[] {"No " + PVPAttributeDefinitions.BPK_FRIENDLY_NAME + " or " - + PVPAttributeDefinitions.EID_SOURCE_PIN_FRIENDLY_NAME + " or " - + PVPAttributeDefinitions.ENC_BPK_LIST_FRIENDLY_NAME}, - "No " + PVPAttributeDefinitions.BPK_FRIENDLY_NAME + " or " - + PVPAttributeDefinitions.EID_SOURCE_PIN_FRIENDLY_NAME + " or " - + PVPAttributeDefinitions.ENC_BPK_LIST_FRIENDLY_NAME); + new Object[] { "No " + PvpAttributeDefinitions.BPK_FRIENDLY_NAME + " or " + + PvpAttributeDefinitions.EID_SOURCE_PIN_FRIENDLY_NAME + " or " + + PvpAttributeDefinitions.ENC_BPK_LIST_FRIENDLY_NAME }, + "No " + PvpAttributeDefinitions.BPK_FRIENDLY_NAME + " or " + + PvpAttributeDefinitions.EID_SOURCE_PIN_FRIENDLY_NAME + " or " + + PvpAttributeDefinitions.ENC_BPK_LIST_FRIENDLY_NAME); } @@ -513,10 +508,10 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati "Can not build authData, because moaSession include no valid bPK, encrypted bPK or sourceID"); throw new EaafBuilderException("builder.13", new Object[] { - pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()}, - "No valid " + PVPAttributeDefinitions.BPK_FRIENDLY_NAME + " or " - + PVPAttributeDefinitions.EID_SOURCE_PIN_FRIENDLY_NAME + " or " - + PVPAttributeDefinitions.ENC_BPK_LIST_FRIENDLY_NAME); + pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier() }, + "No valid " + PvpAttributeDefinitions.BPK_FRIENDLY_NAME + " or " + + PvpAttributeDefinitions.EID_SOURCE_PIN_FRIENDLY_NAME + " or " + + PvpAttributeDefinitions.ENC_BPK_LIST_FRIENDLY_NAME); } } @@ -536,7 +531,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati @Deprecated protected abstract Pair getEncryptedBpkFromPvpAttribute( IAuthProcessDataContainer authProcessDataContainer, AuthenticationData authData, - IspConfiguration spConfig) throws EaafBuilderException; + ISpConfiguration spConfig) throws EaafBuilderException; // request baseId from SRZ @Deprecated @@ -546,13 +541,13 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati @Deprecated protected Pair buildOAspecificbPK(final IRequest pendingReq, final AuthenticationData authData) throws EaafBuilderException { - final IspConfiguration oaParam = pendingReq.getServiceProviderConfiguration(); + final ISpConfiguration oaParam = pendingReq.getServiceProviderConfiguration(); final String baseID = authData.getIdentificationValue(); final String baseIdType = authData.getIdentificationType(); Pair sectorSpecId = null; - if (EAAFConstants.URN_PREFIX_BASEID.equals(baseIdType)) { + if (EaafConstants.URN_PREFIX_BASEID.equals(baseIdType)) { // SAML1 legacy target parameter work-around final String spTargetId = oaParam.getAreaSpecificTargetIdentifier(); log.debug("Use OA target identifier '" + spTargetId + "' from configuration"); @@ -575,7 +570,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati } @Deprecated - protected IIdentityLink buildOAspecificIdentityLink(final IspConfiguration spConfig, + protected IIdentityLink buildOAspecificIdentityLink(final ISpConfiguration spConfig, final IIdentityLink idl, final String bpk, final String bpkType) throws EaafConfigurationException, XPathException, DOMException, EaafParserException { if (spConfig.hasBaseIdTransferRestriction()) { @@ -607,10 +602,11 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati * * @param oaParam Service-Provider configuration, never null * @param bpkType bPK-Type to check - * @return true, if bPK-Type matchs to Service-Provider configuration, otherwise false + * @return true, if bPK-Type matchs to Service-Provider configuration, otherwise + * false */ @Deprecated - protected boolean matchsReceivedBpkToOnlineApplication(final IspConfiguration oaParam, + protected boolean matchsReceivedBpkToOnlineApplication(final ISpConfiguration oaParam, final String bpkType) { return oaParam.getAreaSpecificTargetIdentifier().equals(bpkType); @@ -619,9 +615,10 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati /** * Parse information from an IdentityLink into AuthData object. * - * @param authData current authentication data - * @param identityLink User's identityLink - * @param includedGenericSessionData Generic AuthSession Data from PVP attributes + * @param authData current authentication data + * @param identityLink User's identityLink + * @param includedGenericSessionData Generic AuthSession Data from PVP + * attributes */ @Deprecated private void parseBasicUserInfosFromIdl(final AuthenticationData authData, @@ -631,10 +628,11 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati /* * GivenNames and FamilyNames with simple Apostrophe were escaped with ' in - * IdentityLinkParser since 5 years. This feature was bug-fix for an SL1.0 AuthBlock problem. - * However, the authentication attributes (SAML2, eIDAS, OpenID-Connect) also includes this - * escaped values, but there it is not neccesary. We fix this problem in 3.4.3, but the fix can - * be deactivated for dependency reasons. + * IdentityLinkParser since 5 years. This feature was bug-fix for an SL1.0 + * AuthBlock problem. However, the authentication attributes (SAML2, eIDAS, + * OpenID-Connect) also includes this escaped values, but there it is not + * neccesary. We fix this problem in 3.4.3, but the fix can be deactivated for + * dependency reasons. */ if (basicConfig.getBasicConfigurationBoolean(CONFIG_PROP_ENABLE_IDL_ATTRIBUTE_ESCAPEING, false)) { @@ -649,35 +647,37 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati authData.setDateOfBirth(identityLink.getDateOfBirth()); - // remove corresponding keys from genericSessionData if exists - includedGenericSessionData.remove(PVPAttributeDefinitions.PRINCIPAL_NAME_NAME); - includedGenericSessionData.remove(PVPAttributeDefinitions.GIVEN_NAME_NAME); - includedGenericSessionData.remove(PVPAttributeDefinitions.BIRTHDATE_NAME); - includedGenericSessionData.remove(PVPAttributeDefinitions.EID_SOURCE_PIN_NAME); - includedGenericSessionData.remove(PVPAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME); + includedGenericSessionData.remove(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME); + includedGenericSessionData.remove(PvpAttributeDefinitions.GIVEN_NAME_NAME); + includedGenericSessionData.remove(PvpAttributeDefinitions.BIRTHDATE_NAME); + includedGenericSessionData.remove(PvpAttributeDefinitions.EID_SOURCE_PIN_NAME); + includedGenericSessionData.remove(PvpAttributeDefinitions.EID_SOURCE_PIN_TYPE_NAME); } /** - * Get bPK from PVP Attribute 'BPK_NAME', which could be exist in MOASession as 'GenericData'.
+ * Get bPK from PVP Attribute 'BPK_NAME', which could be exist in MOASession as + * 'GenericData'.
* * 
    * session.getGenericDataFromSession(PVPConstants.BPK_NAME, String.class)
    *
* * @param session MOASession, but never null - * @return bPK, which was received by PVP-Attribute, or null if no attribute exists + * @return bPK, which was received by PVP-Attribute, or null if no + * attribute exists */ @Deprecated private String getBpkValueFromPvpAttribute(final IAuthProcessDataContainer session) { String pvpBpkValueAttr = - session.getGenericDataFromSession(PVPAttributeDefinitions.BPK_NAME, String.class); + session.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME, String.class); if (StringUtils.isNotEmpty(pvpBpkValueAttr)) { - // fix a wrong bPK-value prefix, which was used in some PVP Standardportal implementations + // fix a wrong bPK-value prefix, which was used in some PVP Standardportal + // implementations if (pvpBpkValueAttr.startsWith("bPK:")) { - log.warn("Attribute " + PVPAttributeDefinitions.BPK_NAME + log.warn("Attribute " + PvpAttributeDefinitions.BPK_NAME + " contains a not standardize prefix! Staring attribute value correction process ..."); pvpBpkValueAttr = pvpBpkValueAttr.substring("bPK:".length()); @@ -685,18 +685,16 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati final String[] spitted = pvpBpkValueAttr.split(":"); if (spitted.length == 2) { - log.debug("Find PVP-Attr: " + PVPAttributeDefinitions.BPK_FRIENDLY_NAME); + log.debug("Find PVP-Attr: " + PvpAttributeDefinitions.BPK_FRIENDLY_NAME); return spitted[1]; - - } else if (spitted.length > 2) { - log.warn("Attribute " + PVPAttributeDefinitions.BPK_NAME + log.warn("Attribute " + PvpAttributeDefinitions.BPK_NAME + " has a wrong encoding and can NOT be USED!" + " Value:" + pvpBpkValueAttr); return null; } else { - log.debug("Find PVP-Attr: " + PVPAttributeDefinitions.BPK_FRIENDLY_NAME + log.debug("Find PVP-Attr: " + PvpAttributeDefinitions.BPK_FRIENDLY_NAME + " without prefix. Use it as it is"); return spitted[0]; @@ -708,49 +706,52 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati } /** - * Get bPK-Type from PVP Attribute 'EID_SECTOR_FOR_IDENTIFIER_NAME', which could be exist in - * MOASession as 'GenericData'.
+ * Get bPK-Type from PVP Attribute 'EID_SECTOR_FOR_IDENTIFIER_NAME', which could + * be exist in MOASession as 'GenericData'.
* * 
    * session.getGenericDataFromSession(PVPConstants.EID_SECTOR_FOR_IDENTIFIER_NAME, String.class)
    *
* * @param session MOASession, but never null - * @return bPKType, which was received by PVP-Attribute, or null if no attribute - * exists + * @return bPKType, which was received by PVP-Attribute, or null if + * no attribute exists */ @Deprecated private String getBpkTypeFromPvpAttribute(final IAuthProcessDataContainer session) { final String pvpBpkTypeAttr = session.getGenericDataFromSession( - PVPAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME, String.class); + PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME, String.class); if (StringUtils.isNotEmpty(pvpBpkTypeAttr)) { - // //fix a wrong bPK-Type encoding, which was used in some PVP Standardportal implementations + // //fix a wrong bPK-Type encoding, which was used in some PVP Standardportal + // implementations // if (pvpbPKTypeAttr.startsWith(EAAFConstants.URN_PREFIX_CDID) && // !pvpbPKTypeAttr.substring(EAAFConstants.URN_PREFIX_CDID.length(), // EAAFConstants.URN_PREFIX_CDID.length() + 1).equals("+")) { - // log.warn("Receive uncorrect encoded bBKType attribute " + pvpbPKTypeAttr + " Starting + // log.warn("Receive uncorrect encoded bBKType attribute " + pvpbPKTypeAttr + " + // Starting // attribute value correction ... "); // pvpbPKTypeAttr = EAAFConstants.URN_PREFIX_CDID + "+" + // pvpbPKTypeAttr.substring(EAAFConstants.URN_PREFIX_CDID.length() + 1); // // } log.debug( - "Find PVP-Attr: " + PVPAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME); + "Find PVP-Attr: " + PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME); return pvpBpkTypeAttr; } return null; - /* - * INFO: This code could be used to extract the bPKType from 'PVPConstants.BPK_NAME', because - * the prefix of BPK_NAME attribute contains the postfix of the bPKType + * INFO: This code could be used to extract the bPKType from + * 'PVPConstants.BPK_NAME', because the prefix of BPK_NAME attribute contains + * the postfix of the bPKType * - * Now, all PVP Standardportals should be able to send 'EID_SECTOR_FOR_IDENTIFIER' PVP - * attributes + * Now, all PVP Standardportals should be able to send + * 'EID_SECTOR_FOR_IDENTIFIER' PVP attributes */ - // String pvpbPKValueAttr = session.getGenericDataFromSession(PVPConstants.BPK_NAME, + // String pvpbPKValueAttr = + // session.getGenericDataFromSession(PVPConstants.BPK_NAME, // String.class); // String[] spitted = pvpbPKValueAttr.split(":"); // if (MiscUtil.isEmpty(authData.getBPKType())) { -- cgit v1.2.3