aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Lenz <thomas.lenz@egiz.gv.at>2019-10-31 09:48:29 +0100
committerThomas Lenz <thomas.lenz@egiz.gv.at>2019-10-31 09:48:29 +0100
commit6bd9903633452f01531e9830db0242e9bf081242 (patch)
tree5745138b439e469cfc9f10ddea60cb71c8d467eb
parent5bda3bcc87f7c58dfa782e76eecb183631369ede (diff)
downloadNational_eIDAS_Gateway-6bd9903633452f01531e9830db0242e9bf081242.tar.gz
National_eIDAS_Gateway-6bd9903633452f01531e9830db0242e9bf081242.tar.bz2
National_eIDAS_Gateway-6bd9903633452f01531e9830db0242e9bf081242.zip
add country specific pre-processing to build country specific eIDAS requests
-rw-r--r--basicConfig/default_config.properties8
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java3
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDProcessor.java (renamed from eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDPostProcessor.java)122
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDProcessor.java (renamed from eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDPostProcessor.java)11
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDProcessor.java (renamed from eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDPostProcessor.java)13
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDProcessor.java (renamed from eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDPostProcessor.java)17
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/CCSpecificEIDProcessingService.java (renamed from eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/EIDPostProcessingService.java)41
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/ICCSpecificEIDProcessingService.java (renamed from eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/IeIDPostProcessingService.java)15
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASAttributeRegistry.java37
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java4
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTask.java81
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml10
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java2
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASAttributePostProcessingTest.java9
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASRequestPreProcessingFirstTest.java133
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASRequestPreProcessingSecondTest.java104
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTaskFirstTest.java3
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTaskThirdTest.java3
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml6
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties9
20 files changed, 505 insertions, 126 deletions
diff --git a/basicConfig/default_config.properties b/basicConfig/default_config.properties
index 2f809ddb..6e547b4a 100644
--- a/basicConfig/default_config.properties
+++ b/basicConfig/default_config.properties
@@ -64,10 +64,10 @@ eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true
eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true
eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true
-eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.4=PlaceOfBirth,false
-eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.5=BirthName,false
-eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.6=Gender,false
-eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.7=CurrentAddress,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.4=PlaceOfBirth,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.5=BirthName,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.6=Gender,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.7=CurrentAddress,false
##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT -----
eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java
index bceb9beb..5362431f 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java
@@ -55,7 +55,8 @@ public class Constants {
public static final String CONIG_PROPS_EIDAS_NODE_ENTITYID = CONIG_PROPS_EIDAS_NODE + ".entityId";
public static final String CONIG_PROPS_EIDAS_NODE_FORWARD_URL = CONIG_PROPS_EIDAS_NODE + ".forward.endpoint";
public static final String CONIG_PROPS_EIDAS_NODE_FORWARD_METHOD = CONIG_PROPS_EIDAS_NODE + ".forward.method";
- public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_ONLYNATURAL = CONIG_PROPS_EIDAS_NODE + ".attributes.requested.onlynatural.";
+ public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_DEFAULT_ONLYNATURAL = CONIG_PROPS_EIDAS_NODE + ".attributes.requested.onlynatural.";
+ public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_CC_SPECIFIC_ONLYNATURAL = CONIG_PROPS_EIDAS_NODE + ".attributes.requested.{0}.onlynatural.";
public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_REPRESENTATION = CONIG_PROPS_EIDAS_NODE + ".attributes.requested.representation.";
public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_ADD_ALWAYS_PROVIDERNAME = CONIG_PROPS_EIDAS_NODE + ".workarounds.addAlwaysProviderName";
public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USEREQUESTIDASTRANSACTIONIDENTIFIER = CONIG_PROPS_EIDAS_NODE + ".workarounds.useRequestIdAsTransactionIdentifier";
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDPostProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDProcessor.java
index 9c252d1d..34b3017f 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDPostProcessor.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDProcessor.java
@@ -23,26 +23,52 @@
package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler;
import java.util.Map;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+import org.apache.commons.lang3.StringUtils;
import org.joda.time.DateTime;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import com.google.common.collect.ImmutableSortedSet;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.eIDASAttributeRegistry;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils;
import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
import at.gv.egiz.eaaf.core.impl.data.Trible;
+import edu.umd.cs.findbugs.annotations.NonNull;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+import eu.eidas.auth.commons.protocol.eidas.SpType;
import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
-public abstract class AbstracteIDPostProcessor implements INationaleIDPostProcessor {
- private static final Logger log = LoggerFactory.getLogger(AbstracteIDPostProcessor.class);
+public abstract class AbstracteIDProcessor implements INationaleIDProcessor {
+ private static final Logger log = LoggerFactory.getLogger(AbstracteIDProcessor.class);
+ @Autowired protected eIDASAttributeRegistry attrRegistry;
+ @Autowired protected IConfigurationWithSP basicConfig;
@Override
- public ERnBeIDData postProcess(Map<String, Object> eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException{
+ public final void preProcess(IRequest pendingReq, Builder authnRequestBuilder) {
+
+ buildProviderNameAttribute(pendingReq, authnRequestBuilder);
+ buildRequestedAttributes(pendingReq, authnRequestBuilder);
+
+
+ }
+
+ @Override
+ public final ERnBeIDData postProcess(Map<String, Object> eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException{
ERnBeIDData result = new ERnBeIDData();
Object eIdentifierObj = eIDASAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
@@ -65,6 +91,14 @@ public abstract class AbstracteIDPostProcessor implements INationaleIDPostProces
}
+ @NonNull
+ /**
+ * Get a Map of country-specific requested attributes
+ *
+ * @return
+ */
+ protected abstract Map<String, Boolean> getCountrySpecificRequestedAttributes();
+
/**
* Post-Process the eIDAS CurrentAddress attribute
*
@@ -218,4 +252,86 @@ public abstract class AbstracteIDPostProcessor implements INationaleIDPostProces
}
+ private void buildRequestedAttributes(IRequest pendingReq, Builder authnRequestBuilder) {
+ //build and add requested attribute set
+ Map<String, Boolean> ccSpecificReqAttr = getCountrySpecificRequestedAttributes();
+ log.debug("Get #{} country-specific requested attributes", ccSpecificReqAttr.size());
+
+ Map<String, Boolean> mdsReqAttr = attrRegistry.getDefaultAttributeSetFromConfiguration();
+ log.trace("Get #{} default requested attributes", mdsReqAttr.size());
+
+ //put it together
+ ccSpecificReqAttr.putAll(mdsReqAttr);
+
+ //convert it to eIDAS attributes
+ ImmutableAttributeMap reqAttrMap = translateToEidasAttributes(ccSpecificReqAttr);
+ authnRequestBuilder.requestedAttributes(reqAttrMap);
+
+ }
+
+ private ImmutableAttributeMap translateToEidasAttributes(final Map<String, Boolean> requiredAttributes) {
+ ImmutableAttributeMap.Builder builder = ImmutableAttributeMap.builder();
+ for (Map.Entry<String,Boolean> attribute : requiredAttributes.entrySet()) {
+ final String name = attribute.getKey();
+ final ImmutableSortedSet<AttributeDefinition<?>> byFriendlyName = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(name);
+ if (!byFriendlyName.isEmpty()) {
+ final AttributeDefinition<?> attributeDefinition = byFriendlyName.first();
+ builder.put(AttributeDefinition.builder(attributeDefinition).required(attribute.getValue()).build());
+
+ } else
+ log.warn("Can NOT request UNKNOWN attribute: " + attribute.getKey() + " Ignore it!");
+
+ }
+
+ return builder.build();
+
+ }
+
+ private void buildProviderNameAttribute(IRequest pendingReq, Builder authnRequestBuilder) {
+ ISPConfiguration spConfig = pendingReq.getServiceProviderConfiguration();
+
+ //set correct SPType for requested target sector
+ String publicSectorTargetSelector = basicConfig.getBasicConfiguration(
+ Constants.CONIG_PROPS_EIDAS_NODE_PUBLICSECTOR_TARGETS,
+ Constants.POLICY_DEFAULT_ALLOWED_TARGETS);
+ Pattern p = Pattern.compile(publicSectorTargetSelector);
+ Matcher m = p.matcher(spConfig.getAreaSpecificTargetIdentifier());
+ if (m.matches()) {
+ log.debug("Map " + spConfig.getAreaSpecificTargetIdentifier() + " to 'PublicSector'");
+ authnRequestBuilder.spType(SpType.PUBLIC.getValue());
+
+ if ( basicConfig.getBasicConfigurationBoolean(
+ Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_USE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP,
+ false) ) {
+ authnRequestBuilder.providerName(basicConfig.getBasicConfiguration(
+ Constants.CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP,
+ Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP));
+
+ } else {
+ //TODO: only for eIDAS ref. node 2.0 and 2.1 because it need 'Providername' for any SPType
+ String providerName = pendingReq.getRawData(Constants.DATA_PROVIDERNAME, String.class);
+ if ( StringUtils.isNotEmpty(providerName)
+ && basicConfig.getBasicConfigurationBoolean(
+ Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_ADD_ALWAYS_PROVIDERNAME,
+ false)
+ ) {
+ authnRequestBuilder.providerName(providerName);
+
+ }
+ }
+
+ } else {
+ log.debug("Map " + spConfig.getAreaSpecificTargetIdentifier() + " to 'PrivateSector'");
+ authnRequestBuilder.spType(SpType.PRIVATE.getValue());
+
+ //TODO: switch to RequesterId in further version
+ //set provider name for private sector applications
+ String providerName = pendingReq.getRawData(Constants.DATA_PROVIDERNAME, String.class);
+ if (StringUtils.isNotEmpty(providerName))
+ authnRequestBuilder.providerName(providerName);
+
+ }
+
+ }
+
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDPostProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDProcessor.java
index e017e3a4..a3880b3f 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDPostProcessor.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDProcessor.java
@@ -23,6 +23,7 @@
package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler;
import java.util.Base64;
+import java.util.Map;
import org.apache.commons.codec.DecoderException;
import org.apache.commons.codec.binary.Hex;
@@ -35,8 +36,8 @@ import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostPr
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils;
import at.gv.egiz.eaaf.core.impl.data.Trible;
-public class DEeIDPostProcessor extends AbstracteIDPostProcessor {
- private static final Logger log = LoggerFactory.getLogger(DEeIDPostProcessor.class);
+public class DEeIDProcessor extends AbstracteIDProcessor {
+ private static final Logger log = LoggerFactory.getLogger(DEeIDProcessor.class);
private static final String canHandleCC = "DE";
private int priority = 1;
@@ -98,4 +99,10 @@ public class DEeIDPostProcessor extends AbstracteIDPostProcessor {
return new String(encoded);
}
+ @Override
+ protected Map<String, Boolean> getCountrySpecificRequestedAttributes() {
+ return attrRegistry.getAttributeSetFromConfiguration(canHandleCC);
+
+ }
+
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDPostProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDProcessor.java
index 026965fc..110635d9 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDPostProcessor.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDProcessor.java
@@ -22,7 +22,10 @@
*******************************************************************************/
package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler;
-public class GenericeIDPostProcessor extends AbstracteIDPostProcessor {
+import java.util.HashMap;
+import java.util.Map;
+
+public class GenericeIDProcessor extends AbstracteIDProcessor {
private int priority = 0;
@@ -47,7 +50,11 @@ public class GenericeIDPostProcessor extends AbstracteIDPostProcessor {
return "Default-PostProcessor";
}
-
-
+ @Override
+ protected Map<String, Boolean> getCountrySpecificRequestedAttributes() {
+ return new HashMap<>();
+
+ }
+
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDPostProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDProcessor.java
index b34e9c41..46cfcb2b 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDPostProcessor.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDProcessor.java
@@ -27,8 +27,11 @@ import java.util.Map;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import eu.eidas.auth.commons.light.ILightRequest;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
-public interface INationaleIDPostProcessor {
+public interface INationaleIDProcessor {
/**
* Get a friendlyName of this post-processor implementation
@@ -57,6 +60,8 @@ public interface INationaleIDPostProcessor {
public boolean canHandle(String countryCode);
+
+
/**
* Post-Process eIDAS eID data into national format
* @param eIDASAttrMap Map of eIDAS attributes in format friendlyName and attribute
@@ -64,5 +69,13 @@ public interface INationaleIDPostProcessor {
* @throws eIDASAttributeException
*
*/
- public ERnBeIDData postProcess(Map<String, Object> eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException;
+ public ERnBeIDData postProcess(Map<String, Object> eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException;
+
+ /**
+ * Pre-Process eIDAS Request to national requirements
+ *
+ * @param pendingReq current pending request
+ * @param authnRequestBuilder eIDAS {@link ILightRequest} builder
+ */
+ public void preProcess(IRequest pendingReq, Builder authnRequestBuilder);
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/EIDPostProcessingService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/CCSpecificEIDProcessingService.java
index 331b2641..602982d6 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/EIDPostProcessingService.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/CCSpecificEIDProcessingService.java
@@ -43,34 +43,36 @@ import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler.INationaleIDPostProcessor;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler.INationaleIDProcessor;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils;
+import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.impl.data.Trible;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
@Service
-public class EIDPostProcessingService implements IeIDPostProcessingService{
- private static final Logger log = LoggerFactory.getLogger(EIDPostProcessingService.class);
+public class CCSpecificEIDProcessingService implements ICCSpecificEIDProcessingService{
+ private static final Logger log = LoggerFactory.getLogger(CCSpecificEIDProcessingService.class);
@Autowired private ApplicationContext context;
- private List<INationaleIDPostProcessor> handlers = new ArrayList<INationaleIDPostProcessor>();
+ private List<INationaleIDProcessor> handlers = new ArrayList<INationaleIDProcessor>();
@PostConstruct
private void initialize() {
log.debug("Initialize eID PostProcessing-Service ... ");
- Map<String, INationaleIDPostProcessor> postProcessors = context.getBeansOfType(INationaleIDPostProcessor.class);
- Iterator<Entry<String, INationaleIDPostProcessor>> iterator = postProcessors.entrySet().iterator();
+ Map<String, INationaleIDProcessor> postProcessors = context.getBeansOfType(INationaleIDProcessor.class);
+ Iterator<Entry<String, INationaleIDProcessor>> iterator = postProcessors.entrySet().iterator();
while (iterator.hasNext()) {
- Entry<String, INationaleIDPostProcessor> el = iterator.next();
+ Entry<String, INationaleIDProcessor> el = iterator.next();
log.debug("Find eID-PostProcessor with name: " + el.getKey());
handlers.add(el.getValue());
}
log.trace("Sorting eID-PostProcessors on priority ... ");
- Collections.sort(handlers, new Comparator<INationaleIDPostProcessor>() {
+ Collections.sort(handlers, new Comparator<INationaleIDProcessor>() {
@Override
- public int compare(INationaleIDPostProcessor thisAuthModule, INationaleIDPostProcessor otherAuthModule) {
+ public int compare(INationaleIDProcessor thisAuthModule, INationaleIDProcessor otherAuthModule) {
int thisOrder = thisAuthModule.getPriority();
int otherOrder = otherAuthModule.getPriority();
return (thisOrder < otherOrder ? 1 : (thisOrder == otherOrder ? 0 : -1));
@@ -82,6 +84,25 @@ public class EIDPostProcessingService implements IeIDPostProcessingService{
}
@Override
+ public void preProcess(String selectedCitizenCountry, IRequest pendingReq, Builder authnRequestBuilder) throws eIDPostProcessingException {
+ if (StringUtils.isEmpty(selectedCitizenCountry))
+ log.info("No CountryCode for eID Pre-Processor. Default Pre-Processor will be used");
+
+ for (INationaleIDProcessor el : handlers) {
+ if (el.canHandle(selectedCitizenCountry)) {
+ log.debug("Pre-Process eIDAS request for " + selectedCitizenCountry + " by using: " + el.getName());
+ el.preProcess(pendingReq, authnRequestBuilder);
+ return;
+
+ }
+ }
+
+ log.error("NO eID PostProcessor FOUND. Looks like a depentency problem!");
+ throw new eIDPostProcessingException("internal.00", null);
+
+ }
+
+ @Override
public ERnBeIDData postProcess(Map<String, Object> eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException {
//extract citizen country from eIDAS unique identifier
Object eIdentifierObj = eIDASAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
@@ -95,7 +116,7 @@ public class EIDPostProcessingService implements IeIDPostProcessingService{
if (StringUtils.isEmpty(citizenCountry))
log.info("No CountryCode for eID PostProcessor. Default-PostProcessor will be used");
- for (INationaleIDPostProcessor el : handlers) {
+ for (INationaleIDProcessor el : handlers) {
if (el.canHandle(citizenCountry)) {
log.debug("Post-Process eIDAS eID from " + citizenCountry + " by using: " + el.getName());
return el.postProcess(eIDASAttrMap);
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/IeIDPostProcessingService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/ICCSpecificEIDProcessingService.java
index 02d18920..02802126 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/IeIDPostProcessingService.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/ICCSpecificEIDProcessingService.java
@@ -27,8 +27,11 @@ import java.util.Map;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import eu.eidas.auth.commons.light.ILightRequest;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
-public interface IeIDPostProcessingService {
+public interface ICCSpecificEIDProcessingService {
/**
* Post-process eIDAS eID attributes into national format
@@ -40,5 +43,15 @@ public interface IeIDPostProcessingService {
* @throws eIDASAttributeException
*/
public ERnBeIDData postProcess(Map<String, Object> eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException;
+
+ /**
+ * Pre Process eIDAS request into national requirements
+ *
+ * @param selectedCC Citizen Country from selection
+ * @param pendingReq current pending request
+ * @param authnRequestBuilder eIDAS {@link ILightRequest} builder
+ * @throws eIDPostProcessingException
+ */
+ public void preProcess(String selectedCC, IRequest pendingReq, Builder authnRequestBuilder) throws eIDPostProcessingException;
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASAttributeRegistry.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASAttributeRegistry.java
index 116f2197..6e934c59 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASAttributeRegistry.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASAttributeRegistry.java
@@ -23,6 +23,7 @@
package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service;
import java.io.File;
+import java.text.MessageFormat;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -39,6 +40,7 @@ import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+import edu.umd.cs.findbugs.annotations.NonNull;
import eu.eidas.auth.commons.attribute.AttributeRegistries;
import eu.eidas.auth.commons.attribute.AttributeRegistry;
@@ -93,8 +95,25 @@ public class eIDASAttributeRegistry {
return coreAttributeRegistry;
}
- public Map<String, Boolean> getAttributeSetFromConfiguration() {
- Map<String, Boolean> result = new HashMap<String, Boolean>();
+ @NonNull
+ public Map<String, Boolean> getDefaultAttributeSetFromConfiguration() {
+ /*TODO: select set for representation if mandates should be used.
+ * It's an open task in respect to requested eIDAS attributes and isRequired flag,
+ * because there can be a decision problem in case of natural or legal person representation!
+ * From an Austrian use-case point of view, an Austrian service provider can support mandates for
+ * natural and legal persons at the same time. However, we CAN NOT request attributes for natural AND
+ * legal persons on the same time, because it's not possible to represent both simultaneously.
+ */
+ Map<String, String> configAttributes =
+ basicConfig.getBasicConfigurationWithPrefix(
+ Constants.CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_DEFAULT_ONLYNATURAL);
+ return processAttributeInfosFromConfig(configAttributes);
+
+ }
+
+ @NonNull
+ public Map<String, Boolean> getAttributeSetFromConfiguration(String countryCode) {
+
/*TODO: select set for representation if mandates should be used.
* It's an open task in respect to requested eIDAS attributes and isRequired flag,
@@ -105,7 +124,16 @@ public class eIDASAttributeRegistry {
*/
Map<String, String> configAttributes =
basicConfig.getBasicConfigurationWithPrefix(
- Constants.CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_ONLYNATURAL);
+ MessageFormat.format(
+ Constants.CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_CC_SPECIFIC_ONLYNATURAL,
+ countryCode.toLowerCase()));
+ return processAttributeInfosFromConfig(configAttributes);
+
+ }
+
+ private Map<String, Boolean> processAttributeInfosFromConfig(Map<String, String> configAttributes) {
+
+ Map<String, Boolean> result = new HashMap<String, Boolean>();
for (String el: configAttributes.values()) {
if (StringUtils.isNotEmpty(el.trim())) {
List<String> attrDef = KeyValueUtils.getListOfCSVValues(el.trim());
@@ -122,8 +150,7 @@ public class eIDASAttributeRegistry {
return result;
}
-
-
+
public void setEidasAttributesFile(String eidasAttributesFile) {
this.eidasAttributesFile = eidasAttributesFile;
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java
index cc1d6ae4..3f27ca64 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java
@@ -50,7 +50,7 @@ import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.SZRCommunicationException;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.IeIDPostProcessingService;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.ICCSpecificEIDProcessingService;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.szr.SZRClient;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils;
import at.gv.e_government.reference.namespace.persondata._20020228.AlternativeNameType;
@@ -88,7 +88,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
@Autowired private IConfiguration basicConfig;
@Autowired private SZRClient szrClient;
- @Autowired private IeIDPostProcessingService eIDPostProcessor;
+ @Autowired private ICCSpecificEIDProcessingService eIDPostProcessor;
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTask.java
index f49ed203..a522feb6 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTask.java
@@ -24,10 +24,7 @@
*******************************************************************************/
package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.tasks;
-import java.util.Map;
import java.util.UUID;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
@@ -41,14 +38,12 @@ import org.springframework.context.ApplicationContext;
import org.springframework.stereotype.Component;
import org.springframework.web.util.UriComponentsBuilder;
-import com.google.common.collect.ImmutableSortedSet;
-
import at.asitplus.eidas.specific.connector.MSConnectorEventCodes;
import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
import at.asitplus.eidas.specific.connector.gui.StaticGuiBuilderConfiguration;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAuthenticationException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.eIDASAttributeRegistry;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.ICCSpecificEIDProcessingService;
import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
import at.gv.egiz.eaaf.core.api.gui.ISpringMVCGUIFormBuilder;
import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
@@ -59,11 +54,8 @@ import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import eu.eidas.auth.commons.EidasParameterKeys;
-import eu.eidas.auth.commons.attribute.AttributeDefinition;
-import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
import eu.eidas.auth.commons.light.ILightRequest;
import eu.eidas.auth.commons.light.impl.LightRequest;
-import eu.eidas.auth.commons.protocol.eidas.SpType;
import eu.eidas.auth.commons.tx.BinaryLightToken;
import eu.eidas.specificcommunication.BinaryLightTokenHelper;
import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames;
@@ -79,10 +71,10 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
private static final Logger log = LoggerFactory.getLogger(GenerateAuthnRequestTask.class);
@Autowired IConfiguration basicConfig;
- @Autowired eIDASAttributeRegistry attrRegistry;
@Autowired ApplicationContext context;
@Autowired ITransactionStorage transactionStore;
@Autowired ISpringMVCGUIFormBuilder guiBuilder;
+ @Autowired ICCSpecificEIDProcessingService ccSpecificProcessing;
@Override
public void execute(ExecutionContext executionContext,
@@ -142,49 +134,7 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
log.debug("Request eIdAS node with LoA: " + loa);
authnRequestBuilder.levelOfAssurance(loa);
-
- //set correct SPType for requested target sector
- String publicSectorTargetSelector = basicConfig.getBasicConfiguration(
- Constants.CONIG_PROPS_EIDAS_NODE_PUBLICSECTOR_TARGETS,
- Constants.POLICY_DEFAULT_ALLOWED_TARGETS);
- Pattern p = Pattern.compile(publicSectorTargetSelector);
- Matcher m = p.matcher(spConfig.getAreaSpecificTargetIdentifier());
- if (m.matches()) {
- log.debug("Map " + spConfig.getAreaSpecificTargetIdentifier() + " to 'PublicSector'");
- authnRequestBuilder.spType(SpType.PUBLIC.getValue());
-
- if ( basicConfig.getBasicConfigurationBoolean(
- Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_USE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP,
- false) ) {
- authnRequestBuilder.providerName(basicConfig.getBasicConfiguration(
- Constants.CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP,
- Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP));
-
- } else {
- //TODO: only for eIDAS ref. node 2.0 and 2.1 because it need 'Providername' for any SPType
- String providerName = pendingReq.getRawData(Constants.DATA_PROVIDERNAME, String.class);
- if ( StringUtils.isNotEmpty(providerName)
- && basicConfig.getBasicConfigurationBoolean(
- Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_ADD_ALWAYS_PROVIDERNAME,
- false)
- ) {
- authnRequestBuilder.providerName(providerName);
-
- }
- }
-
- } else {
- log.debug("Map " + spConfig.getAreaSpecificTargetIdentifier() + " to 'PrivateSector'");
- authnRequestBuilder.spType(SpType.PRIVATE.getValue());
-
- //TODO: switch to RequesterId in further version
- //set provider name for private sector applications
- String providerName = pendingReq.getRawData(Constants.DATA_PROVIDERNAME, String.class);
- if (StringUtils.isNotEmpty(providerName))
- authnRequestBuilder.providerName(providerName);
-
- }
-
+
//set nameIDFormat
authnRequestBuilder.nameIdFormat(Constants.eIDAS_REQ_NAMEID_FORMAT);
@@ -196,11 +146,10 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
* eIDASNode implements limit on size for RelayState (80characaters)
*/
//authnRequestBuilder.relayState(pendingReq.getPendingRequestId());
+
+ //Add country-specific informations into eIDAS request
+ ccSpecificProcessing.preProcess(citizenCountryCode, pendingReq, authnRequestBuilder);
- //build and add requested attribute set
- ImmutableAttributeMap reqAttrMap = translateToEidasAttributes(attrRegistry.getAttributeSetFromConfiguration());
- authnRequestBuilder.requestedAttributes(reqAttrMap);
-
//build request
LightRequest lightAuthnReq = authnRequestBuilder.build();
@@ -305,24 +254,6 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
return null;
}
-
- private ImmutableAttributeMap translateToEidasAttributes(final Map<String, Boolean> requiredAttributes) {
- ImmutableAttributeMap.Builder builder = ImmutableAttributeMap.builder();
- for (Map.Entry<String,Boolean> attribute : requiredAttributes.entrySet()) {
- final String name = attribute.getKey();
- final ImmutableSortedSet<AttributeDefinition<?>> byFriendlyName = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(name);
- if (!byFriendlyName.isEmpty()) {
- final AttributeDefinition<?> attributeDefinition = byFriendlyName.first();
- builder.put(AttributeDefinition.builder(attributeDefinition).required(attribute.getValue()).build());
-
- } else
- log.warn("Can NOT request UNKNOWN attribute: " + attribute.getKey() + " Ignore it!");
-
- }
-
- return builder.build();
-
- }
private BinaryLightToken putRequestInCommunicationCache(ILightRequest iLightRequest) throws ServletException {
final BinaryLightToken binaryLightToken;
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
index 13283eea..0a000112 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
@@ -48,15 +48,15 @@
class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.eIDASDataStore" /> -->
<bean id="EIDPostProcessingService"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.EIDPostProcessingService" />
+ class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.CCSpecificEIDProcessingService" />
- <bean id="DE-PostProcessor"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler.DEeIDPostProcessor">
+ <bean id="DE-Processor"
+ class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler.DEeIDProcessor">
<property name="priority" value="1" />
</bean>
- <bean id="Default-PostProcessor"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler.GenericeIDPostProcessor">
+ <bean id="Default-Processor"
+ class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler.GenericeIDProcessor">
<property name="priority" value="0" />
</bean>
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java
index 7ae30845..363eff85 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java
@@ -79,7 +79,7 @@ import szrservices.SZRException_Exception;
import szrservices.TravelDocumentType;
@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_basic_test.xml")
+@ContextConfiguration("/SpringTest-context_tasks_test.xml")
public class SZRClientTest {
private static final Logger log = LoggerFactory.getLogger(SZRClientTest.class);
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASAttributePostProcessingTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASAttributePostProcessingTest.java
index df2920cb..2b19e1e2 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASAttributePostProcessingTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASAttributePostProcessingTest.java
@@ -34,18 +34,21 @@ import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.EIDPostProcessingService;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.CCSpecificEIDProcessingService;
@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_basic_test.xml")
+@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
public class eIDASAttributePostProcessingTest {
- @Autowired private EIDPostProcessingService postProcessor;
+ @Autowired private CCSpecificEIDProcessingService postProcessor;
//lower case
private static final String P1_eIDASID = "DE/AT/532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25";
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASRequestPreProcessingFirstTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASRequestPreProcessingFirstTest.java
new file mode 100644
index 00000000..35d8a760
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASRequestPreProcessingFirstTest.java
@@ -0,0 +1,133 @@
+/*******************************************************************************
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.asitplus.test.eidas.specific.modules.authmodule_eIDASv2;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.CCSpecificEIDProcessingService;
+import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import eu.eidas.auth.commons.light.impl.LightRequest;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
+public class eIDASRequestPreProcessingFirstTest {
+
+ @Autowired private IConfigurationWithSP basicConfig;
+ @Autowired private CCSpecificEIDProcessingService preProcessor;
+
+ private TestRequestImpl pendingReq;
+ private DummySPConfiguration oaParam;
+ private Builder authnRequestBuilder;
+
+
+ @BeforeClass
+ public static void classInitializer() throws IOException {
+ final String current = new java.io.File( "." ).toURI().toString();
+ System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties");
+
+ }
+
+ @Before
+ public void setUp() {
+
+ Map<String, String> spConfig = new HashMap<>();
+ spConfig.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+ spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+ oaParam = new DummySPConfiguration(spConfig , basicConfig);
+
+ pendingReq = new TestRequestImpl();
+ pendingReq.setSpConfig(oaParam);
+ pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+ pendingReq.setAuthURL("http://test.com/");
+
+ authnRequestBuilder = LightRequest.builder();
+ authnRequestBuilder.id(UUID.randomUUID().toString());
+ authnRequestBuilder.issuer("Test");
+
+ }
+
+ @Test
+ public void prePreProcessGeneric() throws eIDPostProcessingException {
+ String testCountry = "XX";
+ authnRequestBuilder.citizenCountryCode(testCountry);
+ preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
+
+ LightRequest lightReq = authnRequestBuilder.build();
+
+ Assert.assertEquals("ProviderName is not Static", Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, lightReq.getProviderName());
+ Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+ Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size());
+
+ }
+
+ @Test
+ public void prePreProcessGenericNoCountryCode() throws eIDPostProcessingException {
+ String testCountry = "XX";
+ authnRequestBuilder.citizenCountryCode(testCountry);
+ preProcessor.preProcess(null, pendingReq, authnRequestBuilder);
+
+ LightRequest lightReq = authnRequestBuilder.build();
+
+ Assert.assertEquals("ProviderName is not Static", Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, lightReq.getProviderName());
+ Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+ Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size());
+
+ }
+
+ @Test
+ public void prePreProcessDE() throws eIDPostProcessingException {
+
+ String testCountry = "DE";
+ authnRequestBuilder.citizenCountryCode(testCountry);
+ preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
+
+ LightRequest lightReq = authnRequestBuilder.build();
+
+ Assert.assertEquals("ProviderName is not Static", Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, lightReq.getProviderName());
+ Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+ Assert.assertEquals("Requested attribute size not match", 8, lightReq.getRequestedAttributes().size());
+
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASRequestPreProcessingSecondTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASRequestPreProcessingSecondTest.java
new file mode 100644
index 00000000..ababbd04
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASRequestPreProcessingSecondTest.java
@@ -0,0 +1,104 @@
+/*******************************************************************************
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.asitplus.test.eidas.specific.modules.authmodule_eIDASv2;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.CCSpecificEIDProcessingService;
+import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import eu.eidas.auth.commons.light.impl.LightRequest;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
+public class eIDASRequestPreProcessingSecondTest {
+
+ @Autowired private IConfigurationWithSP basicConfig;
+ @Autowired private CCSpecificEIDProcessingService preProcessor;
+
+ private TestRequestImpl pendingReq;
+ private DummySPConfiguration oaParam;
+ private Builder authnRequestBuilder;
+
+
+ @BeforeClass
+ public static void classInitializer() throws IOException {
+ final String current = new java.io.File( "." ).toURI().toString();
+ System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1.properties");
+
+ }
+
+ @Before
+ public void setUp() {
+
+ Map<String, String> spConfig = new HashMap<>();
+ spConfig.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+ spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+ oaParam = new DummySPConfiguration(spConfig , basicConfig);
+
+ pendingReq = new TestRequestImpl();
+ pendingReq.setSpConfig(oaParam);
+ pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+ pendingReq.setAuthURL("http://test.com/");
+
+ authnRequestBuilder = LightRequest.builder();
+ authnRequestBuilder.id(UUID.randomUUID().toString());
+ authnRequestBuilder.issuer("Test");
+
+ }
+
+ @Test
+ public void prePreProcessDEUnknownAttribute() throws eIDPostProcessingException {
+
+ String testCountry = "DE";
+ authnRequestBuilder.citizenCountryCode(testCountry);
+ preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
+
+ LightRequest lightReq = authnRequestBuilder.build();
+
+ Assert.assertEquals("ProviderName is not Static", "myNode", lightReq.getProviderName());
+ Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+ Assert.assertEquals("Requested attribute size not match", 8, lightReq.getRequestedAttributes().size());
+
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTaskFirstTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTaskFirstTest.java
index 342ef424..3ef983a9 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTaskFirstTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTaskFirstTest.java
@@ -13,6 +13,7 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.web.context.request.RequestContextHolder;
@@ -36,7 +37,7 @@ import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration("/SpringTest-context_tasks_test.xml")
-@DirtiesContext
+@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
public class GenerateAuthnRequestTaskFirstTest {
@Autowired(required=true) private GenerateAuthnRequestTask task;
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTaskThirdTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTaskThirdTest.java
index cf2de754..da4be714 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTaskThirdTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTaskThirdTest.java
@@ -13,6 +13,7 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.web.context.request.RequestContextHolder;
@@ -33,7 +34,7 @@ import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration("/SpringTest-context_tasks_test.xml")
-@DirtiesContext
+@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
public class GenerateAuthnRequestTaskThirdTest {
@Autowired(required=true) private GenerateAuthnRequestTask task;
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml
index 7ca42662..79256673 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml
@@ -16,15 +16,15 @@
class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.eIDASDataStore" /> -->
<bean id="EIDPostProcessingService"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.EIDPostProcessingService" />
+ class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.CCSpecificEIDProcessingService" />
<bean id="DE-PostProcessor"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler.DEeIDPostProcessor">
+ class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler.DEeIDProcessor">
<property name="priority" value="1" />
</bean>
<bean id="Default-PostProcessor"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler.GenericeIDPostProcessor">
+ class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler.GenericeIDProcessor">
<property name="priority" value="0" />
</bean>
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties
index 2dbafb1f..35867187 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties
@@ -65,10 +65,11 @@ eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true
eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true
eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true
-eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.4=PlaceOfBirth,false
-eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.5=BirthName,false
-eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.6=Gender,false
-eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.7=CurrentAddress,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.4=PlaceOfBirth,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.5=BirthName,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.6=Gender,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.7=CurrentAddress,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.8=testtest,false
##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT -----
eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true