chore(matching): update matching by 'ID Austria login' to forward user to 'otherLoginMethod' GUI in case of an error

4 files changed, 20 insertions, 5 deletions

diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java
index 3e57ea24..2d28709b 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java
@@ -24,6 +24,7 @@
 package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks;
 
 import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED;
+import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON;
 import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK;
 import static at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants.MODULE_NAME_FOR_LOGGING;
 
@@ -127,6 +128,9 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet
   private static final String ERROR_MSG_02 = "PVP response decryption FAILED. No credential found.";
   private static final String ERROR_MSG_03 = "PVP response validation FAILED.";
 
+  private static final String MSG_PROP_23 = "module.eidasauth.matching.23";
+  private static final String MSG_PROP_24 = "module.eidasauth.matching.24";
+  
   /**
    * Creates the new task, with autowired dependencies from Spring.
    */
@@ -152,7 +156,9 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet
       Pair<PvpSProfileResponse, Boolean> processedMsg = validateAssertion((PvpSProfileResponse) inboundMessage);
       if (processedMsg.getSecond()) {
         // forward to next matching step in case of ID Autria authentication was stopped by user
-        executionContext.put(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK, true);
+        executionContext.put(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK, true);
+        executionContext.put(CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON, MSG_PROP_23);
+        executionContext.put(CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true);              
         return;
 
       }
@@ -171,8 +177,9 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet
 
       // check if MDS from ID Austria authentication matchs to eIDAS authentication
       if (!simpleMobileSignatureData.equalsSimpleEidasData(eidasData)) {
-        executionContext.put(CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true);
         executionContext.put(TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK, true);
+        executionContext.put(CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON, MSG_PROP_24);
+        executionContext.put(CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true);  
         return;
 
       }
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eIDAS.Authentication.process.xml b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eIDAS.Authentication.process.xml
index 05c42fce..6ca21550 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eIDAS.Authentication.process.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eIDAS.Authentication.process.xml
@@ -56,7 +56,7 @@
 
   <!-- ID Austria authentication -->
   <pd:Transition  from="generateMobilePhoneSignatureRequestTask"    to="receiveMobilePhoneSignatureResponseTask" />
-  <pd:Transition  conditionExpression="ctx['TASK_GenerateAustrianResidenceGuiTask']"
+  <pd:Transition  conditionExpression="ctx['TASK_GenerateOtherLoginMethodGuiTask']"
                   from="receiveMobilePhoneSignatureResponseTask"    to="generateOtherLoginMethodGuiTask" />
   <pd:Transition  from="receiveMobilePhoneSignatureResponseTask"    to="generateIdentityLink" />
 
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/messages/eidas_connector_message.properties b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/messages/eidas_connector_message.properties
index f1bf2128..8d65d63f 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/messages/eidas_connector_message.properties
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/messages/eidas_connector_message.properties
@@ -26,6 +26,8 @@ module.eidasauth.matching.12=Matching failed, because ERnP response contains his
 module.eidasauth.matching.20=Matching be using residence information was canceled. Use another method for matching or create a new Austrian identity.  
 module.eidasauth.matching.21=Matching be using residence information failed by missing input information. Use another method for matching or create a new Austrian identity. 
 module.eidasauth.matching.22=Can not find an unique match by using residence information. Provide more or other data, use another method for matching, or create a new Austrian identity.
+module.eidasauth.matching.23=Matching be using Austrian Identity was canceled. Use another method for matching or create a new Austrian identity.
+module.eidasauth.matching.24=Matching be using Austrian Identity not possible. Use another method for matching or create a new Austrian identity.
 
 module.eidasauth.matching.99=Matching failed, because of an unexpected processing error. Reason: {0}
 
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java
index d5400695..b9133392 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java
@@ -282,7 +282,10 @@ public class ReceiveMobilePhoneSignatureResponseTaskTest {
 
     task.execute(pendingReq, executionContext);
 
-    assertEquals("Transition To S16", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK));
+    assertEquals("Transition To S16", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK));
+    assertEquals("matching failed flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
+    assertEquals("failed reason", "module.eidasauth.matching.23", executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON));    
+    assertNull("no final matching result", MatchingTaskUtils.getFinalMatchingResult(pendingReq));
 
   }
 
@@ -326,7 +329,10 @@ public class ReceiveMobilePhoneSignatureResponseTaskTest {
     task.execute(pendingReq, executionContext);
 
     assertEquals("Next task", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK));
-    assertEquals("advancedMatchingError flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
+    assertEquals("matching failed flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
+    assertEquals("failed reason", "module.eidasauth.matching.24", executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON));    
+    assertNull("no final matching result", MatchingTaskUtils.getFinalMatchingResult(pendingReq));
+
   }
 
   //TODO: implement new test that this test makes no sense any more