aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas <>2022-08-16 15:09:07 +0200
committerThomas <>2022-08-16 15:09:07 +0200
commitd5cb2ae3d5bf3f04646cc23d7d59cd10822349c6 (patch)
tree3877869fccdcf6c5ef6ebf274a90ce8e527e52b3
parent68c46a22406af910838b3ee6bbea5a4e9807ddaa (diff)
downloadNational_eIDAS_Gateway-d5cb2ae3d5bf3f04646cc23d7d59cd10822349c6.tar.gz
National_eIDAS_Gateway-d5cb2ae3d5bf3f04646cc23d7d59cd10822349c6.tar.bz2
National_eIDAS_Gateway-d5cb2ae3d5bf3f04646cc23d7d59cd10822349c6.zip
feat(eidas): generate advanced attributes in response-processing too
-rw-r--r--modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java78
-rw-r--r--modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/IEidasAttributeHandler.java16
-rw-r--r--modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java28
-rw-r--r--modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/service/ProxyEidasAttributeRegistry.java1
-rw-r--r--modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java202
-rw-r--r--modules/eidas_proxy-sevice/src/test/resources/config/junit_config_1.properties2
-rw-r--r--ms_specific_proxyservice/src/main/resources/application.properties5
7 files changed, 316 insertions, 16 deletions
diff --git a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java
index 52a69944..ec161b1a 100644
--- a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java
+++ b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java
@@ -1,5 +1,10 @@
package at.asitplus.eidas.specific.modules.msproxyservice.handler;
+import java.util.List;
+import java.util.Map;
+import java.util.Optional;
+import java.util.stream.Collectors;
+
import javax.annotation.PostConstruct;
import org.apache.commons.lang3.StringUtils;
@@ -7,9 +12,12 @@ import org.springframework.beans.factory.annotation.Autowired;
import at.asitplus.eidas.specific.core.config.ServiceProviderConfiguration;
import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions.SpMandateModes;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.IEidAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IExtendedConfiguration;
import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+import lombok.NonNull;
import lombok.extern.slf4j.Slf4j;
/**
@@ -25,32 +33,84 @@ public class EJusticePersonRoleHandler implements IEidasAttributeHandler {
public static final String CONFIG_PROP_IDA_MANDATE_PROFILE = "advanced.atributes.ejusticerole.mandate.profiles";
public static final String CONFIG_PROP_IDA_MANDATE_MODE = "advanced.atributes.ejusticerole.mandate.mode";
-
- @Autowired IConfiguration config;
+ public static final String CONFIG_PROP_RESULT_PREFIX = "advanced.atributes.ejusticerole.value.";
+ public static final String CONFIG_PROP_RESULT_VALUE_DELIMITER = "=";
+
+
+ @Autowired IExtendedConfiguration config;
private SpMandateModes mandateMode;
- private String mandateProfiles;
+ private List<String> mandateProfiles;
+ private Map<String, String> resultMapper;
@Override
public void performSpConfigPostprocessing(ServiceProviderConfiguration spConfig) {
spConfig.setMandateMode(mandateMode);
- spConfig.setMandateProfiles(KeyValueUtils.getListOfCsvValues(mandateProfiles));
+ spConfig.setMandateProfiles(mandateProfiles);
log.info("Enforcing mandate-mode: {} with profile: {}", mandateMode, mandateProfiles);
}
+ @Override
+ public String buildAttributeValue(@NonNull IEidAuthData eidAuthData) {
+ final String mandateType = eidAuthData.getGenericData(
+ PvpAttributeDefinitions.MANDATE_TYPE_NAME, String.class);
+ if (StringUtils.isNotEmpty(mandateType)) {
+ String attrValue = resultMapper.get(mandateType);
+ if (StringUtils.isNotEmpty(attrValue)) {
+ log.debug("Mapping mandate-type: {} to EJusticePersonRole: {}", mandateType, attrValue);
+ return attrValue;
+
+ } else {
+ log.info("Ignore mandate-type: {}, because it is not mapped to a EJusticePersonRole", mandateType);
+
+ }
+
+ } else {
+ log.warn("Can not build: EJusticePersonRole, because IDA response contains no attribute: ",
+ PvpAttributeDefinitions.MANDATE_TYPE_NAME);
+
+ }
+
+
+ return null;
+
+ }
@PostConstruct
private void initialize() throws EaafConfigurationException {
mandateMode = SpMandateModes.fromString(loadConfigValue(CONFIG_PROP_IDA_MANDATE_MODE));
- mandateProfiles = loadConfigValue(CONFIG_PROP_IDA_MANDATE_PROFILE);
-
- log.info("Initialize: {} with mandate-profile: {} mandate-mode: {}",
+ mandateProfiles = KeyValueUtils.getListOfCsvValues(loadConfigValue(CONFIG_PROP_IDA_MANDATE_PROFILE));
+ resultMapper = config.getBasicConfigurationWithPrefix(CONFIG_PROP_RESULT_PREFIX).values().stream()
+ .filter(el -> el.contains(CONFIG_PROP_RESULT_VALUE_DELIMITER))
+ .collect(Collectors.toMap(x -> split(x, 0), x -> split(x, 1)));
+
+ // validate requested profiles to result map
+ Optional<String> missingConfig = mandateProfiles.stream()
+ .filter(el -> !resultMapper.containsKey(el))
+ .findFirst();
+ if (missingConfig.isPresent()) {
+ log.error("Missing mandate-profile: {} in result mapping", missingConfig.get());
+ throw new EaafConfigurationException("internal.configuration.00",
+ new Object[]{CONFIG_PROP_RESULT_PREFIX});
+
+ }
+
+ log.info("Initialize: {} with mandate-profile: {} mandate-mode: {} and result-map:",
EJusticePersonRoleHandler.class.getSimpleName(), mandateProfiles, mandateMode);
+ resultMapper.entrySet().stream().forEach(el ->
+ log.info("Profile: {} --> Attribute-Value: {}", el.getKey(), el.getValue()));
+
}
+ private String split(String value, int i) {
+ return value.split(CONFIG_PROP_RESULT_VALUE_DELIMITER, 2)[i];
+
+ }
+
+
private String loadConfigValue(String configProp) throws EaafConfigurationException {
String value = config.getBasicConfiguration(configProp);
if (StringUtils.isEmpty(value)) {
@@ -62,5 +122,5 @@ public class EJusticePersonRoleHandler implements IEidasAttributeHandler {
return value;
}
-
+
}
diff --git a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/IEidasAttributeHandler.java b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/IEidasAttributeHandler.java
index 02e091ef..5a9c8d8c 100644
--- a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/IEidasAttributeHandler.java
+++ b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/IEidasAttributeHandler.java
@@ -1,6 +1,10 @@
package at.asitplus.eidas.specific.modules.msproxyservice.handler;
+import javax.annotation.Nullable;
+
import at.asitplus.eidas.specific.core.config.ServiceProviderConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.IEidAuthData;
+import lombok.NonNull;
/**
* Handlers for attribute-processing that requires more features than a simple mapping.
@@ -15,7 +19,17 @@ public interface IEidasAttributeHandler {
*
* @param spConfig SP configuration that was build from incoming eIDAS Authn. request.
*/
- void performSpConfigPostprocessing(ServiceProviderConfiguration spConfig);
+ void performSpConfigPostprocessing(@NonNull ServiceProviderConfiguration spConfig);
+
+
+ /**
+ * Build eIDAS attribute-value from authentication data.
+ *
+ * @param eidAuthData Authentication data for current process
+ * @return attribute-value if attribute is available, otherwise <code>null</code>
+ */
+ @Nullable
+ String buildAttributeValue(@NonNull IEidAuthData eidAuthData);
diff --git a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java
index 8348558c..f1cb8f0b 100644
--- a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java
+++ b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java
@@ -20,6 +20,7 @@ import at.asitplus.eidas.specific.core.gui.StaticGuiBuilderConfiguration;
import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
import at.asitplus.eidas.specific.modules.msproxyservice.MsProxyServiceConstants;
import at.asitplus.eidas.specific.modules.msproxyservice.exception.EidasProxyServiceException;
+import at.asitplus.eidas.specific.modules.msproxyservice.handler.IEidasAttributeHandler;
import at.asitplus.eidas.specific.modules.msproxyservice.service.ProxyEidasAttributeRegistry;
import at.asitplus.eidas.specific.modules.msproxyservice.utils.EidasProxyServiceUtils;
import at.gv.egiz.eaaf.core.api.IRequest;
@@ -264,10 +265,29 @@ public class ProxyServiceAuthenticationAction implements IAction {
}
- } else {
- log.warn("Can not build eIDAS attribute: {}, because there is not corresponding IDA attribute defined",
- eidasAttrName);
-
+ } else {
+ Optional<String> advancedAttributeHandler = attrRegistry.mapEidasAttributeToAttributeHandler(eidasAttrName);
+ if (advancedAttributeHandler.isPresent()) {
+ final String idaAttrValue = context.getBean(advancedAttributeHandler.get(), IEidasAttributeHandler.class)
+ .buildAttributeValue(eidAuthData);
+ if (StringUtils.isNotEmpty(idaAttrValue)) {
+ log.debug("Build eIDAS attribute: {} by advanced attribute-handler: {}",
+ eidasAttrName, advancedAttributeHandler.get());
+ attributeMap.put(
+ attrRegistry.getCoreRegistry().getCoreAttributeRegistry().getByName(eidasAttrName),
+ idaAttrValue);
+
+ } else {
+ log.info("Empty attribte-value returned by advanced attribute-handler, eIDAS attribute: {} will be ignored",
+ eidasAttrName);
+
+ }
+
+ } else {
+ log.warn("Can not build eIDAS attribute: {}, because there is not corresponding IDA attribute defined",
+ eidasAttrName);
+
+ }
}
}
diff --git a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/service/ProxyEidasAttributeRegistry.java b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/service/ProxyEidasAttributeRegistry.java
index 747c808c..edb21722 100644
--- a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/service/ProxyEidasAttributeRegistry.java
+++ b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/service/ProxyEidasAttributeRegistry.java
@@ -124,6 +124,7 @@ public class ProxyEidasAttributeRegistry {
String eidasAttributeName, boolean withMandates) {
return attributeConfiguration.stream()
.filter(el -> el.getEidasAttributeName().equals(eidasAttributeName))
+ .filter(el -> el.getIdaAttribute() != null)
.findFirst()
.map(el -> withMandates ? el.getIdaAttribute().getWithMandates() : el.getIdaAttribute().getBasic())
.filter(el -> StringUtils.isNotEmpty(el));
diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java
index d44ffc2d..d9bc017c 100644
--- a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java
+++ b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java
@@ -397,6 +397,208 @@ public class ProxyServiceAuthenticationActionTest {
}
+ @Test
+ public void borisModeResponseWithJurMandate() throws EaafException, SpecificCommunicationException {
+ Map<String, Object> attr = new HashMap<>();
+ attr.put(PvpAttributeDefinitions.BPK_NAME,
+ "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
+ IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+ RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+
+ attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,
+ RandomStringUtils.randomAlphabetic(10));
+ attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
+ RandomStringUtils.randomAlphabetic(10));
+ attr.put(PvpAttributeDefinitions.MANDATE_TYPE_NAME,
+ "MUST_BE_UPDATED");
+
+ LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
+ eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first())
+ .build());
+ pendingReq.setEidasRequest(eidasRequestBuilder.build());
+
+
+ //perform test
+ SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+
+ //validate state
+ Assert.assertNotNull("Result should be not null", result);
+
+ ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+ assertEquals("wrong attr. size", 8, respAttr.size());
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_PERSONALIDENTIFIER,
+ (String) attr.get(PvpAttributeDefinitions.BPK_NAME));
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTFAMILYNAME, authData.getFamilyName());
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTGIVENNAME, authData.getGivenName());
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_DATEOFBIRTH, authData.getDateOfBirth());
+
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER,
+ (String) attr.get(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME));
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_LEGALNAME,
+ (String) attr.get(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME));
+
+ checkAttrValue(respAttr, "eJusticeLegalPersonRole", "VIP1");
+ checkAttrValue(respAttr, "eJusticeNaturalPersonRole", "VIP1");
+
+ assertNull("find nat. person subject: personalId",
+ getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER));
+ assertNull("find nat. person subject: familyName",
+ getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME));
+ assertNull("find nat. person subject: givenName",
+ getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME));
+ assertNull("find nat. person subject: dateOfBirth",
+ getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH));
+
+ }
+
+ @Test
+ public void borisModeResponseWithJurMandate2() throws EaafException, SpecificCommunicationException {
+ Map<String, Object> attr = new HashMap<>();
+ attr.put(PvpAttributeDefinitions.BPK_NAME,
+ "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
+ IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+ RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+
+ attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,
+ RandomStringUtils.randomAlphabetic(10));
+ attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
+ RandomStringUtils.randomAlphabetic(10));
+ attr.put(PvpAttributeDefinitions.MANDATE_TYPE_NAME,
+ "SECOND");
+
+ LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
+ eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first())
+ .build());
+ pendingReq.setEidasRequest(eidasRequestBuilder.build());
+
+
+ //perform test
+ SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+
+ //validate state
+ Assert.assertNotNull("Result should be not null", result);
+
+ ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+ assertEquals("wrong attr. size", 8, respAttr.size());
+
+ checkAttrValue(respAttr, "eJusticeLegalPersonRole", "VIP2");
+ checkAttrValue(respAttr, "eJusticeNaturalPersonRole", "VIP2");
+
+
+ }
+
+ @Test
+ public void borisModeNoMandateType() throws EaafException, SpecificCommunicationException {
+ Map<String, Object> attr = new HashMap<>();
+ attr.put(PvpAttributeDefinitions.BPK_NAME,
+ "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
+ IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+ RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+
+ attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,
+ RandomStringUtils.randomAlphabetic(10));
+ attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
+ RandomStringUtils.randomAlphabetic(10));
+
+ LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
+ eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first())
+ .build());
+ pendingReq.setEidasRequest(eidasRequestBuilder.build());
+
+
+ //perform test
+ SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+
+ //validate state
+ Assert.assertNotNull("Result should be not null", result);
+
+ ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+ assertEquals("wrong attr. size", 6, respAttr.size());
+
+ }
+
+ @Test
+ public void borisModeEmptyMandateType() throws EaafException, SpecificCommunicationException {
+ Map<String, Object> attr = new HashMap<>();
+ attr.put(PvpAttributeDefinitions.BPK_NAME,
+ "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
+ IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+ RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+
+ attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,
+ RandomStringUtils.randomAlphabetic(10));
+ attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
+ RandomStringUtils.randomAlphabetic(10));
+ attr.put(PvpAttributeDefinitions.MANDATE_TYPE_NAME, "");
+
+ LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
+ eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first())
+ .build());
+ pendingReq.setEidasRequest(eidasRequestBuilder.build());
+
+
+ //perform test
+ SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+
+ //validate state
+ Assert.assertNotNull("Result should be not null", result);
+
+ ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+ assertEquals("wrong attr. size", 6, respAttr.size());
+
+ }
+
+ @Test
+ public void borisModeUnknownMandateType() throws EaafException, SpecificCommunicationException {
+ Map<String, Object> attr = new HashMap<>();
+ attr.put(PvpAttributeDefinitions.BPK_NAME,
+ "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
+ IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+ RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+
+ attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,
+ RandomStringUtils.randomAlphabetic(10));
+ attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
+ RandomStringUtils.randomAlphabetic(10));
+ attr.put(PvpAttributeDefinitions.MANDATE_TYPE_NAME, RandomStringUtils.randomAlphanumeric(10));
+
+ LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
+ eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first())
+ .build());
+ pendingReq.setEidasRequest(eidasRequestBuilder.build());
+
+
+ //perform test
+ SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+
+ //validate state
+ Assert.assertNotNull("Result should be not null", result);
+
+ ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+ assertEquals("wrong attr. size", 6, respAttr.size());
+
+ }
+
@Test
public void responseWithNatMandateWithWorkAround() throws EaafException, SpecificCommunicationException {
basicConfig.putConfigValue("auth.eIDAS.proxy.workaround.mandates.legalperson",
diff --git a/modules/eidas_proxy-sevice/src/test/resources/config/junit_config_1.properties b/modules/eidas_proxy-sevice/src/test/resources/config/junit_config_1.properties
index 46e0bb69..b59cae5f 100644
--- a/modules/eidas_proxy-sevice/src/test/resources/config/junit_config_1.properties
+++ b/modules/eidas_proxy-sevice/src/test/resources/config/junit_config_1.properties
@@ -14,3 +14,5 @@ eidas.ms.auth.eIDAS.proxy.attribute.mapping.config=idaAttributeMapping.json
# BORIS attribute for eJustice
eidas.ms.advanced.atributes.ejusticerole.mandate.profiles=MUST_BE_UPDATED
eidas.ms.advanced.atributes.ejusticerole.mandate.mode=legal
+eidas.ms.advanced.atributes.ejusticerole.value.1=MUST_BE_UPDATED=VIP1
+eidas.ms.advanced.atributes.ejusticerole.value.2=SECOND=VIP2
diff --git a/ms_specific_proxyservice/src/main/resources/application.properties b/ms_specific_proxyservice/src/main/resources/application.properties
index 40587815..f7aca8a3 100644
--- a/ms_specific_proxyservice/src/main/resources/application.properties
+++ b/ms_specific_proxyservice/src/main/resources/application.properties
@@ -119,7 +119,8 @@ eidas.ms.modules.idaustriaauth.keystore.type=jks
## advanced eIDAS attribute processing
# BORIS attribute for eJustice
-eidas.ms.advanced.atributes.ejusticerole.mandate.profiles=MUST_BE_UPDATED
+eidas.ms.advanced.atributes.ejusticerole.mandate.profiles.1=MUST_BE_UPDATED,SECOND
eidas.ms.advanced.atributes.ejusticerole.mandate.mode=legal
-
+eidas.ms.advanced.atributes.ejusticerole.value.1=MUST_BE_UPDATED,VIP1
+eidas.ms.advanced.atributes.ejusticerole.value.2=SECOND,VIP2