aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas <>2022-06-07 13:48:34 +0200
committerThomas <>2022-06-07 13:48:34 +0200
commitdb3af28b79296b6f5650a85c5a41ad5015c57222 (patch)
treec52f6d154b9f90f712185b8aaa070b7869b72f3f
parent9c9463d593014292a4b19fbad2fca779e56e33cf (diff)
downloadNational_eIDAS_Gateway-db3af28b79296b6f5650a85c5a41ad5015c57222.tar.gz
National_eIDAS_Gateway-db3af28b79296b6f5650a85c5a41ad5015c57222.tar.bz2
National_eIDAS_Gateway-db3af28b79296b6f5650a85c5a41ad5015c57222.zip
feat(eidas): include IDA releated requested attributes into service-provider configuration
-rw-r--r--modules/core_common_lib/src/main/java/at/asitplus/eidas/specific/core/config/ServiceProviderConfiguration.java8
-rw-r--r--modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/EidasProxyServiceController.java35
-rw-r--r--modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/EidasProxyServiceControllerTest.java14
3 files changed, 49 insertions, 8 deletions
diff --git a/modules/core_common_lib/src/main/java/at/asitplus/eidas/specific/core/config/ServiceProviderConfiguration.java b/modules/core_common_lib/src/main/java/at/asitplus/eidas/specific/core/config/ServiceProviderConfiguration.java
index 5ca1c8c5..2ecbf7d0 100644
--- a/modules/core_common_lib/src/main/java/at/asitplus/eidas/specific/core/config/ServiceProviderConfiguration.java
+++ b/modules/core_common_lib/src/main/java/at/asitplus/eidas/specific/core/config/ServiceProviderConfiguration.java
@@ -26,6 +26,7 @@ package at.asitplus.eidas.specific.core.config;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
+import java.util.Set;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
@@ -52,6 +53,13 @@ public class ServiceProviderConfiguration extends SpConfigurationImpl {
@Setter
@Getter
private List<String> mandateProfiles;
+
+ /**
+ * IDA specific requested attributes
+ */
+ @Getter
+ @Setter
+ private Set<String> requestedAttributes;
@Getter
@Setter
diff --git a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/EidasProxyServiceController.java b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/EidasProxyServiceController.java
index cd404cee..26cc51ee 100644
--- a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/EidasProxyServiceController.java
+++ b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/EidasProxyServiceController.java
@@ -2,9 +2,11 @@ package at.asitplus.eidas.specific.modules.msproxyservice.protocol;
import java.io.IOException;
import java.text.MessageFormat;
+import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
+import java.util.Objects;
import java.util.UUID;
import java.util.stream.Collectors;
@@ -22,13 +24,14 @@ import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import com.google.common.collect.ImmutableSortedSet;
+import com.google.common.collect.Streams;
import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
import at.asitplus.eidas.specific.core.config.ServiceProviderConfiguration;
import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
-import at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry;
import at.asitplus.eidas.specific.modules.msproxyservice.MsProxyServiceConstants;
import at.asitplus.eidas.specific.modules.msproxyservice.exception.EidasProxyServiceException;
+import at.asitplus.eidas.specific.modules.msproxyservice.service.ProxyEidasAttributeRegistry;
import at.asitplus.eidas.specific.modules.msproxyservice.utils.EidasProxyServiceUtils;
import at.gv.egiz.components.eventlog.api.EventConstants;
import at.gv.egiz.eaaf.core.api.IRequest;
@@ -76,7 +79,7 @@ public class EidasProxyServiceController extends AbstractController implements I
public static final String PROTOCOL_ID = "eidasProxy";
- @Autowired EidasAttributeRegistry attrRegistry;
+ @Autowired ProxyEidasAttributeRegistry attrRegistry;
@Autowired ProxyServiceAuthenticationAction responseAction;
/**
@@ -115,7 +118,7 @@ public class EidasProxyServiceController extends AbstractController implements I
.toString());
final ILightRequest eidasRequest = specificProxyCommunicationService.getAndRemoveRequest(
tokenBase64,
- ImmutableSortedSet.copyOf(attrRegistry.getCoreAttributeRegistry().getAttributes()));
+ ImmutableSortedSet.copyOf(attrRegistry.getCoreRegistry().getCoreAttributeRegistry().getAttributes()));
if (eidasRequest == null) {
log.info("Find no eIDAS Authn. Request with stated token.");
throw new EidasProxyServiceException(ERROR_11, null);
@@ -317,9 +320,12 @@ public class EidasProxyServiceController extends AbstractController implements I
spConfig.setRequiredLoA(
eidasRequest.getLevelsOfAssurance().stream().map(el -> el.getValue()).collect(Collectors.toList()));
- //build mandate profiles for this specific request
+ // build mandate profiles for this specific request
buildMandateProfileConfiguration(spConfig, eidasRequest);
-
+
+ // map eIDAS attributes to national attributes
+ buildNationalRequestedAttributes(spConfig, eidasRequest);
+
return spConfig;
} catch (EidasProxyServiceException e) {
@@ -332,6 +338,22 @@ public class EidasProxyServiceController extends AbstractController implements I
}
+ private void buildNationalRequestedAttributes(
+ ServiceProviderConfiguration spConfig, ILightRequest eidasRequest) {
+ boolean mandatesEnabled = !SpMandateModes.NONE.equals(spConfig.getMandateMode());
+ spConfig.setRequestedAttributes(
+ Streams.concat(
+ eidasRequest.getRequestedAttributes().getAttributeMap().keySet().stream()
+ .map(el -> attrRegistry.getIdaAttributesForEidasAttribute(
+ el.getNameUri().toString(), mandatesEnabled))
+ .flatMap(Collection::stream)
+ .filter(Objects::nonNull),
+ attrRegistry.getAlwaysRequestedAttributes(mandatesEnabled))
+ .collect(Collectors.toSet()));
+ log.debug("Inject #{} attributes to request from IDA system", spConfig.getRequestedAttributes().size());
+
+ }
+
private Map<String, String> extractRawConnectorConfiguration(ILightRequest eidasRequest) {
Map<String, String> allConnectorConfigs = authConfig.getBasicConfigurationWithPrefix(
MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_PREFIX);
@@ -341,8 +363,7 @@ public class EidasProxyServiceController extends AbstractController implements I
el -> log.trace("Key: {} -> Value: {}", el.getKey(), el.getValue()));
}
-
-
+
Map<String, String> connectorConfig = allConnectorConfigs.entrySet().stream()
.filter(el -> el.getKey().endsWith(MsEidasNodeConstants.PROP_CONFIG_SP_UNIQUEIDENTIFIER)
&& el.getValue().equals(eidasRequest.getIssuer()))
diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/EidasProxyServiceControllerTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/EidasProxyServiceControllerTest.java
index 189378e0..ef1abbcd 100644
--- a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/EidasProxyServiceControllerTest.java
+++ b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/EidasProxyServiceControllerTest.java
@@ -277,7 +277,10 @@ public class EidasProxyServiceControllerTest {
.spType("public")
.requestedAttributes(ImmutableAttributeMap.builder()
.put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
- EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build());
+ EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ EidasConstants.eIDAS_ATTR_BIRTHNAME).first())
+ .build());
proxyService.setiLightRequest(authnReqBuilder.build());
@@ -326,6 +329,9 @@ public class EidasProxyServiceControllerTest {
assertTrue("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
assertEquals("MandateMode", SpMandateModes.NONE, spConfig.getMandateMode());
+ assertEquals("requested IDA attributes", 3, spConfig.getRequestedAttributes().size());
+
+
}
@Test
@@ -370,6 +376,8 @@ public class EidasProxyServiceControllerTest {
.forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfilesNat.contains(el)));
assertEquals("MandateMode", SpMandateModes.NATURAL, spConfig.getMandateMode());
+ assertEquals("requested IDA attributes", 6, spConfig.getRequestedAttributes().size());
+
}
@Test
@@ -414,6 +422,8 @@ public class EidasProxyServiceControllerTest {
.forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfilesJur.contains(el)));
assertEquals("MandateMode", SpMandateModes.LEGAL_FORCE, spConfig.getMandateMode());
+ assertEquals("requested IDA attributes", 9, spConfig.getRequestedAttributes().size());
+
}
@Test
@@ -481,6 +491,8 @@ public class EidasProxyServiceControllerTest {
assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
assertTrue("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
assertEquals("MandateMode", SpMandateModes.NONE, spConfig.getMandateMode());
+
+ assertEquals("requested IDA attributes", 3, spConfig.getRequestedAttributes().size());
}