diff options
| author | Thomas <> | 2022-12-15 17:56:49 +0100 | 
|---|---|---|
| committer | Thomas <> | 2022-12-15 17:56:49 +0100 | 
| commit | fb04ef818546cf26ed1e623e5b565ac0961780fe (patch) | |
| tree | a73b38fbc9d74e61ca56c20810485684940f1db2 | |
| parent | 30f1ff7b45f3d05147329323751516ed8114c9f2 (diff) | |
| download | National_eIDAS_Gateway-fb04ef818546cf26ed1e623e5b565ac0961780fe.tar.gz National_eIDAS_Gateway-fb04ef818546cf26ed1e623e5b565ac0961780fe.tar.bz2 National_eIDAS_Gateway-fb04ef818546cf26ed1e623e5b565ac0961780fe.zip | |
feat(connector): add support for Ukraine eIDAS-ProxyService
Since Ukraine is not notified, we need a new configuration parameter to set not-notified LoA
9 files changed, 125 insertions, 0 deletions
| diff --git a/basicConfig/ms-connector/properties/messages.properties b/basicConfig/ms-connector/properties/messages.properties index f6005ac6..e2d5c71d 100644 --- a/basicConfig/ms-connector/properties/messages.properties +++ b/basicConfig/ms-connector/properties/messages.properties @@ -108,6 +108,8 @@ gui.countryselection.country.sw=Sweden  gui.countryselection.country.sw.logo.alt=Sweden-eID  gui.countryselection.country.uk=United Kingdom  gui.countryselection.country.uk.logo.alt=United Kingdom-eID +gui.countryselection.country.ua=Ukraine +gui.countryselection.country.ua.logo.alt=Ukraine-eID  gui.countryselection.country.testcountry=TestCountry  gui.countryselection.country.testcountry.logo.alt=Testcountry-eID diff --git a/basicConfig/ms-connector/properties/messages_de.properties b/basicConfig/ms-connector/properties/messages_de.properties index 8fde9fdd..9ebcde5f 100644 --- a/basicConfig/ms-connector/properties/messages_de.properties +++ b/basicConfig/ms-connector/properties/messages_de.properties @@ -92,6 +92,8 @@ gui.countryselection.country.sw=Schweden  gui.countryselection.country.sw.logo.alt=Schwedische-eID
  gui.countryselection.country.uk=Großbritannien
  gui.countryselection.country.uk.logo.alt=Britische-eID
 +gui.countryselection.country.ua=Ukraine
 +gui.countryselection.country.ua.logo.alt=Ukraine-eID
  gui.countryselection.country.testcountry=Testland
  gui.countryselection.country.testcountry.logo.alt=Testland-eID
 diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/UaEidProcessor.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/UaEidProcessor.java new file mode 100644 index 00000000..6be0a26b --- /dev/null +++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/UaEidProcessor.java @@ -0,0 +1,68 @@ +package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler; + +import java.util.Arrays; +import java.util.HashMap; +import java.util.Map; + +import org.apache.commons.lang3.StringUtils; +import org.springframework.beans.factory.annotation.Autowired; + +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; +import eu.eidas.auth.commons.light.impl.LightRequest.Builder; +import lombok.Getter; +import lombok.Setter; +import lombok.extern.slf4j.Slf4j; + +/** + * Ulraine specific eIDAS AuthnRequest generation.  + *  + * @author tlenz + * + */ +@Slf4j +public class UaEidProcessor extends AbstractEidProcessor { + +  private static final String CONFIG_PROP_UA_SPECIFIC_LOA = "auth.eIDAS.node_v2.loa.ua.requested"; +   +  private static final String canHandleCC = "UA"; + +  @Autowired IConfiguration config; +   +  @Getter +  @Setter +  private int priority = 1; +   +  @Override +  public String getName() { +    return "UA-PostProcessor"; +     +  } + +  @Override +  public boolean canHandle(String countryCode) { +    return countryCode != null && countryCode.equalsIgnoreCase(canHandleCC); +     +  } +     +  @Override +  protected Map<String, Boolean> getCountrySpecificRequestedAttributes() { +    return new HashMap<>(); +     +  } +   +  protected void buildLevelOfAssurance(ISpConfiguration spConfig, Builder authnRequestBuilder) {         +     +    // allow override of LoA, because UA maybe only support not-notified LoA levels     +    String uaSpecificLoA = config.getBasicConfiguration(CONFIG_PROP_UA_SPECIFIC_LOA); +    if (StringUtils.isNotEmpty(uaSpecificLoA)) { +      authnRequestBuilder.levelsOfAssuranceValues(Arrays.asList(uaSpecificLoA)); +      log.info("Set UA specific LoA level to: {}", uaSpecificLoA); +       +    } else { +      super.buildLevelOfAssurance(spConfig, authnRequestBuilder); +       +    } +  } +   +} diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml b/modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml index ab4228fd..8c561fbb 100644 --- a/modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml +++ b/modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml @@ -72,6 +72,11 @@      <property name="priority" value="1" />    </bean> +  <bean id="UA-Processor" +        class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.UaEidProcessor"> +    <property name="priority" value="1" /> +  </bean> +    <bean id="Default-Processor"          class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.GenericEidProcessor">      <property name="priority" value="0" /> diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java index f3863ce0..b0290c90 100644 --- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java +++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java @@ -199,4 +199,25 @@ public class EidasRequestPreProcessingFirstTest {    } +  @Test +  @SneakyThrows +  public void prePreProcessUaWithoutConfig() throws EidPostProcessingException { + +    final String testCountry = "UA"; +    spConfig.put("loa", EaafConstants.EIDAS_LOA_LOW); +    authnRequestBuilder.citizenCountryCode(testCountry); +    authnRequestBuilder.levelOfAssurance(EaafConstants.EIDAS_LOA_LOW); +     +    preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder); + +    final LightRequest lightReq = authnRequestBuilder.build(); + +    Assert.assertNotSame("RequesterId was set", lightReq.getRequesterId()); +    Assert.assertEquals("no PublicSP", "public", lightReq.getSpType()); +    Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size()); + +    Assert.assertEquals("wrong LoA", EaafConstants.EIDAS_LOA_LOW, lightReq.getLevelOfAssurance()); +     +  } +      } diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java index 0453ca1d..7cfd2d5c 100644 --- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java +++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java @@ -203,4 +203,28 @@ public class EidasRequestPreProcessingSecondTest {    } +  @Test +  @SneakyThrows +  public void prePreProcessUaWithConfig() throws EidPostProcessingException { + +    basicConfig.putConfigValue( +        "eidas.ms.auth.eIDAS.node_v2.loa.ua.requested", "http://eidas.europa.eu/NotNotified/LoA/high");  +     +    final String testCountry = "UA"; +    authnRequestBuilder.citizenCountryCode(testCountry); +    authnRequestBuilder.levelOfAssurance(EaafConstants.EIDAS_LOA_LOW); +     +    preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder); + +    final LightRequest lightReq = authnRequestBuilder.build(); + +    Assert.assertNotSame("RequesterId was set", lightReq.getRequesterId()); +    Assert.assertEquals("no PublicSP", "public", lightReq.getSpType()); +    Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size()); + +    Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/NotNotified/LoA/high",  +        lightReq.getLevelsOfAssurance().get(0).getValue()); +     +  } +    } diff --git a/ms_specific_connector/src/main/resources/application.properties b/ms_specific_connector/src/main/resources/application.properties index a2a0ca67..74b3ee73 100644 --- a/ms_specific_connector/src/main/resources/application.properties +++ b/ms_specific_connector/src/main/resources/application.properties @@ -106,6 +106,9 @@ eidas.ms.auth.eIDAS.node_v2.requested.nameIdFormat=urn:oasis:names:tc:SAML:1.1:n  eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high +#eidas.ms.auth.eIDAS.node_v2.loa.ua.requested=http://eidas.europa.eu/NotNotified/LoA/high + +  #eidas.ms.auth.eIDAS.szrclient.useTestService=true  #eidas.ms.auth.eIDAS.szrclient.endpoint.prod=  #eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr diff --git a/ms_specific_connector/src/main/webapp/img/countries/Ukraine-EU.png b/ms_specific_connector/src/main/webapp/img/countries/Ukraine-EU.pngBinary files differ new file mode 100644 index 00000000..70da904b --- /dev/null +++ b/ms_specific_connector/src/main/webapp/img/countries/Ukraine-EU.png diff --git a/ms_specific_connector/src/main/webapp/img/countries/Ukraine-EU_gray.png b/ms_specific_connector/src/main/webapp/img/countries/Ukraine-EU_gray.pngBinary files differ new file mode 100644 index 00000000..90beb895 --- /dev/null +++ b/ms_specific_connector/src/main/webapp/img/countries/Ukraine-EU_gray.png | 
