aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorlalber <lukas.alber@iaik.tugraz.at>2020-11-02 23:29:54 +0100
committerlalber <lukas.alber@iaik.tugraz.at>2020-11-02 23:29:54 +0100
commit8e239b9cb072e62d693f3d54a6a9ad2d9983cc71 (patch)
tree50c71f74f6a48d502d354a689994418a2a2771f7
parent608b9ac7a9f4d3ebdb6efa2d4e5453d5a015be3a (diff)
downloadNational_eIDAS_Gateway-8e239b9cb072e62d693f3d54a6a9ad2d9983cc71.tar.gz
National_eIDAS_Gateway-8e239b9cb072e62d693f3d54a6a9ad2d9983cc71.tar.bz2
National_eIDAS_Gateway-8e239b9cb072e62d693f3d54a6a9ad2d9983cc71.zip
AuthDataBuilder and AttributeBuilder
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/attributes/AuthBlockAttributeBuilder.java64
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/attributes/EidasBindAttributeBuilder.java64
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java37
-rw-r--r--connector/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder2
-rw-r--r--connector/src/main/resources/SpringTest_connector.beans.xml129
-rw-r--r--connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthenticationDataBuilderTest.java95
-rw-r--r--connector/src/test/resources/config/junit_config_3.properties115
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java4
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java13
9 files changed, 503 insertions, 20 deletions
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/attributes/AuthBlockAttributeBuilder.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/attributes/AuthBlockAttributeBuilder.java
new file mode 100644
index 00000000..ab5db0a6
--- /dev/null
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/attributes/AuthBlockAttributeBuilder.java
@@ -0,0 +1,64 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.connector.attributes;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IPvpAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PvpMetadata;
+
+import java.text.DateFormat;
+import java.text.SimpleDateFormat;
+
+@PvpMetadata
+public class AuthBlockAttributeBuilder implements IPvpAttributeBuilder {
+
+ private static final String AUTHBLOCK_FRIENDLY_NAME = "AUTHBLOCK";
+ private static final String AUTHBLOCK_NAME = "urn:oid:x.x.x.x"; //TODO set oid
+
+ @Override
+ public String getName() {
+ return AUTHBLOCK_NAME;
+ }
+
+ @Override
+ public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData,
+ final IAttributeGenerator<ATT> g) throws AttributeBuilderException {
+
+ String authBlock = authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class);
+ if (authBlock != null) {
+ return g.buildStringAttribute(AUTHBLOCK_FRIENDLY_NAME, AUTHBLOCK_NAME, authBlock);
+
+ } else {
+ throw new UnavailableAttributeException(AUTHBLOCK_NAME);
+ }
+
+ }
+
+ @Override
+ public <ATT> ATT buildEmpty(final IAttributeGenerator<ATT> g) {
+ return g.buildEmptyAttribute(AUTHBLOCK_FRIENDLY_NAME, AUTHBLOCK_NAME);
+ }
+
+}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/attributes/EidasBindAttributeBuilder.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/attributes/EidasBindAttributeBuilder.java
new file mode 100644
index 00000000..c6dfed1a
--- /dev/null
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/attributes/EidasBindAttributeBuilder.java
@@ -0,0 +1,64 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.connector.attributes;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IPvpAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PvpMetadata;
+
+import java.text.DateFormat;
+import java.text.SimpleDateFormat;
+
+@PvpMetadata
+public class EidasBindAttributeBuilder implements IPvpAttributeBuilder {
+
+ private static final String EIDASBIND_FRIENDLY_NAME = "EIDASBIND";
+ private static final String EIDASBIND_NAME = "urn:oid:x.x.x.x"; //TODO set oid
+
+ @Override
+ public String getName() {
+ return EIDASBIND_NAME;
+ }
+
+ @Override
+ public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData,
+ final IAttributeGenerator<ATT> g) throws AttributeBuilderException {
+
+ String eidasBind = authData.getGenericData(Constants.EIDAS_BIND, String.class);
+ if (eidasBind != null) {
+ return g.buildStringAttribute(EIDASBIND_FRIENDLY_NAME, EIDASBIND_NAME, eidasBind);
+
+ } else {
+ throw new UnavailableAttributeException(EIDASBIND_NAME);
+ }
+
+ }
+
+ @Override
+ public <ATT> ATT buildEmpty(final IAttributeGenerator<ATT> g) {
+ return g.buildEmptyAttribute(EIDASBIND_FRIENDLY_NAME, EIDASBIND_NAME);
+ }
+
+}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java
index b14faa62..51b89120 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java
@@ -19,7 +19,7 @@
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
-*/
+ */
package at.asitplus.eidas.specific.connector.builder;
@@ -54,30 +54,37 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
public IAuthData buildAuthenticationData(IRequest pendingReq) throws EaafAuthenticationException {
final IAuthProcessDataContainer authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
- final AuthenticationData authData = new AuthenticationData();
+ AuthenticationData authData = new AuthenticationData();
- try {
- generateDeprecatedBasicAuthData(authData, pendingReq, authProcessData);
+ String eidMode = pendingReq.getServiceProviderConfiguration()
+ .getConfigurationValue(MsEidasNodeConstants.PROP_CONFIG_SP_EID_MODE, "old");
- // set specific informations
- authData.setSsoSessionValidTo(new Date(new Date().getTime()
- + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000));
+ if (eidMode.equals("new")) {
- } catch (EaafBuilderException | EaafParserException | EaafConfigurationException
- | XPathException | DOMException e) {
- log.warn("Can not build authentication data from auth. process information");
- throw new EaafAuthenticationException("builder.11", new Object[] { e.getMessage() }, e);
+ authData = (AuthenticationData) super.buildAuthenticationData(pendingReq);
- }
+ } else {
+ try {
+ generateDeprecatedBasicAuthData(authData, pendingReq, authProcessData);
- return authData;
+ // set specific informations
+ authData.setSsoSessionValidTo(new Date(new Date().getTime()
+ + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000));
+
+ } catch (EaafBuilderException | EaafParserException | EaafConfigurationException
+ | XPathException | DOMException e) {
+ log.warn("Can not build authentication data from auth. process information");
+ throw new EaafAuthenticationException("builder.11", new Object[]{e.getMessage()}, e);
+ }
+ }
+ return authData;
}
@Override
protected IAuthData buildDeprecatedAuthData(IRequest arg0) throws EaafException {
return new AuthenticationData();
-
+
}
@Override
@@ -103,7 +110,7 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
@Override
protected Pair<String, String> getEncryptedBpkFromPvpAttribute(IAuthProcessDataContainer arg0,
- AuthenticationData arg1, ISpConfiguration arg2) throws EaafBuilderException {
+ AuthenticationData arg1, ISpConfiguration arg2) throws EaafBuilderException {
return null;
}
diff --git a/connector/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder b/connector/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
new file mode 100644
index 00000000..8508cc4b
--- /dev/null
+++ b/connector/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
@@ -0,0 +1,2 @@
+at.asitplus.eidas.specific.connector.attributes.AuthBlockAttributeBuilder
+at.asitplus.eidas.specific.connector.attributes.EidasBindAttributeBuilder
diff --git a/connector/src/main/resources/SpringTest_connector.beans.xml b/connector/src/main/resources/SpringTest_connector.beans.xml
new file mode 100644
index 00000000..5cf0d5b8
--- /dev/null
+++ b/connector/src/main/resources/SpringTest_connector.beans.xml
@@ -0,0 +1,129 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xmlns:mvc="http://www.springframework.org/schema/mvc"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
+ http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd">
+
+ <context:annotation-config />
+ <mvc:annotation-driven />
+ <mvc:default-servlet-handler />
+
+ <bean id="WebResourceConfiguration"
+ class="at.asitplus.eidas.specific.connector.config.StaticResourceConfiguration" />
+
+ <bean id="ProcessEngineSignalController"
+ class="at.asitplus.eidas.specific.connector.controller.ProcessEngineSignalController" />
+
+ <bean id="MonitoringController"
+ class="at.asitplus.eidas.specific.connector.controller.MonitoringController">
+ <property name="pvpIdpCredentials">
+ <ref bean="PVPEndPointCredentialProvider" />
+ </property>
+ </bean>
+
+ <bean id="AuthenticationManager"
+ class="at.asitplus.eidas.specific.connector.auth.AuthenticationManager" />
+
+ <bean id="AuthenticationDataBuilder"
+ class="at.asitplus.eidas.specific.connector.builder.AuthenticationDataBuilder" />
+
+ <bean id="PVPEndPointConfiguration"
+ class="at.asitplus.eidas.specific.connector.config.PvpEndPointConfiguration" />
+
+ <bean id="PVPEndPointCredentialProvider"
+ class="at.asitplus.eidas.specific.connector.provider.PvpEndPointCredentialProvider" />
+
+ <bean id="PVPMetadataConfigurationFactory"
+ class="at.asitplus.eidas.specific.connector.provider.PvpMetadataConfigurationFactory" />
+
+ <bean id="PVP2XProtocol"
+ class="at.asitplus.eidas.specific.connector.controller.Pvp2SProfileEndpoint">
+ <property name="pvpIdpCredentials">
+ <ref bean="PVPEndPointCredentialProvider" />
+ </property>
+ </bean>
+
+ <bean id="AuthnRequestValidator"
+ class="at.asitplus.eidas.specific.connector.verification.AuthnRequestValidator" />
+
+ <bean id="SAMLVerificationEngine"
+ class="at.gv.egiz.eaaf.modules.pvp2.impl.verification.SamlVerificationEngine" />
+
+ <bean id="pvpMetadataService"
+ class="at.gv.egiz.eaaf.modules.pvp2.idp.impl.MetadataAction">
+ <property name="pvpIdpCredentials">
+ <ref bean="PVPEndPointCredentialProvider" />
+ </property>
+ </bean>
+
+ <bean id="PVPAuthenticationRequestAction"
+ class="at.gv.egiz.eaaf.modules.pvp2.idp.impl.AuthenticationAction">
+ <property name="pvpIdpCredentials">
+ <ref bean="PVPEndPointCredentialProvider" />
+ </property>
+ </bean>
+
+ <bean id="eaafProtocolAuthenticationService"
+ class="at.gv.egiz.eaaf.core.impl.idp.auth.services.ProtocolAuthenticationService">
+ <property name="guiBuilder" ref="mvcGUIBuilderImpl" />
+ </bean>
+
+ <bean id="securePendingRequestIdGeneration"
+ class="at.gv.egiz.eaaf.core.impl.utils.SecurePendingRequestIdGenerationStrategy" />
+
+ <bean id="PVPMetadataProvider"
+ class="at.asitplus.eidas.specific.connector.provider.PvpMetadataProvider" />
+
+ <bean id="PVPSubjectNameGenerator"
+ class="at.asitplus.eidas.specific.connector.builder.PvpSubjectNameGenerator" />
+
+ <bean id="LoALevelMapper"
+ class="at.asitplus.eidas.specific.connector.mapper.LoALevelMapper" />
+
+ <bean id="GUIBuilderConfigurationFactory"
+ class="at.asitplus.eidas.specific.connector.gui.GuiBuilderConfigurationFactory" />
+
+ <bean id="velocityGUIBuilderImpl"
+ class="at.asitplus.eidas.specific.connector.gui.DefaultVelocityGuiBuilderImpl" />
+
+ <bean id="mvcGUIBuilderImpl"
+ class="at.asitplus.eidas.specific.connector.gui.SpringMvcGuiFormBuilderImpl" />
+
+ <bean id="templateEngine"
+ class="org.thymeleaf.spring5.SpringTemplateEngine">
+ <property name="templateResolver" ref="templateResolver" />
+ </bean>
+
+ <bean class="org.thymeleaf.spring5.view.ThymeleafViewResolver">
+ <property name="order" value="2" />
+ <property name="templateEngine" ref="templateEngine" />
+ <property name="characterEncoding" value="UTF-8" />
+ </bean>
+
+ <bean id="StatusMessageProvider"
+ class="at.asitplus.eidas.specific.connector.provider.StatusMessageProvider" />
+
+ <bean id="eidasRevisionLogger"
+ class="at.asitplus.eidas.specific.connector.logger.RevisionLogger" />
+
+ <bean id="eidasStatisticLogger"
+ class="at.asitplus.eidas.specific.connector.logger.StatisticLogger" />
+
+
+ <!-- Tasks -->
+ <bean id="GenerateCountrySelectionFrameTask"
+ class="at.asitplus.eidas.specific.connector.processes.tasks.GenerateCountrySelectionFrameTask"
+ scope="prototype" />
+
+ <bean id="EvaluateCountrySelectionTask"
+ class="at.asitplus.eidas.specific.connector.processes.tasks.EvaluateCountrySelectionTask"
+ scope="prototype" />
+
+</beans> \ No newline at end of file
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthenticationDataBuilderTest.java
new file mode 100644
index 00000000..4ae2a34d
--- /dev/null
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthenticationDataBuilderTest.java
@@ -0,0 +1,95 @@
+package at.asitplus.eidas.specific.connector.test;
+
+
+import at.asitplus.eidas.specific.connector.builder.AuthenticationDataBuilder;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
+import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.opensaml.core.config.InitializationException;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.i18n.LocaleContextHolder;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.context.web.WebAppConfiguration;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import java.util.HashMap;
+import java.util.Map;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({"/applicationContext.xml",
+ "/SpringTest_connector.beans.xml",
+ "/eaaf_core.beans.xml",
+ "/eaaf_pvp.beans.xml",
+ "/eaaf_pvp_idp.beans.xml",
+ "/spring/SpringTest-context_simple_storage.xml" })
+@WebAppConfiguration
+public class AuthenticationDataBuilderTest {
+
+ @Autowired
+ private AuthenticationDataBuilder authenticationDataBuilder;
+
+ @Autowired(required = true)
+ private IConfiguration basicConfig;
+
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+ private TestRequestImpl pendingReq;
+
+ private DummySpConfiguration oaParam;
+
+
+ @BeforeClass
+ public static void classInitializer() throws InitializationException, ComponentInitializationException {
+ final String current = new java.io.File(".").toURI().toString();
+ System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_3.properties");
+
+ EaafOpenSaml3xInitializer.eaafInitialize();
+ }
+
+ @Before
+ public void initialize() throws EaafStorageException {
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ final Map<String, String> spConfig = new HashMap<>();
+ spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+ spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+ spConfig.put("eidMode", "new");
+ oaParam = new DummySpConfiguration(spConfig, basicConfig);
+
+ pendingReq = new TestRequestImpl();
+ pendingReq.setAuthUrl("https://localhost/ms_connector");
+ pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+ pendingReq.setSpConfig(oaParam);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(Constants.SZR_AUTHBLOCK, RandomStringUtils.randomAlphanumeric(20));
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(Constants.EIDAS_BIND, RandomStringUtils.randomAlphanumeric(20));
+
+
+ LocaleContextHolder.resetLocaleContext();
+ }
+
+ @Test
+ public void first() throws EaafAuthenticationException {
+ authenticationDataBuilder.buildAuthenticationData(pendingReq);
+ }
+
+}
diff --git a/connector/src/test/resources/config/junit_config_3.properties b/connector/src/test/resources/config/junit_config_3.properties
new file mode 100644
index 00000000..2abda7db
--- /dev/null
+++ b/connector/src/test/resources/config/junit_config_3.properties
@@ -0,0 +1,115 @@
+## Basic service configuration
+eidas.ms.context.url.prefix=
+eidas.ms.context.url.request.validation=false
+
+eidas.ms.context.use.clustermode=true
+
+##Monitoring
+eidas.ms.monitoring.eIDASNode.metadata.url=
+
+
+##Specific logger configuration
+eidas.ms.technicallog.write.MDS.into.techlog=true
+eidas.ms.revisionlog.write.MDS.into.revisionlog=true
+eidas.ms.revisionlog.logIPAddressOfUser=true
+
+##Directory for static Web content
+eidas.ms.webcontent.static.directory=webcontent/
+eidas.ms.webcontent.templates=templates/
+eidas.ms.webcontent.properties=properties/messages
+eidas.ms.webcontent.templates.countryselection=countrySelection.html
+
+## extended validation of pending-request Id's
+eidas.ms.core.pendingrequestid.maxlifetime=300
+eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256
+eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret
+
+## eIDAS Ref. Implementation connector ###
+eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector
+eidas.ms.auth.eIDAS.node_v2.forward.endpoint=
+eidas.ms.auth.eIDAS.node_v2.forward.method=POST
+eidas.ms.auth.eIDAS.node_v2.countrycode=AT
+eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.*
+eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true
+eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true
+eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true
+
+eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/substantial
+
+eidas.ms.auth.eIDAS.szrclient.useTestService=true
+eidas.ms.auth.eIDAS.szrclient.endpoint.prod=
+eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr
+eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/junit.jks
+eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password=password
+eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path=
+eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password=
+eidas.ms.auth.eIDAS.szrclient.timeout.connection=15
+eidas.ms.auth.eIDAS.szrclient.timeout.response=30
+eidas.ms.auth.eIDAS.szrclient.params.vkz=
+
+eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation=false
+
+
+#Raw eIDAS Id data storage
+eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true
+
+eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true
+eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true
+
+eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true
+eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=true
+
+##without mandates
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true
+
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.4=PlaceOfBirth,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.5=BirthName,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.6=Gender,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.7=CurrentAddress,false
+
+##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT -----
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.1=FamilyName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.2=FirstName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.3=DateOfBirth,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true
+
+
+## PVP2 S-Profile end-point configuration
+eidas.ms.pvp2.keystore.path=keys/junit.jks
+eidas.ms.pvp2.keystore.password=password
+eidas.ms.pvp2.key.metadata.alias=
+eidas.ms.pvp2.key.metadata.password=
+eidas.ms.pvp2.key.signing.alias=
+eidas.ms.pvp2.key.signing.password=
+eidas.ms.pvp2.metadata.validity=24
+
+eidas.ms.pvp2.metadata.organisation.name=JUnit
+eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit
+eidas.ms.pvp2.metadata.organisation.url=http://junit.test
+eidas.ms.pvp2.metadata.contact.givenname=Max
+eidas.ms.pvp2.metadata.contact.surname=Mustermann
+eidas.ms.pvp2.metadata.contact.email=max@junit.test
+
+## Service Provider configuration
+eidas.ms.sp.0.uniqueID=
+eidas.ms.sp.0.pvp2.metadata.truststore=keys/junit.jks
+eidas.ms.sp.0.pvp2.metadata.truststore.password=password
+eidas.ms.sp.0.eidMode=new
+
+#eidas.ms.sp.0.friendlyName=
+#eidas.ms.sp.0.pvp2.metadata.url=
+#eidas.ms.sp.0.policy.allowed.requested.targets=.*
+#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false
+
+
+##only for advanced config
+eidas.ms.configuration.sp.disableRegistrationRequirement=
+eidas.ms.configuration.restrictions.baseID.spTransmission=
+eidas.ms.configuration.auth.default.countrycode=
+eidas.ms.configuration.pvp.scheme.validation=
+eidas.ms.configuration.pvp.enable.entitycategories= \ No newline at end of file
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
index eac62aae..83a2afa6 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
@@ -157,8 +157,8 @@ public class Constants {
public static final String SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE = "ELEKTR_DOKUMENT";
// AuthBlock
- public static final String SZR_AUTHBLOCK = "AUTHBLOCK";
- public static final String EIDAS_BIND = "EIDAS_BIND";
+ public static final String SZR_AUTHBLOCK = "authData_AUTHBLOCK";
+ public static final String EIDAS_BIND = "authData_EIDAS_BIND";
// TODO remove!!!
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
index b141402a..86f28561 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
@@ -249,10 +249,10 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
ObjectMapper mapper = new ObjectMapper();
String jwsPayload = mapper.writeValueAsString(pendingReq.getUniqueTransactionIdentifier());
- String jwsSignature = JoseUtils.createSignature(ks, KSALIAS, KSPASSWORD.toCharArray(), jwsPayload, false, KSALIAS);//TODO joseutils kopiern
+ String jwsSignature = JoseUtils.createSignature(ks, KSALIAS, KSPASSWORD.toCharArray(), jwsPayload, false, KSALIAS);
authProcessData.setGenericDataToSession(Constants.SZR_AUTHBLOCK, jwsSignature);
- authProcessData.setGenericDataToSession(Constants.EIDAS_BIND, jwsSignature);
+ authProcessData.setGenericDataToSession(Constants.EIDAS_BIND, signedEidasBind);
} else {
final IdentityLinkType result = szrClient.getIdentityLinkInRawMode(personInfo);
@@ -294,7 +294,14 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
}
}
- if (eidMode.equals("new")) {}
+ if (eidMode.equals("new")) {
+ authProcessData.setForeigner(true);
+ authProcessData.setGenericDataToSession(
+ PvpAttributeDefinitions.EID_ISSUING_NATION_NAME,
+ EidasResponseUtils.parseEidasPersonalIdentifier((String) simpleAttrMap.get(
+ Constants.eIDAS_ATTR_PERSONALIDENTIFIER)).getFirst());
+ authProcessData.setQaaLevel(eidasResponse.getLevelOfAssurance());
+ }
else {
if (identityLink == null) {
log.error("ERnB did not return an identity link.");