aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas <>2022-12-15 17:56:49 +0100
committerThomas <>2022-12-15 17:56:49 +0100
commitfb04ef818546cf26ed1e623e5b565ac0961780fe (patch)
treea73b38fbc9d74e61ca56c20810485684940f1db2
parent30f1ff7b45f3d05147329323751516ed8114c9f2 (diff)
downloadNational_eIDAS_Gateway-fb04ef818546cf26ed1e623e5b565ac0961780fe.tar.gz
National_eIDAS_Gateway-fb04ef818546cf26ed1e623e5b565ac0961780fe.tar.bz2
National_eIDAS_Gateway-fb04ef818546cf26ed1e623e5b565ac0961780fe.zip
feat(connector): add support for Ukraine eIDAS-ProxyService
Since Ukraine is not notified, we need a new configuration parameter to set not-notified LoA
-rw-r--r--basicConfig/ms-connector/properties/messages.properties2
-rw-r--r--basicConfig/ms-connector/properties/messages_de.properties2
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/UaEidProcessor.java68
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml5
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java21
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java24
-rw-r--r--ms_specific_connector/src/main/resources/application.properties3
-rw-r--r--ms_specific_connector/src/main/webapp/img/countries/Ukraine-EU.pngbin0 -> 11768 bytes
-rw-r--r--ms_specific_connector/src/main/webapp/img/countries/Ukraine-EU_gray.pngbin0 -> 11728 bytes
9 files changed, 125 insertions, 0 deletions
diff --git a/basicConfig/ms-connector/properties/messages.properties b/basicConfig/ms-connector/properties/messages.properties
index f6005ac6..e2d5c71d 100644
--- a/basicConfig/ms-connector/properties/messages.properties
+++ b/basicConfig/ms-connector/properties/messages.properties
@@ -108,6 +108,8 @@ gui.countryselection.country.sw=Sweden
gui.countryselection.country.sw.logo.alt=Sweden-eID
gui.countryselection.country.uk=United Kingdom
gui.countryselection.country.uk.logo.alt=United Kingdom-eID
+gui.countryselection.country.ua=Ukraine
+gui.countryselection.country.ua.logo.alt=Ukraine-eID
gui.countryselection.country.testcountry=TestCountry
gui.countryselection.country.testcountry.logo.alt=Testcountry-eID
diff --git a/basicConfig/ms-connector/properties/messages_de.properties b/basicConfig/ms-connector/properties/messages_de.properties
index 8fde9fdd..9ebcde5f 100644
--- a/basicConfig/ms-connector/properties/messages_de.properties
+++ b/basicConfig/ms-connector/properties/messages_de.properties
@@ -92,6 +92,8 @@ gui.countryselection.country.sw=Schweden
gui.countryselection.country.sw.logo.alt=Schwedische-eID
gui.countryselection.country.uk=Großbritannien
gui.countryselection.country.uk.logo.alt=Britische-eID
+gui.countryselection.country.ua=Ukraine
+gui.countryselection.country.ua.logo.alt=Ukraine-eID
gui.countryselection.country.testcountry=Testland
gui.countryselection.country.testcountry.logo.alt=Testland-eID
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/UaEidProcessor.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/UaEidProcessor.java
new file mode 100644
index 00000000..6be0a26b
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/UaEidProcessor.java
@@ -0,0 +1,68 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler;
+
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.extern.slf4j.Slf4j;
+
+/**
+ * Ulraine specific eIDAS AuthnRequest generation.
+ *
+ * @author tlenz
+ *
+ */
+@Slf4j
+public class UaEidProcessor extends AbstractEidProcessor {
+
+ private static final String CONFIG_PROP_UA_SPECIFIC_LOA = "auth.eIDAS.node_v2.loa.ua.requested";
+
+ private static final String canHandleCC = "UA";
+
+ @Autowired IConfiguration config;
+
+ @Getter
+ @Setter
+ private int priority = 1;
+
+ @Override
+ public String getName() {
+ return "UA-PostProcessor";
+
+ }
+
+ @Override
+ public boolean canHandle(String countryCode) {
+ return countryCode != null && countryCode.equalsIgnoreCase(canHandleCC);
+
+ }
+
+ @Override
+ protected Map<String, Boolean> getCountrySpecificRequestedAttributes() {
+ return new HashMap<>();
+
+ }
+
+ protected void buildLevelOfAssurance(ISpConfiguration spConfig, Builder authnRequestBuilder) {
+
+ // allow override of LoA, because UA maybe only support not-notified LoA levels
+ String uaSpecificLoA = config.getBasicConfiguration(CONFIG_PROP_UA_SPECIFIC_LOA);
+ if (StringUtils.isNotEmpty(uaSpecificLoA)) {
+ authnRequestBuilder.levelsOfAssuranceValues(Arrays.asList(uaSpecificLoA));
+ log.info("Set UA specific LoA level to: {}", uaSpecificLoA);
+
+ } else {
+ super.buildLevelOfAssurance(spConfig, authnRequestBuilder);
+
+ }
+ }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml b/modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
index ab4228fd..8c561fbb 100644
--- a/modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
@@ -72,6 +72,11 @@
<property name="priority" value="1" />
</bean>
+ <bean id="UA-Processor"
+ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.UaEidProcessor">
+ <property name="priority" value="1" />
+ </bean>
+
<bean id="Default-Processor"
class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.GenericEidProcessor">
<property name="priority" value="0" />
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java
index f3863ce0..b0290c90 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java
@@ -199,4 +199,25 @@ public class EidasRequestPreProcessingFirstTest {
}
+ @Test
+ @SneakyThrows
+ public void prePreProcessUaWithoutConfig() throws EidPostProcessingException {
+
+ final String testCountry = "UA";
+ spConfig.put("loa", EaafConstants.EIDAS_LOA_LOW);
+ authnRequestBuilder.citizenCountryCode(testCountry);
+ authnRequestBuilder.levelOfAssurance(EaafConstants.EIDAS_LOA_LOW);
+
+ preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
+
+ final LightRequest lightReq = authnRequestBuilder.build();
+
+ Assert.assertNotSame("RequesterId was set", lightReq.getRequesterId());
+ Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+ Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size());
+
+ Assert.assertEquals("wrong LoA", EaafConstants.EIDAS_LOA_LOW, lightReq.getLevelOfAssurance());
+
+ }
+
}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java
index 0453ca1d..7cfd2d5c 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java
@@ -203,4 +203,28 @@ public class EidasRequestPreProcessingSecondTest {
}
+ @Test
+ @SneakyThrows
+ public void prePreProcessUaWithConfig() throws EidPostProcessingException {
+
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.loa.ua.requested", "http://eidas.europa.eu/NotNotified/LoA/high");
+
+ final String testCountry = "UA";
+ authnRequestBuilder.citizenCountryCode(testCountry);
+ authnRequestBuilder.levelOfAssurance(EaafConstants.EIDAS_LOA_LOW);
+
+ preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
+
+ final LightRequest lightReq = authnRequestBuilder.build();
+
+ Assert.assertNotSame("RequesterId was set", lightReq.getRequesterId());
+ Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+ Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size());
+
+ Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/NotNotified/LoA/high",
+ lightReq.getLevelsOfAssurance().get(0).getValue());
+
+ }
+
}
diff --git a/ms_specific_connector/src/main/resources/application.properties b/ms_specific_connector/src/main/resources/application.properties
index a2a0ca67..74b3ee73 100644
--- a/ms_specific_connector/src/main/resources/application.properties
+++ b/ms_specific_connector/src/main/resources/application.properties
@@ -106,6 +106,9 @@ eidas.ms.auth.eIDAS.node_v2.requested.nameIdFormat=urn:oasis:names:tc:SAML:1.1:n
eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high
+#eidas.ms.auth.eIDAS.node_v2.loa.ua.requested=http://eidas.europa.eu/NotNotified/LoA/high
+
+
#eidas.ms.auth.eIDAS.szrclient.useTestService=true
#eidas.ms.auth.eIDAS.szrclient.endpoint.prod=
#eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr
diff --git a/ms_specific_connector/src/main/webapp/img/countries/Ukraine-EU.png b/ms_specific_connector/src/main/webapp/img/countries/Ukraine-EU.png
new file mode 100644
index 00000000..70da904b
--- /dev/null
+++ b/ms_specific_connector/src/main/webapp/img/countries/Ukraine-EU.png
Binary files differ
diff --git a/ms_specific_connector/src/main/webapp/img/countries/Ukraine-EU_gray.png b/ms_specific_connector/src/main/webapp/img/countries/Ukraine-EU_gray.png
new file mode 100644
index 00000000..90beb895
--- /dev/null
+++ b/ms_specific_connector/src/main/webapp/img/countries/Ukraine-EU_gray.png
Binary files differ