fix LoA level validation error in AuthnRequestValidator.java

author: Thomas Lenz <thomas.lenz@egiz.gv.at> 2019-12-11 12:45:58 +0100
committer: Thomas Lenz <thomas.lenz@egiz.gv.at> 2019-12-11 12:45:58 +0100
commit: 3734d910935f34427632a36206aa3b6b0822c9bf (patch)
tree: 4a834c00ea143eb331ae633d847e47a051408a17 /connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java
parent: 7bdb891ffe9e14e86b23a10579c8d97759ba4830 (diff)
download: National_eIDAS_Gateway-3734d910935f34427632a36206aa3b6b0822c9bf.tar.gz
National_eIDAS_Gateway-3734d910935f34427632a36206aa3b6b0822c9bf.tar.bz2
National_eIDAS_Gateway-3734d910935f34427632a36206aa3b6b0822c9bf.zip
1 files changed, 7 insertions, 6 deletions
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java
index 0230521c..87c23dee 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java
@@ -103,12 +103,13 @@ public class AuthnRequestValidator implements IAuthnRequestValidator {
       if (StringUtils.isEmpty(providerName)) {
         log.info("Authn. request contains NO SP friendlyName");
       } else {
-        pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_PROVIDERNAME, spEntityId);
+        pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_PROVIDERNAME, providerName);
       }
 
       // post-process requested LoA
       final List<String> reqLoA = extractLoA(authnReq);
-
+      log.trace("SP requests LoA with: {}", String.join(", ",reqLoA));
+      
       LevelOfAssurance minimumLoAFromConfig = LevelOfAssurance.fromString(basicConfig.getBasicConfiguration(
           MsEidasNodeConstants.PROP_EIDAS_REQUEST_LOA_MINIMUM_LEVEL,
           EaafConstants.EIDAS_LOA_HIGH));
@@ -118,21 +119,21 @@ public class AuthnRequestValidator implements IAuthnRequestValidator {
         minimumLoAFromConfig = LevelOfAssurance.HIGH;
 
       }
-
+            
       log.trace("Validate requested LoA to connector configuration minimum LoA: {} ...",
-          minimumLoAFromConfig);
+          minimumLoAFromConfig);      
       final List<String> allowedLoA = new ArrayList<>();
       for (final String loa : reqLoA) {
         try {
           final LevelOfAssurance intLoa = LevelOfAssurance.fromString(loa);
           String selectedLoA = EaafConstants.EIDAS_LOA_HIGH;
           if (intLoa != null 
-              && intLoa.numericValue() >= minimumLoAFromConfig.numericValue()) {
+              && intLoa.numericValue() <= minimumLoAFromConfig.numericValue()) {
             log.info("Client: {} requested LoA: {} will be upgraded to: {}",
                 pendingReq.getServiceProviderConfiguration().getUniqueIdentifier(),
                 loa,
                 minimumLoAFromConfig);
-            selectedLoA = intLoa.getValue();
+            selectedLoA = minimumLoAFromConfig.getValue();
 
           }
author	Thomas Lenz <thomas.lenz@egiz.gv.at>	2019-12-11 12:45:58 +0100
committer	Thomas Lenz <thomas.lenz@egiz.gv.at>	2019-12-11 12:45:58 +0100
commit	3734d910935f34427632a36206aa3b6b0822c9bf (patch)
tree	4a834c00ea143eb331ae633d847e47a051408a17 /connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java
parent	7bdb891ffe9e14e86b23a10579c8d97759ba4830 (diff)
download	National_eIDAS_Gateway-3734d910935f34427632a36206aa3b6b0822c9bf.tar.gz National_eIDAS_Gateway-3734d910935f34427632a36206aa3b6b0822c9bf.tar.bz2 National_eIDAS_Gateway-3734d910935f34427632a36206aa3b6b0822c9bf.zip