diff options
author | Thomas <> | 2021-03-10 12:25:10 +0100 |
---|---|---|
committer | Thomas <> | 2021-03-10 12:25:10 +0100 |
commit | c5c6344931f67ccaba335ffa476b5e8117948020 (patch) | |
tree | e8688e8c002450dd31d4bc89b0ebed60fe65d2ce /connector/src/main | |
parent | ab4da3642f0ba96d74aff8e0a1a60e66fa0d4813 (diff) | |
download | National_eIDAS_Gateway-c5c6344931f67ccaba335ffa476b5e8117948020.tar.gz National_eIDAS_Gateway-c5c6344931f67ccaba335ffa476b5e8117948020.tar.bz2 National_eIDAS_Gateway-c5c6344931f67ccaba335ffa476b5e8117948020.zip |
switch to EAAF-components 1.1.13-SNAPSHOT to add EID-IDENTITY-STATUS-LEVEL attribute into SAML2 response
Diffstat (limited to 'connector/src/main')
3 files changed, 26 insertions, 8 deletions
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java index c41660ce..3a93c1b8 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java @@ -30,6 +30,7 @@ import org.springframework.stereotype.Service; import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions.EidIdentityStatusLevelValues; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.api.idp.auth.data.IAuthProcessDataContainer; @@ -37,8 +38,9 @@ import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.impl.data.Pair; import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData; +import at.gv.egiz.eaaf.core.impl.idp.EidAuthenticationData; import at.gv.egiz.eaaf.core.impl.idp.auth.builder.AbstractAuthenticationDataBuilder; -import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper; import lombok.extern.slf4j.Slf4j; @Service("AuthenticationDataBuilder") @@ -47,9 +49,9 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder @Override protected IAuthData buildDeprecatedAuthData(IRequest pendingReq) throws EaafException { - final IAuthProcessDataContainer authProcessData = - pendingReq.getSessionData(AuthProcessDataWrapper.class); - AuthenticationData authData = new AuthenticationData(); + final EidAuthProcessDataWrapper authProcessData = + pendingReq.getSessionData(EidAuthProcessDataWrapper.class); + EidAuthenticationData authData = new EidAuthenticationData(); //set basis infos super.generateDeprecatedBasicAuthData(authData, pendingReq, authProcessData); @@ -58,6 +60,9 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder authData.setSsoSessionValidTo( new Date(new Date().getTime() + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000)); + authData.setEidStatus(authProcessData.isTestIdentity() + ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY); + return authData; } @@ -65,16 +70,21 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder @Override protected void buildServiceSpecificAuthenticationData(IAuthData authData, IRequest pendingReq) throws EaafException { - if (authData instanceof AuthenticationData) { - ((AuthenticationData)authData).setGenericData( + if (authData instanceof EidAuthenticationData) { + ((EidAuthenticationData)authData).setGenericData( ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, pendingReq.getUniquePiiTransactionIdentifier()); log.trace("Inject piiTransactionId: {} into AuthData", pendingReq.getUniquePiiTransactionIdentifier()); // set specific informations - ((AuthenticationData)authData).setSsoSessionValidTo( + ((EidAuthenticationData)authData).setSsoSessionValidTo( new Date(new Date().getTime() + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000)); + //set E-ID status-level + final EidAuthProcessDataWrapper authProcessData = + pendingReq.getSessionData(EidAuthProcessDataWrapper.class); + ((EidAuthenticationData)authData).setEidStatus(authProcessData.isTestIdentity() + ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY); } else { throw new RuntimeException("Can not inject PiiTransactionId because AuthData is of unknown type: " @@ -86,7 +96,7 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder @Override protected IAuthData getAuthDataInstance(IRequest arg0) throws EaafException { - return new AuthenticationData(); + return new EidAuthenticationData(); } diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties index 9a4ae54f..2411fde3 100644 --- a/connector/src/main/resources/application.properties +++ b/connector/src/main/resources/application.properties @@ -48,6 +48,8 @@ eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256 ## eIDAS Ref. Implementation connector ### eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector +eidas.ms.auth.eIDAS.eid.testidentity.default=false + #eidas.ms.auth.eIDAS.node_v2.forward.endpoint= eidas.ms.auth.eIDAS.node_v2.forward.method=POST eidas.ms.auth.eIDAS.node_v2.countrycode=AT diff --git a/connector/src/main/resources/specific_eIDAS_connector.beans.xml b/connector/src/main/resources/specific_eIDAS_connector.beans.xml index f6fdeefe..0f8511d5 100644 --- a/connector/src/main/resources/specific_eIDAS_connector.beans.xml +++ b/connector/src/main/resources/specific_eIDAS_connector.beans.xml @@ -49,6 +49,9 @@ <property name="pvpIdpCredentials"> <ref bean="PVPEndPointCredentialProvider" /> </property> + <property name="metadataProvider"> + <ref bean="PVPMetadataProvider" /> + </property> </bean> <bean id="AuthnRequestValidator" @@ -69,6 +72,9 @@ <property name="pvpIdpCredentials"> <ref bean="PVPEndPointCredentialProvider" /> </property> + <property name="metadataProvider"> + <ref bean="PVPMetadataProvider" /> + </property> </bean> <bean id="eaafProtocolAuthenticationService" |