aboutsummaryrefslogtreecommitdiff
path: root/connector/src
diff options
context:
space:
mode:
authorThomas <>2021-03-30 15:08:07 +0200
committerThomas <>2022-03-03 16:31:56 +0100
commit2daed784e006d449de5b6151f6e109ab2a829749 (patch)
tree0d5a6b14f690a0237003020f6e48d143eaf7c5d3 /connector/src
parent1ae77e971928a44dd278eaa473392c35855c4227 (diff)
downloadNational_eIDAS_Gateway-2daed784e006d449de5b6151f6e109ab2a829749.tar.gz
National_eIDAS_Gateway-2daed784e006d449de5b6151f6e109ab2a829749.tar.bz2
National_eIDAS_Gateway-2daed784e006d449de5b6151f6e109ab2a829749.zip
add mandate functionality into eIDAS out-going process
Diffstat (limited to 'connector/src')
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java182
-rw-r--r--connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java206
2 files changed, 359 insertions, 29 deletions
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java
index 2e70893b..629d015e 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java
@@ -24,19 +24,31 @@
package at.asitplus.eidas.specific.connector.builder;
import java.util.Date;
+import java.util.Optional;
+import java.util.Set;
+import java.util.stream.Collectors;
import org.springframework.stereotype.Service;
+import com.google.common.collect.Streams;
+
import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.modules.auth.idaustria.IdAustriaAuthConstants;
+import at.asitplus.eidas.specific.modules.msproxyservice.MsProxyServiceConstants;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions.EidIdentityStatusLevelValues;
import at.gv.egiz.eaaf.core.api.idp.IAuthData;
import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
import at.gv.egiz.eaaf.core.api.idp.auth.data.IAuthProcessDataContainer;
+import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException;
import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.impl.builder.BpkBuilder;
import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.core.impl.data.Triple;
import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData;
import at.gv.egiz.eaaf.core.impl.idp.EidAuthenticationData;
import at.gv.egiz.eaaf.core.impl.idp.auth.builder.AbstractAuthenticationDataBuilder;
@@ -46,55 +58,59 @@ import lombok.extern.slf4j.Slf4j;
@Service("AuthenticationDataBuilder")
@Slf4j
public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder {
-
+
+ private static final String ERROR_B11 = "builder.11";
+
@Override
- protected IAuthData buildDeprecatedAuthData(IRequest pendingReq) throws EaafException {
+ protected IAuthData buildDeprecatedAuthData(IRequest pendingReq) throws EaafException {
final EidAuthProcessDataWrapper authProcessData =
- pendingReq.getSessionData(EidAuthProcessDataWrapper.class);
- EidAuthenticationData authData = new EidAuthenticationData();
-
- //set basis infos
+ pendingReq.getSessionData(EidAuthProcessDataWrapper.class);
+ final EidAuthenticationData authData = new EidAuthenticationData();
+
+ // set basis infos
super.generateDeprecatedBasicAuthData(authData, pendingReq, authProcessData);
-
+
// set specific informations
authData.setSsoSessionValidTo(
new Date(new Date().getTime() + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000));
-
- authData.setEidStatus(authProcessData.isTestIdentity()
- ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY);
-
+
+ authData.setEidStatus(authProcessData.isTestIdentity()
+ ? EidIdentityStatusLevelValues.TESTIDENTITY
+ : EidIdentityStatusLevelValues.IDENTITY);
+
return authData;
}
@Override
- protected void buildServiceSpecificAuthenticationData(IAuthData authData, IRequest pendingReq)
+ protected void buildServiceSpecificAuthenticationData(IAuthData authData, IRequest pendingReq)
throws EaafException {
if (authData instanceof EidAuthenticationData) {
- ((EidAuthenticationData)authData).setGenericData(
- ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME,
+ ((EidAuthenticationData) authData).setGenericData(
+ ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME,
pendingReq.getUniquePiiTransactionIdentifier());
log.trace("Inject piiTransactionId: {} into AuthData", pendingReq.getUniquePiiTransactionIdentifier());
-
+
// set specific informations
- ((EidAuthenticationData)authData).setSsoSessionValidTo(
+ ((EidAuthenticationData) authData).setSsoSessionValidTo(
new Date(new Date().getTime() + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000));
- //set E-ID status-level
+ // set E-ID status-level
final EidAuthProcessDataWrapper authProcessData =
- pendingReq.getSessionData(EidAuthProcessDataWrapper.class);
- ((EidAuthenticationData)authData).setEidStatus(authProcessData.isTestIdentity()
- ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY);
-
-
-
-
+ pendingReq.getSessionData(EidAuthProcessDataWrapper.class);
+ ((EidAuthenticationData) authData).setEidStatus(authProcessData.isTestIdentity()
+ ? EidIdentityStatusLevelValues.TESTIDENTITY
+ : EidIdentityStatusLevelValues.IDENTITY);
+
+ // handle mandate informations
+ buildMandateInformation((EidAuthenticationData) authData, pendingReq, authProcessData);
+
} else {
- throw new RuntimeException("Can not inject PiiTransactionId because AuthData is of unknown type: "
+ throw new RuntimeException("Can not inject PiiTransactionId because AuthData is of unknown type: "
+ authData.getClass().getName());
-
+
}
-
+
}
@Override
@@ -123,4 +139,116 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
}
+ private void buildMandateInformation(EidAuthenticationData authData, IRequest pendingReq,
+ EidAuthProcessDataWrapper authProcessData) throws EaafAuthenticationException, EaafBuilderException,
+ EaafStorageException {
+ authData.setUseMandate(authProcessData.isMandateUsed());
+ if (authProcessData.isMandateUsed()) {
+ log.debug("Build mandate-releated authentication data ... ");
+ if (authProcessData.isForeigner()) {
+ buildMandateInformationForEidasIncoming();
+
+ } else {
+ buildMandateInformationForEidasOutgoing(authData, pendingReq, authProcessData);
+
+ }
+
+ // inject mandate information into authdata
+ final Set<String> mandateAttributes = Streams.concat(
+ IdAustriaAuthConstants.DEFAULT_REQUIRED_MANDATE_NAT_PVP_ATTRIBUTES.stream(),
+ IdAustriaAuthConstants.DEFAULT_REQUIRED_MANDATE_JUR_PVP_ATTRIBUTES.stream())
+ .map(el -> el.getFirst())
+ .collect(Collectors.toSet());
+
+ authProcessData.getGenericSessionDataStream()
+ .filter(el -> mandateAttributes.contains(el.getKey()))
+ .forEach(el -> {
+ try {
+ authData.setGenericData(el.getKey(), el.getValue());
+
+ } catch (final EaafStorageException e) {
+ log.error("Can not store attribute: {} into session.", el.getKey(), e);
+ throw new RuntimeException(e);
+
+ }
+ });
+ }
+ }
+
+ private void buildMandateInformationForEidasIncoming() {
+ log.debug("Find eIDAS incoming process. Generated mandate-information for ID-Austria system ... ");
+
+ // TODO: implement IDA specific processing of foreign mandate
+
+ }
+
+ private void buildMandateInformationForEidasOutgoing(EidAuthenticationData authData, IRequest pendingReq,
+ EidAuthProcessDataWrapper authProcessData) throws EaafAuthenticationException, EaafBuilderException,
+ EaafStorageException {
+ log.debug("Find eIDAS outgoing process. Generated mandate-information for other country ... ");
+ if (authProcessData.getGenericDataFromSession(
+ PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME) != null) {
+ final Optional<Triple<String, String, Boolean>> missingAttribute =
+ IdAustriaAuthConstants.DEFAULT_REQUIRED_MANDATE_NAT_PVP_ATTRIBUTES.stream()
+ .filter(el -> authProcessData.getGenericDataFromSession(el.getFirst()) == null)
+ .findFirst();
+ if (missingAttribute.isPresent()) {
+ log.error("ID-Austria response contains not all attributes for nat. person mandator. Missing: {}",
+ missingAttribute.get().getFirst());
+ throw new EaafAuthenticationException(ERROR_B11, new Object[] { "Nat. person mandate" });
+
+ } else {
+ log.trace("Find nat. person mandate. Mandate can be used as it is ");
+ authData.setGenericData(MsProxyServiceConstants.ATTR_EIDAS_NAT_MANDATOR_PERSONAL_IDENTIFIER,
+ extractBpkFromResponse(authProcessData.getGenericDataFromSession(
+ PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, String.class)));
+
+ }
+
+ } else {
+ final Optional<Triple<String, String, Boolean>> missingAttribute =
+ IdAustriaAuthConstants.DEFAULT_REQUIRED_MANDATE_JUR_PVP_ATTRIBUTES.stream()
+ .filter(el -> authProcessData.getGenericDataFromSession(el.getFirst()) == null)
+ .findFirst();
+ if (missingAttribute.isPresent()) {
+ log.error("ID-Austria response contains not all attributes for legal. person mandator. Missing: {}",
+ missingAttribute.get().getFirst());
+ throw new EaafAuthenticationException(ERROR_B11, new Object[] { "Legal. person mandate" });
+
+ } else {
+ log.trace(
+ "Find jur. person mandate. Generate eIDAS identifier from legal-person sourcePin and type ... ");
+ final String sourcePin = authProcessData.getGenericDataFromSession(
+ PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, String.class);
+ final String sourcePinType = authProcessData.getGenericDataFromSession(
+ PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, String.class);
+
+ // TODO: check if we should to this in such a way!
+ final Pair<String, String> leagalPersonIdentifier =
+ BpkBuilder.generateAreaSpecificPersonIdentifier(
+ sourcePinType + sourcePin,
+ sourcePinType,
+ pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier());
+
+ log.debug("Use legal-person eIDAS identifer: {} from baseId: {} and baseIdType: {}",
+ leagalPersonIdentifier.getFirst(), sourcePin, sourcePinType);
+ authData.setGenericData(MsProxyServiceConstants.ATTR_EIDAS_JUR_MANDATOR_PERSONAL_IDENTIFIER,
+ leagalPersonIdentifier.getFirst());
+
+ }
+ }
+ }
+
+ private String extractBpkFromResponse(String pvpBpkAttrValue) {
+ final String[] split = pvpBpkAttrValue.split(":", 2);
+ if (split.length == 2) {
+ return split[1];
+
+ } else {
+ log.warn("PVP bPK attribute: {} has wrong format. Use it as it is.", pvpBpkAttrValue);
+ return pvpBpkAttrValue;
+
+ }
+ }
+
}
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
index 552c448e..277138ef 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
@@ -1,6 +1,10 @@
package at.asitplus.eidas.specific.connector.test.utils;
import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
import java.io.IOException;
import java.security.PublicKey;
@@ -176,9 +180,169 @@ public class AuthenticationDataBuilderTest {
Assert.assertEquals("testIdentity flag",
isTestIdentity ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY,
- ((EidAuthenticationData)authData).getEidStatus());
+ ((EidAuthenticationData)authData).getEidStatus());
+ assertFalse("mandate flag", ((EidAuthenticationData)authData).isUseMandate());
+
+ }
+
+ @Test
+ public void eidasProxyModeWithJurMandate() throws EaafAuthenticationException, EaafStorageException {
+ // initialize state
+ injectRepresentativeInfosIntoSession();
+
+ String commonMandate = RandomStringUtils.randomAlphabetic(10);
+
+ // set constant country-code and sourcePin to check hashed eIDAS identifier
+ String sourcePinMandate = "asfdsadfsadfsafsdafsadfasr";
+ spConfig.put("target", EaafConstants.URN_PREFIX_EIDAS + "AT+EE");
+
+ // set nat. person mandate information
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setUseMandates(true);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, commonMandate);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, sourcePinMandate);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME,
+ EaafConstants.URN_PREFIX_BASEID + "+XFN");
+
+ // execute test
+ IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq);
+
+
+ // validate state
+ Assert.assertNotNull("AuthData null", authData);
+ assertTrue("mandate flag", ((EidAuthenticationData)authData).isUseMandate());
+
+ //check mandate informations
+ checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, commonMandate);
+ checkGenericAttribute(authData, MsProxyServiceConstants.ATTR_EIDAS_JUR_MANDATOR_PERSONAL_IDENTIFIER,
+ "AT/EE/oaAGaV/zIHSf6rcB0TIOqjWPoOU=");
+
+ }
+
+ @Test
+ public void eidasProxyModeWithJurMandateMissingAttribute() throws EaafAuthenticationException, EaafStorageException {
+ // initialize state
+ injectRepresentativeInfosIntoSession();
+
+ // set constant country-code and sourcePin to check hashed eIDAS identifier
+ String sourcePinMandate = "asfdsadfsadfsafsdafsadfasr";
+ spConfig.put("target", EaafConstants.URN_PREFIX_EIDAS + "AT+EE");
+
+ // set nat. person mandate information
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setUseMandates(true);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, sourcePinMandate);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME,
+ EaafConstants.URN_PREFIX_BASEID + "+XFN");
+
+ // execute test
+ // execute test
+ EaafAuthenticationException error = assertThrows(EaafAuthenticationException.class,
+ () -> authenticationDataBuilder.buildAuthenticationData(pendingReq));
+ Assert.assertEquals("wrong errorId", "builder.11", error.getErrorId());
+
+ }
+
+ @Test
+ public void eidasProxyModeWithNatMandate() throws EaafAuthenticationException, EaafStorageException {
+ // initialize state
+ injectRepresentativeInfosIntoSession();
+
+ String givenNameMandate = RandomStringUtils.randomAlphabetic(10);
+ String familyNameMandate = RandomStringUtils.randomAlphabetic(10);
+ String dateOfBirthMandate = "1957-09-15";
+ String bpkMandate = RandomStringUtils.randomAlphanumeric(10);
+
+ // set nat. person mandate information
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setUseMandates(true);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, givenNameMandate);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, familyNameMandate);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, dateOfBirthMandate);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, "AT+XX:" + bpkMandate);
+
+ // execute test
+ IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq);
+
+
+ // validate state
+ Assert.assertNotNull("AuthData null", authData);
+ assertTrue("mandate flag", ((EidAuthenticationData)authData).isUseMandate());
+
+ //check mandate informations
+ checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, givenNameMandate);
+ checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, familyNameMandate);
+ checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, "1957-09-15");
+ checkGenericAttribute(authData, MsProxyServiceConstants.ATTR_EIDAS_NAT_MANDATOR_PERSONAL_IDENTIFIER, bpkMandate);
+
+ }
+
+ @Test
+ public void eidasProxyModeWithNatMandateWrongBpkFormat() throws EaafAuthenticationException, EaafStorageException {
+ // initialize state
+ injectRepresentativeInfosIntoSession();
+
+ String givenNameMandate = RandomStringUtils.randomAlphabetic(10);
+ String familyNameMandate = RandomStringUtils.randomAlphabetic(10);
+ String dateOfBirthMandate = "1957-09-15";
+ String bpkMandate = RandomStringUtils.randomAlphanumeric(10);
+
+ // set nat. person mandate information
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setUseMandates(true);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, givenNameMandate);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, familyNameMandate);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, dateOfBirthMandate);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, bpkMandate);
+
+ // execute test
+ IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq);
+
+
+ // validate state
+ Assert.assertNotNull("AuthData null", authData);
+ assertTrue("mandate flag", ((EidAuthenticationData)authData).isUseMandate());
+ //check mandate informations
+ checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, givenNameMandate);
+ checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, familyNameMandate);
+ checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, "1957-09-15");
+ checkGenericAttribute(authData, MsProxyServiceConstants.ATTR_EIDAS_NAT_MANDATOR_PERSONAL_IDENTIFIER, bpkMandate);
+
+ }
+
+ @Test
+ public void eidasProxyModeWithNatMandateMissingAttribute() throws EaafAuthenticationException, EaafStorageException {
+ // initialize state
+ injectRepresentativeInfosIntoSession();
+
+ String familyNameMandate = RandomStringUtils.randomAlphabetic(10);
+ String dateOfBirthMandate = "1957-09-15";
+ String bpkMandate = RandomStringUtils.randomAlphanumeric(10);
+
+ // set nat. person mandate information
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setUseMandates(true);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, familyNameMandate);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, dateOfBirthMandate);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, bpkMandate);
+ // execute test
+ EaafAuthenticationException error = assertThrows(EaafAuthenticationException.class,
+ () -> authenticationDataBuilder.buildAuthenticationData(pendingReq));
+ Assert.assertEquals("wrong errorId", "builder.11", error.getErrorId());
+
}
@Test
@@ -203,7 +367,7 @@ public class AuthenticationDataBuilderTest {
Assert.assertEquals("testIdentity flag",
isTestIdentity ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY,
((EidAuthenticationData)authData).getEidStatus());
-
+
String authBlock = authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class);
String eidasBind = authData.getGenericData(Constants.EIDAS_BIND, String.class);
@@ -276,6 +440,44 @@ public class AuthenticationDataBuilderTest {
}
+ private void injectRepresentativeInfosIntoSession() throws EaafStorageException {
+ boolean isTestIdentity = RandomUtils.nextBoolean();
+ pendingReq.getSessionData(EidAuthProcessDataWrapper.class).setTestIdentity(isTestIdentity);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true);
+
+ String givenName = RandomStringUtils.randomAlphabetic(10);
+ String familyName = RandomStringUtils.randomAlphabetic(10);
+ String dateOfBirth = "1956-12-08";
+ String bpk = RandomStringUtils.randomAlphanumeric(10);
+ String cc = pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class);
+ String spC = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+ spConfig.put("target", EaafConstants.URN_PREFIX_EIDAS + cc + "+" + spC);
+
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setForeigner(false);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.GIVEN_NAME_NAME, givenName);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, familyName);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.BIRTHDATE_NAME, dateOfBirth);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(MsProxyServiceConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, bpk);
+
+ //set LoA level attribute instead of explicit session-data
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME,
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).getQaaLevel());
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setQaaLevel(null);
+
+ }
+
+ private void checkGenericAttribute(IAuthData authData, String attrName, String expected) {
+ assertEquals("Wrong: " + attrName, expected, authData.getGenericData(attrName, String.class));
+
+ }
+
private IIdentityLink buildDummyIdl() {
return new IIdentityLink() {