diff options
author | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2022-03-03 15:27:30 +0000 |
---|---|---|
committer | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2022-03-03 15:27:30 +0000 |
commit | d8247d4de494c176f78658fa2c0a38ac9ceab0aa (patch) | |
tree | d0b6bf2293b6e82282bfbab595e0b4d39fdb0428 /eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java | |
parent | b81ef7a782278cb941d3b424ccbe1ccc976c54f3 (diff) | |
parent | c3bba97c9093eca911f6edd9cbb9742d5f32583c (diff) | |
download | National_eIDAS_Gateway-d8247d4de494c176f78658fa2c0a38ac9ceab0aa.tar.gz National_eIDAS_Gateway-d8247d4de494c176f78658fa2c0a38ac9ceab0aa.tar.bz2 National_eIDAS_Gateway-d8247d4de494c176f78658fa2c0a38ac9ceab0aa.zip |
Merge branch 'feature/matching_ernp_client' into 'feature/matching_base'
refactor(ernp): update openAPI specification from BM.I to use...
See merge request egiz/eidas_at_proxy!16
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java')
-rw-r--r-- | eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java | 126 |
1 files changed, 10 insertions, 116 deletions
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java index c95c275e..0aba70d1 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java @@ -23,21 +23,16 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks; -import java.io.IOException; -import java.io.InputStream; import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.xml.parsers.ParserConfigurationException; import org.jetbrains.annotations.Nullable; import org.jose4j.lang.JoseException; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import org.w3c.dom.Element; -import org.w3c.dom.Node; -import org.xml.sax.SAXException; import com.fasterxml.jackson.core.JsonProcessingException; @@ -64,8 +59,6 @@ import at.gv.egiz.eaaf.core.impl.data.Pair; import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; -import at.gv.egiz.eaaf.core.impl.utils.DomUtils; -import at.gv.egiz.eaaf.core.impl.utils.XPathUtils; import lombok.Data; import lombok.extern.slf4j.Slf4j; import szrservices.IdentityLinkType; @@ -86,9 +79,6 @@ import szrservices.IdentityLinkType; * <ul> * <li>{@link at.gv.egiz.eaaf.core.impl.idp.controller.tasks.FinalizeAuthenticationTask}</li> * </ul> - * TODO Take Constants#DATA_SIMPLE_EIDAS and Constants#DATA_RESULT_MATCHING_BPK - * TODO Only do VSZ Erstellung and eidasBind -- this is always the end of the whole process - * TODO Move Eintragung to separate Task, as it does not happen every time * @author tlenz */ @Slf4j @@ -127,21 +117,17 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { final SimpleEidasData eidData = MatchingTaskUtils.getInitialEidasData(pendingReq); MatchedPersonResult matchedPersonData = MatchingTaskUtils.getFinalMatchingResult(pendingReq); + // write log information based on current configuration writeMdsLogInformation(eidData); - if (basicConfig.getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USEDUMMY, false)) { - buildDummyIdentityLink(eidData); + //request SZR based on IDL or E-ID mode + if (pendingReq.getServiceProviderConfiguration() + .isConfigurationValue(MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE, false)) { + executeEidMode(eidData, matchedPersonData); } else { - //request SZR based on IDL or E-ID mode - if (pendingReq.getServiceProviderConfiguration() - .isConfigurationValue(MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE, false)) { - executeEidMode(eidData, matchedPersonData); + executeIdlMode(eidData, matchedPersonData); - } else { - executeIdlMode(eidData, matchedPersonData); - - } } storeGenericInfoToSession(eidData); @@ -192,16 +178,8 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { private void executeEidMode(SimpleEidasData eidData, MatchedPersonResult matchedPersonData) throws JsonProcessingException, EaafException, JoseException { // get encrypted baseId - String vsz; - if (matchedPersonData != null) { - log.debug("Requesting encrypted baseId by already matched person information ... "); - vsz = szrClient.getEncryptedStammzahl(matchedPersonData); - - } else { - log.debug("Requesting encrypted baseId by using eIDAS information directly ... "); - vsz = szrClient.createNewErnpEntry(eidData); - - } + log.debug("Requesting encrypted baseId by already matched person information ... "); + String vsz = szrClient.getEncryptedStammzahl(matchedPersonData); //write revision-Log entry and extended infos personal-identifier mapping revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_VSZ_RECEIVED); @@ -224,21 +202,6 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { } - private void buildDummyIdentityLink(SimpleEidasData eidData) - throws ParserConfigurationException, SAXException, IOException, EaafException { - AuthProcessDataWrapper authProcessDataWrapper = MatchingTaskUtils.getAuthProcessDataWrapper(pendingReq); - SzrResultHolder idlResult = createDummyIdentityLinkForTestDeployment(eidData); - //inject personal-data into session - authProcessDataWrapper.setIdentityLink(idlResult.getIdentityLink()); - - // set bPK and bPKType into auth session - authProcessDataWrapper.setGenericDataToSession(PvpAttributeDefinitions.BPK_NAME, extendBpkByPrefix( - idlResult.getBpK(), pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier())); - authProcessDataWrapper.setGenericDataToSession(PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME, - pendingReq.getServiceProviderConfiguration() - .getAreaSpecificTargetIdentifier()); - } - private void writeExtendedRevisionLogEntry(SimpleEidasData eidData, String personalIdentifier) { // write ERnP input-data into revision-log if (basicConfig.getBasicConfigurationBoolean( @@ -252,18 +215,8 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { private SzrResultHolder requestSzrForIdentityLink(SimpleEidasData eidData, MatchedPersonResult matchedPersonData) throws EaafException { //request IdentityLink from SZR - IdentityLinkType result; - - if (matchedPersonData != null) { - log.debug("Requesting encrypted baseId by already matched person information ... "); - result = szrClient.getIdentityLinkInRawMode(matchedPersonData); - - } else { - log.debug("Requesting encrypted baseId by using eIDAS information directly ... "); - result = szrClient.getIdentityLinkInRawMode(eidData); - - } - + log.debug("Requesting encrypted baseId by already matched person information ... "); + IdentityLinkType result = szrClient.getIdentityLinkInRawMode(matchedPersonData); final Element idlFromSzr = (Element) result.getAssertion(); final IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSzr).parseIdentityLink(); @@ -364,63 +317,4 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { final String bpK; } - - /** - * Build a dummy IdentityLink and a dummy bPK based on eIDAS information. - * - * <br><br> - * <b>FOR LOCAL TESTING ONLY!!!</b> - * - * @param eidData Information from eIDAS response - * @return IdentityLink and bPK - * @throws ParserConfigurationException In case of an IDL processing error - * @throws SAXException In case of an IDL processing error - * @throws IOException In case of an IDL processing error - * @throws EaafException In case of a bPK generation error - */ - private SzrResultHolder createDummyIdentityLinkForTestDeployment(SimpleEidasData eidData) - throws ParserConfigurationException, SAXException, IOException, EaafException { - log.warn("SZR-Dummy IS ACTIVE! IdentityLink is NOT VALID!!!!"); - // create fake IdL - // - fetch IdL template from resources - final InputStream s = CreateIdentityLinkTask.class - .getResourceAsStream("/resources/xmldata/fakeIdL_IdL_template.xml"); - final Element idlTemplate = DomUtils.parseXmlValidating(s); - - IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlTemplate).parseIdentityLink(); - - // replace data - final Element idlassertion = identityLink.getSamlAssertion(); - - // - set fake baseID; - final Node prIdentification = XPathUtils - .selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH); - prIdentification.getFirstChild().setNodeValue(eidData.getPseudonym()); - - // - set last name - final Node prFamilyName = XPathUtils - .selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_FAMILY_NAME_XPATH); - prFamilyName.getFirstChild().setNodeValue(eidData.getFamilyName()); - - // - set first name - final Node prGivenName = XPathUtils - .selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_GIVEN_NAME_XPATH); - prGivenName.getFirstChild().setNodeValue(eidData.getGivenName()); - - // - set date of birth - final Node prDateOfBirth = XPathUtils - .selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_DATE_OF_BIRTH_XPATH); - - prDateOfBirth.getFirstChild().setNodeValue(eidData.getDateOfBirth()); - - identityLink = new SimpleIdentityLinkAssertionParser(idlassertion).parseIdentityLink(); - - String idValue = identityLink.getIdentificationValue(); - String idType = identityLink.getIdentificationType(); - String targetId = pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier(); - final Pair<String, String> bpkCalc = BpkBuilder.generateAreaSpecificPersonIdentifier(idValue, idType, targetId); - return new SzrResultHolder(identityLink, bpkCalc.getFirst()); - - } - } |