some more updates

4 files changed, 350 insertions, 0 deletions

diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDPostProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDPostProcessor.java
new file mode 100644
index 00000000..db5dafd7
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDPostProcessor.java
@@ -0,0 +1,194 @@
+package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler;
+
+import java.util.Map;
+
+import org.joda.time.DateTime;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils;
+import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType;
+import at.gv.egiz.eaaf.core.impl.data.Trible;
+import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
+
+public abstract class AbstracteIDPostProcessor implements INationaleIDPostProcessor {
+	private static final Logger log = LoggerFactory.getLogger(AbstracteIDPostProcessor.class);
+	
+	
+	@Override
+	public ERnBeIDData postProcess(Map<String, Object> eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException{
+		ERnBeIDData result = new ERnBeIDData();
+		
+		//MDS attributes
+		result.setPseudonym(processPseudonym(eIDASAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER)));
+		result.setFamilyName(processFamilyName(eIDASAttrMap.get(Constants.eIDAS_ATTR_CURRENTFAMILYNAME)));
+		result.setGivenName(processGivenName(eIDASAttrMap.get(Constants.eIDAS_ATTR_CURRENTGIVENNAME)));
+		result.setDateOfBirth(processDateOfBirth(eIDASAttrMap.get(Constants.eIDAS_ATTR_DATEOFBIRTH)));
+		
+		//additional attributes
+		result.setPlaceOfBirth(processPlaceOfBirth(eIDASAttrMap.get(Constants.eIDAS_ATTR_PLACEOFBIRTH)));
+		result.setBirthName(processBirthName(eIDASAttrMap.get(Constants.eIDAS_ATTR_BIRTHNAME)));
+		result.setAddress(processAddress(eIDASAttrMap.get(Constants.eIDAS_ATTR_CURRENTADDRESS)));
+				
+		return result;
+		
+	}
+
+	/**
+	 * Post-Process the eIDAS CurrentAddress attribute
+	 * 
+	 * @param currentAddressObj
+	 * @return current address or null if no attribute is available 
+	 * @throws eIDPostProcessingException if post-processing fails
+	 * @throws eIDASAttributeException if eIDAS attribute is of a wrong type
+	 */
+	protected PostalAddressType processAddress(Object currentAddressObj) throws eIDPostProcessingException, eIDASAttributeException {
+		
+		if (currentAddressObj != null) { 
+			if ((currentAddressObj instanceof PostalAddress)) {
+				PostalAddressType result = new PostalAddressType();				
+				result.setPostalCode(((PostalAddress)currentAddressObj).getPostCode());				
+				result.setMunicipality(((PostalAddress)currentAddressObj).getPostName());
+				
+				//TODO: add more mappings
+				
+			} else {
+				log.warn("eIDAS attr: " +  Constants.eIDAS_ATTR_CURRENTADDRESS + " is of WRONG type");
+				throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTADDRESS);	
+				
+			}
+						
+		} else
+			log.debug("NO '" + Constants.eIDAS_ATTR_CURRENTADDRESS + "' attribute. Post-Processing skipped ... ");
+			
+		return null;
+		
+	}
+
+	/**
+	 * Post-Process the eIDAS BirthName attribute
+	 * 
+	 * @param birthNameObj
+	 * @return birthName or null if no attribute is available 
+	 * @throws eIDPostProcessingException if post-processing fails
+	 * @throws eIDASAttributeException if eIDAS attribute is of a wrong type
+	 */
+	protected String processBirthName(Object birthNameObj) throws eIDPostProcessingException, eIDASAttributeException {
+		if (birthNameObj != null) { 
+			if ((birthNameObj instanceof String)) {
+				return (String)birthNameObj;
+				
+			} else {
+				log.warn("eIDAS attr: " +  Constants.eIDAS_ATTR_BIRTHNAME + " is of WRONG type");
+				throw new eIDASAttributeException(Constants.eIDAS_ATTR_BIRTHNAME);	
+				
+			}
+				
+		} else
+			log.debug("NO '" + Constants.eIDAS_ATTR_BIRTHNAME + "' attribute. Post-Processing skipped ... ");
+			
+        			
+		return null;
+		
+	}
+
+	/**
+	 * Post-Process the eIDAS PlaceOfBirth attribute
+	 * 
+	 * @param placeOfBirthObj
+	 * @return place of Birth or null if no attribute is available 
+	 * @throws eIDPostProcessingException if post-processing fails
+	 * @throws eIDASAttributeException if eIDAS attribute is of a wrong type
+	 */
+	protected String processPlaceOfBirth(Object placeOfBirthObj) throws eIDPostProcessingException, eIDASAttributeException {
+		if (placeOfBirthObj != null) { 
+			if ((placeOfBirthObj instanceof String)) {
+				return (String)placeOfBirthObj;
+				
+			} else {
+				log.warn("eIDAS attr: " +  Constants.eIDAS_ATTR_PLACEOFBIRTH + " is of WRONG type");
+				throw new eIDASAttributeException(Constants.eIDAS_ATTR_PLACEOFBIRTH);	
+				
+			}
+				
+		} else
+			log.debug("NO '" + Constants.eIDAS_ATTR_PLACEOFBIRTH + "' attribute. Post-Processing skipped ... ");
+			
+        			
+		return null;
+		
+	}
+
+	/**
+	 * Post-Process the eIDAS DateOfBirth attribute
+	 * 
+	 * @param dateOfBirthObj
+	 * @return
+	 * @throws eIDASAttributeException if NO attribute is available
+	 * @throws eIDPostProcessingException if post-processing fails 
+	 */
+	protected DateTime processDateOfBirth(Object dateOfBirthObj) throws eIDPostProcessingException, eIDASAttributeException {
+		if (dateOfBirthObj == null || !(dateOfBirthObj instanceof DateTime))
+        	throw new eIDASAttributeException(Constants.eIDAS_ATTR_DATEOFBIRTH);
+		
+		return (DateTime)dateOfBirthObj;
+		
+	}
+
+	/**
+	 * Post-Process the eIDAS GivenName attribute
+	 * 
+	 * @param givenNameObj
+	 * @return
+	 * @throws eIDASAttributeException if NO attribute is available
+	 * @throws eIDPostProcessingException if post-processing fails
+	 */
+	protected String processGivenName(Object givenNameObj) throws eIDPostProcessingException, eIDASAttributeException {
+		if (givenNameObj == null || !(givenNameObj instanceof String))
+        	throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTGIVENNAME);
+		
+		return (String)givenNameObj;
+		
+	}
+
+	/**
+	 * Post-Process the eIDAS FamilyName attribute
+	 * 
+	 * @param familyNameObj
+	 * @return
+	 * @throws eIDASAttributeException if NO attribute is available
+	 * @throws eIDPostProcessingException if post-processing fails
+	 */
+	protected String processFamilyName(Object familyNameObj) throws eIDPostProcessingException, eIDASAttributeException {
+		if (familyNameObj == null || !(familyNameObj instanceof String))
+        	throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTFAMILYNAME);
+				
+		return (String) familyNameObj;
+		
+	}
+
+	/**
+	 * Post-Process the eIDAS pseudonym to ERnB unique identifier
+	 * 
+	 * @param eIdentifierObj eIDAS PersonalIdentifierAttribute
+	 * @return
+	 * @throws eIDPostProcessingException
+	 * @throws eIDASAttributeException if NO attribute is available
+	 * @throws eIDPostProcessingException if post-processing fails
+	 */
+	protected String processPseudonym(Object eIdentifierObj) throws eIDPostProcessingException, eIDASAttributeException {
+		if (eIdentifierObj == null || !(eIdentifierObj instanceof String))
+	        	throw new eIDASAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+		 
+		Trible<String, String, String> eIdentifier = 
+					eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIdentifierObj);
+				
+		return eIdentifier.getThird();
+		
+	}
+	
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDPostProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDPostProcessor.java
new file mode 100644
index 00000000..90562f86
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDPostProcessor.java
@@ -0,0 +1,79 @@
+package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler;
+
+import java.util.Base64;
+
+import org.apache.commons.codec.DecoderException;
+import org.apache.commons.codec.binary.Hex;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils;
+import at.gv.egiz.eaaf.core.impl.data.Trible;
+
+public class DEeIDPostProcessor extends AbstracteIDPostProcessor {
+	private static final Logger log = LoggerFactory.getLogger(DEeIDPostProcessor.class);	
+	private static final String canHandleCC = "DE";
+	
+	private int priority = 1;
+	
+	@Override
+	public int getPriority() {
+		return priority;
+	}
+
+	@Override
+	public boolean canHandle(String countryCode) {		
+		return countryCode != null && countryCode.equalsIgnoreCase(canHandleCC);
+		
+	}
+
+	
+	public void setPriority(int priority) {
+		this.priority = priority;
+	}
+
+	@Override
+	public String getName() {
+		return "DE-PostProcessor";
+		
+	}
+	
+	@Override
+	protected String processPseudonym(Object eIdentifierObj) throws eIDPostProcessingException, eIDASAttributeException {
+		if (eIdentifierObj == null || !(eIdentifierObj instanceof String))
+	        	throw new eIDASAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+		 
+		Trible<String, String, String> eIdentifier = 
+					eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIdentifierObj);
+				
+		log.trace(getName() + " starts processing of attribute: " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+		String result = convertDEIdentifier(eIdentifier.getThird());
+		log.debug(getName() + " finished processing of attribute: " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+		
+		return result; 
+		
+		
+	}
+	
+	private String convertDEIdentifier(String hexEncodedDEIdentifier) throws eIDPostProcessingException
+	{
+		if(hexEncodedDEIdentifier.length() != 64)
+			throw new eIDPostProcessingException("ernb.03", new Object[] {"Input has wrong length, expected 64 chars"});
+
+		byte[] data;
+		try {			
+			data = Hex.decodeHex(hexEncodedDEIdentifier);
+			
+		} catch (DecoderException e) {
+			throw new eIDPostProcessingException("ernb.03", null, e);
+			
+		}
+		
+		byte[] encoded = Base64.getEncoder().encode(data);
+		return new String(encoded);
+	}
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDPostProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDPostProcessor.java
new file mode 100644
index 00000000..f6e0aba2
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDPostProcessor.java
@@ -0,0 +1,31 @@
+package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler;
+
+public class GenericeIDPostProcessor extends AbstracteIDPostProcessor {
+
+	private int priority = 0;
+	
+	@Override
+	public int getPriority() {
+		return priority;
+		
+	}
+
+	@Override
+	public boolean canHandle(String countryCode) {
+		return true;
+		
+	}
+	
+	public void setPriority(int priority) {
+		this.priority = priority;
+	}
+
+	@Override
+	public String getName() {
+		return "Default-PostProcessor";
+		
+	}
+	
+	
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDPostProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDPostProcessor.java
new file mode 100644
index 00000000..2335ca6d
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDPostProcessor.java
@@ -0,0 +1,46 @@
+package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler;
+
+import java.util.Map;
+
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException;
+
+public interface INationaleIDPostProcessor {
+
+	/**
+	 * Get a friendlyName of this post-processor implementation
+	 * 
+	 * @return
+	 */
+	public String getName();
+	
+	/**
+	 * Get the priority of this eID Post-Processor
+	 * <br>
+	 * If more than one Post-Processor implementations can handle the eID data, the post-processor with the highest priority are selected.
+	 * The Default-Processor has priority '0'
+	 * 
+	 * @return Priority of this handler
+	 */
+	public int getPriority();
+
+	/**
+	 * Check if this postProcessor is sensitive for a specific country 
+	 * 
+	 * @param countryCode of the eID data that should be processed 
+	 * @return true if this implementation can handle the country, otherwise false
+	 * 
+	 */
+	public boolean canHandle(String countryCode);
+	
+	
+	/**
+	 * Post-Process eIDAS eID data into national format 
+	 * @param eIDASAttrMap Map of eIDAS attributes in format friendlyName and attribute
+	 * @throws eIDPostProcessingException 
+	 * @throws eIDASAttributeException 
+	 * 
+	 */
+	public ERnBeIDData postProcess(Map<String, Object> eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException; 
+}