aboutsummaryrefslogtreecommitdiff
path: root/modules/authmodule-eIDAS-v2/src/main
diff options
context:
space:
mode:
authorThomas <>2022-07-05 17:49:34 +0200
committerThomas <>2022-07-05 17:49:34 +0200
commitb5766d8107d6e557921f9a694893a1284963ef16 (patch)
tree708e695bb0c90d958ef0e3cde6008169fb683893 /modules/authmodule-eIDAS-v2/src/main
parent154f7f2a9c8a33d3fedf341df2be62d8404ff77f (diff)
parent48695aa01a86890990dc4e42b9d44493ec840b25 (diff)
downloadNational_eIDAS_Gateway-b5766d8107d6e557921f9a694893a1284963ef16.tar.gz
National_eIDAS_Gateway-b5766d8107d6e557921f9a694893a1284963ef16.tar.bz2
National_eIDAS_Gateway-b5766d8107d6e557921f9a694893a1284963ef16.zip
Merge branch 'nightlybuild' into feature/ms_proxy_service
Diffstat (limited to 'modules/authmodule-eIDAS-v2/src/main')
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java11
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/controller/AdresssucheController.java111
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SelectedLoginMethod.java2
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/AlternativeSearchTask.java2
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateNewErnpEntryTask.java4
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateOtherLoginMethodGuiTask.java5
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java5
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java5
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java2
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java35
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java22
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/resources/eIDAS.Authentication.process.xml2
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/resources/messages/eidas_connector_message.properties1
13 files changed, 169 insertions, 38 deletions
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
index e766fc49..3c41bf0a 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
@@ -128,7 +128,15 @@ public class Constants {
public static final String CONIG_PROPS_EIDAS_COMMON_CLIENT_SSL_TRUSTSTORE_NAME = CONIG_PROPS_EIDAS_COMMON_CLIENT
+ ".ssl.trustStore.name";
-
+ /** Enable / Disable matching based on address search. **/
+ public static final String CONFIG_PROP_MATCHING_BY_ADDRESS =
+ EidasConstants.CONIG_PROPS_EIDAS_PREFIX + ".matching.byaddress.enable";
+
+ public static final String CONFIG_PROP_MATCHING_BY_ADDRESS_MAX_RESULTS =
+ EidasConstants.CONIG_PROPS_EIDAS_PREFIX + ".matching.byaddress.maxresults";
+ public static final String DEFAULT_MATCHING_BY_ADDRESS_MAX_RESULTS = "250";
+
+
// ZMR Client configuration properties
public static final String CONIG_PROPS_EIDAS_ZMRCLIENT =
EidasConstants.CONIG_PROPS_EIDAS_PREFIX + ".zmrclient";
@@ -312,6 +320,7 @@ public class Constants {
// UI options
+ public static final String HTML_FORM_ENABLE_MATCHING_BY_ADDRESS_SEARCH = "enableMatchingByAddressSearch";
public static final String HTML_FORM_CREATE_NEW_ERNP_ENTRY = "createNewErnpEntry";
public static final String HTML_FORM_ADVANCED_MATCHING_FAILED = "advancedMatchingFailed";
public static final String HTML_FORM_ADVANCED_MATCHING_FAILED_REASON =
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/controller/AdresssucheController.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/controller/AdresssucheController.java
index 6f49c700..a08128d3 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/controller/AdresssucheController.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/controller/AdresssucheController.java
@@ -25,6 +25,7 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.controller;
import java.util.Collection;
import java.util.Collections;
+import java.util.Comparator;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
@@ -40,12 +41,14 @@ import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.ZmrAddressSoapClient;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
import at.gv.bmi.namespace.zmr_su.zrm._20040201_.address.Adressdaten;
import at.gv.e_government.reference.namespace.persondata.de._20040201.PostAdresseTyp;
import at.gv.e_government.reference.namespace.persondata.de._20040201.ZustelladresseTyp;
import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.core.api.utils.IPendingRequestIdGenerationStrategy;
import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
import lombok.AllArgsConstructor;
@@ -67,17 +70,19 @@ public class AdresssucheController {
public static final String PARAM_VILLAGE = "village";
public static final String PARAM_STREET = "street";
public static final String PARAM_NUMBER = "number";
-
+
+ @Autowired IConfiguration basicConfig;
+
@Autowired
private ZmrAddressSoapClient client;
@Autowired
private IPendingRequestIdGenerationStrategy pendingReqGeneration;
-
+
/**
* Performs search for addresses in ZMR.
*/
- @RequestMapping(value = {MsEidasNodeConstants.ENDPOINT_RESIDENCY_SEARCH}, method = {RequestMethod.POST})
+ @RequestMapping(value = { MsEidasNodeConstants.ENDPOINT_RESIDENCY_SEARCH }, method = { RequestMethod.POST })
public ResponseEntity<AdresssucheResult> search(
@RequestParam(PARAM_POSTLEITZAHL) String postleitzahl,
@RequestParam(PARAM_MUNIPICALITY) String municipality,
@@ -90,26 +95,26 @@ public class AdresssucheController {
municipality.replaceAll("[\r\n]", ""),
village.replaceAll("[\r\n]", ""),
street.replaceAll("[\r\n]", ""),
- number.replaceAll("[\r\n]", ""));
+ number.replaceAll("[\r\n]", ""));
try {
pendingReqGeneration.validateAndGetPendingRequestId(pendingId);
-
- } catch (PendingReqIdValidationException e) {
+
+ } catch (final PendingReqIdValidationException e) {
log.warn("Search with pendingId '{}' is not valid", pendingId.replaceAll("[\r\n]", ""));
return ResponseEntity.badRequest().build();
-
+
}
-
+
try {
- Adressdaten searchInput = buildSearchInput(postleitzahl, municipality, village, street, number);
- ZmrAddressSoapClient.AddressInfo searchOutput = client.searchAddress(searchInput);
- AdresssucheResult output = buildResponse(searchOutput);
+ final Adressdaten searchInput = buildSearchInput(postleitzahl, municipality, village, street, number);
+ final ZmrAddressSoapClient.AddressInfo searchOutput = client.searchAddress(searchInput);
+ final AdresssucheResult output = buildResponse(searchOutput);
return ResponseEntity.ok(output);
-
- } catch (EidasSAuthenticationException e) {
+
+ } catch (final EidasSAuthenticationException e) {
log.warn("Search failed", e);
return ResponseEntity.badRequest().build();
-
+
}
}
@@ -117,27 +122,45 @@ public class AdresssucheController {
if (searchOutput.getPersonResult().isEmpty()) {
log.warn("No result from ZMR");
return new AdresssucheResult(Collections.emptyList(), 0);
-
+
}
-
+
log.info("Result level is {}", searchOutput.getLevel());
- Set<AdresssucheOutput> result = searchOutput.getPersonResult().stream()
+ final Set<AdresssucheOutput> result = searchOutput.getPersonResult().stream()
.map(Adressdaten::getPostAdresse)
.map(it -> new AdresssucheOutput(it.getPostleitzahl(), it.getGemeinde(), it.getOrtschaft(),
it.getZustelladresse().getStrassenname(), it.getZustelladresse().getOrientierungsnummer()))
.collect(Collectors.toSet());
// TODO Add configuration option for the limit of 30
- List<AdresssucheOutput> sorted = result.stream().sorted().limit(30).collect(Collectors.toList());
- return new AdresssucheResult(sorted, result.size());
+
+ final List<AdresssucheOutput> sorted = result.stream()
+ .sorted()
+ .limit(getMaxResults())
+ .collect(Collectors.toList());
+ return new AdresssucheResult(sorted, result.size());
+
+ }
+
+ private long getMaxResults() {
+ String maxSearchResults = basicConfig.getBasicConfiguration(
+ Constants.CONFIG_PROP_MATCHING_BY_ADDRESS_MAX_RESULTS,
+ Constants.DEFAULT_MATCHING_BY_ADDRESS_MAX_RESULTS);
+ try {
+ return Long.valueOf(maxSearchResults);
+
+ } catch (Exception e) {
+ log.warn("Invalid number of max. addressSearchResults. Using default value", e);
+ return Long.valueOf(Constants.DEFAULT_MATCHING_BY_ADDRESS_MAX_RESULTS);
+ }
}
private Adressdaten buildSearchInput(String postleitzahl,
- String municipality,
- String village,
- String street,
- String number) {
- PostAdresseTyp postAdresse = new PostAdresseTyp();
+ String municipality,
+ String village,
+ String street,
+ String number) {
+ final PostAdresseTyp postAdresse = new PostAdresseTyp();
if (StringUtils.isNotBlank(postleitzahl)) {
postAdresse.setPostleitzahl(postleitzahl);
}
@@ -148,7 +171,7 @@ public class AdresssucheController {
postAdresse.setOrtschaft(village);
}
if (StringUtils.isNotBlank(street) || StringUtils.isNotBlank(number)) {
- ZustelladresseTyp zustelladresse = new ZustelladresseTyp();
+ final ZustelladresseTyp zustelladresse = new ZustelladresseTyp();
if (StringUtils.isNotBlank(street)) {
zustelladresse.setStrassenname(street);
}
@@ -157,10 +180,10 @@ public class AdresssucheController {
}
postAdresse.setZustelladresse(zustelladresse);
}
- Adressdaten searchInput = new Adressdaten();
+ final Adressdaten searchInput = new Adressdaten();
searchInput.setPostAdresse(postAdresse);
return searchInput;
-
+
}
@Data
@@ -187,9 +210,41 @@ public class AdresssucheController {
.append(this.municipality, o.municipality)
.append(this.village, o.village)
.append(this.street, o.street)
- .append(this.number, o.number)
+
+ /*
+ * TODO: implement better sort method, because current version results to 1, 10,
+ * 11, .... 2, 20, 21
+ */
+ .appendSuper(getCustomIntegerComperatpr().compare(this.number, o.number))
+
.toComparison();
}
+
+ private Comparator<String> getCustomIntegerComperatpr() {
+ return new Comparator<String>() {
+ @Override
+ public int compare(String o1, String o2) {
+ return extractInt(o1) - extractInt(o2);
+ }
+
+ int extractInt(String s) {
+ if (StringUtils.isNotEmpty(s)) {
+ final String num = s.replaceAll("\\D", "");
+ try {
+ // return 0 if no digits found
+ return num.isEmpty() ? 0 : Integer.parseInt(num);
+
+ } catch (Exception e) {
+ log.info("Can not parse number from ZMR", e);
+
+ }
+ }
+
+ return 0;
+
+ }
+ };
+ }
}
}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SelectedLoginMethod.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SelectedLoginMethod.java
index 70904e4f..c8a2da88 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SelectedLoginMethod.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SelectedLoginMethod.java
@@ -1,5 +1,5 @@
package at.asitplus.eidas.specific.modules.auth.eidas.v2.dao;
public enum SelectedLoginMethod {
- EIDAS_LOGIN, MOBILE_PHONE_SIGNATURE_LOGIN, NO_OTHER_LOGIN, ADD_ME_AS_NEW
+ EIDAS_LOGIN, MOBILE_PHONE_SIGNATURE_LOGIN, NO_OTHER_LOGIN, ADD_ME_AS_NEW, REQUESTING_NEW_ENTRY, STOP_MATCHING_PROCESS
}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/AlternativeSearchTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/AlternativeSearchTask.java
index e8fb5b6b..dd46bfea 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/AlternativeSearchTask.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/AlternativeSearchTask.java
@@ -36,6 +36,7 @@ import javax.servlet.http.HttpServletResponse;
import org.jetbrains.annotations.NotNull;
import org.springframework.stereotype.Component;
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants.MatchingStates;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
@@ -243,6 +244,7 @@ public class AlternativeSearchTask extends AbstractAuthServletTask {
throws WorkflowException, EaafStorageException {
MatchedPersonResult result = MatchedPersonResult.generateFormMatchingResult(
searchResult.getResult(), eidasData.getCitizenCountryCode());
+ MatchingTaskUtils.setMatchingState(pendingReq, MatchingStates.BY_EIDAS);
MatchingTaskUtils.storeFinalMatchingResult(pendingReq, result);
//remove intermediate matching-state
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateNewErnpEntryTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateNewErnpEntryTask.java
index c7843be5..563a66ba 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateNewErnpEntryTask.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateNewErnpEntryTask.java
@@ -29,6 +29,7 @@ import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants.MatchingStates;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.ernp.ErnpRestClient;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.ernp.ErnpRestClient.ErnpRegisterResult;
@@ -91,7 +92,8 @@ public class CreateNewErnpEntryTask extends AbstractAuthServletTask {
}
// finish matching process, because new user-entry uniquly matches
- log.info("User successfully registerred into ERnP and matching tasks are finished ");
+ log.info("User successfully registerred into ERnP and matching tasks are finished ");
+ MatchingTaskUtils.setMatchingState(pendingReq, MatchingStates.BY_NEW_ERNP_ENTRY);
MatchingTaskUtils.storeFinalMatchingResult(pendingReq,
MatchedPersonResult.generateFormMatchingResult(
resp.getPersonResult().get(0), simpleEidasData.getCitizenCountryCode()));
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateOtherLoginMethodGuiTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateOtherLoginMethodGuiTask.java
index a90c5929..94b29b8e 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateOtherLoginMethodGuiTask.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateOtherLoginMethodGuiTask.java
@@ -87,6 +87,11 @@ public class GenerateOtherLoginMethodGuiTask extends AbstractLocaleAuthServletTa
}
}
+ // inject flag for matching-by-address allowed
+ config.putCustomParameter(AbstractGuiFormBuilderConfiguration.PARAM_GROUP_UIOPTIONS,
+ Constants.HTML_FORM_ENABLE_MATCHING_BY_ADDRESS_SEARCH,
+ String.valueOf(basicConfig.getBasicConfigurationBoolean(Constants.CONFIG_PROP_MATCHING_BY_ADDRESS)));
+
// inject request to create a new ERnP entry
config.putCustomParameter(AbstractGuiFormBuilderConfiguration.PARAM_GROUP_UIOPTIONS,
Constants.HTML_FORM_CREATE_NEW_ERNP_ENTRY,
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java
index 3a775837..8e6c7790 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java
@@ -34,6 +34,7 @@ import javax.servlet.http.HttpServletResponse;
import org.jetbrains.annotations.NotNull;
import org.springframework.stereotype.Component;
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants.MatchingStates;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
@@ -123,7 +124,8 @@ public class InitialSearchTask extends AbstractAuthServletTask {
step6CountrySpecificSearch(executionContext, searchResult.getOperationStatus(), eidasData);
} else if (resultCount == 1) {
- RegisterResult updatedResult = step3CheckRegisterUpdateNecessary(searchResult, eidasData);
+ RegisterResult updatedResult = step3CheckRegisterUpdateNecessary(searchResult, eidasData);
+ MatchingTaskUtils.setMatchingState(pendingReq, MatchingStates.BY_PERSONALID);
foundMatchFinalizeTask(updatedResult, eidasData);
} else {
@@ -151,6 +153,7 @@ public class InitialSearchTask extends AbstractAuthServletTask {
} else if (searchResult.getResultCount() == 1) {
log.trace("'step6CountrySpecificSearch' finds a person. Forward to 'step7aKittProcess' step ... ");
RegisterStatusResults updatedResult = registerSearchService.step7aKittProcess(searchResult, eidasData);
+ MatchingTaskUtils.setMatchingState(pendingReq, MatchingStates.BY_COUNTRY_SPECIFIC);
foundMatchFinalizeTask(updatedResult.getResult(), eidasData);
} else {
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
index b8fe12fe..403c3355 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
@@ -41,6 +41,7 @@ import org.springframework.stereotype.Component;
import com.google.common.collect.Sets;
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants.MatchingStates;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.controller.AdresssucheController;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.controller.AdresssucheController.AdresssucheOutput;
@@ -186,7 +187,8 @@ public class ReceiveAustrianResidenceGuiResponseTask extends AbstractLocaleAuthS
// update register information
RegisterStatusResults updateResult = registerSearchService.step7aKittProcess(residencyResult, eidasData);
- // store updated result to re-used in CreateIdentityLink step, because there we need bPK and MDS
+ // store updated result to re-used in CreateIdentityLink step, because there we need bPK and MDS
+ MatchingTaskUtils.setMatchingState(pendingReq, MatchingStates.BY_ADDRESS);
MatchingTaskUtils.storeFinalMatchingResult(pendingReq,
MatchedPersonResult.generateFormMatchingResult(
updateResult.getResult(), eidasData.getCitizenCountryCode()));
@@ -194,6 +196,7 @@ public class ReceiveAustrianResidenceGuiResponseTask extends AbstractLocaleAuthS
} else {
log.warn("Suspect state FOUND. Matching by residence was neccessary but NO register-update are required!");
// no update required. Data can be used as it is.
+ MatchingTaskUtils.setMatchingState(pendingReq, MatchingStates.BY_ADDRESS);
MatchingTaskUtils.storeFinalMatchingResult(pendingReq,
MatchedPersonResult.generateFormMatchingResult(
residencyResult.getResult(), eidasData.getCitizenCountryCode()));
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java
index b212d133..57790b01 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java
@@ -47,6 +47,7 @@ import org.opensaml.saml.saml2.core.StatusCode;
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor;
import org.springframework.stereotype.Component;
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants.MatchingStates;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
@@ -204,6 +205,7 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet
registerSearchService.step7aKittProcess(registerResult, eidasData);
// store search result to re-used in CreateIdentityLink step, because there we need bPK and MDS
+ MatchingTaskUtils.setMatchingState(pendingReq, MatchingStates.BY_ID_AUSTRIA);
MatchingTaskUtils.storeFinalMatchingResult(pendingReq,
MatchedPersonResult.generateFormMatchingResult(registerResult.getResult(),
eidasData.getCitizenCountryCode()));
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java
index 184ad499..03414f9e 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java
@@ -34,9 +34,13 @@ import org.springframework.stereotype.Component;
import com.google.common.collect.Sets;
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants.MatchingStates;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SelectedLoginMethod;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.controller.tasks.AbstractLocaleAuthServletTask;
import lombok.extern.slf4j.Slf4j;
@@ -73,15 +77,18 @@ public class ReceiveOtherLoginMethodGuiResponseTask extends AbstractLocaleAuthSe
@Override
public void executeWithLocale(ExecutionContext executionContext, HttpServletRequest request,
- HttpServletResponse response) {
+ HttpServletResponse response) throws TaskExecutionException {
try {
SelectedLoginMethod selection = SelectedLoginMethod.valueOf(extractUserSelection(request));
executionContext.put(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK, false);
executionContext.put(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER, selection.name());
executionContext.remove(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED);
- executionContext.remove(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON);
- transitionToNextTask(executionContext, selection);
+ executionContext.remove(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON);
+ transitionToNextTask(executionContext, selection, request, response);
+ } catch (TaskExecutionException e) {
+ throw e;
+
} catch (final Exception e) {
log.error("Parsing selected login method FAILED.", e);
executionContext.put(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true);
@@ -100,8 +107,15 @@ public class ReceiveOtherLoginMethodGuiResponseTask extends AbstractLocaleAuthSe
return null;
}
- private void transitionToNextTask(ExecutionContext executionContext, SelectedLoginMethod selection) {
+ private void transitionToNextTask(ExecutionContext executionContext, SelectedLoginMethod selection,
+ HttpServletRequest request, HttpServletResponse response) throws TaskExecutionException {
switch (selection) {
+ case STOP_MATCHING_PROCESS:
+ log.info("Matching process WAS stopped by entity. Stopping auth. process ... ");
+ MatchingTaskUtils.setMatchingState(pendingReq, MatchingStates.CANCELED_BY_USER);
+ stopProcessFromUserDecision(executionContext, request, response);
+ return;
+
case EIDAS_LOGIN:
executionContext.put(Constants.TRANSITION_TO_GENERATE_EIDAS_LOGIN, true);
return;
@@ -111,9 +125,22 @@ public class ReceiveOtherLoginMethodGuiResponseTask extends AbstractLocaleAuthSe
return;
case NO_OTHER_LOGIN:
+ if (!authConfig.getBasicConfigurationBoolean(Constants.CONFIG_PROP_MATCHING_BY_ADDRESS)) {
+ log.error("Matching by address was requested but it's disabled by configuration!");
+ throw new TaskExecutionException(pendingReq,
+ "Matching by address was requested but it's disabled by configuration!",
+ new EaafException("module.eidasauth.matching.98"));
+
+ }
+
executionContext.put(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK, true);
return;
+
+ case REQUESTING_NEW_ENTRY:
+ executionContext.put(Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK, true);
+ return;
+
case ADD_ME_AS_NEW:
executionContext.put(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK, true);
return;
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java
index c8a1f190..c350cb05 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java
@@ -15,6 +15,8 @@ import org.springframework.lang.NonNull;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants.MatchingStates;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
@@ -27,7 +29,9 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
import eu.eidas.auth.commons.attribute.AttributeDefinition;
import eu.eidas.auth.commons.attribute.AttributeValue;
import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class MatchingTaskUtils {
/**
@@ -105,7 +109,6 @@ public class MatchingTaskUtils {
* @param personInfos Person information after a successful match
* @throws EaafStorageException In case of data can not be add into session
*/
- @Nullable
public static void storeFinalMatchingResult(IRequest pendingReq, MatchedPersonResult personInfos)
throws EaafStorageException {
getAuthProcessDataWrapper(pendingReq).setGenericDataToSession(
@@ -114,6 +117,23 @@ public class MatchingTaskUtils {
}
/**
+ * Store matching result-state.
+ *
+ * @param pendingReq Current pendingRequest
+ * @param state Operation that results into a person match
+ */
+ public static void setMatchingState(IRequest pendingReq, MatchingStates state) {
+ try {
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_MATCHING_STATE, state);
+
+ } catch (EaafStorageException e) {
+ log.warn("Can NOT set matching-state for statistic logging.", e);
+
+ }
+ }
+
+
+ /**
* Get holder for authentication information for the current process.
*
* @param pendingReq Current pendingRequest
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/eIDAS.Authentication.process.xml b/modules/authmodule-eIDAS-v2/src/main/resources/eIDAS.Authentication.process.xml
index dfa8622c..e57f9ca6 100644
--- a/modules/authmodule-eIDAS-v2/src/main/resources/eIDAS.Authentication.process.xml
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/eIDAS.Authentication.process.xml
@@ -45,6 +45,8 @@
from="receiveOtherLoginMethodGuiResponseTask" to="generateMobilePhoneSignatureRequestTask" />
<pd:Transition conditionExpression="ctx['TASK_GenerateAustrianResidenceGuiTask']"
from="receiveOtherLoginMethodGuiResponseTask" to="generateAustrianResidenceGuiTask" />
+ <pd:Transition conditionExpression="ctx['TASK_RequestingNewErnpEntryTask']"
+ from="receiveOtherLoginMethodGuiResponseTask" to="generateOtherLoginMethodGuiTask" />
<pd:Transition conditionExpression="ctx['TASK_CreateNewErnpEntryTask']"
from="receiveOtherLoginMethodGuiResponseTask" to="createNewErnpEntryTask" />
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/messages/eidas_connector_message.properties b/modules/authmodule-eIDAS-v2/src/main/resources/messages/eidas_connector_message.properties
index 6d73c43a..dafa7ce3 100644
--- a/modules/authmodule-eIDAS-v2/src/main/resources/messages/eidas_connector_message.properties
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/messages/eidas_connector_message.properties
@@ -30,5 +30,6 @@ module.eidasauth.matching.24=Matching be using Austrian Identity not possible. U
module.eidasauth.matching.25=Matching be using alternative eIDAS authentication not possible. Provide more or other data or use another method for matching.
module.eidasauth.matching.26=Matching be using alternative eIDAS authentication not possible, because Name or Country not matched. Provide more or other data or use another method for matching.
+module.eidasauth.matching.98=Matching failed, because a method was selected that was not allowed.
module.eidasauth.matching.99=Matching failed, because of an unexpected processing error. Reason: {0}