feat(eidas): perform mapping between IDA and eIDAS attributes based on external configuration

author: Thomas <> 2022-06-08 12:32:16 +0200
committer: Thomas <> 2022-06-08 12:32:16 +0200
commit: 3d9d419a40b17de1f94d46cbc2f5b345a93bff00 (patch)
tree: eccca95fa319ac13b2f6e98fd34b25e266dc489d /modules/authmodule_id-austria
parent: db3af28b79296b6f5650a85c5a41ad5015c57222 (diff)
download: National_eIDAS_Gateway-3d9d419a40b17de1f94d46cbc2f5b345a93bff00.tar.gz
National_eIDAS_Gateway-3d9d419a40b17de1f94d46cbc2f5b345a93bff00.tar.bz2
National_eIDAS_Gateway-3d9d419a40b17de1f94d46cbc2f5b345a93bff00.zip
7 files changed, 205 insertions, 63 deletions
diff --git a/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/builder/attributes/SpRequiredAttributersAttributeBuilder.java b/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/builder/attributes/SpRequiredAttributersAttributeBuilder.java
new file mode 100644
index 00000000..61687088
--- /dev/null
+++ b/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/builder/attributes/SpRequiredAttributersAttributeBuilder.java
@@ -0,0 +1,63 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.idaustria.builder.attributes;
+
+import org.apache.commons.lang3.StringUtils;
+
+import at.asitplus.eidas.specific.core.config.ServiceProviderConfiguration;
+import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import lombok.extern.slf4j.Slf4j;
+
+@Slf4j
+public class SpRequiredAttributersAttributeBuilder
+    implements IAttributeBuilder, ExtendedPvpAttributeDefinitions {
+
+  @Override
+  public String getName() {
+    return SP_REQUIRED_ATTRIBUTES_NAME;
+  }
+
+  @Override
+  public <ATT> ATT build(final ISpConfiguration oaParam, final IAuthData authData,
+      final IAttributeGenerator<ATT> g)
+      throws AttributeBuilderException {
+    if (oaParam instanceof ServiceProviderConfiguration) {
+      return g.buildStringAttribute(SP_REQUIRED_ATTRIBUTES_FRIENDLY_NAME, SP_REQUIRED_ATTRIBUTES_NAME,
+          StringUtils.join(((ServiceProviderConfiguration)oaParam).getRequestedAttributes(), ","));
+      
+    } else {
+      log.warn("Can not build attribute for required IDA attributes, because SP config-implementation does not match.");
+      return null;
+      
+    }
+  }
+
+  @Override
+  public <ATT> ATT buildEmpty(final IAttributeGenerator<ATT> g) {
+    return g.buildEmptyAttribute(SP_REQUIRED_ATTRIBUTES_FRIENDLY_NAME, SP_REQUIRED_ATTRIBUTES_NAME);
+
+  }
+
+}
diff --git a/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/ReceiveFromIdAustriaSystemTask.java b/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/ReceiveFromIdAustriaSystemTask.java
index e486b851..17e0e0d5 100644
--- a/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/ReceiveFromIdAustriaSystemTask.java
+++ b/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/ReceiveFromIdAustriaSystemTask.java
@@ -16,7 +16,6 @@ import org.opensaml.saml.saml2.core.StatusCode;
 import org.opensaml.saml.saml2.metadata.IDPSSODescriptor;
 import org.springframework.beans.factory.annotation.Autowired;
 
-import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
 import at.asitplus.eidas.specific.modules.auth.idaustria.IdAustriaAuthConstants;
 import at.asitplus.eidas.specific.modules.auth.idaustria.utils.IdAustriaAuthCredentialProvider;
 import at.asitplus.eidas.specific.modules.auth.idaustria.utils.IdAustriaAuthMetadataProvider;
@@ -234,8 +233,7 @@ public class ReceiveFromIdAustriaSystemTask extends AbstractAuthServletTask {
       // inject all attributes into session
       final Set<String> includedAttrNames = extractor.getAllIncludeAttributeNames();
       for (final String attrName : includedAttrNames) {
-        injectAuthInfosIntoSession(session, attrName,
-            extractor.getSingleAttributeValue(attrName));
+        injectAuthInfosIntoSession(session, attrName, extractor.getSingleAttributeValue(attrName));
 
       }
       
@@ -306,31 +304,11 @@ public class ReceiveFromIdAustriaSystemTask extends AbstractAuthServletTask {
   private void injectAuthInfosIntoSession(AuthProcessDataWrapper session,
       String attrName, String attrValue) throws EaafStorageException, IOException {
     log.trace("Inject attribute: {} with value: {} into  AuthSession", attrName, attrValue);
-    log.debug("Inject attribute: {} into  AuthSession", attrName);
-    if (PvpAttributeDefinitions.BPK_NAME.equals(attrName)) {
-      log.trace("Find bPK attribute. Extract eIDAS identifier ... ");
-      session.setGenericDataToSession(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER,
-          extractBpkFromResponse(attrValue));
-      
-    } else {      
-      session.setGenericDataToSession(attrName, attrValue);
-
-    }
-
+    log.debug("Inject attribute: {} into  AuthSession", attrName);          
+    session.setGenericDataToSession(attrName, attrValue);
+         
   }
   
-  private String extractBpkFromResponse(String pvpBpkAttrValue) {
-    final String[] split = pvpBpkAttrValue.split(":", 2);
-    if (split.length == 2) {
-      return split[1];
-
-    } else {
-      log.warn("PVP bPK attribute: {} has wrong format. Use it as it is.", pvpBpkAttrValue);
-      return pvpBpkAttrValue;
-
-    }
-  }
-
   private Pair<PvpSProfileResponse, Boolean> preProcessAuthResponse(PvpSProfileResponse msg)
       throws IOException, MarshallingException, TransformerException,
       CredentialsNotAvailableException, AuthnResponseValidationException, SamlAssertionValidationExeption {
diff --git a/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java b/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java
index 66aadde6..bbe9b45f 100644
--- a/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java
+++ b/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java
@@ -160,6 +160,12 @@ public class RequestIdAustriaSystemTask extends AbstractAuthServletTask {
     injectAttribute(attributs, PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME,
         selectHighestLoa(pendingReq.getServiceProviderConfiguration().getRequiredLoA()));
         
+    // set list of IDA attributes as attribute 
+    injectAttribute(attributs, ExtendedPvpAttributeDefinitions.SP_REQUIRED_ATTRIBUTES_NAME,
+        StringUtils.join(
+            pendingReq.getServiceProviderConfiguration(ServiceProviderConfiguration.class).getRequestedAttributes(), 
+            ","));
+    
     //set ProviderName if available
     String providerName = ((ProxyServicePendingRequest)pendingReq).getEidasRequest().getProviderName();
     if (StringUtils.isNotEmpty(providerName)) {
diff --git a/modules/authmodule_id-austria/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder b/modules/authmodule_id-austria/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
index 65e9482c..3b20d687 100644
--- a/modules/authmodule_id-austria/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
+++ b/modules/authmodule_id-austria/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
@@ -1 +1,2 @@
 at.asitplus.eidas.specific.modules.auth.idaustria.builder.attributes.EidasConnecorUniqueIdAttributeBuilder
+at.asitplus.eidas.specific.modules.auth.idaustria.builder.attributes.SpRequiredAttributersAttributeBuilder
diff --git a/modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/builder/attributes/SpRequiredAttributersAttributeBuilderTest.java b/modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/builder/attributes/SpRequiredAttributersAttributeBuilderTest.java
new file mode 100644
index 00000000..2fe420df
--- /dev/null
+++ b/modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/builder/attributes/SpRequiredAttributersAttributeBuilderTest.java
@@ -0,0 +1,72 @@
+package at.asitplus.eidas.specific.modules.auth.idaustria.test.builder.attributes;
+
+import static org.junit.Assert.assertEquals;
+
+import java.util.List;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.internal.util.collections.Sets;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.core.config.ServiceProviderConfiguration;
+import at.asitplus.eidas.specific.modules.auth.idaustria.builder.attributes.SpRequiredAttributersAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.attributes.AbstractAttributeBuilderTest;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyConfiguration;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/spring/SpringTest-context_basic_mapConfig.xml",
+    "/spring/SpringTest-context_basic_test.xml",
+})
+public class SpRequiredAttributersAttributeBuilderTest extends AbstractAttributeBuilderTest {
+
+private final IAttributeBuilder attrBuilder = new SpRequiredAttributersAttributeBuilder();
+  
+  @Test
+  public void attributeName() {
+    Assert.assertEquals("Wrong attribute name", 
+        "urn:eidgvat:attributes.RequiredAttributes", attrBuilder.getName());
+    
+  }
+  
+  @Test
+  public void checkEmptyAttribute() {    
+    String value = attrBuilder.buildEmpty(gen);    
+    Assert.assertNull("Attr. not null", value);
+        
+  }
+ 
+  @Test
+  public void withWrongSpConfig() throws AttributeBuilderException, Exception {      
+    String value = attrBuilder.build(spConfig, buildAuthData(), gen);    
+    Assert.assertNull("Attr. not null", value);
+        
+  }
+  
+  @Test
+  public void withAttributeValue() throws AttributeBuilderException, Exception {          
+    ServiceProviderConfiguration sp = new ServiceProviderConfiguration(spConfigMap, new DummyConfiguration());
+    sp.setRequestedAttributes(Sets.newSet(
+        "aabbccdd",
+        RandomStringUtils.randomAlphanumeric(10),
+        PvpAttributeDefinitions.BIRTHDATE_NAME));
+    
+    
+    String value = attrBuilder.build(sp, buildAuthData(), gen);    
+    
+    List<String> elements = KeyValueUtils.getListOfCsvValues(value);
+    assertEquals("wrong number of attributes", sp.getRequestedAttributes().size(), elements.size());
+    sp.getRequestedAttributes().forEach(
+        el -> elements.contains(el));
+           
+  }
+  
+}
diff --git a/modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/ReceiveAuthnResponseTaskTest.java b/modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/ReceiveAuthnResponseTaskTest.java
index c452fe22..c3be6dad 100644
--- a/modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/ReceiveAuthnResponseTaskTest.java
+++ b/modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/ReceiveAuthnResponseTaskTest.java
@@ -36,7 +36,6 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 
-import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
 import at.asitplus.eidas.specific.core.config.ServiceProviderConfiguration;
 import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
 import at.asitplus.eidas.specific.modules.auth.idaustria.IdAustriaAuthConstants;
@@ -542,14 +541,14 @@ public class ReceiveAuthnResponseTaskTest {
     assertTrue("eidProcess flag", session.isEidProcess());
     assertFalse("useMandate flag", session.isMandateUsed());
     
-    checkAttributeInSession(session,PvpAttributeDefinitions.GIVEN_NAME_NAME, "Max");
-    checkAttributeInSession(session,PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, "Mustermann");
-    checkAttributeInSession(session,PvpAttributeDefinitions.BIRTHDATE_NAME, "1940-01-01");
-    checkAttributeInSession(session,PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, "http://eidas.europa.eu/LoA/high");
-    checkAttributeInSession(session,PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, "AT");
+    checkAttributeInSession(session, PvpAttributeDefinitions.GIVEN_NAME_NAME, "Max");
+    checkAttributeInSession(session, PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, "Mustermann");
+    checkAttributeInSession(session, PvpAttributeDefinitions.BIRTHDATE_NAME, "1940-01-01");
+    checkAttributeInSession(session, PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, "http://eidas.europa.eu/LoA/high");
+    checkAttributeInSession(session, PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, "AT");
     
     //pre-generated eIDAS identifer
-    checkAttributeInSession(session, MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, "QVGm48cqcM4UcyhDTNGYmVdrIoY=");
+    checkAttributeInSession(session, PvpAttributeDefinitions.BPK_NAME, "AT+XX:QVGm48cqcM4UcyhDTNGYmVdrIoY=");
         
   }
 
@@ -587,7 +586,7 @@ public class ReceiveAuthnResponseTaskTest {
     checkAttributeInSession(session,PvpAttributeDefinitions.BIRTHDATE_NAME, "1940-01-01");
     checkAttributeInSession(session,PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, "AT");
     
-    checkAttributeInSession(session,MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, "QVGm48cqcM4UcyhDTNGYmVdrIoY=");
+    checkAttributeInSession(session,PvpAttributeDefinitions.BPK_NAME, "AT+CC:QVGm48cqcM4UcyhDTNGYmVdrIoY=");
 
   }
   
@@ -625,7 +624,7 @@ public class ReceiveAuthnResponseTaskTest {
     checkAttributeInSession(session,PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, "AT");
     
     //pre-generated eIDAS identifer
-    checkAttributeInSession(session,MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, "QVGm48cqcasfasfsafsafdM4UcyhDTNGYmVdrIoY=");
+    checkAttributeInSession(session,PvpAttributeDefinitions.BPK_NAME, "QVGm48cqcasfasfsafsafdM4UcyhDTNGYmVdrIoY=");
         
   }
   
@@ -663,7 +662,7 @@ public class ReceiveAuthnResponseTaskTest {
     checkAttributeInSession(session,PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, "AT");
     
     //pre-generated eIDAS identifer
-    checkAttributeInSession(session,MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, "QVGm48cqcasfasfsafsafdM4UcyhDTNGYmVdrIoY=");
+    checkAttributeInSession(session,PvpAttributeDefinitions.BPK_NAME, "AT+AB:QVGm48cqcasfasfsafsafdM4UcyhDTNGYmVdrIoY=");
         
   }
   
@@ -708,7 +707,7 @@ public class ReceiveAuthnResponseTaskTest {
     checkAttributeInSession(session, PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, "urn:publicid:gv.at:baseid+XERSB");
     
     //pre-generated eIDAS identifer
-    checkAttributeInSession(session, MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, "QVGm48cqcM4UcyhDTNGYmVdrIoY=");
+    checkAttributeInSession(session, PvpAttributeDefinitions.BPK_NAME, "AT+XX:QVGm48cqcM4UcyhDTNGYmVdrIoY=");
     assertNull("find nat. person bpk for mandator", session.getGenericDataFromSession(
         PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, String.class));
     
@@ -758,8 +757,7 @@ public class ReceiveAuthnResponseTaskTest {
 
         
     //pre-generated eIDAS identifer
-    checkAttributeInSession(session, MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, 
-        "QVGm48cqcM4UcyhDTNGYmVdrIoY=");
+    checkAttributeInSession(session, PvpAttributeDefinitions.BPK_NAME, "AT+XX:QVGm48cqcM4UcyhDTNGYmVdrIoY=");
     
     
   }
diff --git a/modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/RequestIdAustriaSystemTaskTest.java b/modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/RequestIdAustriaSystemTaskTest.java
index f6ffc729..1feb684d 100644
--- a/modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/RequestIdAustriaSystemTaskTest.java
+++ b/modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/RequestIdAustriaSystemTaskTest.java
@@ -18,6 +18,7 @@ import org.junit.Before;
 import org.junit.BeforeClass;
 import org.junit.Test;
 import org.junit.runner.RunWith;
+import org.mockito.internal.util.collections.Sets;
 import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
 import org.opensaml.core.xml.schema.XSString;
 import org.opensaml.core.xml.util.XMLObjectSupport;
@@ -41,6 +42,7 @@ import at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServicePe
 import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
 import at.gv.egiz.eaaf.core.api.data.EaafConstants;
 import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions.SpMandateModes;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
 import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
@@ -213,7 +215,7 @@ public class RequestIdAustriaSystemTaskTest {
 
     //validate state
     final EaafRequestedAttributes reqAttr = validate();
-    Assert.assertEquals("#Req Attribute", 4, reqAttr.getAttributes().size());
+    Assert.assertEquals("#Req Attribute", 5, reqAttr.getAttributes().size());
 
     Assert.assertEquals("Wrong req attr.", "urn:eidgvat:attributes.eidas.uniqueId",
         reqAttr.getAttributes().get(0).getName());
@@ -246,15 +248,15 @@ public class RequestIdAustriaSystemTaskTest {
         ((XSString)reqAttr.getAttributes().get(2).getAttributeValues().get(0)).getValue());
     
     Assert.assertEquals("Wrong req attr.", "urn:eidgvat:attributes.ServiceProviderMandateType",
-        reqAttr.getAttributes().get(3).getName());
-    Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(3).getAttributeValues());
+        reqAttr.getAttributes().get(4).getName());
+    Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(4).getAttributeValues());
     Assert.assertEquals("#Req. Attr value", 1,
-        reqAttr.getAttributes().get(3).getAttributeValues().size());
+        reqAttr.getAttributes().get(4).getAttributeValues().size());
     org.springframework.util.Assert.isInstanceOf(XSString.class,
-        reqAttr.getAttributes().get(3).getAttributeValues().get(0), "Wrong requested Attributes Value type");
+        reqAttr.getAttributes().get(4).getAttributeValues().get(0), "Wrong requested Attributes Value type");
     Assert.assertEquals("Req. Attr. Value", 
         pendingReq.getServiceProviderConfiguration(ServiceProviderConfiguration.class).getMandateMode().getMode(),
-        ((XSString)reqAttr.getAttributes().get(3).getAttributeValues().get(0)).getValue());
+        ((XSString)reqAttr.getAttributes().get(4).getAttributeValues().get(0)).getValue());
     
   }
 
@@ -275,33 +277,55 @@ public class RequestIdAustriaSystemTaskTest {
     LightRequest eidasReq = eidasRequestBuilder.build();
     pendingReq.setEidasRequest(eidasReq);
     
+    oaParam.setRequestedAttributes(Sets.newSet(
+        "aabbccdd",
+        RandomStringUtils.randomAlphanumeric(10),
+        PvpAttributeDefinitions.BIRTHDATE_NAME));
+    
     //execute test
     task.execute(pendingReq, executionContext);
 
     //validate state
     final EaafRequestedAttributes reqAttr = validate();
-    Assert.assertEquals("#Req Attribute", 6, reqAttr.getAttributes().size());
+    Assert.assertEquals("#Req Attribute", 7, reqAttr.getAttributes().size());
     
-    Assert.assertEquals("Wrong req attr.", "urn:eidgvat:attributes.ServiceProviderFriendlyName",
+    
+    Assert.assertEquals("Wrong req attr.", "urn:eidgvat:attributes.RequiredAttributes",
         reqAttr.getAttributes().get(3).getName());
-    Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(1).getAttributeValues());
+    Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(3).getAttributeValues());
     Assert.assertEquals("#Req. Attr value", 1,
         reqAttr.getAttributes().get(3).getAttributeValues().size());
     org.springframework.util.Assert.isInstanceOf(XSString.class,
         reqAttr.getAttributes().get(3).getAttributeValues().get(0), "Wrong requested Attributes Value type");
-    Assert.assertEquals("Req. Attr. Value", eidasReq.getProviderName(),
+    
+    List<String> reqProfiles = KeyValueUtils.getListOfCsvValues(
         ((XSString)reqAttr.getAttributes().get(3).getAttributeValues().get(0)).getValue());
+    reqProfiles.stream().forEach(
+        el -> assertTrue("missing IDA attribute: " + el, oaParam.getRequestedAttributes().contains(el)));
     
-    Assert.assertEquals("Wrong req attr.", "urn:eidgvat:attributes.ServiceProviderUniqueId",
+    
+    Assert.assertEquals("Wrong req attr.", "urn:eidgvat:attributes.ServiceProviderFriendlyName",
         reqAttr.getAttributes().get(4).getName());
-    Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(1).getAttributeValues());
+    Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(4).getAttributeValues());
     Assert.assertEquals("#Req. Attr value", 1,
         reqAttr.getAttributes().get(4).getAttributeValues().size());
     org.springframework.util.Assert.isInstanceOf(XSString.class,
         reqAttr.getAttributes().get(4).getAttributeValues().get(0), "Wrong requested Attributes Value type");
-    Assert.assertEquals("Req. Attr. Value", eidasReq.getRequesterId(),
+    Assert.assertEquals("Req. Attr. Value", eidasReq.getProviderName(),
         ((XSString)reqAttr.getAttributes().get(4).getAttributeValues().get(0)).getValue());
     
+    Assert.assertEquals("Wrong req attr.", "urn:eidgvat:attributes.ServiceProviderUniqueId",
+        reqAttr.getAttributes().get(5).getName());
+    Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(5).getAttributeValues());
+    Assert.assertEquals("#Req. Attr value", 1,
+        reqAttr.getAttributes().get(5).getAttributeValues().size());
+    org.springframework.util.Assert.isInstanceOf(XSString.class,
+        reqAttr.getAttributes().get(5).getAttributeValues().get(0), "Wrong requested Attributes Value type");
+    Assert.assertEquals("Req. Attr. Value", eidasReq.getRequesterId(),
+        ((XSString)reqAttr.getAttributes().get(5).getAttributeValues().get(0)).getValue());
+    
+    
+    
   }
   
   @Test
@@ -330,31 +354,31 @@ public class RequestIdAustriaSystemTaskTest {
 
     //validate state
     final EaafRequestedAttributes reqAttr = validate();
-    Assert.assertEquals("#Req Attribute", 7, reqAttr.getAttributes().size());
+    Assert.assertEquals("#Req Attribute", 8, reqAttr.getAttributes().size());
     
     Assert.assertEquals("Wrong req attr.", "urn:eidgvat:attributes.ServiceProviderMandateProfiles",
-        reqAttr.getAttributes().get(5).getName());
-    Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(1).getAttributeValues());
+        reqAttr.getAttributes().get(6).getName());
+    Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(6).getAttributeValues());
     Assert.assertEquals("#Req. Attr value", 1,
-        reqAttr.getAttributes().get(5).getAttributeValues().size());
+        reqAttr.getAttributes().get(6).getAttributeValues().size());
     org.springframework.util.Assert.isInstanceOf(XSString.class,
-        reqAttr.getAttributes().get(5).getAttributeValues().get(0), "Wrong requested Attributes Value type");
+        reqAttr.getAttributes().get(6).getAttributeValues().get(0), "Wrong requested Attributes Value type");
     
     List<String> reqProfiles = KeyValueUtils.getListOfCsvValues(
-        ((XSString)reqAttr.getAttributes().get(5).getAttributeValues().get(0)).getValue());
+        ((XSString)reqAttr.getAttributes().get(6).getAttributeValues().get(0)).getValue());
     reqProfiles.stream().forEach(el -> assertTrue("missing profile: " + el, mandateProfiles.contains(el)));
     
     
     Assert.assertEquals("Wrong req attr.", "urn:eidgvat:attributes.ServiceProviderMandateType",
-        reqAttr.getAttributes().get(6).getName());
-    Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(6).getAttributeValues());
+        reqAttr.getAttributes().get(7).getName());
+    Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(7).getAttributeValues());
     Assert.assertEquals("#Req. Attr value", 1,
-        reqAttr.getAttributes().get(6).getAttributeValues().size());
+        reqAttr.getAttributes().get(7).getAttributeValues().size());
     org.springframework.util.Assert.isInstanceOf(XSString.class,
-        reqAttr.getAttributes().get(6).getAttributeValues().get(0), "Wrong requested Attributes Value type");
+        reqAttr.getAttributes().get(7).getAttributeValues().get(0), "Wrong requested Attributes Value type");
     Assert.assertEquals("Req. Attr. Value", 
         SpMandateModes.LEGAL_FORCE.getMode(),
-        ((XSString)reqAttr.getAttributes().get(6).getAttributeValues().get(0)).getValue());
+        ((XSString)reqAttr.getAttributes().get(7).getAttributeValues().get(0)).getValue());
     
   }
author	Thomas <>	2022-06-08 12:32:16 +0200
committer	Thomas <>	2022-06-08 12:32:16 +0200
commit	3d9d419a40b17de1f94d46cbc2f5b345a93bff00 (patch)
tree	eccca95fa319ac13b2f6e98fd34b25e266dc489d /modules/authmodule_id-austria
parent	db3af28b79296b6f5650a85c5a41ad5015c57222 (diff)
download	National_eIDAS_Gateway-3d9d419a40b17de1f94d46cbc2f5b345a93bff00.tar.gz National_eIDAS_Gateway-3d9d419a40b17de1f94d46cbc2f5b345a93bff00.tar.bz2 National_eIDAS_Gateway-3d9d419a40b17de1f94d46cbc2f5b345a93bff00.zip