diff options
| author | Thomas <> | 2022-10-11 16:40:54 +0200 |
|---|---|---|
| committer | Thomas <> | 2022-10-11 16:40:54 +0200 |
| commit | 6b93c404726457a04cb52430d40abcf23fdd8f31 (patch) | |
| tree | b6c21a3cbec8817224a948f2edf05f198e832538 /modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticWorkaroundPersonRoleHandler.java | |
| parent | 1edc816481ac7ee2cbdecbd64f44f367d25fc3bd (diff) | |
| download | National_eIDAS_Gateway-6b93c404726457a04cb52430d40abcf23fdd8f31.tar.gz National_eIDAS_Gateway-6b93c404726457a04cb52430d40abcf23fdd8f31.tar.bz2 National_eIDAS_Gateway-6b93c404726457a04cb52430d40abcf23fdd8f31.zip | |
feat(ejustic): add work-around to support BORIS eJustice attribute for natural person on IDA system
eJustice attributes are implemented by using mandates on IDA side.
However, European Commission only supports authentication without mandates.
This work-around integrates both requirements into MS-Proxy-Service
Diffstat (limited to 'modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticWorkaroundPersonRoleHandler.java')
| -rw-r--r-- | modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticWorkaroundPersonRoleHandler.java | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticWorkaroundPersonRoleHandler.java b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticWorkaroundPersonRoleHandler.java new file mode 100644 index 00000000..6f855c14 --- /dev/null +++ b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticWorkaroundPersonRoleHandler.java @@ -0,0 +1,35 @@ +package at.asitplus.eidas.specific.modules.msproxyservice.handler; + +import at.gv.egiz.eaaf.core.api.idp.IEidAuthData; +import at.gv.egiz.eaaf.core.impl.idp.EidAuthenticationData; +import lombok.NonNull; +import lombok.extern.slf4j.Slf4j; + + +/** + * eJustic PersonRole attribute-handler for natural-person use-cases only. + * + * <p>In that special case, the legal-person mandate will be ignored and + * eIDAS response looks like a normal authentication without mandates.</p> + * + * @author tlenz + * + */ +@Slf4j +public class EJusticWorkaroundPersonRoleHandler extends EJusticePersonRoleHandler { + + @Override + public void performAuthDataPostprocessing(@NonNull IEidAuthData authData) { + if (authData.isUseMandate()) { + log.info("eJusticeNaturalPersonRole was requested by SP. " + + "Perform work-around and partially ignoring mandate from IDA system ... "); + ((EidAuthenticationData)authData).setUseMandate(false); + + } else { + log.info("eJustice attribute was requested but no mandate from ID Austria. " + + "Something looks wrong, but use it as it is."); + + } + } + +} |