diff options
| author | Thomas <> | 2022-12-19 15:50:38 +0100 |
|---|---|---|
| committer | Thomas <> | 2022-12-19 15:50:38 +0100 |
| commit | d2dec4601c41131c3ca509a8f7907b91af0ba2a6 (patch) | |
| tree | 999634c3edaf5d45774593b4cdece1dada857dab /ms_specific_connector/src/main | |
| parent | c2fa7fa970f717b8b4e27098b3d2b9341c59fae1 (diff) | |
| download | National_eIDAS_Gateway-d2dec4601c41131c3ca509a8f7907b91af0ba2a6.tar.gz National_eIDAS_Gateway-d2dec4601c41131c3ca509a8f7907b91af0ba2a6.tar.bz2 National_eIDAS_Gateway-d2dec4601c41131c3ca509a8f7907b91af0ba2a6.zip | |
feat(eidas-connector): support not-notified LoA
- not-notified LoA is currently used by Ukraine
Diffstat (limited to 'ms_specific_connector/src/main')
| -rw-r--r-- | ms_specific_connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/ms_specific_connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java b/ms_specific_connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java index 23702264..0452353a 100644 --- a/ms_specific_connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java +++ b/ms_specific_connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java @@ -58,7 +58,7 @@ import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttributes; import at.gv.egiz.eaaf.modules.pvp2.api.validation.IAuthnRequestPostProcessor; import at.gv.egiz.eaaf.modules.pvp2.exception.NameIdFormatNotSupportedException; -import eu.eidas.auth.commons.protocol.eidas.LevelOfAssurance; +import eu.eidas.auth.commons.protocol.eidas.NotifiedLevelOfAssurance; public class AuthnRequestValidator implements IAuthnRequestPostProcessor { @@ -266,13 +266,13 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor { final List<String> reqLoA = extractLoA(authnReq); log.trace("SP requests LoA with: {}", String.join(", ", reqLoA)); - LevelOfAssurance minimumLoAFromConfig = LevelOfAssurance.fromString(basicConfig.getBasicConfiguration( - MsEidasNodeConstants.PROP_EIDAS_REQUEST_LOA_MINIMUM_LEVEL, - EaafConstants.EIDAS_LOA_HIGH)); + NotifiedLevelOfAssurance minimumLoAFromConfig = NotifiedLevelOfAssurance.fromString( + basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_EIDAS_REQUEST_LOA_MINIMUM_LEVEL, + EaafConstants.EIDAS_LOA_HIGH)); if (minimumLoAFromConfig == null) { log.warn("Can not load minimum LoA from configuration. Use LoA: {} as default", EaafConstants.EIDAS_LOA_HIGH); - minimumLoAFromConfig = LevelOfAssurance.HIGH; + minimumLoAFromConfig = NotifiedLevelOfAssurance.HIGH; } @@ -281,7 +281,7 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor { final List<String> allowedLoA = new ArrayList<>(); for (final String loa : reqLoA) { try { - final LevelOfAssurance intLoa = LevelOfAssurance.fromString(loa); + final NotifiedLevelOfAssurance intLoa = NotifiedLevelOfAssurance.fromString(loa); String selectedLoA = EaafConstants.EIDAS_LOA_HIGH; if (intLoa != null && intLoa.numericValue() <= minimumLoAFromConfig.numericValue()) { @@ -340,11 +340,13 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor { } else { result.add(authContext.getAuthnContextClassRefs().get(0).getAuthnContextClassRef()); + } } else if (authContext.getComparison().equals(AuthnContextComparisonTypeEnumeration.EXACT)) { for (final AuthnContextClassRef el : authContext.getAuthnContextClassRefs()) { result.add(el.getAuthnContextClassRef()); + } } else { |