diff options
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler')
4 files changed, 350 insertions, 0 deletions
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDPostProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDPostProcessor.java new file mode 100644 index 00000000..db5dafd7 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDPostProcessor.java @@ -0,0 +1,194 @@ +package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler; + +import java.util.Map; + +import org.joda.time.DateTime; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils; +import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType; +import at.gv.egiz.eaaf.core.impl.data.Trible; +import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress; + +public abstract class AbstracteIDPostProcessor implements INationaleIDPostProcessor { + private static final Logger log = LoggerFactory.getLogger(AbstracteIDPostProcessor.class); + + + @Override + public ERnBeIDData postProcess(Map<String, Object> eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException{ + ERnBeIDData result = new ERnBeIDData(); + + //MDS attributes + result.setPseudonym(processPseudonym(eIDASAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER))); + result.setFamilyName(processFamilyName(eIDASAttrMap.get(Constants.eIDAS_ATTR_CURRENTFAMILYNAME))); + result.setGivenName(processGivenName(eIDASAttrMap.get(Constants.eIDAS_ATTR_CURRENTGIVENNAME))); + result.setDateOfBirth(processDateOfBirth(eIDASAttrMap.get(Constants.eIDAS_ATTR_DATEOFBIRTH))); + + //additional attributes + result.setPlaceOfBirth(processPlaceOfBirth(eIDASAttrMap.get(Constants.eIDAS_ATTR_PLACEOFBIRTH))); + result.setBirthName(processBirthName(eIDASAttrMap.get(Constants.eIDAS_ATTR_BIRTHNAME))); + result.setAddress(processAddress(eIDASAttrMap.get(Constants.eIDAS_ATTR_CURRENTADDRESS))); + + return result; + + } + + /** + * Post-Process the eIDAS CurrentAddress attribute + * + * @param currentAddressObj + * @return current address or null if no attribute is available + * @throws eIDPostProcessingException if post-processing fails + * @throws eIDASAttributeException if eIDAS attribute is of a wrong type + */ + protected PostalAddressType processAddress(Object currentAddressObj) throws eIDPostProcessingException, eIDASAttributeException { + + if (currentAddressObj != null) { + if ((currentAddressObj instanceof PostalAddress)) { + PostalAddressType result = new PostalAddressType(); + result.setPostalCode(((PostalAddress)currentAddressObj).getPostCode()); + result.setMunicipality(((PostalAddress)currentAddressObj).getPostName()); + + //TODO: add more mappings + + } else { + log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_CURRENTADDRESS + " is of WRONG type"); + throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTADDRESS); + + } + + } else + log.debug("NO '" + Constants.eIDAS_ATTR_CURRENTADDRESS + "' attribute. Post-Processing skipped ... "); + + return null; + + } + + /** + * Post-Process the eIDAS BirthName attribute + * + * @param birthNameObj + * @return birthName or null if no attribute is available + * @throws eIDPostProcessingException if post-processing fails + * @throws eIDASAttributeException if eIDAS attribute is of a wrong type + */ + protected String processBirthName(Object birthNameObj) throws eIDPostProcessingException, eIDASAttributeException { + if (birthNameObj != null) { + if ((birthNameObj instanceof String)) { + return (String)birthNameObj; + + } else { + log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_BIRTHNAME + " is of WRONG type"); + throw new eIDASAttributeException(Constants.eIDAS_ATTR_BIRTHNAME); + + } + + } else + log.debug("NO '" + Constants.eIDAS_ATTR_BIRTHNAME + "' attribute. Post-Processing skipped ... "); + + + return null; + + } + + /** + * Post-Process the eIDAS PlaceOfBirth attribute + * + * @param placeOfBirthObj + * @return place of Birth or null if no attribute is available + * @throws eIDPostProcessingException if post-processing fails + * @throws eIDASAttributeException if eIDAS attribute is of a wrong type + */ + protected String processPlaceOfBirth(Object placeOfBirthObj) throws eIDPostProcessingException, eIDASAttributeException { + if (placeOfBirthObj != null) { + if ((placeOfBirthObj instanceof String)) { + return (String)placeOfBirthObj; + + } else { + log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_PLACEOFBIRTH + " is of WRONG type"); + throw new eIDASAttributeException(Constants.eIDAS_ATTR_PLACEOFBIRTH); + + } + + } else + log.debug("NO '" + Constants.eIDAS_ATTR_PLACEOFBIRTH + "' attribute. Post-Processing skipped ... "); + + + return null; + + } + + /** + * Post-Process the eIDAS DateOfBirth attribute + * + * @param dateOfBirthObj + * @return + * @throws eIDASAttributeException if NO attribute is available + * @throws eIDPostProcessingException if post-processing fails + */ + protected DateTime processDateOfBirth(Object dateOfBirthObj) throws eIDPostProcessingException, eIDASAttributeException { + if (dateOfBirthObj == null || !(dateOfBirthObj instanceof DateTime)) + throw new eIDASAttributeException(Constants.eIDAS_ATTR_DATEOFBIRTH); + + return (DateTime)dateOfBirthObj; + + } + + /** + * Post-Process the eIDAS GivenName attribute + * + * @param givenNameObj + * @return + * @throws eIDASAttributeException if NO attribute is available + * @throws eIDPostProcessingException if post-processing fails + */ + protected String processGivenName(Object givenNameObj) throws eIDPostProcessingException, eIDASAttributeException { + if (givenNameObj == null || !(givenNameObj instanceof String)) + throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTGIVENNAME); + + return (String)givenNameObj; + + } + + /** + * Post-Process the eIDAS FamilyName attribute + * + * @param familyNameObj + * @return + * @throws eIDASAttributeException if NO attribute is available + * @throws eIDPostProcessingException if post-processing fails + */ + protected String processFamilyName(Object familyNameObj) throws eIDPostProcessingException, eIDASAttributeException { + if (familyNameObj == null || !(familyNameObj instanceof String)) + throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTFAMILYNAME); + + return (String) familyNameObj; + + } + + /** + * Post-Process the eIDAS pseudonym to ERnB unique identifier + * + * @param eIdentifierObj eIDAS PersonalIdentifierAttribute + * @return + * @throws eIDPostProcessingException + * @throws eIDASAttributeException if NO attribute is available + * @throws eIDPostProcessingException if post-processing fails + */ + protected String processPseudonym(Object eIdentifierObj) throws eIDPostProcessingException, eIDASAttributeException { + if (eIdentifierObj == null || !(eIdentifierObj instanceof String)) + throw new eIDASAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER); + + Trible<String, String, String> eIdentifier = + eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIdentifierObj); + + return eIdentifier.getThird(); + + } + +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDPostProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDPostProcessor.java new file mode 100644 index 00000000..90562f86 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDPostProcessor.java @@ -0,0 +1,79 @@ +package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler; + +import java.util.Base64; + +import org.apache.commons.codec.DecoderException; +import org.apache.commons.codec.binary.Hex; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils; +import at.gv.egiz.eaaf.core.impl.data.Trible; + +public class DEeIDPostProcessor extends AbstracteIDPostProcessor { + private static final Logger log = LoggerFactory.getLogger(DEeIDPostProcessor.class); + private static final String canHandleCC = "DE"; + + private int priority = 1; + + @Override + public int getPriority() { + return priority; + } + + @Override + public boolean canHandle(String countryCode) { + return countryCode != null && countryCode.equalsIgnoreCase(canHandleCC); + + } + + + public void setPriority(int priority) { + this.priority = priority; + } + + @Override + public String getName() { + return "DE-PostProcessor"; + + } + + @Override + protected String processPseudonym(Object eIdentifierObj) throws eIDPostProcessingException, eIDASAttributeException { + if (eIdentifierObj == null || !(eIdentifierObj instanceof String)) + throw new eIDASAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER); + + Trible<String, String, String> eIdentifier = + eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIdentifierObj); + + log.trace(getName() + " starts processing of attribute: " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER); + String result = convertDEIdentifier(eIdentifier.getThird()); + log.debug(getName() + " finished processing of attribute: " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER); + + return result; + + + } + + private String convertDEIdentifier(String hexEncodedDEIdentifier) throws eIDPostProcessingException + { + if(hexEncodedDEIdentifier.length() != 64) + throw new eIDPostProcessingException("ernb.03", new Object[] {"Input has wrong length, expected 64 chars"}); + + byte[] data; + try { + data = Hex.decodeHex(hexEncodedDEIdentifier); + + } catch (DecoderException e) { + throw new eIDPostProcessingException("ernb.03", null, e); + + } + + byte[] encoded = Base64.getEncoder().encode(data); + return new String(encoded); + } + +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDPostProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDPostProcessor.java new file mode 100644 index 00000000..f6e0aba2 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDPostProcessor.java @@ -0,0 +1,31 @@ +package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler; + +public class GenericeIDPostProcessor extends AbstracteIDPostProcessor { + + private int priority = 0; + + @Override + public int getPriority() { + return priority; + + } + + @Override + public boolean canHandle(String countryCode) { + return true; + + } + + public void setPriority(int priority) { + this.priority = priority; + } + + @Override + public String getName() { + return "Default-PostProcessor"; + + } + + + +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDPostProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDPostProcessor.java new file mode 100644 index 00000000..2335ca6d --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDPostProcessor.java @@ -0,0 +1,46 @@ +package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler; + +import java.util.Map; + +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException; + +public interface INationaleIDPostProcessor { + + /** + * Get a friendlyName of this post-processor implementation + * + * @return + */ + public String getName(); + + /** + * Get the priority of this eID Post-Processor + * <br> + * If more than one Post-Processor implementations can handle the eID data, the post-processor with the highest priority are selected. + * The Default-Processor has priority '0' + * + * @return Priority of this handler + */ + public int getPriority(); + + /** + * Check if this postProcessor is sensitive for a specific country + * + * @param countryCode of the eID data that should be processed + * @return true if this implementation can handle the country, otherwise false + * + */ + public boolean canHandle(String countryCode); + + + /** + * Post-Process eIDAS eID data into national format + * @param eIDASAttrMap Map of eIDAS attributes in format friendlyName and attribute + * @throws eIDPostProcessingException + * @throws eIDASAttributeException + * + */ + public ERnBeIDData postProcess(Map<String, Object> eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException; +} |