diff options
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service')
-rw-r--r-- | eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/CCSpecificEIDProcessingService.java (renamed from eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/EIDPostProcessingService.java) | 41 | ||||
-rw-r--r-- | eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/ICCSpecificEIDProcessingService.java (renamed from eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/IeIDPostProcessingService.java) | 15 | ||||
-rw-r--r-- | eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASAttributeRegistry.java | 37 |
3 files changed, 77 insertions, 16 deletions
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/EIDPostProcessingService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/CCSpecificEIDProcessingService.java index 331b2641..602982d6 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/EIDPostProcessingService.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/CCSpecificEIDProcessingService.java @@ -43,34 +43,36 @@ import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants; import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData; import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException; import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException; -import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler.INationaleIDPostProcessor; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler.INationaleIDProcessor; import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils; +import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.impl.data.Trible; +import eu.eidas.auth.commons.light.impl.LightRequest.Builder; @Service -public class EIDPostProcessingService implements IeIDPostProcessingService{ - private static final Logger log = LoggerFactory.getLogger(EIDPostProcessingService.class); +public class CCSpecificEIDProcessingService implements ICCSpecificEIDProcessingService{ + private static final Logger log = LoggerFactory.getLogger(CCSpecificEIDProcessingService.class); @Autowired private ApplicationContext context; - private List<INationaleIDPostProcessor> handlers = new ArrayList<INationaleIDPostProcessor>(); + private List<INationaleIDProcessor> handlers = new ArrayList<INationaleIDProcessor>(); @PostConstruct private void initialize() { log.debug("Initialize eID PostProcessing-Service ... "); - Map<String, INationaleIDPostProcessor> postProcessors = context.getBeansOfType(INationaleIDPostProcessor.class); - Iterator<Entry<String, INationaleIDPostProcessor>> iterator = postProcessors.entrySet().iterator(); + Map<String, INationaleIDProcessor> postProcessors = context.getBeansOfType(INationaleIDProcessor.class); + Iterator<Entry<String, INationaleIDProcessor>> iterator = postProcessors.entrySet().iterator(); while (iterator.hasNext()) { - Entry<String, INationaleIDPostProcessor> el = iterator.next(); + Entry<String, INationaleIDProcessor> el = iterator.next(); log.debug("Find eID-PostProcessor with name: " + el.getKey()); handlers.add(el.getValue()); } log.trace("Sorting eID-PostProcessors on priority ... "); - Collections.sort(handlers, new Comparator<INationaleIDPostProcessor>() { + Collections.sort(handlers, new Comparator<INationaleIDProcessor>() { @Override - public int compare(INationaleIDPostProcessor thisAuthModule, INationaleIDPostProcessor otherAuthModule) { + public int compare(INationaleIDProcessor thisAuthModule, INationaleIDProcessor otherAuthModule) { int thisOrder = thisAuthModule.getPriority(); int otherOrder = otherAuthModule.getPriority(); return (thisOrder < otherOrder ? 1 : (thisOrder == otherOrder ? 0 : -1)); @@ -82,6 +84,25 @@ public class EIDPostProcessingService implements IeIDPostProcessingService{ } @Override + public void preProcess(String selectedCitizenCountry, IRequest pendingReq, Builder authnRequestBuilder) throws eIDPostProcessingException { + if (StringUtils.isEmpty(selectedCitizenCountry)) + log.info("No CountryCode for eID Pre-Processor. Default Pre-Processor will be used"); + + for (INationaleIDProcessor el : handlers) { + if (el.canHandle(selectedCitizenCountry)) { + log.debug("Pre-Process eIDAS request for " + selectedCitizenCountry + " by using: " + el.getName()); + el.preProcess(pendingReq, authnRequestBuilder); + return; + + } + } + + log.error("NO eID PostProcessor FOUND. Looks like a depentency problem!"); + throw new eIDPostProcessingException("internal.00", null); + + } + + @Override public ERnBeIDData postProcess(Map<String, Object> eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException { //extract citizen country from eIDAS unique identifier Object eIdentifierObj = eIDASAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER); @@ -95,7 +116,7 @@ public class EIDPostProcessingService implements IeIDPostProcessingService{ if (StringUtils.isEmpty(citizenCountry)) log.info("No CountryCode for eID PostProcessor. Default-PostProcessor will be used"); - for (INationaleIDPostProcessor el : handlers) { + for (INationaleIDProcessor el : handlers) { if (el.canHandle(citizenCountry)) { log.debug("Post-Process eIDAS eID from " + citizenCountry + " by using: " + el.getName()); return el.postProcess(eIDASAttrMap); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/IeIDPostProcessingService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/ICCSpecificEIDProcessingService.java index 02d18920..02802126 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/IeIDPostProcessingService.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/ICCSpecificEIDProcessingService.java @@ -27,8 +27,11 @@ import java.util.Map; import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData; import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException; import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException; +import at.gv.egiz.eaaf.core.api.IRequest; +import eu.eidas.auth.commons.light.ILightRequest; +import eu.eidas.auth.commons.light.impl.LightRequest.Builder; -public interface IeIDPostProcessingService { +public interface ICCSpecificEIDProcessingService { /** * Post-process eIDAS eID attributes into national format @@ -40,5 +43,15 @@ public interface IeIDPostProcessingService { * @throws eIDASAttributeException */ public ERnBeIDData postProcess(Map<String, Object> eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException; + + /** + * Pre Process eIDAS request into national requirements + * + * @param selectedCC Citizen Country from selection + * @param pendingReq current pending request + * @param authnRequestBuilder eIDAS {@link ILightRequest} builder + * @throws eIDPostProcessingException + */ + public void preProcess(String selectedCC, IRequest pendingReq, Builder authnRequestBuilder) throws eIDPostProcessingException; } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASAttributeRegistry.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASAttributeRegistry.java index 116f2197..6e934c59 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASAttributeRegistry.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASAttributeRegistry.java @@ -23,6 +23,7 @@ package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service; import java.io.File; +import java.text.MessageFormat; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -39,6 +40,7 @@ import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants; import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException; import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; +import edu.umd.cs.findbugs.annotations.NonNull; import eu.eidas.auth.commons.attribute.AttributeRegistries; import eu.eidas.auth.commons.attribute.AttributeRegistry; @@ -93,8 +95,25 @@ public class eIDASAttributeRegistry { return coreAttributeRegistry; } - public Map<String, Boolean> getAttributeSetFromConfiguration() { - Map<String, Boolean> result = new HashMap<String, Boolean>(); + @NonNull + public Map<String, Boolean> getDefaultAttributeSetFromConfiguration() { + /*TODO: select set for representation if mandates should be used. + * It's an open task in respect to requested eIDAS attributes and isRequired flag, + * because there can be a decision problem in case of natural or legal person representation! + * From an Austrian use-case point of view, an Austrian service provider can support mandates for + * natural and legal persons at the same time. However, we CAN NOT request attributes for natural AND + * legal persons on the same time, because it's not possible to represent both simultaneously. + */ + Map<String, String> configAttributes = + basicConfig.getBasicConfigurationWithPrefix( + Constants.CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_DEFAULT_ONLYNATURAL); + return processAttributeInfosFromConfig(configAttributes); + + } + + @NonNull + public Map<String, Boolean> getAttributeSetFromConfiguration(String countryCode) { + /*TODO: select set for representation if mandates should be used. * It's an open task in respect to requested eIDAS attributes and isRequired flag, @@ -105,7 +124,16 @@ public class eIDASAttributeRegistry { */ Map<String, String> configAttributes = basicConfig.getBasicConfigurationWithPrefix( - Constants.CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_ONLYNATURAL); + MessageFormat.format( + Constants.CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_CC_SPECIFIC_ONLYNATURAL, + countryCode.toLowerCase())); + return processAttributeInfosFromConfig(configAttributes); + + } + + private Map<String, Boolean> processAttributeInfosFromConfig(Map<String, String> configAttributes) { + + Map<String, Boolean> result = new HashMap<String, Boolean>(); for (String el: configAttributes.values()) { if (StringUtils.isNotEmpty(el.trim())) { List<String> attrDef = KeyValueUtils.getListOfCSVValues(el.trim()); @@ -122,8 +150,7 @@ public class eIDASAttributeRegistry { return result; } - - + public void setEidasAttributesFile(String eidasAttributesFile) { this.eidasAttributesFile = eidasAttributesFile; } |