aboutsummaryrefslogtreecommitdiff
path: root/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service
diff options
context:
space:
mode:
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service')
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/CCSpecificEIDProcessingService.java (renamed from eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/EIDPostProcessingService.java)41
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/ICCSpecificEIDProcessingService.java (renamed from eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/IeIDPostProcessingService.java)15
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASAttributeRegistry.java37
3 files changed, 77 insertions, 16 deletions
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/EIDPostProcessingService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/CCSpecificEIDProcessingService.java
index 331b2641..602982d6 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/EIDPostProcessingService.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/CCSpecificEIDProcessingService.java
@@ -43,34 +43,36 @@ import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler.INationaleIDPostProcessor;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler.INationaleIDProcessor;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils;
+import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.impl.data.Trible;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
@Service
-public class EIDPostProcessingService implements IeIDPostProcessingService{
- private static final Logger log = LoggerFactory.getLogger(EIDPostProcessingService.class);
+public class CCSpecificEIDProcessingService implements ICCSpecificEIDProcessingService{
+ private static final Logger log = LoggerFactory.getLogger(CCSpecificEIDProcessingService.class);
@Autowired private ApplicationContext context;
- private List<INationaleIDPostProcessor> handlers = new ArrayList<INationaleIDPostProcessor>();
+ private List<INationaleIDProcessor> handlers = new ArrayList<INationaleIDProcessor>();
@PostConstruct
private void initialize() {
log.debug("Initialize eID PostProcessing-Service ... ");
- Map<String, INationaleIDPostProcessor> postProcessors = context.getBeansOfType(INationaleIDPostProcessor.class);
- Iterator<Entry<String, INationaleIDPostProcessor>> iterator = postProcessors.entrySet().iterator();
+ Map<String, INationaleIDProcessor> postProcessors = context.getBeansOfType(INationaleIDProcessor.class);
+ Iterator<Entry<String, INationaleIDProcessor>> iterator = postProcessors.entrySet().iterator();
while (iterator.hasNext()) {
- Entry<String, INationaleIDPostProcessor> el = iterator.next();
+ Entry<String, INationaleIDProcessor> el = iterator.next();
log.debug("Find eID-PostProcessor with name: " + el.getKey());
handlers.add(el.getValue());
}
log.trace("Sorting eID-PostProcessors on priority ... ");
- Collections.sort(handlers, new Comparator<INationaleIDPostProcessor>() {
+ Collections.sort(handlers, new Comparator<INationaleIDProcessor>() {
@Override
- public int compare(INationaleIDPostProcessor thisAuthModule, INationaleIDPostProcessor otherAuthModule) {
+ public int compare(INationaleIDProcessor thisAuthModule, INationaleIDProcessor otherAuthModule) {
int thisOrder = thisAuthModule.getPriority();
int otherOrder = otherAuthModule.getPriority();
return (thisOrder < otherOrder ? 1 : (thisOrder == otherOrder ? 0 : -1));
@@ -82,6 +84,25 @@ public class EIDPostProcessingService implements IeIDPostProcessingService{
}
@Override
+ public void preProcess(String selectedCitizenCountry, IRequest pendingReq, Builder authnRequestBuilder) throws eIDPostProcessingException {
+ if (StringUtils.isEmpty(selectedCitizenCountry))
+ log.info("No CountryCode for eID Pre-Processor. Default Pre-Processor will be used");
+
+ for (INationaleIDProcessor el : handlers) {
+ if (el.canHandle(selectedCitizenCountry)) {
+ log.debug("Pre-Process eIDAS request for " + selectedCitizenCountry + " by using: " + el.getName());
+ el.preProcess(pendingReq, authnRequestBuilder);
+ return;
+
+ }
+ }
+
+ log.error("NO eID PostProcessor FOUND. Looks like a depentency problem!");
+ throw new eIDPostProcessingException("internal.00", null);
+
+ }
+
+ @Override
public ERnBeIDData postProcess(Map<String, Object> eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException {
//extract citizen country from eIDAS unique identifier
Object eIdentifierObj = eIDASAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
@@ -95,7 +116,7 @@ public class EIDPostProcessingService implements IeIDPostProcessingService{
if (StringUtils.isEmpty(citizenCountry))
log.info("No CountryCode for eID PostProcessor. Default-PostProcessor will be used");
- for (INationaleIDPostProcessor el : handlers) {
+ for (INationaleIDProcessor el : handlers) {
if (el.canHandle(citizenCountry)) {
log.debug("Post-Process eIDAS eID from " + citizenCountry + " by using: " + el.getName());
return el.postProcess(eIDASAttrMap);
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/IeIDPostProcessingService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/ICCSpecificEIDProcessingService.java
index 02d18920..02802126 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/IeIDPostProcessingService.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/ICCSpecificEIDProcessingService.java
@@ -27,8 +27,11 @@ import java.util.Map;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import eu.eidas.auth.commons.light.ILightRequest;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
-public interface IeIDPostProcessingService {
+public interface ICCSpecificEIDProcessingService {
/**
* Post-process eIDAS eID attributes into national format
@@ -40,5 +43,15 @@ public interface IeIDPostProcessingService {
* @throws eIDASAttributeException
*/
public ERnBeIDData postProcess(Map<String, Object> eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException;
+
+ /**
+ * Pre Process eIDAS request into national requirements
+ *
+ * @param selectedCC Citizen Country from selection
+ * @param pendingReq current pending request
+ * @param authnRequestBuilder eIDAS {@link ILightRequest} builder
+ * @throws eIDPostProcessingException
+ */
+ public void preProcess(String selectedCC, IRequest pendingReq, Builder authnRequestBuilder) throws eIDPostProcessingException;
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASAttributeRegistry.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASAttributeRegistry.java
index 116f2197..6e934c59 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASAttributeRegistry.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASAttributeRegistry.java
@@ -23,6 +23,7 @@
package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service;
import java.io.File;
+import java.text.MessageFormat;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -39,6 +40,7 @@ import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+import edu.umd.cs.findbugs.annotations.NonNull;
import eu.eidas.auth.commons.attribute.AttributeRegistries;
import eu.eidas.auth.commons.attribute.AttributeRegistry;
@@ -93,8 +95,25 @@ public class eIDASAttributeRegistry {
return coreAttributeRegistry;
}
- public Map<String, Boolean> getAttributeSetFromConfiguration() {
- Map<String, Boolean> result = new HashMap<String, Boolean>();
+ @NonNull
+ public Map<String, Boolean> getDefaultAttributeSetFromConfiguration() {
+ /*TODO: select set for representation if mandates should be used.
+ * It's an open task in respect to requested eIDAS attributes and isRequired flag,
+ * because there can be a decision problem in case of natural or legal person representation!
+ * From an Austrian use-case point of view, an Austrian service provider can support mandates for
+ * natural and legal persons at the same time. However, we CAN NOT request attributes for natural AND
+ * legal persons on the same time, because it's not possible to represent both simultaneously.
+ */
+ Map<String, String> configAttributes =
+ basicConfig.getBasicConfigurationWithPrefix(
+ Constants.CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_DEFAULT_ONLYNATURAL);
+ return processAttributeInfosFromConfig(configAttributes);
+
+ }
+
+ @NonNull
+ public Map<String, Boolean> getAttributeSetFromConfiguration(String countryCode) {
+
/*TODO: select set for representation if mandates should be used.
* It's an open task in respect to requested eIDAS attributes and isRequired flag,
@@ -105,7 +124,16 @@ public class eIDASAttributeRegistry {
*/
Map<String, String> configAttributes =
basicConfig.getBasicConfigurationWithPrefix(
- Constants.CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_ONLYNATURAL);
+ MessageFormat.format(
+ Constants.CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_CC_SPECIFIC_ONLYNATURAL,
+ countryCode.toLowerCase()));
+ return processAttributeInfosFromConfig(configAttributes);
+
+ }
+
+ private Map<String, Boolean> processAttributeInfosFromConfig(Map<String, String> configAttributes) {
+
+ Map<String, Boolean> result = new HashMap<String, Boolean>();
for (String el: configAttributes.values()) {
if (StringUtils.isNotEmpty(el.trim())) {
List<String> attrDef = KeyValueUtils.getListOfCSVValues(el.trim());
@@ -122,8 +150,7 @@ public class eIDASAttributeRegistry {
return result;
}
-
-
+
public void setEidasAttributesFile(String eidasAttributesFile) {
this.eidasAttributesFile = eidasAttributesFile;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-22 15:56:03 +0000