aboutsummaryrefslogtreecommitdiff
path: root/eidas_modules/authmodule-eIDAS-v2/src/main/java/at
diff options
context:
space:
mode:
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2/src/main/java/at')
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java60
1 files changed, 30 insertions, 30 deletions
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java
index dc6df967..5bad738b 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java
@@ -27,6 +27,7 @@ import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.net.URL;
+import java.nio.charset.StandardCharsets;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
@@ -34,7 +35,7 @@ import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.util.ArrayList;
-import java.util.Arrays;
+import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -117,6 +118,7 @@ public class SzrClient {
private static final String JOSE_HEADER_USERCERTPINNING_EIDASBIND = "urn:at.gv.eid:eidasBind";
public static final String ATTR_NAME_MDS = "urn:eidgvat:mds";
+ @SuppressWarnings("SpringJavaInjectionPointsAutowiringInspection")
@Autowired
private IConfiguration basicConfig;
@@ -126,10 +128,6 @@ public class SzrClient {
// RAW client is needed for identitylink
private Dispatch<Source> dispatch = null;
- private SzrService szrService = null;
- private String szrUrl = null;
- private QName qname = null;
-
final ObjectMapper mapper = new ObjectMapper();
/**
@@ -164,7 +162,7 @@ public class SzrClient {
.createUnmarshaller().unmarshal(new ByteArrayInputStream(szrResponse));
// build response
- log.trace(new String(szrResponse, "UTF-8"));
+ log.trace(new String(szrResponse, StandardCharsets.UTF_8));
// ok, we have success
final Document doc = DomUtils.parseDocument(
@@ -223,7 +221,11 @@ public class SzrClient {
}
/**
- * Request a encryped baseId from SRZ.
+ * Request a encrypted baseId from SZR.
+ *
+ * <b>Note</b>: Previously, this method did create a new ERnP entry, if it did not exist. This is
+ * <b>not</b> the case any more. See
+ * {@link at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateNewErnpEntryTask} for that functionality.
*
* @param personInfo Minimum dataset of person
* @return encrypted baseId
@@ -234,10 +236,7 @@ public class SzrClient {
final String resp;
try {
- //TODO wirklich immer "insertERnP=true"?
- // wenn insertErnP=false dann returns vsz oder fehler
- // wenn insertErnp = true dann returns vsz, ggf vom neuen Eintrag
- resp = this.szr.getStammzahlEncrypted(personInfo, true);
+ resp = this.szr.getStammzahlEncrypted(personInfo, false);
} catch (SZRException_Exception e) {
throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e);
}
@@ -253,8 +252,8 @@ public class SzrClient {
/**
* Sign an eidasBind data-structure that combines vsz with user's pubKey and E-ID status.
*
- * @param vsz encryped baseId
- * @param bindingPubKey binding PublikKey as PKCS1# (ASN.1) container
+ * @param vsz encrypted baseId
+ * @param bindingPubKey binding PublicKey as PKCS1# (ASN.1) container
* @param eidStatus Status of the E-ID
* @param eidData eID information that was used for ERnP registration
* @return bPK for this person
@@ -266,7 +265,7 @@ public class SzrClient {
final Map<String, Object> eidsaBindMap = new HashMap<>();
eidsaBindMap.put(ATTR_NAME_VSZ, vsz);
eidsaBindMap.put(ATTR_NAME_STATUS, eidStatus);
- eidsaBindMap.put(ATTR_NAME_PUBKEYS, Arrays.asList(bindingPubKey));
+ eidsaBindMap.put(ATTR_NAME_PUBKEYS, Collections.singletonList(bindingPubKey));
eidsaBindMap.put(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, eidData.getCitizenCountryCode());
injectMdsIfAvailableAndActive(eidsaBindMap, eidData);
@@ -296,7 +295,7 @@ public class SzrClient {
return resp.getOut().get(0).getValue();
} catch (final JsonProcessingException | SZRException_Exception e) {
- log.warn("Requesting bcBind by using SZR FAILED. Reason: {}", e.getMessage(), null, e);
+ log.warn("Requesting bcBind by using SZR FAILED.", e);
throw new SzrCommunicationException("ernb.02",
new Object[]{e.getMessage()}, e);
}
@@ -311,6 +310,9 @@ public class SzrClient {
Constants.CONIG_PROPS_EIDAS_SZRCLIENT_USETESTSERVICE,
true);
+ SzrService szrService;
+ QName qname;
+ String szrUrl;
if (useTestSzr) {
log.debug("Initializing SZR test environment configuration.");
qname = SzrService.SZRTestumgebung;
@@ -350,20 +352,20 @@ public class SzrClient {
// inject handler
log.info("Use SZR service-URL: " + szrUrl);
- injectBindingProvider((BindingProvider) szr, CLIENT_DEFAULT);
- injectBindingProvider(dispatch, CLIENT_RAW);
+ injectBindingProvider((BindingProvider) szr, CLIENT_DEFAULT, szrUrl);
+ injectBindingProvider(dispatch, CLIENT_RAW, szrUrl);
// inject http parameters and SSL context
log.debug("Inject HTTP client settings ... ");
- injectHttpClient(szr, CLIENT_DEFAULT);
- injectHttpClient(dispatch, CLIENT_RAW);
+ injectHttpClient(szr, CLIENT_DEFAULT, szrUrl);
+ injectHttpClient(dispatch, CLIENT_RAW, szrUrl);
log.info("SZR-Client initialization successfull");
}
- private void injectHttpClient(Object raw, String clientType) {
+ private void injectHttpClient(Object raw, String clientType, String szrUrl) {
// extract client from implementation
- Client client = null;
+ Client client;
if (raw instanceof DispatchImpl<?>) {
client = ((DispatchImpl<?>) raw).getClient();
} else if (raw instanceof Client) {
@@ -378,14 +380,12 @@ public class SzrClient {
// set timeout policy
final HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
- httpClientPolicy.setConnectionTimeout(
- Integer.parseInt(basicConfig.getBasicConfiguration(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_TIMEOUT_CONNECTION,
- Constants.HTTP_CLIENT_DEFAULT_TIMEOUT_CONNECTION)) * 1000);
- httpClientPolicy.setReceiveTimeout(
- Integer.parseInt(basicConfig.getBasicConfiguration(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_TIMEOUT_RESPONSE,
- Constants.HTTP_CLIENT_DEFAULT_TIMEOUT_RESPONSE)) * 1000);
+ String connectionTimeout = basicConfig.getBasicConfiguration(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_TIMEOUT_CONNECTION, Constants.HTTP_CLIENT_DEFAULT_TIMEOUT_CONNECTION);
+ httpClientPolicy.setConnectionTimeout(Integer.parseInt(connectionTimeout) * 1000L);
+ String responseTimeout = basicConfig.getBasicConfiguration(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_TIMEOUT_RESPONSE, Constants.HTTP_CLIENT_DEFAULT_TIMEOUT_RESPONSE);
+ httpClientPolicy.setReceiveTimeout(Integer.parseInt(responseTimeout) * 1000L);
http.setClient(httpClientPolicy);
// inject SSL context in case of https
@@ -400,7 +400,7 @@ public class SzrClient {
}
- private void injectBindingProvider(BindingProvider bindingProvider, String clientType) {
+ private void injectBindingProvider(BindingProvider bindingProvider, String clientType, String szrUrl) {
final Map<String, Object> requestContext = bindingProvider.getRequestContext();
requestContext.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, szrUrl);