aboutsummaryrefslogtreecommitdiff
path: root/eidas_modules/authmodule-eIDAS-v2/src/main/java
diff options
context:
space:
mode:
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2/src/main/java')
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/RegisterSearchService.java (renamed from eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/Utils.java)33
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java64
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask.java84
3 files changed, 93 insertions, 88 deletions
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/Utils.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/RegisterSearchService.java
index 5612d137..75374872 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/Utils.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/RegisterSearchService.java
@@ -1,4 +1,4 @@
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.utils;
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.service;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MergedRegisterSearchResult;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
@@ -7,14 +7,25 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowExcept
import at.asitplus.eidas.specific.modules.auth.eidas.v2.zmr.IZmrClient;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Service;
+
+@Slf4j
+@Service("registerSearchService")
+public class RegisterSearchService {
+
+ private final IZmrClient zmrClient;
+ private final IErnpClient ernpClient;
+
+ public RegisterSearchService(IZmrClient zmrClient, IErnpClient ernpClient) {
+ this.zmrClient = zmrClient;
+ this.ernpClient = ernpClient;
+ }
-public class Utils {
/**
* Automatic process to fix the register entries.
*
- * @param ernpClient ErnP client
- * @param zmrClient ZMR client
* @param initialSearchResult Result of initial register search
* @param specificDetailSearchResult Result of last register search
* @param eidData Received eidas data
@@ -22,10 +33,9 @@ public class Utils {
* @return The bpk
* @throws TaskExecutionException if an error occurs during the register update
*/
- public static String step7aKittProcess(IErnpClient ernpClient, IZmrClient zmrClient,
- MergedRegisterSearchResult initialSearchResult,
- MergedRegisterSearchResult specificDetailSearchResult,
- SimpleEidasData eidData, IRequest pendingReq) throws TaskExecutionException {
+ public String step7aKittProcess(MergedRegisterSearchResult initialSearchResult,
+ MergedRegisterSearchResult specificDetailSearchResult,
+ SimpleEidasData eidData, IRequest pendingReq) throws TaskExecutionException {
try {
if (initialSearchResult.getResultCount() != 0) {
throw new WorkflowException("initialSearchResult.getResultCount() != 0");
@@ -34,13 +44,12 @@ public class Utils {
throw new WorkflowException("countrySpecificDetailSearchResult.getResultCount() != 1");
}
if (specificDetailSearchResult.getResultsZmr().size() == 1) {
- zmrClient.update(specificDetailSearchResult.getResultsZmr().get(0), eidData);
+ this.zmrClient.update(specificDetailSearchResult.getResultsZmr().get(0), eidData);
}
if (specificDetailSearchResult.getResultsErnp().size() == 1) {
- ernpClient.update(specificDetailSearchResult.getResultsErnp().get(0), eidData);
+ this.ernpClient.update(specificDetailSearchResult.getResultsErnp().get(0), eidData);
}
- String bpK = specificDetailSearchResult.getBpk();
- return bpK;
+ return specificDetailSearchResult.getBpk();
} catch (WorkflowException e) {
throw new TaskExecutionException(pendingReq, "Step7a failed.", e);
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java
index c4d067f5..7f4526ad 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java
@@ -31,12 +31,11 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttribute
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ManualFixNecessaryException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.CountrySpecificDetailSearchProcessor;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.Utils;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.zmr.IZmrClient;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
-import at.gv.egiz.eaaf.core.impl.data.Triple;
import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import com.google.common.collect.ImmutableMap;
@@ -47,6 +46,7 @@ import eu.eidas.auth.commons.light.ILightResponse;
import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
+import org.jetbrains.annotations.NotNull;
import org.joda.time.DateTime;
import org.springframework.stereotype.Component;
@@ -72,16 +72,20 @@ public class InitialSearchTask extends AbstractAuthServletTask {
private final List<CountrySpecificDetailSearchProcessor> handlers;
private final IErnpClient ernpClient;
private final IZmrClient zmrClient;
+ private final RegisterSearchService registerSearchService;
/**
* Constructor.
- *
- * @param handlers List of countrySpecificSearchProcessors
+ * @param handlers List of countrySpecificSearchProcessors
+ * @param registerSearchService
* @param ernpClient Ernp client
* @param zmrClient ZMR client
*/
- public InitialSearchTask(List<CountrySpecificDetailSearchProcessor> handlers, IErnpClient ernpClient,
+ public InitialSearchTask(List<CountrySpecificDetailSearchProcessor> handlers,
+ RegisterSearchService registerSearchService,
+ IErnpClient ernpClient,
IZmrClient zmrClient) {
+ this.registerSearchService = registerSearchService;
this.ernpClient = ernpClient;
this.zmrClient = zmrClient;
this.handlers = handlers;
@@ -93,27 +97,22 @@ public class InitialSearchTask extends AbstractAuthServletTask {
throws TaskExecutionException {
try {
final AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
- final ILightResponse eidasResponse = authProcessData
- .getGenericDataFromSession(DATA_FULL_EIDAS_RESPONSE, ILightResponse.class);
-
- final SimpleEidasData eidData = convertSimpleMapToSimpleData(convertEidasAttrToSimpleMap(
- eidasResponse.getAttributes().getAttributeMap()));
-
- final String bpK = step2RegisterSearchWithPersonidentifier(executionContext, eidData, authProcessData);
- authProcessData.setGenericDataToSession(DATA_RESULT_MATCHING_BPK, bpK);
- authProcessData.setGenericDataToSession(DATA_SIMPLE_EIDAS, eidData);
+ final SimpleEidasData eidasData = convertEidasAttrToSimpleData(authProcessData);
+ final String bpk = step2RegisterSearchWithPersonIdentifier(executionContext, eidasData, authProcessData);
+ authProcessData.setGenericDataToSession(DATA_RESULT_MATCHING_BPK, bpk);
+ authProcessData.setGenericDataToSession(DATA_SIMPLE_EIDAS, eidasData);
} catch (final Exception e) {
log.error("Initial search FAILED.", e);
throw new TaskExecutionException(pendingReq, "Initial search FAILED.", e);
}
}
- private String step2RegisterSearchWithPersonidentifier(
+ private String step2RegisterSearchWithPersonIdentifier(
ExecutionContext executionContext, SimpleEidasData eidData, AuthProcessDataWrapper authProcessData)
throws TaskExecutionException {
- log.trace("Starting step2RegisterSearchWithPersonidentifier");
+ log.trace("Starting step2RegisterSearchWithPersonIdentifier");
String personIdentifier = eidData.getPseudonym();
- MergedRegisterSearchResult result = searchInZmrAndErnp(personIdentifier);
+ MergedRegisterSearchResult result = searchWithPersonIdentifier(personIdentifier);
//store data in session
try {
authProcessData.setGenericDataToSession(DATA_INITIAL_REGISTER_RESULT, result);
@@ -196,19 +195,13 @@ public class InitialSearchTask extends AbstractAuthServletTask {
MergedRegisterSearchResult countrySpecificDetailSearchResult,
SimpleEidasData eidData) throws TaskExecutionException {
log.trace("Starting step7aKittProcess");
- return Utils.step7aKittProcess(ernpClient, zmrClient, initialSearchResult, countrySpecificDetailSearchResult,
+ return registerSearchService.step7aKittProcess(initialSearchResult, countrySpecificDetailSearchResult,
eidData, pendingReq);
}
private String step8RegisterSearchWithMds(ExecutionContext executionContext, SimpleEidasData eidData) {
log.trace("Starting step8RegisterSearchWithMds");
- List<RegisterResult> resultsZmr =
- zmrClient.searchWithMds(eidData.getGivenName(), eidData.getFamilyName(), eidData.getDateOfBirth());
-
- List<RegisterResult> resultsErnp =
- ernpClient.searchWithMds(eidData.getGivenName(), eidData.getFamilyName(), eidData.getDateOfBirth());
-
- MergedRegisterSearchResult mdsSearchResult = new MergedRegisterSearchResult(resultsZmr, resultsErnp);
+ MergedRegisterSearchResult mdsSearchResult = searchWithMds(eidData);
if (mdsSearchResult.getResultCount() == 0) {
executionContext.put(TRANSITION_TO_CREATE_NEW_ERNB_ENTRY_TASK, true);
} else {
@@ -219,12 +212,29 @@ public class InitialSearchTask extends AbstractAuthServletTask {
return null;
}
- private MergedRegisterSearchResult searchInZmrAndErnp(String personIdentifier) {
+ @NotNull
+ private MergedRegisterSearchResult searchWithMds(SimpleEidasData eidData) {
+ List<RegisterResult> resultsZmr =
+ zmrClient.searchWithMds(eidData.getGivenName(), eidData.getFamilyName(), eidData.getDateOfBirth());
+ List<RegisterResult> resultsErnp =
+ ernpClient.searchWithMds(eidData.getGivenName(), eidData.getFamilyName(), eidData.getDateOfBirth());
+ return new MergedRegisterSearchResult(resultsZmr, resultsErnp);
+ }
+
+ private MergedRegisterSearchResult searchWithPersonIdentifier(String personIdentifier) {
List<RegisterResult> resultsZmr = zmrClient.searchWithPersonIdentifier(personIdentifier);
List<RegisterResult> resultsErnp = ernpClient.searchWithPersonIdentifier(personIdentifier);
return new MergedRegisterSearchResult(resultsZmr, resultsErnp);
}
+ @NotNull
+ private SimpleEidasData convertEidasAttrToSimpleData(AuthProcessDataWrapper authProcessData)
+ throws EidasAttributeException {
+ final ILightResponse eidasResponse = authProcessData
+ .getGenericDataFromSession(DATA_FULL_EIDAS_RESPONSE, ILightResponse.class);
+ return convertSimpleMapToSimpleData(convertEidasAttrToSimpleMap(eidasResponse.getAttributes().getAttributeMap()));
+ }
+
private SimpleEidasData convertSimpleMapToSimpleData(Map<String, Object> eidasAttrMap)
throws EidasAttributeException {
SimpleEidasData result = new SimpleEidasData();
@@ -260,7 +270,6 @@ public class InitialSearchTask extends AbstractAuthServletTask {
if (attribute != null) {
result.put(el.getFriendlyName(), attribute);
log.trace("Find attr '{}' with value: {}", el.getFriendlyName(), attribute.toString());
-
} else {
log.info("Ignore empty 'DateTime' attribute");
}
@@ -269,7 +278,6 @@ public class InitialSearchTask extends AbstractAuthServletTask {
if (addressAttribute != null) {
result.put(el.getFriendlyName(), addressAttribute);
log.trace("Find attr '{}' with value: {}", el.getFriendlyName(), addressAttribute.toString());
-
} else {
log.info("Ignore empty 'PostalAddress' attribute");
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask.java
index 44e13d78..74af7be4 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask.java
@@ -23,38 +23,18 @@
package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks;
-import java.io.IOException;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Set;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.xml.transform.TransformerException;
-
-import org.apache.commons.lang3.StringUtils;
-import org.opensaml.core.xml.io.MarshallingException;
-import org.opensaml.messaging.decoder.MessageDecodingException;
-import org.opensaml.saml.saml2.core.Response;
-import org.opensaml.saml.saml2.core.StatusCode;
-import org.opensaml.saml.saml2.metadata.IDPSSODescriptor;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
-
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MergedRegisterSearchResult;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleMobileSignatureData;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.ernp.IErnpClient;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.InvalidUserInputException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ManualFixNecessaryException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthEventConstants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.provider.IdAustriaClientAuthCredentialProvider;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.provider.IdAustriaClientAuthMetadataProvider;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.Utils;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.zmr.IZmrClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService;
import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException;
@@ -78,9 +58,25 @@ import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AssertionValidationExeption;
import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AuthnResponseValidationException;
import at.gv.egiz.eaaf.modules.pvp2.sp.impl.utils.AssertionAttributeExtractor;
import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
+import org.opensaml.core.xml.io.MarshallingException;
+import org.opensaml.messaging.decoder.MessageDecodingException;
+import org.opensaml.saml.saml2.core.Response;
+import org.opensaml.saml.saml2.core.StatusCode;
+import org.opensaml.saml.saml2.metadata.IDPSSODescriptor;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.xml.transform.TransformerException;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Set;
/**
- * Task that receives the SAML2 response from ID Austria system.
+ * Task that receives the SAML2 response from ID Austria system.
*
* @author tlenz
*/
@@ -91,6 +87,8 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends
@Autowired
private SamlVerificationEngine samlVerificationEngine;
@Autowired
+ private RegisterSearchService registerSearchService;
+ @Autowired
private IdAustriaClientAuthCredentialProvider credentialProvider;
@Autowired(required = true)
IdAustriaClientAuthMetadataProvider metadataProvider;
@@ -112,15 +110,6 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends
private static final String ERROR_MSG_03 =
"PVP response validation FAILED.";
-
- private final IErnpClient ernpClient;
- private final IZmrClient zmrClient;
-
- public ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask(IErnpClient ernpClient, IZmrClient zmrClient) {
- this.ernpClient = ernpClient;
- this.zmrClient = zmrClient;
- }
-
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
throws TaskExecutionException {
@@ -129,7 +118,7 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends
InboundMessage msg = null;
IDecoder decoder = null;
EaafUriCompare comperator = null;
-
+
// select Response Binding
if (request.getMethod().equalsIgnoreCase("POST")) {
decoder = new PostBinding();
@@ -188,20 +177,20 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends
final AssertionAttributeExtractor extractor =
new AssertionAttributeExtractor(processedMsg.getFirst().getResponse());
-
-
-
+
+
+
/*
- * SAML2 response ist bereits vollständig validiert und die Attribute können aus dem
+ * SAML2 response ist bereits vollständig validiert und die Attribute können aus dem
* <AssertionAttributeExtractor extractor> ausgelesen werden.
* Die AttributeNamen sind entsprechend PVP Spezifikation, z.B. PvpAttributeDefinitions.GIVEN_NAME_NAME
- *
+ *
* ---------------------------------------------------------------------------------------------
- *
+ *
* TODO: ab hier müssen wir wohl was anpassen
- *
+ *
*/
-
+
//load additional search-data from pendingRequest
final AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
MergedRegisterSearchResult initialSearchResult =
@@ -210,7 +199,7 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends
SimpleEidasData eidData = authProcessData.getGenericDataFromSession(Constants.DATA_SIMPLE_EIDAS,
SimpleEidasData.class);
-
+
SimpleMobileSignatureData simpleMobileSignatureData =
getAuthDataFromInterfederation(extractor, authProcessData);
if (!simpleMobileSignatureData.equalsSimpleEidasData(eidData)) {
@@ -219,14 +208,13 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends
}
String bpkzp = simpleMobileSignatureData.getBpk();
- MergedRegisterSearchResult result = searchInZmrAndErnp(bpkzp);
+ MergedRegisterSearchResult result = searchWithBpkZp(bpkzp);
if (result.getResultCount() == 0) {
//go to step 16
executionContext.put(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK, true);
return;
} else if (result.getResultCount() == 1) {
- String bpk =
- Utils.step7aKittProcess(ernpClient, zmrClient, initialSearchResult, result, eidData, pendingReq);
+ String bpk = registerSearchService.step7aKittProcess(initialSearchResult, result, eidData, pendingReq);
authProcessData.setGenericDataToSession(Constants.DATA_RESULT_MATCHING_BPK, bpk);
//node 110
} else if (result.getResultCount() > 1) {
@@ -295,7 +283,7 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends
return Pair.newInstance(msg, false);
} else {
- log.info("Receive StatusCode {} from 'ms-specific eIDAS node'.",
+ log.info("Receive StatusCode {} from 'ms-specific eIDAS node'.",
samlResp.getStatus().getStatusCode().getValue());
StatusCode subStatusCode = getSubStatusCode(samlResp);
if (subStatusCode != null
@@ -328,7 +316,7 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends
&& StringUtils.isNotEmpty(samlResp.getStatus().getStatusCode().getStatusCode().getValue())) {
return samlResp.getStatus().getStatusCode().getStatusCode();
}
-
+
return null;
}
@@ -379,8 +367,8 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends
return simpleMobileSignatureData;
}
-
- private MergedRegisterSearchResult searchInZmrAndErnp(String bpkzp) {
+
+ private MergedRegisterSearchResult searchWithBpkZp(String bpkzp) {
List<RegisterResult> resultsZmr = zmrClient.searchWithBpkZp(bpkzp);
List<RegisterResult> resultsErnp = ernpClient.searchWithBpkZp(bpkzp);
return new MergedRegisterSearchResult(resultsZmr, resultsErnp);