aboutsummaryrefslogtreecommitdiff
path: root/eidas_modules/authmodule-eIDAS-v2/src/main
diff options
context:
space:
mode:
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2/src/main')
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/AhAuthProcessDataConstants.java9
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/AhAuthProcessDataWrapper.java224
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/AhExtendedPvpAttributeDefinitions.java24
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/AuthHandlerConstants.java141
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IAhAuthProcessData.java190
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IAhSpConfiguration.java151
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IRawMandateDao.java32
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/ISignedMandate.java19
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IdAustriaClientAuthConstants.java55
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IdAustriaClientAuthMetadataConfiguration.java16
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/MisException.java17
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateMobilePhoneSignatureRequestTask.java6
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask.java121
13 files changed, 63 insertions, 942 deletions
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/AhAuthProcessDataConstants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/AhAuthProcessDataConstants.java
deleted file mode 100644
index 36ea2440..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/AhAuthProcessDataConstants.java
+++ /dev/null
@@ -1,9 +0,0 @@
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient;
-
-import at.gv.egiz.eaaf.core.api.idp.EaafAuthProcessDataConstants;
-
-public interface AhAuthProcessDataConstants extends EaafAuthProcessDataConstants {
-
-
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/AhAuthProcessDataWrapper.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/AhAuthProcessDataWrapper.java
deleted file mode 100644
index 1b20960b..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/AhAuthProcessDataWrapper.java
+++ /dev/null
@@ -1,224 +0,0 @@
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient;
-
-
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.CertificateException;
-import java.util.Map;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
-import iaik.x509.X509Certificate;
-
-public class AhAuthProcessDataWrapper extends AuthProcessDataWrapper
- implements IAhAuthProcessData, AhAuthProcessDataConstants {
- private static final Logger log = LoggerFactory.getLogger(AhAuthProcessDataWrapper.class);
-
- public static final String VALUE_SIGNER_CERT = "direct_signerCert";
- public static final String VALUE_VDAURL = "direct_bkuUrl";
-
- public static final String VALUE_MANDATES_REFVALUE = "direct_mis_refvalue";
-
- public static final String VALUE_EID_QCBIND = "direct_eid_qcBind";
- public static final String VALUE_EID_VSZ = "direct_eid_vsz";
- public static final String VALUE_EID_SIGNEDAUTHBLOCK = "direct_eid_authblock";
- public static final String VALUE_EID_SIGNEDAUTHBLOCK_TYPE = "direct_eid_authblock_type";
- public static final String VALUE_EID_MIS_MANDATE = "direct_eid_mis_mandate";
-
- public static final String VALUE_INTERNAL_BPK = "direct_internal_bpk";
- public static final String VALUE_INTERNAL_BPKYPE = "direct_internal_bpktype";
-
- public static final String VALUE_INTERNAL_MANDATE_ELGA_PROCESS = "direct_is_elga_mandate_process";
- public static final String VALUE_INTERNAL_VDA_AUTHENTICATION_PROCESS = "direct_is_vda_auth_process";
-
- public AhAuthProcessDataWrapper(final Map<String, Object> authProcessData) {
- super(authProcessData);
-
- }
-
- /*
- * (non-Javadoc)
- *
- * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getSignerCertificate()
- */
- @Override
- public X509Certificate getSignerCertificate() {
- final byte[] encCert = getEncodedSignerCertificate();
-
- if (encCert != null) {
- try {
- return new X509Certificate(encCert);
- } catch (final CertificateException e) {
- log.warn("Signer certificate can not be loaded from session database!", e);
-
- }
- }
- return null;
- }
-
- /*
- * (non-Javadoc)
- *
- * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getEncodedSignerCertificate()
- */
- @Override
- public byte[] getEncodedSignerCertificate() {
- return wrapStoredObject(VALUE_SIGNER_CERT, null, byte[].class);
-
- }
-
- /*
- * (non-Javadoc)
- *
- * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setSignerCertificate(iaik.x509.
- * X509Certificate)
- */
- @Override
- public void setSignerCertificate(final java.security.cert.X509Certificate signerCertificate) {
- try {
- authProcessData.put(VALUE_SIGNER_CERT, signerCertificate.getEncoded());
-
- } catch (final CertificateEncodingException e) {
- log.warn("Signer certificate can not be stored to session database!", e);
- }
-
- }
-
- /*
- * (non-Javadoc)
- *
- * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#getBkuURL()
- */
- @Override
- public String getVdaUrl() {
- return wrapStoredObject(VALUE_VDAURL, null, String.class);
- }
-
- /*
- * (non-Javadoc)
- *
- * @see at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setBkuURL(java.lang.String)
- */
- @Override
- public void setVdaUrl(final String vdaUrl) {
- authProcessData.put(VALUE_VDAURL, vdaUrl);
-
- }
-
- @Override
- public String getMandateReferenceValue() {
- return wrapStoredObject(VALUE_MANDATES_REFVALUE, null, String.class);
- }
-
- @Override
- public void setMandateReferenceValue(final String refValue) {
- authProcessData.put(VALUE_MANDATES_REFVALUE, refValue);
-
- }
-
- @Override
- public String getQcBind() {
- return wrapStoredObject(VALUE_EID_QCBIND, null, String.class);
- }
-
- @Override
- public void setQcBind(final String qcBind) {
- authProcessData.put(VALUE_EID_QCBIND, qcBind);
-
- }
-
- @Override
- public String getVsz() {
- return wrapStoredObject(VALUE_EID_VSZ, null, String.class);
- }
-
- @Override
- public void setVsz(final String vsz) {
- authProcessData.put(VALUE_EID_VSZ, vsz);
-
- }
-
- @Override
- public byte[] getSignedAuthBlock() {
- return wrapStoredObject(VALUE_EID_SIGNEDAUTHBLOCK, null, byte[].class);
- }
-
- @Override
- public void setSignedAuthBlock(final byte[] signedConsent) {
- authProcessData.put(VALUE_EID_SIGNEDAUTHBLOCK, signedConsent);
-
- }
-
- @Override
- public AuthHandlerConstants.AuthBlockType getSignedAuthBlockType() {
- return wrapStoredObject(VALUE_EID_SIGNEDAUTHBLOCK_TYPE, AuthHandlerConstants.AuthBlockType.NONE,
- AuthHandlerConstants.AuthBlockType.class);
- }
-
- @Override
- public void setSignedAuthBlockType(final AuthHandlerConstants.AuthBlockType authBlockType) {
- authProcessData.put(VALUE_EID_SIGNEDAUTHBLOCK_TYPE, authBlockType);
-
- }
-
- @Override
- public ISignedMandate getMandateDate() {
- return wrapStoredObject(VALUE_EID_MIS_MANDATE, null, ISignedMandate.class);
-
- }
-
- @Override
- public void setMandateDate(final ISignedMandate mandateDate) {
- authProcessData.put(VALUE_EID_MIS_MANDATE, mandateDate);
-
- }
-
- @Override
- public String getInternalBpk() {
- return wrapStoredObject(VALUE_INTERNAL_BPK, null, String.class);
- }
-
- @Override
- public void setInternalBpk(final String bpk) {
- authProcessData.put(VALUE_INTERNAL_BPK, bpk);
-
- }
-
- @Override
- public String getInternalBpkType() {
- return wrapStoredObject(VALUE_INTERNAL_BPKYPE, null, String.class);
-
- }
-
- @Override
- public void setInternalBpkType(final String bpkType) {
- authProcessData.put(VALUE_INTERNAL_BPKYPE, bpkType);
-
- }
-
- @Override
- public boolean isElgaMandateProcess() {
- return wrapStoredObject(VALUE_INTERNAL_MANDATE_ELGA_PROCESS, false, Boolean.class);
-
- }
-
- @Override
- public void setElgaMandateProcess(boolean flag) {
- authProcessData.put(VALUE_INTERNAL_MANDATE_ELGA_PROCESS, flag);
-
- }
-
- @Override
- public boolean isVdaAuthentication() {
- return wrapStoredObject(VALUE_INTERNAL_VDA_AUTHENTICATION_PROCESS, false, Boolean.class);
-
- }
-
- @Override
- public void setVdaAuthentication(boolean flag) {
- authProcessData.put(VALUE_INTERNAL_VDA_AUTHENTICATION_PROCESS, flag);
-
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/AhExtendedPvpAttributeDefinitions.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/AhExtendedPvpAttributeDefinitions.java
deleted file mode 100644
index b74767de..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/AhExtendedPvpAttributeDefinitions.java
+++ /dev/null
@@ -1,24 +0,0 @@
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient;
-
-import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class AhExtendedPvpAttributeDefinitions implements ExtendedPvpAttributeDefinitions {
- private static final Logger log =
- LoggerFactory.getLogger(AhExtendedPvpAttributeDefinitions.class);
-
- private AhExtendedPvpAttributeDefinitions() {
- log.trace("Instance class: {} for SonarQube",
- AhExtendedPvpAttributeDefinitions.class.getName());
-
- }
-
- public static final String EID_BCBIND_NAME = "urn:eidgvat:attributes.bcbind";
- public static final String EID_BCBIND_FRIENDLY_NAME = "bcBind";
-
- public static final String EID_BINDING_PUBKEY_NAME = "urn:eidgvat:attributes.binding.pubkey";
- public static final String EID_BINDING_PUBKEY_FRIENDLY_NAME = "BindingPubKey";
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/AuthHandlerConstants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/AuthHandlerConstants.java
deleted file mode 100644
index 1bbc31e0..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/AuthHandlerConstants.java
+++ /dev/null
@@ -1,141 +0,0 @@
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient;
-
-
-public class AuthHandlerConstants {
-
- private AuthHandlerConstants() {
-
- }
-
- // TODO: maybe update to another target
- public static final String DEFAULT_INTERNAL_BPK_TARGET = "urn:publicid:gv.at:cdid+ZP-MH";
-
- // configuration parameters
- public static final String PROP_CONFIG_APPLICATION_PREFIX = "authhandler.";
- public static final String PROP_CONFIG_APPLICATION_PUBLIC_URL_PREFIX = "core.context.url.prefix";
- public static final String PROP_CONFIG_APPLICATION_PUBLIC_URL_REQUEST_VALIDATION =
- "core.context.url.request.validation";
- public static final String PROP_CONFIG_LEGACY_ALLOW = "core.legacy.allowLegacyMode";
-
- public static final String PROP_CONFIG_WEBCONTENT_STATIC_PATH =
- "core.webcontent.static.directory";
- public static final String PROP_CONFIG_WEBCONTENT_TEMPLATES_PATH = "core.webcontent.templates";
- public static final String PROP_CONFIG_WEBCONTENT_PROPERTIES_PATH = "core.webcontent.properties";
-
- public static final String PROP_CONFIG_CACHE_TRANSACTIONS_NAME = "core.cache.transaction.name";
- public static final String PROP_CONFIG_CACHE_TRANSACTIONS_ENC_ENABLED =
- "core.cache.transaction.encryption.enabled";
- public static final String PROP_CONFIG_CACHE_TRANSACTIONS_ENC_KEY_TYPE =
- "core.cache.transaction.encryption.type";
- public static final String PROP_CONFIG_CACHE_TRANSACTIONS_ENC_PASSPHRASE =
- "core.cache.transaction.encryption.passphrase";
- public static final String PROP_CONFIG_CACHE_TRANSACTIONS_ENC_SALT =
- "core.cache.transaction.encryption.salt";
- public static final String PROP_CONFIG_CACHE_TRANSACTIONS_ENC_KEYSTORE_NAME =
- "core.cache.transaction.encryption.keystore.name";
- public static final String PROP_CONFIG_CACHE_TRANSACTIONS_ENC_KEY_ALIAS =
- "core.cache.transaction.encryption.key.alias";
-
- public static final String PROP_CONFIG_CACHE_ATTRIBUTEPROXY_NAME =
- "core.cache.attributeproxy.name";
-
- public static final String PROP_CONFIG_BACKEND_ENDPOINT_GETALLSUPPORTEDATTRIBUTES =
- "backend.endpoints.getallsupportedattributes";
- public static final String PROP_CONFIG_BACKEND_ENDPOINT_GETAPPLICATIONCONFIGURATION =
- "backend.endpoints.getapplicationconfiguration";
-
- public static final String PROP_CONFIG_INTERNAL_BPK_TARGET = "core.internal.bpk.target";
-
- public static final String PROP_CONFIG_INTERNAL_FRONTEND_ONLY_MODE = "core.internal.frontend.only.mode";
- public static final boolean PROP_DEFAULT_CONFIG_INTERNAL_FRONTEND_ONLY_MODE = false;
-
- // Servlet End-Points
- public static final String ENDPOINT_PROCESSENGINE_CONTROLLER = "/api/process";
- public static final String ENDPOINT_ERROR_IFRAME_HOPPING = "/error/parenthop";
-
-
- // GUI template directories
- public static final String CLASSPATH_TEMPLATE_DIR = "/templates/";
- public static final String FILESYSTEM_TEMPLATE_DIR = "./templates/";
- public static final String TEMPLATE_HTML_ERROR = "error_message.html";
-
- // GUI template defaultfiles
- public static final String TEMPLATE_AUTHPROCESS_SELECTION_VDA_FULLFRAME = "authSelection.html";
- public static final String TEMPLATE_AUTHPROCESS_SELECTION_VDA_IFRAME = "authSelection_iframe.html";
- public static final String TEMPLATE_USER_CONSENT_REQUEST = "userConsent.html";
- public static final String TEMPLATE_IFRAME_TO_PARENT_HOPE = "iframe_parent_hope.html";
- public static final String TEMPLATE_MANDATE_SELECTION = "mandateSelection.html";
- public static final String TEMPLATE_PROF_REP_MANDATE_SELECTION = "profRepMandateSelection.html";
- public static final String TEMPLATE_MANDATE_SELECTION_DUMMY = "mandateSelection_dummy.html";
-
-
-
- // http request parameters
- public static final String HTTP_PARAM_APPLICATION_ID = "appId";
- public static final String HTTP_PARAM_STOP_PROCESS = "stopAuthProcess";
- public static final String HTTP_PARAM_EIDAS_PROCESS = "useeIDAS";
- public static final String HTTP_PARAM_EID_PROCESS = "useeID";
- public static final String HTTP_PARAM_EID_BINDING_AUTH_PROCESS = "useBindingAuth";
- public static final String HTTP_PARAM_USE_MANDATES = "useMandate";
- public static final String HTTP_PARAM_AUTHMETHOD = "authMethod";
- public static final String HTTP_PARAM_CONSENT_RELEASE_ATTRIBUTES = "releaseAttributes";
- public static final String HTTP_PARAM_CONSENT_STORE_CONSENT = "storeConsent";
-
- @Deprecated
- public static final String HTTP_PARAM_EIDMIGRATIONPILOT_PROCESS = "pilotMigration";
- @Deprecated
- public static final String HTTP_PARAM_EIDMIGRATIONPILOT_SHOW_INFO_PAGE = "pilotMigrationInfoPage";
- @Deprecated
- public static final String HTTP_PARAM_MOBILESIGNATURE_PROCESS = "usemobileSig";
-
- // UI options
- public static final String UI_PARAM_USE_MANDATES = HTTP_PARAM_USE_MANDATES;
- public static final String UI_PARAM_USE_ONLY_MANDATES = "useOnlyMandate";
- public static final String UI_PARAM_USE_EIDAS = HTTP_PARAM_EIDAS_PROCESS;
- public static final String UI_PARAM_DSGVO_SHORT_INFO = "dsgvoShortText";
- public static final String UI_PARAM_DSGVO_SP_PRIVACY_STATEMENT_URL = "dsgvoPrivacyStatementUrl";
- public static final String UI_PARAM_DSGVO_SP_SERVICE_URL = "dsgvoServiceUrl";
- public static final String UI_PARAM_DSGVO_SP_LOGO = "dsgvoSpLogo";
- public static final String UI_PARAM_DSGVO_SP_LOGO_SET = "dsgvoSpLogoSet";
- public static final String UI_PARAM_DSGVO_SP_LOGO_SET_DATAURL = "dataUrl";
- public static final String UI_PARAM_DSGVO_SP_LOGO_SET_THEME = "theme";
- public static final String UI_PARAM_DSGVO_SP_LOGO_SET_RESOLUTION = "resolution";
- public static final String UI_PARAM_DSGVO_SP_LOGO_SET_TYPE = "type";
-
- public enum LogoType { SVG, PNG, UNKNOWN }
-
- public enum AuthBlockType {
- CADES("CAdES"), JWS("JWS"), NONE("none");
-
- private final String internalType;
-
- AuthBlockType(final String type) {
- this.internalType = type;
-
- }
-
- /**
- * Get Type identifier for this AuthBlock.
- *
- * @return
- */
- public String getAuthBlockType() {
- return this.internalType;
- }
-
- @Override
- public String toString() {
- return getAuthBlockType();
-
- }
- }
-
- // process context parameters
- public static final String PROCESSCONTEXT_USERCONSENT_NEEDED = "userConsentNeeded";
- public static final String PROCESSCONTEXT_AUTHPROCESSSELECTION_DONE = "authProcSelectDone";
- public static final String PROCESSCONTEXT_SWITCH_LANGUAGE = "changeLanguage";
- public static final String PROCESSCONTEXT_IFRAME_PARENT_NEEDED = "iframeParentNeeded";
-
- public static final String PROCESSCONTEXT_WAS_EID_PROCESS = "wasEidProcess";
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IAhAuthProcessData.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IAhAuthProcessData.java
deleted file mode 100644
index 47d3d37c..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IAhAuthProcessData.java
+++ /dev/null
@@ -1,190 +0,0 @@
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient;
-
-import java.security.cert.X509Certificate;
-
-import at.gv.egiz.eaaf.core.api.idp.auth.data.IAuthProcessDataContainer;
-
-public interface IAhAuthProcessData extends IAuthProcessDataContainer {
-
- /**
- * Get the certificate that was used to sign the Consent.
- *
- * @return {@link X509Certificate}
- */
- X509Certificate getSignerCertificate();
-
- /**
- * Get the certificate that was used to sign the Consent.
- *
- * @return Serialized certificate
- */
- byte[] getEncodedSignerCertificate();
-
- /**
- * Set the certificate that was used to sign the Consent.
- *
- * @param signerCertificate Signer certificate of the user
- */
- void setSignerCertificate(X509Certificate signerCertificate);
-
-
- /**
- * Get URL to VDA that was used for authentication.
- *
- * @return
- */
- String getVdaUrl();
-
- /**
- * Set URL to VDA that was used for authentication.
- *
- * @param vdaUrl URL to VDA that was used for authentication
- */
- void setVdaUrl(String vdaUrl);
-
- /**
- * Get the reference-value that used to interact with MIS service.
- *
- * @return
- */
- String getMandateReferenceValue();
-
- /**
- * Set the reference-value that used to interact with MIS service.
- *
- * @param refValue Mandate reference value
- */
- void setMandateReferenceValue(String refValue);
-
- /**
- * Get the qcBind of the user that was received by VDA or other storage during authentication.
- *
- * @return
- */
- String getQcBind();
-
- /**
- * Set the qcBind of the user that was received by VDA or other storage during authentication.
- *
- * @param qcBind raw qcBind data-structure (serialized JSON)
- */
- void setQcBind(String qcBind);
-
- /**
- * Get the vSZ of the user.
- *
- * @return
- */
- String getVsz();
-
- /**
- * Set the vSZ of the user.
- *
- * @param vsz user's encrypted baseId
- */
- void setVsz(String vsz);
-
- /**
- * Get the signed AuthBlock of the user.
- *
- * @return
- */
- byte[] getSignedAuthBlock();
-
- /**
- * Set the signed AuthBlock of the user.
- *
- * @param authBlock raw signed consent
- */
- void setSignedAuthBlock(byte[] authBlock);
-
- /**
- * Get a textual type identifier of the AuthBlock.
- *
- * @return AuthBlock type
- */
- AuthHandlerConstants.AuthBlockType getSignedAuthBlockType();
-
- /**
- * Set a textual identifier for the type of the AuthBlock.
- *
- * @param authBlockType AuthBlock type
- */
- void setSignedAuthBlockType(final AuthHandlerConstants.AuthBlockType authBlockType);
-
- /**
- * Get the selected mandate of the user that was issued by MIS.
- *
- * @return
- */
- ISignedMandate getMandateDate();
-
- /**
- * Set the selected mandate of the user that is issued by MIS.
- *
- * @param signedMandate Raw mandate structure for E-ID backend
- */
- void setMandateDate(ISignedMandate signedMandate);
-
-
- /**
- * Get bPK for this entity. <br>
- * <b>THIS bPK is only for AuthHandler internal usage</b>
- *
- * @return bPK, or null if no bPK is set
- */
- String getInternalBpk();
-
- /**
- * Get bPK type for this entity. <br>
- * <b>THIS bPK is only for AuthHandler internal usage</b>
- *
- * @return bPKType, or null if no bPKType is set
- */
- String getInternalBpkType();
-
- /**
- * Set the bPK for INTERNAL USAGE of the current entity.
- *
- * @param bpk bPK for internal usage
- */
- void setInternalBpk(String bpk);
-
- /**
- * Set the bPK for INTERNAL USAGE of the current entity.
- *
- * @param bpkType bPK for internal usage
- */
- void setInternalBpkType(String bpkType);
-
-
- /**
- * Indicate if the current process uses ELGA mandates.
- *
- * @return <code>true</code> if ELGA mandates are used, otherwise <code>false</code>
- */
- boolean isElgaMandateProcess();
-
- /**
- * Set flag if the current process is an ELGA mandate process.
- *
- * @param flag <code>true</code> if it is an ELGA mandate-process, otherwise <code>false</code>
- */
- void setElgaMandateProcess(boolean flag);
-
-
- /**
- * Indicate if the current process was authenticated by a VDA.
- *
- * @return <code>true</code> if the current process was authenticated by VDA, otherwise <code>false</code>
- */
- boolean isVdaAuthentication();
-
- /**
- * Set flag that indicates if the current process was authenticated by a VDA.
- *
- * @param flag <code>true</code> in case of VDA authentication, otherwise <code>false</code>
- */
- void setVdaAuthentication(boolean flag);
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IAhSpConfiguration.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IAhSpConfiguration.java
deleted file mode 100644
index 081b215a..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IAhSpConfiguration.java
+++ /dev/null
@@ -1,151 +0,0 @@
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient;
-
-import java.util.List;
-
-import javax.annotation.Nonnull;
-import javax.annotation.Nullable;
-
-import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
-import at.gv.egiz.eaaf.core.impl.data.Pair;
-
-public interface IAhSpConfiguration extends ISpConfiguration {
-
-
- /**
- * Flag if this Service Provider is enabled.
- *
- * @return true if the SP is enabled, otherwise false
- */
- boolean isEnabled();
-
- /**
- * Get unique identifier that is used in Application-Register from BM.I.
- *
- * <p>If no BM.I specific identifier is available then this method returns
- * the same identifier as <code>getUniqueIdentifier()</code></p>
- *
- * @return unique identifier from BM.I AppReg, or generic uniqueId of no specific exists
- */
- String getUniqueApplicationRegisterIdentifier();
-
- /**
- * Flag that marks this Service-Provider as <i>public</i> or <i>private</i>.
- *
- * <p><b>Default:</b> If it is not set or has an unknown value, its <i>private</i> by default</p>
- *
- * @return <code>true</code> if it is from <i>public</i>, otherwise <code>false</code>
- */
- boolean isPublicServiceProvider();
-
- /**
- * Enable test identities for this Service Provider.
- *
- * @return true if test identities are allowed, otherwise false
- */
- boolean isTestCredentialEnabled();
-
- /**
- * Get a List of OID's that refine the set of allowed test identities.
- *
- * @return @link {@link List} of test-identity OID's
- */
- @Nullable
- List<String> getTestCredentialOids();
-
-
- /**
- * Get a List of unique attribute URI's that are required by this SP.
- *
- * @return {@link List} of attribute URI's / parameter {@link Pair}s
- */
- List<Pair<String, String>> getRequiredAttributes();
-
-
- /**
- * Get the CountryCode for this service. <br>
- * <br>
- * <b>Default:</b> AT
- *
- * @return
- */
- String getCountryCode();
-
- /**
- * Set the CountryCode for this service. If not countryCode is set, AT is used as default.
- *
- * @param cc Service-Provider country-code
- */
- void setCountryCode(String cc);
-
- /**
- * Enable mandates for this service provider.
- *
- * @return <code>true</code> if mandates are enabled, otherwise <code>false</code>
- */
- boolean isMandateEnabled();
-
- /**
- * Enables multi-mandates for this service-provider.
- *
- * @return <code>true</code> if multi-mandates are enabled, otherwise <code>false</code>
- */
- boolean isMultiMandateEnabled();
-
- /**
- * Only mandates are allowed for this service provider.
- *
- * @return <code>true</code> if only mandates are allowed, otherwise <code>false</code>
- */
- boolean isOnlyMandateEnabled();
-
- /**
- * Get a {@link List} of mandate profiles that are supported by this Service provider.
- *
- * @return
- */
- @Nonnull List<String> getMandateProfiles();
-
-
- /**
- * eIDAS authentication allowed flag.
- *
- * @return <code>true</code> if eIDAS authentication is enabled, otherwise <code>false</code>
- */
- boolean isEidasEnabled();
-
- /**
- * Get a List of targets for additional bPKs that are required by this service provider.
- *
- * @return List of prefixed bPK targets
- */
- @Nonnull List<String> getAdditionalBpkTargets();
-
- /**
- * Get a list of foreign bPK targets that are required by this service provider.
- *
- * @return List of pairs with prefixed bPK targets as first element and VKZ as second element
- */
- @Nonnull List<Pair<String, String>> getAdditionalForeignBpkTargets();
-
- /**
- * Flag that indicates that service-provider as restricted or unrestricted.
- *
- * <p>A restricted service-provider can only used by test-identities that contains a
- * valid application-restriction in User-Certificate Pinning</p>
- *
- * <p><b>Default:</b> true</p>
- *
- * @return <code>true</code> if it is restricted, otherwise <code>false</code>
- */
- boolean isRestrictedServiceProvider();
-
-
- /**
- * Defines the time in minutes how long the last VDA registration h@Override
- ave passed as maximum.
- *
- * @return time in minutes
- */
- long lastVdaAuthenticationDelay();
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IRawMandateDao.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IRawMandateDao.java
deleted file mode 100644
index 7e3b2aa1..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IRawMandateDao.java
+++ /dev/null
@@ -1,32 +0,0 @@
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient;
-
-import java.io.Serializable;
-import java.util.Date;
-
-public interface IRawMandateDao extends Serializable {
-
- boolean isNaturalPerson();
-
- boolean isProfRepresentation();
-
- String getIdentifier();
-
- String getIdentifierType();
-
- String getGivenName();
-
- String getFamilyName();
-
- Date getDateOfBirth();
-
- String getCommonName();
-
- String getMandateTypeOid();
-
- String getMandateAnnotation();
-
- String getMandateId();
-
- String getMandateContent();
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/ISignedMandate.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/ISignedMandate.java
deleted file mode 100644
index edd167fb..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/ISignedMandate.java
+++ /dev/null
@@ -1,19 +0,0 @@
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient;
-
-public interface ISignedMandate extends IRawMandateDao {
-
- /**
- * Get the full signed mandate issued by the MIS component.
- *
- * @return serialized JWS that contains the mandate
- */
- String getSignedMandate();
-
- /**
- * Get formated date-of-birth.
- *
- * @return date-of-birth as 'yyyy-MM-dd'
- */
- String getDateOfBirthFormated();
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IdAustriaClientAuthConstants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IdAustriaClientAuthConstants.java
index 7d8b9dc8..1a590aa1 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IdAustriaClientAuthConstants.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IdAustriaClientAuthConstants.java
@@ -58,6 +58,7 @@ public class IdAustriaClientAuthConstants {
public static final String CONFIG_PROPS_REQUIRED_LOA = CONFIG_PROPS_PREFIX
+ "required.loa";
public static final String CONFIG_PROPS_NODE_ENTITYID = CONFIG_PROPS_PREFIX + "node.entityId";
+ public static final String CONFIG_PROPS_SP_ENTITYID = CONFIG_PROPS_PREFIX + "sp.entityId";
public static final String CONFIG_PROPS_NODE_METADATAURL = CONFIG_PROPS_PREFIX + "node.metadataUrl";
public static final String CONFIG_PROPS_NODE_TRUSTPROFILEID = CONFIG_PROPS_PREFIX + "node.trustprofileID";
@@ -77,55 +78,9 @@ public class IdAustriaClientAuthConstants {
public static final String CONFIG_PROPS_APPSPECIFIC_EIDAS_NODE_URL = "auth.eidas.node.entityId";
- public static final String CONFIG_PROPS_SEMPER_MANDATES_ACTIVE = CONFIG_PROPS_PREFIX
- + "semper.mandates.active";
- public static final String CONFIG_PROPS_SEMPER_MANDATES_MS_PROXY_LIST = CONFIG_PROPS_PREFIX
- + "semper.msproxy.list";
public static final String CONFIG_DEFAULT_LOA_EIDAS_LEVEL = EaafConstants.EIDAS_LOA_HIGH;
- @Deprecated
- public static final List<Triple<String, String, Boolean>> DEFAULT_REQUIRED_PVP_ATTRIBUTES_WITHOUT_EID =
- Collections.unmodifiableList(new ArrayList<Triple<String, String, Boolean>>() {
- private static final long serialVersionUID = 1L;
- {
- // add PVP Version attribute
- add(Triple.newInstance(PvpAttributeDefinitions.PVP_VERSION_NAME,
- PvpAttributeDefinitions.PVP_VERSION_FRIENDLY_NAME, true));
-
- // request entity information
- add(Triple.newInstance(PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME,
- PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME, false));
- add(Triple.newInstance(PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME,
- PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_FRIENDLY_NAME, true));
- add(Triple.newInstance(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME,
- PvpAttributeDefinitions.EID_ISSUING_NATION_FRIENDLY_NAME, true));
-
- // entity eID information
- add(Triple.newInstance(AhExtendedPvpAttributeDefinitions.EID_EIDBIND_NAME,
- AhExtendedPvpAttributeDefinitions.EID_EIDBIND_FRIENDLY_NAME, false));
- add(Triple.newInstance(AhExtendedPvpAttributeDefinitions.EID_AUTHBLOCK_SIGNED_NAME,
- AhExtendedPvpAttributeDefinitions.EID_AUTHBLOCK_SIGNED_FRIENDLY_NAME, false));
-
- // Deprecated information
- add(Triple.newInstance(PvpAttributeDefinitions.GIVEN_NAME_NAME,
- PvpAttributeDefinitions.GIVEN_NAME_FRIENDLY_NAME, false));
- add(Triple.newInstance(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME,
- PvpAttributeDefinitions.PRINCIPAL_NAME_FRIENDLY_NAME, false));
- add(Triple.newInstance(PvpAttributeDefinitions.BIRTHDATE_NAME,
- PvpAttributeDefinitions.BIRTHDATE_FRIENDLY_NAME, false));
- add(Triple.newInstance(PvpAttributeDefinitions.BPK_NAME, PvpAttributeDefinitions.BPK_FRIENDLY_NAME,
- false));
- add(Triple.newInstance(PvpAttributeDefinitions.EID_IDENTITY_LINK_NAME,
- PvpAttributeDefinitions.EID_IDENTITY_LINK_FRIENDLY_NAME, false));
-
- //request pII transactionId from MS-Connector
- add(Triple.newInstance(ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME,
- ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_FRIENDLY_NAME, false));
-
- }
- });
-
public static final List<Triple<String, String, Boolean>> DEFAULT_REQUIRED_PVP_ATTRIBUTES =
Collections.unmodifiableList(new ArrayList<Triple<String, String, Boolean>>() {
private static final long serialVersionUID = 1L;
@@ -141,10 +96,10 @@ public class IdAustriaClientAuthConstants {
PvpAttributeDefinitions.EID_ISSUING_NATION_FRIENDLY_NAME, true));
// entity eID information
- add(Triple.newInstance(AhExtendedPvpAttributeDefinitions.EID_EIDBIND_NAME,
- AhExtendedPvpAttributeDefinitions.EID_EIDBIND_FRIENDLY_NAME, true));
- add(Triple.newInstance(AhExtendedPvpAttributeDefinitions.EID_AUTHBLOCK_SIGNED_NAME,
- AhExtendedPvpAttributeDefinitions.EID_AUTHBLOCK_SIGNED_FRIENDLY_NAME, true));
+ add(Triple.newInstance(ExtendedPvpAttributeDefinitions.EID_EIDBIND_NAME,
+ ExtendedPvpAttributeDefinitions.EID_EIDBIND_FRIENDLY_NAME, true));
+ add(Triple.newInstance(ExtendedPvpAttributeDefinitions.EID_AUTHBLOCK_SIGNED_NAME,
+ ExtendedPvpAttributeDefinitions.EID_AUTHBLOCK_SIGNED_FRIENDLY_NAME, true));
//request pII transactionId from MS-Connector
add(Triple.newInstance(ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME,
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IdAustriaClientAuthMetadataConfiguration.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IdAustriaClientAuthMetadataConfiguration.java
index 93aefb42..4e7f86f1 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IdAustriaClientAuthMetadataConfiguration.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IdAustriaClientAuthMetadataConfiguration.java
@@ -356,18 +356,12 @@ public class IdAustriaClientAuthMetadataConfiguration implements IPvpMetadataBui
public Collection<RequestedAttribute> getSpRequiredAttributes() {
final Map<String, RequestedAttribute> requestedAttributes = new HashMap<>();
- if (pvpConfiguration.getBasicConfiguration().getBasicConfigurationBoolean(
- AuthHandlerConstants.PROP_CONFIG_LEGACY_ALLOW, false)) {
- log.trace("Build required attributes for legacy operaton ... ");
- injectDefinedAttributes(requestedAttributes,
- IdAustriaClientAuthConstants.DEFAULT_REQUIRED_PVP_ATTRIBUTES_WITHOUT_EID);
- } else {
- log.trace("Build required attributes for E-ID operaton ... ");
- injectDefinedAttributes(requestedAttributes,
- IdAustriaClientAuthConstants.DEFAULT_REQUIRED_PVP_ATTRIBUTES);
+ log.trace("Build required attributes for E-ID operaton ... ");
+ injectDefinedAttributes(requestedAttributes,
+ IdAustriaClientAuthConstants.DEFAULT_REQUIRED_PVP_ATTRIBUTES);
+
- }
if (additionalAttributes != null) {
log.trace("Add additional PVP attributes into metadata ... ");
@@ -376,9 +370,7 @@ public class IdAustriaClientAuthMetadataConfiguration implements IPvpMetadataBui
log.debug("Attribute " + el.getName()
+ " is already added by default configuration. Overwrite it by user configuration");
}
-
requestedAttributes.put(el.getName(), el);
-
}
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/MisException.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/MisException.java
deleted file mode 100644
index 71826d23..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/MisException.java
+++ /dev/null
@@ -1,17 +0,0 @@
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient;
-
-import at.gv.egiz.eaaf.core.exceptions.EaafException;
-
-public class MisException extends EaafException {
-
- private static final long serialVersionUID = 1L;
-
- public MisException(final String errorId, final Object[] params) {
- super(errorId, params);
- }
-
- public MisException(final String errorId, final Object[] params, final Throwable e) {
- super(errorId, params, e);
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateMobilePhoneSignatureRequestTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateMobilePhoneSignatureRequestTask.java
index aa8deb2b..546a2039 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateMobilePhoneSignatureRequestTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateMobilePhoneSignatureRequestTask.java
@@ -27,7 +27,6 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustri
import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthCredentialProvider;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthMetadataProvider;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthRequestBuilderConfiguration;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IAhSpConfiguration;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions;
import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
@@ -117,9 +116,8 @@ public class GenerateMobilePhoneSignatureRequestTask extends AbstractAuthServlet
IdAustriaClientAuthConstants.CONFIG_PROPS_REQUIRED_LOA,
IdAustriaClientAuthConstants.CONFIG_DEFAULT_LOA_EIDAS_LEVEL));
- authnReqConfig.setScopeRequesterId(
- pendingReq.getServiceProviderConfiguration(IAhSpConfiguration.class)
- .getUniqueApplicationRegisterIdentifier());
+ authnReqConfig.setScopeRequesterId(authConfig.getBasicConfiguration(
+ IdAustriaClientAuthConstants.CONFIG_PROPS_SP_ENTITYID));
authnReqConfig.setProviderName(pendingReq.getServiceProviderConfiguration().getFriendlyName());
authnReqConfig.setRequestedAttributes(buildRequestedAttributes(pendingReq));
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask.java
index 9e6aa7cc..9d30b581 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask.java
@@ -29,20 +29,15 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.ernp.IErnpClient;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ManualFixNecessaryException;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.AhAuthProcessDataWrapper;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.AuthHandlerConstants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.EidasAuthEventConstants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthCredentialProvider;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthMetadataProvider;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.MisException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.Utils;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.zmr.IZmrClient;
import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions;
-import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException;
-import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.data.Pair;
import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
@@ -78,10 +73,7 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.transform.TransformerException;
import java.io.IOException;
-import java.util.Arrays;
-import java.util.Base64;
import java.util.List;
-import java.util.Set;
/**
* Task that searches ErnB and ZMR before adding person to SZR.
@@ -211,10 +203,10 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends
requestStoreage.storePendingRequest(pendingReq);
//set E-ID process flag to execution context
- final AhAuthProcessDataWrapper session = pendingReq.getSessionData(
- AhAuthProcessDataWrapper.class);
- executionContext.put(AuthHandlerConstants.PROCESSCONTEXT_WAS_EID_PROCESS, session.isEidProcess());
- executionContext.put(AuthHandlerConstants.HTTP_PARAM_USE_MANDATES, session.isMandateUsed());
+ // final AhAuthProcessDataWrapper session = pendingReq.getSessionData(
+ // AhAuthProcessDataWrapper.class);
+ // executionContext.put(AuthHandlerConstants.PROCESSCONTEXT_WAS_EID_PROCESS, session.isEidProcess());
+ // executionContext.put(AuthHandlerConstants.HTTP_PARAM_USE_MANDATES, session.isMandateUsed());
log.info("Receive a valid assertion from IDP " + msg.getEntityID());
@@ -337,15 +329,6 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends
throws EaafBuilderException, ConfigurationException {
List<String> requiredEidasNodeAttributes = IdAustriaClientAuthConstants.DEFAULT_REQUIRED_PVP_ATTRIBUTE_NAMES;
- if (authConfig.getBasicConfigurationBoolean(
- AuthHandlerConstants.PROP_CONFIG_LEGACY_ALLOW, false)) {
- log.trace("Build required attributes for legacy operaton ... ");
- requiredEidasNodeAttributes = Arrays.asList(
- PvpAttributeDefinitions.PVP_VERSION_NAME,
- PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME,
- PvpAttributeDefinitions.EID_ISSUING_NATION_NAME);
-
- }
try {
// check if all attributes are include
@@ -359,14 +342,14 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends
}
// copy attributes into MOASession
- final AhAuthProcessDataWrapper session = pendingReq.getSessionData(
- AhAuthProcessDataWrapper.class);
- final Set<String> includedAttrNames = extractor.getAllIncludeAttributeNames();
- for (final String attrName : includedAttrNames) {
- injectAuthInfosIntoSession(session, attrName,
- extractor.getSingleAttributeValue(attrName));
-
- }
+ // final AhAuthProcessDataWrapper session = pendingReq.getSessionData(
+ // AhAuthProcessDataWrapper.class);
+ // final Set<String> includedAttrNames = extractor.getAllIncludeAttributeNames();
+ // for (final String attrName : includedAttrNames) {
+ // injectAuthInfosIntoSession(session, attrName,
+ // extractor.getSingleAttributeValue(attrName));
+ //
+ // }
//set piiTransactionId from eIDAS Connector
String piiTransactionId = extractor.getSingleAttributeValue(
@@ -381,58 +364,58 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends
}
// set foreigner flag
- session.setForeigner(true);
+ // session.setForeigner(true);
// set IssuerInstant from Assertion
- session.setIssueInstant(extractor.getAssertionIssuingDate());
+ // session.setIssueInstant(extractor.getAssertionIssuingDate());
// set CCE URL
- if (extractor.getFullAssertion().getIssuer() != null
- && StringUtils.isNotEmpty(extractor.getFullAssertion().getIssuer().getValue())) {
- session.setVdaUrl(extractor.getFullAssertion().getIssuer().getValue());
+ //if (extractor.getFullAssertion().getIssuer() != null
+ //&& StringUtils.isNotEmpty(extractor.getFullAssertion().getIssuer().getValue())) {
+ // session.setVdaUrl(extractor.getFullAssertion().getIssuer().getValue());
- } else {
- session.setVdaUrl("eIDAS_Authentication");
+ //} //else {
+ // session.setVdaUrl("eIDAS_Authentication");
- }
+ //}
- } catch (final EaafStorageException | MisException | AssertionValidationExeption | IOException e) {
+ } catch (final AssertionValidationExeption e) {
throw new EaafBuilderException(ERROR_PVP_06, null, e.getMessage(), e);
}
}
- private void injectAuthInfosIntoSession(AhAuthProcessDataWrapper session, String attrName, String attrValue)
- throws EaafStorageException, MisException, IOException {
- log.trace("Inject attribute: {} with value: {} into AuthSession", attrName, attrValue);
- log.debug("Inject attribute: {} into AuthSession", attrName);
-
- if (ExtendedPvpAttributeDefinitions.EID_EIDBIND_NAME.equals(attrName)) {
- log.debug("Find eidasBind attribute. Switching to E-ID mode ... ");
- session.setEidProcess(true);
- session.setQcBind(attrValue);
- // session.setVsz(extractVszFromEidasBind(attrValue));
- //T
-
- } else if (ExtendedPvpAttributeDefinitions.EID_AUTHBLOCK_SIGNED_NAME.equals(attrName)) {
- session.setSignedAuthBlock(Base64.getDecoder().decode(attrValue));
- session.setSignedAuthBlockType(AuthHandlerConstants.AuthBlockType.JWS);
-
- } else if (PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME.equals(attrName)) {
- session.setQaaLevel(attrValue);
-
- // } else if (ExtendedPvpAttributeDefinitions.EID_MIS_MANDATE_NAME.equals(attrName)
- // && authConfig.getBasicConfigurationBoolean(
- // IdAustriaClientAuthConstants.CONFIG_PROPS_SEMPER_MANDATES_ACTIVE, false)) {
- // session.setMandateDate(new SignedMandateDao(attrValue));
- // session.setUseMandates(true);
- //
- } else {
- session.setGenericDataToSession(attrName, attrValue);
-
- }
-
- }
+ // private void injectAuthInfosIntoSession(AhAuthProcessDataWrapper session, String attrName, String attrValue)
+ // throws EaafStorageException, MisException, IOException {
+ // log.trace("Inject attribute: {} with value: {} into AuthSession", attrName, attrValue);
+ // log.debug("Inject attribute: {} into AuthSession", attrName);
+ //
+ // if (ExtendedPvpAttributeDefinitions.EID_EIDBIND_NAME.equals(attrName)) {
+ // log.debug("Find eidasBind attribute. Switching to E-ID mode ... ");
+ // session.setEidProcess(true);
+ // session.setQcBind(attrValue);
+ // // session.setVsz(extractVszFromEidasBind(attrValue));
+ // //T
+ //
+ // } else if (ExtendedPvpAttributeDefinitions.EID_AUTHBLOCK_SIGNED_NAME.equals(attrName)) {
+ // session.setSignedAuthBlock(Base64.getDecoder().decode(attrValue));
+ // session.setSignedAuthBlockType(AuthHandlerConstants.AuthBlockType.JWS);
+ //
+ // } else if (PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME.equals(attrName)) {
+ // session.setQaaLevel(attrValue);
+ //
+ // // } else if (ExtendedPvpAttributeDefinitions.EID_MIS_MANDATE_NAME.equals(attrName)
+ // // && authConfig.getBasicConfigurationBoolean(
+ // // IdAustriaClientAuthConstants.CONFIG_PROPS_SEMPER_MANDATES_ACTIVE, false)) {
+ // // session.setMandateDate(new SignedMandateDao(attrValue));
+ // // session.setUseMandates(true);
+ // //
+ // } else {
+ // session.setGenericDataToSession(attrName, attrValue);
+ //
+ // }
+ //
+ // }
private MergedRegisterSearchResult searchInZmrAndErnp(String bpkzp) {