aboutsummaryrefslogtreecommitdiff
path: root/eidas_modules/authmodule-eIDAS-v2/src/main
diff options
context:
space:
mode:
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2/src/main')
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java14
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/ERnBeIDData.java85
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/eIDASPersonalIdStoreDAO.java1
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/eIDPostProcessingException.java17
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDPostProcessor.java194
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDPostProcessor.java79
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDPostProcessor.java31
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDPostProcessor.java46
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/EIDPostProcessingService.java88
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/IeIDPostProcessingService.java22
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASDataStore.java1
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java164
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml17
13 files changed, 634 insertions, 125 deletions
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java
index 24d1f1ea..4d80965e 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java
@@ -62,10 +62,13 @@ public class Constants {
public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_KEYS_USEDUMMY= CONIG_PROPS_EIDAS_SZRCLIENT + ".params.usedummykeys";
public static final String CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USESRZFORBPKGENERATION= CONIG_PROPS_EIDAS_SZRCLIENT + ".params.useSZRForbPKCalculation";
public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETPLACEOFBIRTHIFAVAILABLE= CONIG_PROPS_EIDAS_SZRCLIENT + ".params.setPlaceOfBirthIfAvailable";
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETBIRTHNAMEIFAVAILABLE = CONIG_PROPS_EIDAS_SZRCLIENT + ".params.setBirthNameIfAvailable";
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_ACTIVE = CONIG_PROPS_EIDAS_SZRCLIENT + ".workarounds.datastore.sqlite.active";
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_REVISIONLOGDATASTORE_ACTIVE = CONIG_PROPS_EIDAS_SZRCLIENT + ".workarounds.datastore.revisionlog.active";
- public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_URL = CONIG_PROPS_EIDAS_SZRCLIENT + ".workarounds.datastore.sqlite.url";
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_REVISIONLOGDATASTORE_ACTIVE = CONIG_PROPS_EIDAS_SZRCLIENT + ".revisionlog.eidmapping.active";
+
+
+ @Deprecated public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_URL = CONIG_PROPS_EIDAS_SZRCLIENT + ".workarounds.datastore.sqlite.url";
+ @Deprecated public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_ACTIVE = CONIG_PROPS_EIDAS_SZRCLIENT + ".workarounds.datastore.sqlite.active";
//http endpoint descriptions
@@ -83,6 +86,9 @@ public class Constants {
public static final String eIDAS_ATTR_CURRENTGIVENNAME = "FirstName";
public static final String eIDAS_ATTR_CURRENTFAMILYNAME = "FamilyName";
public static final String eIDAS_ATTR_PLACEOFBIRTH = "PlaceOfBirth";
+ public static final String eIDAS_ATTR_BIRTHNAME = "BirthName";
+ public static final String eIDAS_ATTR_CURRENTADDRESS = "CurrentAddress";
+
public static final String eIDAS_ATTR_LEGALPERSONIDENTIFIER = "LegalPersonIdentifier";
public static final String eIDAS_ATTR_LEGALNAME = "LegalName";
@@ -118,5 +124,7 @@ public class Constants {
public static final String SZR_CONSTANTS_DEFAULT_ISSUING_AUTHORITY = "ms-specific eIDAS-Node for AT";
public static final String SZR_CONSTANTS_DEFAULT_PUBKEY_EXPONENT = "AQAB";
public static final String SZR_CONSTANTS_DEFAULT_PUBKEY_MODULUS = "AJZyj/+sdCMDRq9RkvbFcgSTVn/OfS8EUE81ddwP8MNuJ1kd1SWBUJPaQX2JLJHrL54mkOhrkhH2M/zcuOTu8nW9TOEgXGjrRB/0HpiYKpV+VDJViyyc/GacNLxN4Anw4pima6gHYaJIw9hQkL/nuO2hyh8PGJd7rxeFXJmbLy+X";
+
+
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/ERnBeIDData.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/ERnBeIDData.java
new file mode 100644
index 00000000..4f7465ce
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/ERnBeIDData.java
@@ -0,0 +1,85 @@
+package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO;
+
+import java.text.SimpleDateFormat;
+
+import org.joda.time.DateTime;
+
+import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType;
+
+public class ERnBeIDData {
+
+ private String citizenCountryCode = null;
+
+ //MDS
+ private String pseudonym = null;
+ private String givenName = null;
+ private String familyName = null;
+ private DateTime dateOfBirth = null;
+
+ //additional attributes
+ private String placeOfBirth = null;
+ private String birthName = null;
+ private PostalAddressType address = null;
+
+
+
+
+
+ public String getCitizenCountryCode() {
+ return citizenCountryCode;
+ }
+ public void setCitizenCountryCode(String citizenCountryCode) {
+ this.citizenCountryCode = citizenCountryCode;
+ }
+ public String getPseudonym() {
+ return pseudonym;
+ }
+ public void setPseudonym(String pseudonym) {
+ this.pseudonym = pseudonym;
+ }
+ public String getGivenName() {
+ return givenName;
+ }
+ public void setGivenName(String givenName) {
+ this.givenName = givenName;
+ }
+ public String getFamilyName() {
+ return familyName;
+ }
+ public void setFamilyName(String familyName) {
+ this.familyName = familyName;
+ }
+ public DateTime getDateOfBirth() {
+ return dateOfBirth;
+ }
+ public void setDateOfBirth(DateTime dateOfBirth) {
+ this.dateOfBirth = dateOfBirth;
+ }
+ public String getPlaceOfBirth() {
+ return placeOfBirth;
+ }
+ public void setPlaceOfBirth(String placeOfBirth) {
+ this.placeOfBirth = placeOfBirth;
+ }
+ public String getBirthName() {
+ return birthName;
+ }
+ public void setBirthName(String birthName) {
+ this.birthName = birthName;
+ }
+ public PostalAddressType getAddress() {
+ return address;
+ }
+ public void setAddress(PostalAddressType address) {
+ this.address = address;
+ }
+
+ public String getFormatedDateOfBirth() {
+ return new SimpleDateFormat("yyyy-MM-dd").format(dateOfBirth.toDate());
+ }
+
+
+
+
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/eIDASPersonalIdStoreDAO.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/eIDASPersonalIdStoreDAO.java
index b0f957a5..f9f8db6e 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/eIDASPersonalIdStoreDAO.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/eIDASPersonalIdStoreDAO.java
@@ -6,6 +6,7 @@ import java.util.List;
import at.gv.egiz.eaaf.core.impl.data.Pair;
+@Deprecated
public class eIDASPersonalIdStoreDAO {
public static final String NAME = "foreigneIDMap";
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/eIDPostProcessingException.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/eIDPostProcessingException.java
new file mode 100644
index 00000000..3d7c821a
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/eIDPostProcessingException.java
@@ -0,0 +1,17 @@
+package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception;
+
+public class eIDPostProcessingException extends eIDASAuthenticationException {
+
+ private static final long serialVersionUID = 6780652273831172456L;
+
+ public eIDPostProcessingException(String internalMsgId, Object[] params) {
+ super(internalMsgId, params);
+
+ }
+
+ public eIDPostProcessingException(String internalMsgId, Object[] params, Throwable e) {
+ super(internalMsgId, params, e);
+
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDPostProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDPostProcessor.java
new file mode 100644
index 00000000..db5dafd7
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDPostProcessor.java
@@ -0,0 +1,194 @@
+package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler;
+
+import java.util.Map;
+
+import org.joda.time.DateTime;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils;
+import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType;
+import at.gv.egiz.eaaf.core.impl.data.Trible;
+import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
+
+public abstract class AbstracteIDPostProcessor implements INationaleIDPostProcessor {
+ private static final Logger log = LoggerFactory.getLogger(AbstracteIDPostProcessor.class);
+
+
+ @Override
+ public ERnBeIDData postProcess(Map<String, Object> eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException{
+ ERnBeIDData result = new ERnBeIDData();
+
+ //MDS attributes
+ result.setPseudonym(processPseudonym(eIDASAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER)));
+ result.setFamilyName(processFamilyName(eIDASAttrMap.get(Constants.eIDAS_ATTR_CURRENTFAMILYNAME)));
+ result.setGivenName(processGivenName(eIDASAttrMap.get(Constants.eIDAS_ATTR_CURRENTGIVENNAME)));
+ result.setDateOfBirth(processDateOfBirth(eIDASAttrMap.get(Constants.eIDAS_ATTR_DATEOFBIRTH)));
+
+ //additional attributes
+ result.setPlaceOfBirth(processPlaceOfBirth(eIDASAttrMap.get(Constants.eIDAS_ATTR_PLACEOFBIRTH)));
+ result.setBirthName(processBirthName(eIDASAttrMap.get(Constants.eIDAS_ATTR_BIRTHNAME)));
+ result.setAddress(processAddress(eIDASAttrMap.get(Constants.eIDAS_ATTR_CURRENTADDRESS)));
+
+ return result;
+
+ }
+
+ /**
+ * Post-Process the eIDAS CurrentAddress attribute
+ *
+ * @param currentAddressObj
+ * @return current address or null if no attribute is available
+ * @throws eIDPostProcessingException if post-processing fails
+ * @throws eIDASAttributeException if eIDAS attribute is of a wrong type
+ */
+ protected PostalAddressType processAddress(Object currentAddressObj) throws eIDPostProcessingException, eIDASAttributeException {
+
+ if (currentAddressObj != null) {
+ if ((currentAddressObj instanceof PostalAddress)) {
+ PostalAddressType result = new PostalAddressType();
+ result.setPostalCode(((PostalAddress)currentAddressObj).getPostCode());
+ result.setMunicipality(((PostalAddress)currentAddressObj).getPostName());
+
+ //TODO: add more mappings
+
+ } else {
+ log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_CURRENTADDRESS + " is of WRONG type");
+ throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTADDRESS);
+
+ }
+
+ } else
+ log.debug("NO '" + Constants.eIDAS_ATTR_CURRENTADDRESS + "' attribute. Post-Processing skipped ... ");
+
+ return null;
+
+ }
+
+ /**
+ * Post-Process the eIDAS BirthName attribute
+ *
+ * @param birthNameObj
+ * @return birthName or null if no attribute is available
+ * @throws eIDPostProcessingException if post-processing fails
+ * @throws eIDASAttributeException if eIDAS attribute is of a wrong type
+ */
+ protected String processBirthName(Object birthNameObj) throws eIDPostProcessingException, eIDASAttributeException {
+ if (birthNameObj != null) {
+ if ((birthNameObj instanceof String)) {
+ return (String)birthNameObj;
+
+ } else {
+ log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_BIRTHNAME + " is of WRONG type");
+ throw new eIDASAttributeException(Constants.eIDAS_ATTR_BIRTHNAME);
+
+ }
+
+ } else
+ log.debug("NO '" + Constants.eIDAS_ATTR_BIRTHNAME + "' attribute. Post-Processing skipped ... ");
+
+
+ return null;
+
+ }
+
+ /**
+ * Post-Process the eIDAS PlaceOfBirth attribute
+ *
+ * @param placeOfBirthObj
+ * @return place of Birth or null if no attribute is available
+ * @throws eIDPostProcessingException if post-processing fails
+ * @throws eIDASAttributeException if eIDAS attribute is of a wrong type
+ */
+ protected String processPlaceOfBirth(Object placeOfBirthObj) throws eIDPostProcessingException, eIDASAttributeException {
+ if (placeOfBirthObj != null) {
+ if ((placeOfBirthObj instanceof String)) {
+ return (String)placeOfBirthObj;
+
+ } else {
+ log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_PLACEOFBIRTH + " is of WRONG type");
+ throw new eIDASAttributeException(Constants.eIDAS_ATTR_PLACEOFBIRTH);
+
+ }
+
+ } else
+ log.debug("NO '" + Constants.eIDAS_ATTR_PLACEOFBIRTH + "' attribute. Post-Processing skipped ... ");
+
+
+ return null;
+
+ }
+
+ /**
+ * Post-Process the eIDAS DateOfBirth attribute
+ *
+ * @param dateOfBirthObj
+ * @return
+ * @throws eIDASAttributeException if NO attribute is available
+ * @throws eIDPostProcessingException if post-processing fails
+ */
+ protected DateTime processDateOfBirth(Object dateOfBirthObj) throws eIDPostProcessingException, eIDASAttributeException {
+ if (dateOfBirthObj == null || !(dateOfBirthObj instanceof DateTime))
+ throw new eIDASAttributeException(Constants.eIDAS_ATTR_DATEOFBIRTH);
+
+ return (DateTime)dateOfBirthObj;
+
+ }
+
+ /**
+ * Post-Process the eIDAS GivenName attribute
+ *
+ * @param givenNameObj
+ * @return
+ * @throws eIDASAttributeException if NO attribute is available
+ * @throws eIDPostProcessingException if post-processing fails
+ */
+ protected String processGivenName(Object givenNameObj) throws eIDPostProcessingException, eIDASAttributeException {
+ if (givenNameObj == null || !(givenNameObj instanceof String))
+ throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTGIVENNAME);
+
+ return (String)givenNameObj;
+
+ }
+
+ /**
+ * Post-Process the eIDAS FamilyName attribute
+ *
+ * @param familyNameObj
+ * @return
+ * @throws eIDASAttributeException if NO attribute is available
+ * @throws eIDPostProcessingException if post-processing fails
+ */
+ protected String processFamilyName(Object familyNameObj) throws eIDPostProcessingException, eIDASAttributeException {
+ if (familyNameObj == null || !(familyNameObj instanceof String))
+ throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTFAMILYNAME);
+
+ return (String) familyNameObj;
+
+ }
+
+ /**
+ * Post-Process the eIDAS pseudonym to ERnB unique identifier
+ *
+ * @param eIdentifierObj eIDAS PersonalIdentifierAttribute
+ * @return
+ * @throws eIDPostProcessingException
+ * @throws eIDASAttributeException if NO attribute is available
+ * @throws eIDPostProcessingException if post-processing fails
+ */
+ protected String processPseudonym(Object eIdentifierObj) throws eIDPostProcessingException, eIDASAttributeException {
+ if (eIdentifierObj == null || !(eIdentifierObj instanceof String))
+ throw new eIDASAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+
+ Trible<String, String, String> eIdentifier =
+ eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIdentifierObj);
+
+ return eIdentifier.getThird();
+
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDPostProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDPostProcessor.java
new file mode 100644
index 00000000..90562f86
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDPostProcessor.java
@@ -0,0 +1,79 @@
+package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler;
+
+import java.util.Base64;
+
+import org.apache.commons.codec.DecoderException;
+import org.apache.commons.codec.binary.Hex;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils;
+import at.gv.egiz.eaaf.core.impl.data.Trible;
+
+public class DEeIDPostProcessor extends AbstracteIDPostProcessor {
+ private static final Logger log = LoggerFactory.getLogger(DEeIDPostProcessor.class);
+ private static final String canHandleCC = "DE";
+
+ private int priority = 1;
+
+ @Override
+ public int getPriority() {
+ return priority;
+ }
+
+ @Override
+ public boolean canHandle(String countryCode) {
+ return countryCode != null && countryCode.equalsIgnoreCase(canHandleCC);
+
+ }
+
+
+ public void setPriority(int priority) {
+ this.priority = priority;
+ }
+
+ @Override
+ public String getName() {
+ return "DE-PostProcessor";
+
+ }
+
+ @Override
+ protected String processPseudonym(Object eIdentifierObj) throws eIDPostProcessingException, eIDASAttributeException {
+ if (eIdentifierObj == null || !(eIdentifierObj instanceof String))
+ throw new eIDASAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+
+ Trible<String, String, String> eIdentifier =
+ eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIdentifierObj);
+
+ log.trace(getName() + " starts processing of attribute: " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+ String result = convertDEIdentifier(eIdentifier.getThird());
+ log.debug(getName() + " finished processing of attribute: " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+
+ return result;
+
+
+ }
+
+ private String convertDEIdentifier(String hexEncodedDEIdentifier) throws eIDPostProcessingException
+ {
+ if(hexEncodedDEIdentifier.length() != 64)
+ throw new eIDPostProcessingException("ernb.03", new Object[] {"Input has wrong length, expected 64 chars"});
+
+ byte[] data;
+ try {
+ data = Hex.decodeHex(hexEncodedDEIdentifier);
+
+ } catch (DecoderException e) {
+ throw new eIDPostProcessingException("ernb.03", null, e);
+
+ }
+
+ byte[] encoded = Base64.getEncoder().encode(data);
+ return new String(encoded);
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDPostProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDPostProcessor.java
new file mode 100644
index 00000000..f6e0aba2
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDPostProcessor.java
@@ -0,0 +1,31 @@
+package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler;
+
+public class GenericeIDPostProcessor extends AbstracteIDPostProcessor {
+
+ private int priority = 0;
+
+ @Override
+ public int getPriority() {
+ return priority;
+
+ }
+
+ @Override
+ public boolean canHandle(String countryCode) {
+ return true;
+
+ }
+
+ public void setPriority(int priority) {
+ this.priority = priority;
+ }
+
+ @Override
+ public String getName() {
+ return "Default-PostProcessor";
+
+ }
+
+
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDPostProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDPostProcessor.java
new file mode 100644
index 00000000..2335ca6d
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDPostProcessor.java
@@ -0,0 +1,46 @@
+package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler;
+
+import java.util.Map;
+
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException;
+
+public interface INationaleIDPostProcessor {
+
+ /**
+ * Get a friendlyName of this post-processor implementation
+ *
+ * @return
+ */
+ public String getName();
+
+ /**
+ * Get the priority of this eID Post-Processor
+ * <br>
+ * If more than one Post-Processor implementations can handle the eID data, the post-processor with the highest priority are selected.
+ * The Default-Processor has priority '0'
+ *
+ * @return Priority of this handler
+ */
+ public int getPriority();
+
+ /**
+ * Check if this postProcessor is sensitive for a specific country
+ *
+ * @param countryCode of the eID data that should be processed
+ * @return true if this implementation can handle the country, otherwise false
+ *
+ */
+ public boolean canHandle(String countryCode);
+
+
+ /**
+ * Post-Process eIDAS eID data into national format
+ * @param eIDASAttrMap Map of eIDAS attributes in format friendlyName and attribute
+ * @throws eIDPostProcessingException
+ * @throws eIDASAttributeException
+ *
+ */
+ public ERnBeIDData postProcess(Map<String, Object> eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException;
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/EIDPostProcessingService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/EIDPostProcessingService.java
new file mode 100644
index 00000000..4f94414c
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/EIDPostProcessingService.java
@@ -0,0 +1,88 @@
+package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Comparator;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+
+import javax.annotation.PostConstruct;
+
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.stereotype.Service;
+
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler.INationaleIDPostProcessor;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils;
+import at.gv.egiz.eaaf.core.impl.data.Trible;
+
+@Service
+public class EIDPostProcessingService implements IeIDPostProcessingService{
+ private static final Logger log = LoggerFactory.getLogger(EIDPostProcessingService.class);
+
+ @Autowired private ApplicationContext context;
+
+ private List<INationaleIDPostProcessor> handlers = new ArrayList<INationaleIDPostProcessor>();
+
+ @PostConstruct
+ private void initialize() {
+ log.debug("Initialize eID PostProcessing-Service ... ");
+ Map<String, INationaleIDPostProcessor> postProcessors = context.getBeansOfType(INationaleIDPostProcessor.class);
+ Iterator<Entry<String, INationaleIDPostProcessor>> iterator = postProcessors.entrySet().iterator();
+ while (iterator.hasNext()) {
+ Entry<String, INationaleIDPostProcessor> el = iterator.next();
+ log.debug("Find eID-PostProcessor with name: " + el.getKey());
+ handlers.add(el.getValue());
+
+ }
+
+ log.trace("Sorting eID-PostProcessors on priority ... ");
+ Collections.sort(handlers, new Comparator<INationaleIDPostProcessor>() {
+ @Override
+ public int compare(INationaleIDPostProcessor thisAuthModule, INationaleIDPostProcessor otherAuthModule) {
+ int thisOrder = thisAuthModule.getPriority();
+ int otherOrder = otherAuthModule.getPriority();
+ return (thisOrder < otherOrder ? 1 : (thisOrder == otherOrder ? 0 : -1));
+ }
+ });
+
+ log.info("# " + handlers.size() + " eID PostProcessing services are registrated");
+
+ }
+
+ @Override
+ public ERnBeIDData postProcess(Map<String, Object> eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException {
+ //extract citizen country from eIDAS unique identifier
+ Object eIdentifierObj = eIDASAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+ if (eIdentifierObj == null || !(eIdentifierObj instanceof String))
+ throw new eIDASAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+
+ Trible<String, String, String> eIdentifier =
+ eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIdentifierObj);
+ String citizenCountry = eIdentifier.getFirst();
+
+ if (StringUtils.isEmpty(citizenCountry))
+ log.info("No CountryCode for eID PostProcessor. Default-PostProcessor will be used");
+
+ for (INationaleIDPostProcessor el : handlers) {
+ if (el.canHandle(citizenCountry)) {
+ log.debug("Post-Process eIDAS eID from " + citizenCountry + " by using: " + el.getName());
+ return el.postProcess(eIDASAttrMap);
+
+ }
+ }
+
+ log.error("NO eID PostProcessor FOUND. Looks like a depentency problem!");
+ throw new eIDPostProcessingException("internal.00", null);
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/IeIDPostProcessingService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/IeIDPostProcessingService.java
new file mode 100644
index 00000000..fb564cd0
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/IeIDPostProcessingService.java
@@ -0,0 +1,22 @@
+package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service;
+
+import java.util.Map;
+
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException;
+
+public interface IeIDPostProcessingService {
+
+ /**
+ * Post-process eIDAS eID attributes into national format
+ *
+ * @param eIDASAttrMap Map of eIDAS attributes in format friendlyName and attribute
+ *
+ * @return eID attributes for SZR request
+ * @throws eIDPostProcessingException
+ * @throws eIDASAttributeException
+ */
+ public ERnBeIDData postProcess(Map<String, Object> eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException;
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASDataStore.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASDataStore.java
index 1eed19aa..cb5d6212 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASDataStore.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASDataStore.java
@@ -30,6 +30,7 @@ import at.gv.egiz.eaaf.core.impl.data.Pair;
import at.gv.egiz.eaaf.core.impl.data.Trible;
@Component
+@Deprecated
public class eIDASDataStore {
private static final String SQLITE_JDBC_DRIVER_CLASS = "org.sqlite.JDBC";
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java
index fde56e7c..6e5b0be4 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java
@@ -3,9 +3,6 @@
package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.tasks;
import java.io.InputStream;
-import java.security.MessageDigest;
-import java.text.SimpleDateFormat;
-import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -19,9 +16,6 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
-import org.springframework.util.Base64Utils;
-import org.w3._2000._09.xmldsig.KeyValueType;
-import org.w3._2000._09.xmldsig.RSAKeyValueType;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -30,12 +24,13 @@ import com.google.common.collect.ImmutableSet;
import at.asitplus.eidas.specific.connector.MSConnectorEventCodes;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.SZRCommunicationException;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAuthenticationException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.eIDASDataStore;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.IeIDPostProcessingService;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.szr.SZRClient;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils;
+import at.gv.e_government.reference.namespace.persondata._20020228.AlternativeNameType;
import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType;
import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType;
import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
@@ -46,7 +41,6 @@ import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.EAAFException;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.data.Pair;
-import at.gv.egiz.eaaf.core.impl.data.Trible;
import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BPKBuilder;
import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
@@ -69,11 +63,9 @@ import szrservices.TravelDocumentType;
public class CreateIdentityLinkTask extends AbstractAuthServletTask {
private static final Logger log = LoggerFactory.getLogger(CreateIdentityLinkTask.class);
- //@Autowired private eIDASAttributeRegistry attrRegistry;
@Autowired private IConfiguration basicConfig;
- @Autowired private SZRClient szrClient;
- @Autowired private eIDASDataStore personalIdStore;
-
+ @Autowired private SZRClient szrClient;
+ @Autowired private IeIDPostProcessingService eIDPostProcessor;
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
@@ -91,26 +83,9 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
IIdentityLink identityLink = null;
String bPK = null;
- //extract attributes
- Object eIdentifierObj = simpleAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
- Object familyNameObj = simpleAttrMap.get(Constants.eIDAS_ATTR_CURRENTFAMILYNAME);
- Object givenNameObj = simpleAttrMap.get(Constants.eIDAS_ATTR_CURRENTGIVENNAME);
- Object dateOfBirthObj = simpleAttrMap.get(Constants.eIDAS_ATTR_DATEOFBIRTH);
- Object placeOfBirth = simpleAttrMap.get(Constants.eIDAS_ATTR_PLACEOFBIRTH);
-
- //check if availabe
- if (eIdentifierObj == null || !(eIdentifierObj instanceof String))
- throw new eIDASAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
-
- if (familyNameObj == null || !(familyNameObj instanceof String))
- throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTFAMILYNAME);
-
- if (givenNameObj == null || !(givenNameObj instanceof String))
- throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTGIVENNAME);
+ //post-process eIDAS attributes
+ ERnBeIDData eIDData = eIDPostProcessor.postProcess(simpleAttrMap);
- if (dateOfBirthObj == null || !(dateOfBirthObj instanceof DateTime))
- throw new eIDASAttributeException(Constants.eIDAS_ATTR_DATEOFBIRTH);
-
//connect SZR-Gateway
if(basicConfig.getBasicMOAIDConfigurationBoolean(
Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USEDUMMY, false)) {
@@ -127,7 +102,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
// - set fake baseID;
Node prIdentification = XPathUtils.selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH);
- prIdentification.getFirstChild().setNodeValue((String) eIdentifierObj);
+ prIdentification.getFirstChild().setNodeValue(eIDData.getPseudonym());
//build personal identifier which looks like a baseID
// String fakeBaseID = new BPKBuilder().buildBPK(eIdentifier, "baseID");
@@ -136,16 +111,16 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
// - set last name
Node prFamilyName = XPathUtils.selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_FAMILY_NAME_XPATH);
- prFamilyName.getFirstChild().setNodeValue((String) familyNameObj);
+ prFamilyName.getFirstChild().setNodeValue(eIDData.getFamilyName());
// - set first name
Node prGivenName = XPathUtils.selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_GIVEN_NAME_XPATH);
- prGivenName.getFirstChild().setNodeValue((String) givenNameObj);
+ prGivenName.getFirstChild().setNodeValue(eIDData.getGivenName());
// - set date of birth
Node prDateOfBirth = XPathUtils.selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_DATE_OF_BIRTH_XPATH);
- String formatedDateOfBirth = new SimpleDateFormat("yyyy-MM-dd").format(((DateTime)dateOfBirthObj).toDate());
- prDateOfBirth.getFirstChild().setNodeValue(formatedDateOfBirth);
+
+ prDateOfBirth.getFirstChild().setNodeValue(eIDData.getFormatedDateOfBirth());
identityLink = new SimpleIdentityLinkAssertionParser(idlassertion).parseIdentityLink();
@@ -167,23 +142,13 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
naturalPerson.setName(personName );
personInfo.setPerson(naturalPerson );
personInfo.setTravelDocument(eDocument );
-
- //parse some eID attributes
- String dateOfBirth = new SimpleDateFormat("yyyy-MM-dd").format(((DateTime)dateOfBirthObj).toDate());
- Trible<String, String, String> eIdentifier =
- eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIdentifierObj);
- String citizenCountry = eIdentifier.getFirst();
-
- //hash unique identifier as work-around for uniqueId length restriction
- String uniqueId = createHashFromUniqueId(eIdentifier.getThird());
-
-
+
//person information
- personName.setFamilyName((String)familyNameObj);
- personName.setGivenName((String)givenNameObj);
- naturalPerson.setDateOfBirth(dateOfBirth);
- eDocument.setIssuingCountry(citizenCountry);
- eDocument.setDocumentNumber(uniqueId);
+ personName.setFamilyName(eIDData.getFamilyName());
+ personName.setGivenName(eIDData.getGivenName());
+ naturalPerson.setDateOfBirth(eIDData.getFormatedDateOfBirth());
+ eDocument.setIssuingCountry(eIDData.getCitizenCountryCode());
+ eDocument.setDocumentNumber(eIDData.getPseudonym());
//eID document information
eDocument.setDocumentType(basicConfig.getBasicConfiguration(
@@ -191,30 +156,35 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE));
//set PlaceOfBirth if available
- if (placeOfBirth != null && placeOfBirth instanceof String) {
- log.trace("Find 'PlaceOfBirth' attribute: " + placeOfBirth);
+ if (eIDData.getPlaceOfBirth() != null) {
+ log.trace("Find 'PlaceOfBirth' attribute: " + eIDData.getPlaceOfBirth());
if (basicConfig.getBasicMOAIDConfigurationBoolean(
Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETPLACEOFBIRTHIFAVAILABLE,
- false)) {
- naturalPerson.setPlaceOfBirth((String) placeOfBirth);
+ true)) {
+ naturalPerson.setPlaceOfBirth(eIDData.getPlaceOfBirth());
log.trace("Adding 'PlaceOfBirth' to ERnB request ... ");
}
}
-
+ //set BirthName if available
+ if (eIDData.getBirthName() != null) {
+ log.trace("Find 'BirthName' attribute: " + eIDData.getBirthName());
+ if (basicConfig.getBasicMOAIDConfigurationBoolean(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETBIRTHNAMEIFAVAILABLE,
+ true)) {
+ AlternativeNameType alternativeName = new AlternativeNameType();
+ naturalPerson.setAlternativeName(alternativeName );
+ alternativeName.setFamilyName(eIDData.getBirthName());
+ log.trace("Adding 'BirthName' to ERnB request ... ");
+
+ }
+ }
- //TODO: that should be removed
-// eDocument.setIssueDate(basicConfig.getBasicConfiguration(
-// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_DATE));
-// eDocument.setIssuingAuthority(basicConfig.getBasicConfiguration(
-// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_AUTHORITY));
- //List<KeyValueType> keyValue = dummyCodeForKeys();
- List<KeyValueType> keyValue = null;
IdentityLinkType result = szrClient.getIdentityLinkInRawMode(
personInfo,
- keyValue,
+ null,
basicConfig.getBasicMOAIDConfigurationBoolean(
Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_INSERTERNB,
true)
@@ -222,25 +192,16 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
Element idlFromSZR = (Element)result.getAssertion();
identityLink = new SimpleIdentityLinkAssertionParser(idlFromSZR).parseIdentityLink();
-
- //write ERnB inputdate into SQLite database
- if (basicConfig.getBasicMOAIDConfigurationBoolean(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_ACTIVE, true)) {
- personalIdStore.storeNationalId(
- pendingReq.getUniqueTransactionIdentifier(),
- eIdentifier,
- uniqueId);
-
- }
-
+
//write ERnB inputdata into revisionlog
if (basicConfig.getBasicMOAIDConfigurationBoolean(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_ACTIVE, false)) {
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_REVISIONLOGDATASTORE_ACTIVE, false)) {
revisionsLogger.logEvent(pendingReq,
- MSConnectorEventCodes.SZR_ERNB_EIDAS_RAW_ID, (String)eIdentifierObj);
+ MSConnectorEventCodes.SZR_ERNB_EIDAS_RAW_ID,
+ (String)simpleAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER));
revisionsLogger.logEvent(pendingReq,
- MSConnectorEventCodes.SZR_ERNB_EIDAS_HASHED_ID, uniqueId);
-
+ MSConnectorEventCodes.SZR_ERNB_EIDAS_ERNB_ID, eIDData.getPseudonym());
+
}
//get bPK from SZR
@@ -270,7 +231,8 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
throw new SZRCommunicationException("ernb.00", null);
}
- revisionsLogger.logEvent(pendingReq, MSConnectorEventCodes.SZR_IDL_RECEIVED);
+ revisionsLogger.logEvent(pendingReq, MSConnectorEventCodes.SZR_IDL_RECEIVED,
+ identityLink.getSamlAssertion().getAttribute(SimpleIdentityLinkAssertionParser.ASSERTIONID));
if (bPK == null) {
@@ -317,43 +279,6 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
}
}
- private String createHashFromUniqueId(String uniqueId) throws eIDASAuthenticationException {
- try {
- MessageDigest md = MessageDigest.getInstance("SHA-256");
- byte[] hash = md.digest(uniqueId.getBytes("UTF-8"));
- String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", "");
- return hashBase64;
-
- } catch (Exception ex) {
- throw new eIDASAuthenticationException("internal.03", new Object[]{}, ex);
-
- }
- }
-
- private List<KeyValueType> dummyCodeForKeys() {
- if (basicConfig.getBasicMOAIDConfigurationBoolean(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_KEYS_USEDUMMY,
- false)) {
- List<KeyValueType> keyvalueList = new ArrayList<KeyValueType>();
-
- // set key values
- RSAKeyValueType rsa = new RSAKeyValueType();
- rsa.setExponent(Constants.SZR_CONSTANTS_DEFAULT_PUBKEY_EXPONENT);
- rsa.setModulus(Constants.SZR_CONSTANTS_DEFAULT_PUBKEY_MODULUS);
-
- KeyValueType key = new KeyValueType();
- key.setRSAKeyValue(rsa);
-
- keyvalueList.add(key);
-
- return keyvalueList;
-
- }
-
- return null;
-
- }
-
private String extendBPKbyPrefix(String bpk, String type) {
String bPKType = null;
@@ -379,7 +304,6 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
}
- //TODO: update for complexe attributes
private Map<String, Object> converteIDASAttrToSimpleMap(
ImmutableMap<AttributeDefinition<?>, ImmutableSet<? extends AttributeValue<?>>> attributeMap) {
Map<String, Object> result = new HashMap<String, Object>();
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
index 12d23ebf..13283eea 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
@@ -44,8 +44,21 @@
<property name="additionalAttributesFile" ref="specificConnectorAdditionalAttributesFileWithPath"/>
</bean>
- <bean id="eIDASDataStore"
- class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.eIDASDataStore" />
+ <!-- <bean id="eIDASDataStore"
+ class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.eIDASDataStore" /> -->
+
+ <bean id="EIDPostProcessingService"
+ class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.EIDPostProcessingService" />
+
+ <bean id="DE-PostProcessor"
+ class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler.DEeIDPostProcessor">
+ <property name="priority" value="1" />
+ </bean>
+
+ <bean id="Default-PostProcessor"
+ class="at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler.GenericeIDPostProcessor">
+ <property name="priority" value="0" />
+ </bean>
<!-- Authentication Process Tasks -->
<bean id="ConnecteIDASNodeTask"