diff options
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2/src')
6 files changed, 276 insertions, 34 deletions
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MergedRegisterSearchResult.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MergedRegisterSearchResult.java index bc5b358d..056b0450 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MergedRegisterSearchResult.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MergedRegisterSearchResult.java @@ -1,5 +1,6 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.dao; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException; import lombok.Data; import java.util.ArrayList; @@ -13,4 +14,19 @@ import java.util.ArrayList; return resultsZmr.size() + resultsErnb.size(); } + /** + * Verfies that there is only one match and retunrs the bpk. + * @return bpk bpk of the match + * @throws WorkflowException if multiple results have been found + */ + public String getBpk() throws WorkflowException { + if (getResultCount() != 1) { + throw new WorkflowException("getResultCount() != 1"); + } + if (resultsZmr.size() == 1) { + return resultsZmr.get(0).getBpk(); + } else { + return resultsErnb.get(0).getBpk(); + } + } } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java index f557ca69..c92808a1 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java @@ -3,7 +3,8 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.dao; import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType; import lombok.Data; -@Data public class RegisterResult { +@Data +public class RegisterResult { // MDS private String pseudonym = null; @@ -17,14 +18,19 @@ import lombok.Data; private String taxNumber = null; private PostalAddressType address = null; + private String bpk = null; + /** * Register search result. - * @param pseudonym The pseudonym - * @param givenName The givenName - * @param familyName The familyName + * + * @param bpk The bpk + * @param pseudonym The pseudonym + * @param givenName The givenName + * @param familyName The familyName * @param dateOfBirth The dateOfBirth */ - public RegisterResult(String pseudonym, String givenName, String familyName, String dateOfBirth) { + public RegisterResult(String bpk, String pseudonym, String givenName, String familyName, String dateOfBirth) { + this.bpk = bpk; this.pseudonym = pseudonym; this.givenName = givenName; this.familyName = familyName; @@ -33,14 +39,17 @@ import lombok.Data; /** * Register search result. - * @param pseudonym The pseudonym - * @param givenName The givenName - * @param familyName The familyName - * @param dateOfBirth The dateOfBirth + * + * @param bpk The bpk + * @param pseudonym The pseudonym + * @param givenName The givenName + * @param familyName The familyName + * @param dateOfBirth The dateOfBirth * @param placeOfBirth The placeOfBirth */ - public RegisterResult(String pseudonym, String givenName, String familyName, String dateOfBirth, + public RegisterResult(String bpk, String pseudonym, String givenName, String familyName, String dateOfBirth, String placeOfBirth) { + this.bpk = bpk; this.pseudonym = pseudonym; this.givenName = givenName; this.familyName = familyName; @@ -50,17 +59,20 @@ import lombok.Data; /** * Register search result. - * @param pseudonym The pseudonym - * @param givenName The givenName - * @param familyName The familyName - * @param dateOfBirth The dateOfBirth + * + * @param bpk The bpk + * @param pseudonym The pseudonym + * @param givenName The givenName + * @param familyName The familyName + * @param dateOfBirth The dateOfBirth * @param placeOfBirth The placeOfBirth - * @param birthName The birthName - * @param taxNumber The taxNumber - * @param address The address + * @param birthName The birthName + * @param taxNumber The taxNumber + * @param address The address */ - public RegisterResult(String pseudonym, String givenName, String familyName, String dateOfBirth, + public RegisterResult(String bpk, String pseudonym, String givenName, String familyName, String dateOfBirth, String placeOfBirth, String birthName, String taxNumber, PostalAddressType address) { + this.bpk = bpk; this.pseudonym = pseudonym; this.givenName = givenName; this.familyName = familyName; diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java index 0b116bfb..c41dd39e 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java @@ -23,13 +23,15 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.dao; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException; import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType; import lombok.Data; import org.joda.time.DateTime; import java.text.SimpleDateFormat; -@Data public class SimpleEidasData { +@Data +public class SimpleEidasData { private String citizenCountryCode = null; @@ -49,4 +51,46 @@ import java.text.SimpleDateFormat; return new SimpleDateFormat("yyyy-MM-dd").format(dateOfBirth.toDate()); } + /** + * Compares the register result with the eidas data. + * @param result The register data to use for comparison + * @return true or false depending of the data matches + * @throws WorkflowException if multiple results have been found + */ + public boolean equalsRegisterData(MergedRegisterSearchResult result) throws WorkflowException { + if (result.getResultCount() != 1) { + throw new WorkflowException("result.getResultCount() != 1"); + } + if (result.getResultsErnb().size() == 1) { + return equalsRegisterData(result.getResultsErnb().get(0)); + } else { + return equalsRegisterData(result.getResultsZmr().get(0)); + } + } + + private boolean equalsRegisterData(RegisterResult result) { + if (!result.getPseudonym().equals(pseudonym)) { + return false; + } + if (!result.getGivenName().equals(givenName)) { + return false; + } + if (!result.getFamilyName().equals(familyName)) { + return false; + } + if (!result.getDateOfBirth().equals(dateOfBirth)) { + return false; + } + if (!result.getPlaceOfBirth().equals(placeOfBirth)) { + return false; + } + if (!result.getBirthName().equals(birthName)) { + return false; + } + if (!result.getTaxNumber().equals(taxNumber)) { + return false; + } + + return true; + } } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/WorkflowException.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/WorkflowException.java new file mode 100644 index 00000000..aa879bcc --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/WorkflowException.java @@ -0,0 +1,33 @@ +/* + * Copyright 2018 A-SIT Plus GmbH + * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, + * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "License"); + * You may not use this work except in compliance with the License. + * You may obtain a copy of the License at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. +*/ + +package at.asitplus.eidas.specific.modules.auth.eidas.v2.exception; + +public class WorkflowException extends EidasSAuthenticationException { + private static final long serialVersionUID = 1L; + + public WorkflowException(String data) { + super("eidas.00", new Object[] { data }); + } + +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java index fd86ab43..fdf80669 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java @@ -32,6 +32,7 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.ernb.IErnbClient; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ManualFixNecessaryException; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.ICountrySpecificDetailSearchProcessor; import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils; import at.asitplus.eidas.specific.modules.auth.eidas.v2.zmr.IZmrClient; @@ -139,7 +140,7 @@ public class InitialSearchTask extends AbstractAuthServletTask { // post-process eIDAS attributes final SimpleEidasData eidData = convertSimpleMapToSimpleData(simpleAttrMap); - + String bpK = step2(eidData); authProcessData.setGenericDataToSession(Constants.DATA_RESULT_MATCHING_BPK,bpK); } catch (final Exception e) { @@ -194,27 +195,30 @@ public class InitialSearchTask extends AbstractAuthServletTask { return simpleEidasData; } - private String step3(MergedRegisterSearchResult result, SimpleEidasData eidData) { + private String step3(MergedRegisterSearchResult result, SimpleEidasData eidData) throws TaskExecutionException { //check if data from eidas authentication matches with data from register log.debug("Compare " + result + " with " + eidData); //TODO check if data matches - boolean match = true; - if (match) { - String bpK = "102"; - return bpK; - } else { - return step4(result, eidData); + try { + if (eidData.equalsRegisterData(result)) { + //TODO + return result.getBpk(); + } else { + return step4(result, eidData); + } + } catch (WorkflowException e) { + throw new TaskExecutionException(pendingReq, "Initial search - Kitt Process necessary.", e); } } private String step4(MergedRegisterSearchResult result, - SimpleEidasData eidData) { + SimpleEidasData eidData) throws WorkflowException { log.debug("Update " + result + " with " + eidData); //TODO - String bpK = "100"; - return bpK; + + return result.getBpk(); } private String step5(MergedRegisterSearchResult result, SimpleEidasData eidData) @@ -261,6 +265,7 @@ public class InitialSearchTask extends AbstractAuthServletTask { CountrySpecificDetailSearchResult countrySpecificDetailSearchResult, SimpleEidasData eidData) { //TODO automerge log.debug("Automerge " + initialSearchResult + " with " + eidData + " " + countrySpecificDetailSearchResult); + //TODO String bpK = "103"; return bpK; } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskFirstTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskFirstTest.java index 1b1bdeae..2614f9ba 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskFirstTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskFirstTest.java @@ -111,8 +111,8 @@ public class InitialSearchTaskFirstTest { //Mock ZMR ArrayList<RegisterResult> zmrResult = new ArrayList<>(); - zmrResult.add(new RegisterResult("de/st/max123", "Max", "Mustermann", "1111-01-01")); - zmrResult.add(new RegisterResult("de/st/max123", "Maximilian", "Mustermann", "1111-01-01")); + zmrResult.add(new RegisterResult("bpkMax","de/st/max123", "Max", "Mustermann", "1111-01-01")); + zmrResult.add(new RegisterResult("bpkMax","de/st/max123", "Maximilian", "Mustermann", "1111-01-01")); zmrClient = Mockito.mock(DummyZmrClient.class); Mockito.when(zmrClient.searchWithPersonIdentifer("max123")).thenReturn(zmrResult);//"de/st/max123"??? task.setZmrClient(zmrClient); @@ -151,8 +151,8 @@ public class InitialSearchTaskFirstTest { //Mock ernb ArrayList<RegisterResult> ernbResult = new ArrayList<>(); - ernbResult.add(new RegisterResult("de/st/max123", "Max", "Mustermann", "1111-01-01")); - ernbResult.add(new RegisterResult("de/st/max123", "Maximilian", "Mustermann", "1111-01-01")); + ernbResult.add(new RegisterResult("bpkMax","de/st/max123", "Max", "Mustermann", "1111-01-01")); + ernbResult.add(new RegisterResult("bpkMax","de/st/max123", "Maximilian", "Mustermann", "1111-01-01")); ernbClient = Mockito.mock(DummyErnbClient.class); Mockito.when(ernbClient.searchWithPersonIdentifer("max123")).thenReturn(ernbResult);//"de/st/max123"??? @@ -170,6 +170,138 @@ public class InitialSearchTaskFirstTest { } } + @Test + @DirtiesContext + /** + * One match, but register update needed + */ + public void testNode100a() throws Exception { + + //Mock ZMR + ArrayList<RegisterResult> zmrResult = new ArrayList<>(); + String randomBpk = RandomStringUtils.randomNumeric(6); + zmrResult.add(new RegisterResult(randomBpk,"de/st/max123", "Max_new", "Mustermann", "1111-01-01")); + + zmrClient = Mockito.mock(DummyZmrClient.class); + Mockito.when(zmrClient.searchWithPersonIdentifer("max123")).thenReturn(zmrResult);//"de/st/max123"??? + task.setZmrClient(zmrClient); + + //Mock ernb + ArrayList<RegisterResult> ernbResult = new ArrayList<>(); + + ernbClient = Mockito.mock(DummyErnbClient.class); + Mockito.when(ernbClient.searchWithPersonIdentifer("max123")).thenReturn(ernbResult);//"de/st/max123"??? + task.setErnbClient(ernbClient); + + try { + task.execute(pendingReq, executionContext); + String bPk = (String) + pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession(Constants.DATA_RESULT_MATCHING_BPK); + Assert.assertTrue("Wrong bpk", bPk.equals(randomBpk)); + + } catch (final TaskExecutionException e) { + Assert.assertTrue("Wrong workflow, should not reach this point", false); + } + } + + @Test + @DirtiesContext + /** + * One match, but register update needed + */ + public void testNode100b() throws Exception { + + //Mock ZMR + ArrayList<RegisterResult> zmrResult = new ArrayList<>(); + + zmrClient = Mockito.mock(DummyZmrClient.class); + Mockito.when(zmrClient.searchWithPersonIdentifer("max123")).thenReturn(zmrResult);//"de/st/max123"??? + task.setZmrClient(zmrClient); + + //Mock ernb + ArrayList<RegisterResult> ernbResult = new ArrayList<>(); + String randomBpk = RandomStringUtils.randomNumeric(6); + ernbResult.add(new RegisterResult(randomBpk,"de/st/max123", "Max_new", "Mustermann", "1111-01-01")); + + ernbClient = Mockito.mock(DummyErnbClient.class); + Mockito.when(ernbClient.searchWithPersonIdentifer("max123")).thenReturn(ernbResult);//"de/st/max123"??? + task.setErnbClient(ernbClient); + + try { + task.execute(pendingReq, executionContext); + String bPk = (String) + pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession(Constants.DATA_RESULT_MATCHING_BPK); + Assert.assertTrue("Wrong bpk", bPk.equals(randomBpk)); + + } catch (final TaskExecutionException e) { + Assert.assertTrue("Wrong workflow, should not reach this point", false); + } + } + + @Test + @DirtiesContext + /** + * One match, no register update needed + */ + public void testNode102a() throws Exception { + + //Mock ZMR + ArrayList<RegisterResult> zmrResult = new ArrayList<>(); + zmrClient = Mockito.mock(DummyZmrClient.class); + Mockito.when(zmrClient.searchWithPersonIdentifer("max123")).thenReturn(zmrResult);//"de/st/max123"??? + task.setZmrClient(zmrClient); + + //Mock ernb + ArrayList<RegisterResult> ernbResult = new ArrayList<>(); + ernbResult.add(new RegisterResult("bpkMax","de/st/max123", "Max", "Mustermann", "1111-01-01")); + + ernbClient = Mockito.mock(DummyErnbClient.class); + Mockito.when(ernbClient.searchWithPersonIdentifer("max123")).thenReturn(ernbResult);//"de/st/max123"??? + task.setErnbClient(ernbClient); + + try { + task.execute(pendingReq, executionContext); + String bPk = (String) + pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession(Constants.DATA_RESULT_MATCHING_BPK); + Assert.assertTrue("Wrong bpk", bPk.equals("bpkMax")); + + } catch (final TaskExecutionException e) { + Assert.assertTrue("Wrong workflow, should not reach this point", false); + } + } + + @Test + @DirtiesContext + /** + * One match, no register update needed + */ + public void testNode102b() throws Exception { + + //Mock ZMR + ArrayList<RegisterResult> zmrResult = new ArrayList<>(); + zmrResult.add(new RegisterResult("bpkMax","de/st/max123", "Max", "Mustermann", "1111-01-01")); + + zmrClient = Mockito.mock(DummyZmrClient.class); + Mockito.when(zmrClient.searchWithPersonIdentifer("max123")).thenReturn(zmrResult);//"de/st/max123"??? + task.setZmrClient(zmrClient); + + //Mock ernb + ArrayList<RegisterResult> ernbResult = new ArrayList<>(); + + ernbClient = Mockito.mock(DummyErnbClient.class); + Mockito.when(ernbClient.searchWithPersonIdentifer("max123")).thenReturn(ernbResult);//"de/st/max123"??? + task.setErnbClient(ernbClient); + + try { + task.execute(pendingReq, executionContext); + String bPk = (String) + pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession(Constants.DATA_RESULT_MATCHING_BPK); + Assert.assertTrue("Wrong bpk", bPk.equals("bpkMax")); + + } catch (final TaskExecutionException e) { + Assert.assertTrue("Wrong workflow, should not reach this point", false); + } + } @NotNull private AuthenticationResponse buildDummyAuthResponse() throws URISyntaxException { |