aboutsummaryrefslogtreecommitdiff
path: root/eidas_modules/authmodule-eIDAS-v2
diff options
context:
space:
mode:
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2')
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java95
1 files changed, 44 insertions, 51 deletions
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java
index a680d3d3..6d011d3d 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java
@@ -27,6 +27,7 @@ import at.asitplus.eidas.specific.connector.MsConnectorEventCodes;
import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasValidationException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.validator.EidasResponseValidator;
import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
@@ -37,6 +38,7 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import eu.eidas.auth.commons.light.ILightResponse;
import lombok.extern.slf4j.Slf4j;
+import org.jetbrains.annotations.NotNull;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
@@ -58,69 +60,60 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
public void execute(ExecutionContext executionContext, HttpServletRequest request,
HttpServletResponse response) throws TaskExecutionException {
try {
- final ILightResponse eidasResponse = (ILightResponse) request.getAttribute(
- Constants.DATA_FULL_EIDAS_RESPONSE);
- if (eidasResponse == null) {
- log.warn("NO eIDAS response-message found.");
- throw new EidasSAuthenticationException("eidas.01", null);
-
- }
-
- log.debug("Receive eIDAS response with RespId: {} for ReqId: {}", eidasResponse.getId(), eidasResponse
- .getInResponseToId());
- log.trace("Full eIDAS-Resp: {}", eidasResponse);
- revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE, eidasResponse
- .getId());
-
- // check response StatusCode
- if (!eidasResponse.getStatus().getStatusCode().equals(Constants.SUCCESS_URI)) {
- log.info("Receive eIDAS Response with StatusCode: {} Subcode: {} Msg: {}",
- eidasResponse.getStatus().getStatusCode(), eidasResponse.getStatus().getSubStatusCode(), eidasResponse.getStatus()
- .getStatusMessage());
- throw new EidasSAuthenticationException("eidas.02", new Object[]{eidasResponse.getStatus()
- .getStatusCode(), eidasResponse.getStatus().getStatusMessage()});
-
- }
-
- // extract all Attributes from response
-
- // **********************************************************
- // ******* MS-specificresponse validation **********
- // **********************************************************
- final String spCountry = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRYCODE,
- "AT");
- final String citizenCountryCode = (String) executionContext.get(
- MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY);
- EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode,
- attrRegistry);
-
- // **********************************************************
- // ******* Store response infos into session object **********
- // **********************************************************
-
- // update MOA-Session data with received information
- log.debug("Store eIDAS response information into pending-request.");
- final AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
- authProcessData.setQaaLevel(eidasResponse.getLevelOfAssurance());
- authProcessData.setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
-
- // store MOA-session to database
- requestStoreage.storePendingRequest(pendingReq);
-
+ final ILightResponse eidasResponse = extractEidasResponse(request);
+ checkStatusCode(eidasResponse);
+ validateMsSpecificResponse(executionContext, eidasResponse);
+ storeInSession(eidasResponse);
revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE_VALID);
-
} catch (final EaafException e) {
revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE_NOT_VALID);
throw new TaskExecutionException(pendingReq, "eIDAS Response processing FAILED.", e);
-
} catch (final Exception e) {
log.warn("eIDAS Response processing FAILED.", e);
revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE_NOT_VALID);
throw new TaskExecutionException(pendingReq, e.getMessage(),
new EidasSAuthenticationException("eidas.05", new Object[]{e.getMessage()}, e));
+ }
+ }
+
+ @NotNull
+ private ILightResponse extractEidasResponse(HttpServletRequest request) throws EidasSAuthenticationException {
+ final ILightResponse eidasResponse = (ILightResponse) request.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE);
+ if (eidasResponse == null) {
+ log.warn("NO eIDAS response-message found.");
+ throw new EidasSAuthenticationException("eidas.01", null);
+ }
+ log.debug("Receive eIDAS response with RespId: {} for ReqId: {}",
+ eidasResponse.getId(), eidasResponse.getInResponseToId());
+ log.trace("Full eIDAS-Resp: {}", eidasResponse);
+ revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE, eidasResponse.getId());
+ return eidasResponse;
+ }
+ private void checkStatusCode(ILightResponse eidasResponse) throws EidasSAuthenticationException {
+ if (!eidasResponse.getStatus().getStatusCode().equals(Constants.SUCCESS_URI)) {
+ log.info("Receive eIDAS Response with StatusCode: {} Subcode: {} Msg: {}",
+ eidasResponse.getStatus().getStatusCode(),
+ eidasResponse.getStatus().getSubStatusCode(),
+ eidasResponse.getStatus().getStatusMessage());
+ throw new EidasSAuthenticationException("eidas.02", new Object[]{eidasResponse.getStatus()
+ .getStatusCode(), eidasResponse.getStatus().getStatusMessage()});
}
+ }
+
+ private void validateMsSpecificResponse(ExecutionContext executionContext, ILightResponse eidasResponse)
+ throws EidasValidationException {
+ final String spCountry = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRYCODE, "AT");
+ final String citizenCountryCode = (String) executionContext.get(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY);
+ EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+ }
+ private void storeInSession(ILightResponse eidasResponse) throws EaafException {
+ log.debug("Store eIDAS response information into pending-request.");
+ final AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+ authProcessData.setQaaLevel(eidasResponse.getLevelOfAssurance());
+ authProcessData.setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
+ requestStoreage.storePendingRequest(pendingReq);
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-31 02:53:01 +0000