aboutsummaryrefslogtreecommitdiff
path: root/eidas_modules/authmodule-eIDAS-v2
diff options
context:
space:
mode:
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2')
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MergedRegisterSearchResult.java16
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java48
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java46
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/WorkflowException.java33
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java27
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskFirstTest.java140
6 files changed, 276 insertions, 34 deletions
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MergedRegisterSearchResult.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MergedRegisterSearchResult.java
index bc5b358d..056b0450 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MergedRegisterSearchResult.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MergedRegisterSearchResult.java
@@ -1,5 +1,6 @@
package at.asitplus.eidas.specific.modules.auth.eidas.v2.dao;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException;
import lombok.Data;
import java.util.ArrayList;
@@ -13,4 +14,19 @@ import java.util.ArrayList;
return resultsZmr.size() + resultsErnb.size();
}
+ /**
+ * Verfies that there is only one match and retunrs the bpk.
+ * @return bpk bpk of the match
+ * @throws WorkflowException if multiple results have been found
+ */
+ public String getBpk() throws WorkflowException {
+ if (getResultCount() != 1) {
+ throw new WorkflowException("getResultCount() != 1");
+ }
+ if (resultsZmr.size() == 1) {
+ return resultsZmr.get(0).getBpk();
+ } else {
+ return resultsErnb.get(0).getBpk();
+ }
+ }
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java
index f557ca69..c92808a1 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java
@@ -3,7 +3,8 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.dao;
import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType;
import lombok.Data;
-@Data public class RegisterResult {
+@Data
+public class RegisterResult {
// MDS
private String pseudonym = null;
@@ -17,14 +18,19 @@ import lombok.Data;
private String taxNumber = null;
private PostalAddressType address = null;
+ private String bpk = null;
+
/**
* Register search result.
- * @param pseudonym The pseudonym
- * @param givenName The givenName
- * @param familyName The familyName
+ *
+ * @param bpk The bpk
+ * @param pseudonym The pseudonym
+ * @param givenName The givenName
+ * @param familyName The familyName
* @param dateOfBirth The dateOfBirth
*/
- public RegisterResult(String pseudonym, String givenName, String familyName, String dateOfBirth) {
+ public RegisterResult(String bpk, String pseudonym, String givenName, String familyName, String dateOfBirth) {
+ this.bpk = bpk;
this.pseudonym = pseudonym;
this.givenName = givenName;
this.familyName = familyName;
@@ -33,14 +39,17 @@ import lombok.Data;
/**
* Register search result.
- * @param pseudonym The pseudonym
- * @param givenName The givenName
- * @param familyName The familyName
- * @param dateOfBirth The dateOfBirth
+ *
+ * @param bpk The bpk
+ * @param pseudonym The pseudonym
+ * @param givenName The givenName
+ * @param familyName The familyName
+ * @param dateOfBirth The dateOfBirth
* @param placeOfBirth The placeOfBirth
*/
- public RegisterResult(String pseudonym, String givenName, String familyName, String dateOfBirth,
+ public RegisterResult(String bpk, String pseudonym, String givenName, String familyName, String dateOfBirth,
String placeOfBirth) {
+ this.bpk = bpk;
this.pseudonym = pseudonym;
this.givenName = givenName;
this.familyName = familyName;
@@ -50,17 +59,20 @@ import lombok.Data;
/**
* Register search result.
- * @param pseudonym The pseudonym
- * @param givenName The givenName
- * @param familyName The familyName
- * @param dateOfBirth The dateOfBirth
+ *
+ * @param bpk The bpk
+ * @param pseudonym The pseudonym
+ * @param givenName The givenName
+ * @param familyName The familyName
+ * @param dateOfBirth The dateOfBirth
* @param placeOfBirth The placeOfBirth
- * @param birthName The birthName
- * @param taxNumber The taxNumber
- * @param address The address
+ * @param birthName The birthName
+ * @param taxNumber The taxNumber
+ * @param address The address
*/
- public RegisterResult(String pseudonym, String givenName, String familyName, String dateOfBirth,
+ public RegisterResult(String bpk, String pseudonym, String givenName, String familyName, String dateOfBirth,
String placeOfBirth, String birthName, String taxNumber, PostalAddressType address) {
+ this.bpk = bpk;
this.pseudonym = pseudonym;
this.givenName = givenName;
this.familyName = familyName;
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java
index 0b116bfb..c41dd39e 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java
@@ -23,13 +23,15 @@
package at.asitplus.eidas.specific.modules.auth.eidas.v2.dao;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException;
import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType;
import lombok.Data;
import org.joda.time.DateTime;
import java.text.SimpleDateFormat;
-@Data public class SimpleEidasData {
+@Data
+public class SimpleEidasData {
private String citizenCountryCode = null;
@@ -49,4 +51,46 @@ import java.text.SimpleDateFormat;
return new SimpleDateFormat("yyyy-MM-dd").format(dateOfBirth.toDate());
}
+ /**
+ * Compares the register result with the eidas data.
+ * @param result The register data to use for comparison
+ * @return true or false depending of the data matches
+ * @throws WorkflowException if multiple results have been found
+ */
+ public boolean equalsRegisterData(MergedRegisterSearchResult result) throws WorkflowException {
+ if (result.getResultCount() != 1) {
+ throw new WorkflowException("result.getResultCount() != 1");
+ }
+ if (result.getResultsErnb().size() == 1) {
+ return equalsRegisterData(result.getResultsErnb().get(0));
+ } else {
+ return equalsRegisterData(result.getResultsZmr().get(0));
+ }
+ }
+
+ private boolean equalsRegisterData(RegisterResult result) {
+ if (!result.getPseudonym().equals(pseudonym)) {
+ return false;
+ }
+ if (!result.getGivenName().equals(givenName)) {
+ return false;
+ }
+ if (!result.getFamilyName().equals(familyName)) {
+ return false;
+ }
+ if (!result.getDateOfBirth().equals(dateOfBirth)) {
+ return false;
+ }
+ if (!result.getPlaceOfBirth().equals(placeOfBirth)) {
+ return false;
+ }
+ if (!result.getBirthName().equals(birthName)) {
+ return false;
+ }
+ if (!result.getTaxNumber().equals(taxNumber)) {
+ return false;
+ }
+
+ return true;
+ }
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/WorkflowException.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/WorkflowException.java
new file mode 100644
index 00000000..aa879bcc
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/WorkflowException.java
@@ -0,0 +1,33 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.exception;
+
+public class WorkflowException extends EidasSAuthenticationException {
+ private static final long serialVersionUID = 1L;
+
+ public WorkflowException(String data) {
+ super("eidas.00", new Object[] { data });
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java
index bc64dc86..93dbc7c2 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java
@@ -52,6 +52,7 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.ernb.IErnbClient;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ManualFixNecessaryException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.ICountrySpecificDetailSearchProcessor;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.zmr.IZmrClient;
@@ -142,7 +143,7 @@ public class InitialSearchTask extends AbstractAuthServletTask {
// post-process eIDAS attributes
final SimpleEidasData eidData = convertSimpleMapToSimpleData(simpleAttrMap);
-
+
String bpK = step2(eidData);
authProcessData.setGenericDataToSession(Constants.DATA_RESULT_MATCHING_BPK,bpK);
} catch (final Exception e) {
@@ -197,27 +198,30 @@ public class InitialSearchTask extends AbstractAuthServletTask {
return simpleEidasData;
}
- private String step3(MergedRegisterSearchResult result, SimpleEidasData eidData) {
+ private String step3(MergedRegisterSearchResult result, SimpleEidasData eidData) throws TaskExecutionException {
//check if data from eidas authentication matches with data from register
log.debug("Compare " + result + " with " + eidData);
//TODO check if data matches
- boolean match = true;
- if (match) {
- String bpK = "102";
- return bpK;
- } else {
- return step4(result, eidData);
+ try {
+ if (eidData.equalsRegisterData(result)) {
+ //TODO
+ return result.getBpk();
+ } else {
+ return step4(result, eidData);
+ }
+ } catch (WorkflowException e) {
+ throw new TaskExecutionException(pendingReq, "Initial search - Kitt Process necessary.", e);
}
}
private String step4(MergedRegisterSearchResult result,
- SimpleEidasData eidData) {
+ SimpleEidasData eidData) throws WorkflowException {
log.debug("Update " + result + " with " + eidData);
//TODO
- String bpK = "100";
- return bpK;
+
+ return result.getBpk();
}
private String step5(MergedRegisterSearchResult result, SimpleEidasData eidData)
@@ -264,6 +268,7 @@ public class InitialSearchTask extends AbstractAuthServletTask {
CountrySpecificDetailSearchResult countrySpecificDetailSearchResult, SimpleEidasData eidData) {
//TODO automerge
log.debug("Automerge " + initialSearchResult + " with " + eidData + " " + countrySpecificDetailSearchResult);
+ //TODO
String bpK = "103";
return bpK;
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskFirstTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskFirstTest.java
index 1b1bdeae..2614f9ba 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskFirstTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskFirstTest.java
@@ -111,8 +111,8 @@ public class InitialSearchTaskFirstTest {
//Mock ZMR
ArrayList<RegisterResult> zmrResult = new ArrayList<>();
- zmrResult.add(new RegisterResult("de/st/max123", "Max", "Mustermann", "1111-01-01"));
- zmrResult.add(new RegisterResult("de/st/max123", "Maximilian", "Mustermann", "1111-01-01"));
+ zmrResult.add(new RegisterResult("bpkMax","de/st/max123", "Max", "Mustermann", "1111-01-01"));
+ zmrResult.add(new RegisterResult("bpkMax","de/st/max123", "Maximilian", "Mustermann", "1111-01-01"));
zmrClient = Mockito.mock(DummyZmrClient.class);
Mockito.when(zmrClient.searchWithPersonIdentifer("max123")).thenReturn(zmrResult);//"de/st/max123"???
task.setZmrClient(zmrClient);
@@ -151,8 +151,8 @@ public class InitialSearchTaskFirstTest {
//Mock ernb
ArrayList<RegisterResult> ernbResult = new ArrayList<>();
- ernbResult.add(new RegisterResult("de/st/max123", "Max", "Mustermann", "1111-01-01"));
- ernbResult.add(new RegisterResult("de/st/max123", "Maximilian", "Mustermann", "1111-01-01"));
+ ernbResult.add(new RegisterResult("bpkMax","de/st/max123", "Max", "Mustermann", "1111-01-01"));
+ ernbResult.add(new RegisterResult("bpkMax","de/st/max123", "Maximilian", "Mustermann", "1111-01-01"));
ernbClient = Mockito.mock(DummyErnbClient.class);
Mockito.when(ernbClient.searchWithPersonIdentifer("max123")).thenReturn(ernbResult);//"de/st/max123"???
@@ -170,6 +170,138 @@ public class InitialSearchTaskFirstTest {
}
}
+ @Test
+ @DirtiesContext
+ /**
+ * One match, but register update needed
+ */
+ public void testNode100a() throws Exception {
+
+ //Mock ZMR
+ ArrayList<RegisterResult> zmrResult = new ArrayList<>();
+ String randomBpk = RandomStringUtils.randomNumeric(6);
+ zmrResult.add(new RegisterResult(randomBpk,"de/st/max123", "Max_new", "Mustermann", "1111-01-01"));
+
+ zmrClient = Mockito.mock(DummyZmrClient.class);
+ Mockito.when(zmrClient.searchWithPersonIdentifer("max123")).thenReturn(zmrResult);//"de/st/max123"???
+ task.setZmrClient(zmrClient);
+
+ //Mock ernb
+ ArrayList<RegisterResult> ernbResult = new ArrayList<>();
+
+ ernbClient = Mockito.mock(DummyErnbClient.class);
+ Mockito.when(ernbClient.searchWithPersonIdentifer("max123")).thenReturn(ernbResult);//"de/st/max123"???
+ task.setErnbClient(ernbClient);
+
+ try {
+ task.execute(pendingReq, executionContext);
+ String bPk = (String)
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession(Constants.DATA_RESULT_MATCHING_BPK);
+ Assert.assertTrue("Wrong bpk", bPk.equals(randomBpk));
+
+ } catch (final TaskExecutionException e) {
+ Assert.assertTrue("Wrong workflow, should not reach this point", false);
+ }
+ }
+
+ @Test
+ @DirtiesContext
+ /**
+ * One match, but register update needed
+ */
+ public void testNode100b() throws Exception {
+
+ //Mock ZMR
+ ArrayList<RegisterResult> zmrResult = new ArrayList<>();
+
+ zmrClient = Mockito.mock(DummyZmrClient.class);
+ Mockito.when(zmrClient.searchWithPersonIdentifer("max123")).thenReturn(zmrResult);//"de/st/max123"???
+ task.setZmrClient(zmrClient);
+
+ //Mock ernb
+ ArrayList<RegisterResult> ernbResult = new ArrayList<>();
+ String randomBpk = RandomStringUtils.randomNumeric(6);
+ ernbResult.add(new RegisterResult(randomBpk,"de/st/max123", "Max_new", "Mustermann", "1111-01-01"));
+
+ ernbClient = Mockito.mock(DummyErnbClient.class);
+ Mockito.when(ernbClient.searchWithPersonIdentifer("max123")).thenReturn(ernbResult);//"de/st/max123"???
+ task.setErnbClient(ernbClient);
+
+ try {
+ task.execute(pendingReq, executionContext);
+ String bPk = (String)
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession(Constants.DATA_RESULT_MATCHING_BPK);
+ Assert.assertTrue("Wrong bpk", bPk.equals(randomBpk));
+
+ } catch (final TaskExecutionException e) {
+ Assert.assertTrue("Wrong workflow, should not reach this point", false);
+ }
+ }
+
+ @Test
+ @DirtiesContext
+ /**
+ * One match, no register update needed
+ */
+ public void testNode102a() throws Exception {
+
+ //Mock ZMR
+ ArrayList<RegisterResult> zmrResult = new ArrayList<>();
+ zmrClient = Mockito.mock(DummyZmrClient.class);
+ Mockito.when(zmrClient.searchWithPersonIdentifer("max123")).thenReturn(zmrResult);//"de/st/max123"???
+ task.setZmrClient(zmrClient);
+
+ //Mock ernb
+ ArrayList<RegisterResult> ernbResult = new ArrayList<>();
+ ernbResult.add(new RegisterResult("bpkMax","de/st/max123", "Max", "Mustermann", "1111-01-01"));
+
+ ernbClient = Mockito.mock(DummyErnbClient.class);
+ Mockito.when(ernbClient.searchWithPersonIdentifer("max123")).thenReturn(ernbResult);//"de/st/max123"???
+ task.setErnbClient(ernbClient);
+
+ try {
+ task.execute(pendingReq, executionContext);
+ String bPk = (String)
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession(Constants.DATA_RESULT_MATCHING_BPK);
+ Assert.assertTrue("Wrong bpk", bPk.equals("bpkMax"));
+
+ } catch (final TaskExecutionException e) {
+ Assert.assertTrue("Wrong workflow, should not reach this point", false);
+ }
+ }
+
+ @Test
+ @DirtiesContext
+ /**
+ * One match, no register update needed
+ */
+ public void testNode102b() throws Exception {
+
+ //Mock ZMR
+ ArrayList<RegisterResult> zmrResult = new ArrayList<>();
+ zmrResult.add(new RegisterResult("bpkMax","de/st/max123", "Max", "Mustermann", "1111-01-01"));
+
+ zmrClient = Mockito.mock(DummyZmrClient.class);
+ Mockito.when(zmrClient.searchWithPersonIdentifer("max123")).thenReturn(zmrResult);//"de/st/max123"???
+ task.setZmrClient(zmrClient);
+
+ //Mock ernb
+ ArrayList<RegisterResult> ernbResult = new ArrayList<>();
+
+ ernbClient = Mockito.mock(DummyErnbClient.class);
+ Mockito.when(ernbClient.searchWithPersonIdentifer("max123")).thenReturn(ernbResult);//"de/st/max123"???
+ task.setErnbClient(ernbClient);
+
+ try {
+ task.execute(pendingReq, executionContext);
+ String bPk = (String)
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession(Constants.DATA_RESULT_MATCHING_BPK);
+ Assert.assertTrue("Wrong bpk", bPk.equals("bpkMax"));
+
+ } catch (final TaskExecutionException e) {
+ Assert.assertTrue("Wrong workflow, should not reach this point", false);
+ }
+ }
@NotNull
private AuthenticationResponse buildDummyAuthResponse() throws URISyntaxException {