diff options
Diffstat (limited to 'modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/ernp/ErnpRestClient.java')
-rw-r--r-- | modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/ernp/ErnpRestClient.java | 80 |
1 files changed, 65 insertions, 15 deletions
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/ernp/ErnpRestClient.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/ernp/ErnpRestClient.java index a847a519..feb2853a 100644 --- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/ernp/ErnpRestClient.java +++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/ernp/ErnpRestClient.java @@ -3,6 +3,7 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.ernp; import java.io.IOException; import java.text.MessageFormat; import java.time.LocalDate; +import java.time.LocalDateTime; import java.time.OffsetDateTime; import java.util.Arrays; import java.util.Collection; @@ -417,30 +418,79 @@ public class ErnpRestClient implements IErnpClient { "Find more-than-one ERnP entry with search criteria that has to be unique", true); } else { - return Arrays.asList(mapErnpResponseToRegisterResult(persons.get(0), citizenCountryCode)); + RegisterResult activeResult = mapErnpResponseToRegisterResult(persons.get(0), citizenCountryCode); + if (activeResult == null) { + log.error("ERnP entry, which was selected by matching, looks already closed. " + + "Automated operations on closed entries not supported my matching"); + throw new WorkflowException(processStepFiendlyname, + "ERnP entry, which was selected by matching, is not active any more.", true); + + } + + return Arrays.asList(activeResult); } } - @Nonnull + + + /** + * Process a single Person data-set from ERnP. + * + * @param personEl Person data-set from ERnP + * @param citizenCountryCode Country-Code of the citizen + * @return Simplified register result, or <code>null</code> if the person data-set is not active anymore + * @throws EaafAuthenticationException In case of a validation error + */ + @Nullable private RegisterResult mapErnpResponseToRegisterResult(@Nonnull Person person, @Nonnull String citizenCountryCode) { - // build result - return RegisterResult.builder() - .pseudonym(selectAllEidasDocument(person, citizenCountryCode, - EidasConstants.eIDAS_ATTRURN_PERSONALIDENTIFIER)) - .familyName(person.getPersonendaten().getFamilienname()) - .givenName(person.getPersonendaten().getVorname()) - .dateOfBirth(getTextualBirthday(person.getPersonendaten().getGeburtsdatum())) - .bpk(person.getPersonendaten().getBpkZp()) - .placeOfBirth(selectSingleEidasDocument(person, citizenCountryCode, - EidasConstants.eIDAS_ATTRURN_PLACEOFBIRTH)) - .birthName(selectSingleEidasDocument(person, citizenCountryCode, - EidasConstants.eIDAS_ATTRURN_BIRTHNAME)) - .build(); + + if (checkIfPersonIsActive(person)) { + // build result + return RegisterResult.builder() + .pseudonym(selectAllEidasDocument(person, citizenCountryCode, + EidasConstants.eIDAS_ATTRURN_PERSONALIDENTIFIER)) + .familyName(person.getPersonendaten().getFamilienname()) + .givenName(person.getPersonendaten().getVorname()) + .dateOfBirth(getTextualBirthday(person.getPersonendaten().getGeburtsdatum())) + .bpk(person.getPersonendaten().getBpkZp()) + .placeOfBirth(selectSingleEidasDocument(person, citizenCountryCode, + EidasConstants.eIDAS_ATTRURN_PLACEOFBIRTH)) + .birthName(selectSingleEidasDocument(person, citizenCountryCode, + EidasConstants.eIDAS_ATTRURN_BIRTHNAME)) + .build(); + + } else { + log.debug("Entity is not valid anymore. Skip it ... "); + return null; + + } } + private boolean checkIfPersonIsActive(Person person) { + if (person.getGueltigBis() != null) { + LocalDateTime validTo = person.getGueltigBis().toLocalDateTime(); + LocalDateTime now = LocalDateTime.now(); + if (validTo.isBefore(now)) { + log.warn("Enity was valid to: {}, but now its: {}. Ignore that entry", validTo, now); + return false; + + } else { + log.debug("Entity has a 'validTo' element, but it is in the future."); + + } + + } else { + log.trace("Entity has no 'validTo' element. Therefore it should be valid"); + + } + + return true; + } + + private Suchdaten mapCountrySpecificSearchData(PersonSuchenRequest personSearchDao) { final Suchdaten searchInfos = new Suchdaten(); searchInfos.setFamilienname(personSearchDao.getNatuerlichePerson().getPersonenName().getFamilienname()); |