diff options
Diffstat (limited to 'modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java')
-rw-r--r-- | modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java | 169 |
1 files changed, 49 insertions, 120 deletions
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java index 323a37e2..60138027 100644 --- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java +++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java @@ -23,6 +23,11 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler; + + +import static at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils.processCountryCode; +import static at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils.processDateOfBirthToString; + import java.nio.charset.StandardCharsets; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; @@ -33,15 +38,13 @@ import java.util.regex.Pattern; import org.apache.commons.lang3.StringUtils; import org.joda.time.DateTime; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.lang.NonNull; import com.google.common.collect.ImmutableSortedSet; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; @@ -51,15 +54,14 @@ import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; -import at.gv.egiz.eaaf.core.impl.data.Triple; import eu.eidas.auth.commons.attribute.AttributeDefinition; import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; import eu.eidas.auth.commons.light.impl.LightRequest.Builder; import eu.eidas.auth.commons.protocol.eidas.SpType; -import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress; +import lombok.extern.slf4j.Slf4j; +@Slf4j public abstract class AbstractEidProcessor implements INationalEidProcessor { - private static final Logger log = LoggerFactory.getLogger(AbstractEidProcessor.class); @Autowired protected EidasAttributeRegistry attrRegistry; @@ -72,39 +74,40 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor { buildLevelOfAssurance(pendingReq.getServiceProviderConfiguration(), authnRequestBuilder); buildProviderNameAndRequesterIdAttribute(pendingReq, authnRequestBuilder); buildRequestedAttributes(authnRequestBuilder); - } @Override - public final ErnbEidData postProcess(Map<String, Object> eidasAttrMap) throws EidPostProcessingException, + public final SimpleEidasData postProcess(Map<String, Object> eidasAttrMap) throws EidPostProcessingException, EidasAttributeException { - final ErnbEidData result = new ErnbEidData(); - - final Object eIdentifierObj = eidasAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER); - final Triple<String, String, String> eIdentifier = - EidasResponseUtils.parseEidasPersonalIdentifier((String) eIdentifierObj); - result.setCitizenCountryCode(eIdentifier.getFirst()); - - // MDS attributes - result.setPseudonym(processPseudonym(eidasAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER))); - result.setFamilyName(processFamilyName(eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTFAMILYNAME))); - result.setGivenName(processGivenName(eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTGIVENNAME))); - result.setDateOfBirth(processDateOfBirth(eidasAttrMap.get(Constants.eIDAS_ATTR_DATEOFBIRTH))); - - // additional attributes - result.setPlaceOfBirth(processPlaceOfBirth(eidasAttrMap.get(Constants.eIDAS_ATTR_PLACEOFBIRTH))); - result.setBirthName(processBirthName(eidasAttrMap.get(Constants.eIDAS_ATTR_BIRTHNAME))); - result.setAddress(processAddress(eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTADDRESS))); - - return result; - + SimpleEidasData.SimpleEidasDataBuilder builder = SimpleEidasData.builder() + .personalIdentifier(EidasResponseUtils.processPersonalIdentifier( + eidasAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER))) + + // MDS attributes + .citizenCountryCode(processCountryCode(eidasAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER))) + .pseudonym(processPseudonym(eidasAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER))) + .familyName(processFamilyName(eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTFAMILYNAME))) + .givenName(processGivenName(eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTGIVENNAME))) + .dateOfBirth(processDateOfBirthToString(eidasAttrMap.get(Constants.eIDAS_ATTR_DATEOFBIRTH))) + + // additional attributes + .placeOfBirth(processPlaceOfBirth(eidasAttrMap.get(Constants.eIDAS_ATTR_PLACEOFBIRTH))) + .birthName(processBirthName(eidasAttrMap.get(Constants.eIDAS_ATTR_BIRTHNAME))) + .address(processAddress(eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTADDRESS))); + + if (eidasAttrMap.containsKey(Constants.eIDAS_ATTR_TAXREFERENCE)) { + builder.taxNumber(EidasResponseUtils.processTaxReference(eidasAttrMap.get(Constants.eIDAS_ATTR_TAXREFERENCE))); + + } + + return builder.build(); } - + /** * Get a Map of country-specific requested attributes. - * + * * @return */ @NonNull @@ -112,7 +115,7 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor { /** * Post-Process the eIDAS CurrentAddress attribute. - * + * * @param currentAddressObj eIDAS current address information * @return current address or null if no attribute is available * @throws EidPostProcessingException if post-processing fails @@ -120,34 +123,12 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor { */ protected PostalAddressType processAddress(Object currentAddressObj) throws EidPostProcessingException, EidasAttributeException { - - if (currentAddressObj != null) { - if (currentAddressObj instanceof PostalAddress) { - final PostalAddressType result = new PostalAddressType(); - result.setPostalCode(((PostalAddress) currentAddressObj).getPostCode()); - result.setMunicipality(((PostalAddress) currentAddressObj).getPostName()); - - // TODO: add more mappings - - return result; - - } else { - log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_CURRENTADDRESS + " is of WRONG type"); - throw new EidasAttributeException(Constants.eIDAS_ATTR_CURRENTADDRESS); - - } - - } else { - log.debug("NO '" + Constants.eIDAS_ATTR_CURRENTADDRESS + "' attribute. Post-Processing skipped ... "); - } - - return null; - + return EidasResponseUtils.processAddress(currentAddressObj); } /** * Post-Process the eIDAS BirthName attribute. - * + * * @param birthNameObj eIDAS birthname information * @return birthName or null if no attribute is available * @throws EidPostProcessingException if post-processing fails @@ -155,27 +136,12 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor { */ protected String processBirthName(Object birthNameObj) throws EidPostProcessingException, EidasAttributeException { - if (birthNameObj != null) { - if (birthNameObj instanceof String) { - return (String) birthNameObj; - - } else { - log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_BIRTHNAME + " is of WRONG type"); - throw new EidasAttributeException(Constants.eIDAS_ATTR_BIRTHNAME); - - } - - } else { - log.debug("NO '" + Constants.eIDAS_ATTR_BIRTHNAME + "' attribute. Post-Processing skipped ... "); - } - - return null; - + return EidasResponseUtils.processBirthName(birthNameObj); } /** * Post-Process the eIDAS PlaceOfBirth attribute. - * + * * @param placeOfBirthObj eIDAS Place-of-Birth information * @return place of Birth or null if no attribute is available * @throws EidPostProcessingException if post-processing fails @@ -183,27 +149,12 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor { */ protected String processPlaceOfBirth(Object placeOfBirthObj) throws EidPostProcessingException, EidasAttributeException { - if (placeOfBirthObj != null) { - if (placeOfBirthObj instanceof String) { - return (String) placeOfBirthObj; - - } else { - log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_PLACEOFBIRTH + " is of WRONG type"); - throw new EidasAttributeException(Constants.eIDAS_ATTR_PLACEOFBIRTH); - - } - - } else { - log.debug("NO '" + Constants.eIDAS_ATTR_PLACEOFBIRTH + "' attribute. Post-Processing skipped ... "); - } - - return null; - + return EidasResponseUtils.processPlaceOfBirth(placeOfBirthObj); } /** * Post-Process the eIDAS DateOfBirth attribute. - * + * * @param dateOfBirthObj eIDAS date-of-birth attribute information * @return formated user's date-of-birth * @throws EidasAttributeException if NO attribute is available @@ -211,17 +162,12 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor { */ protected DateTime processDateOfBirth(Object dateOfBirthObj) throws EidPostProcessingException, EidasAttributeException { - if (dateOfBirthObj == null || !(dateOfBirthObj instanceof DateTime)) { - throw new EidasAttributeException(Constants.eIDAS_ATTR_DATEOFBIRTH); - } - - return (DateTime) dateOfBirthObj; - + return EidasResponseUtils.processDateOfBirth(dateOfBirthObj); } /** * Post-Process the eIDAS GivenName attribute. - * + * * @param givenNameObj eIDAS givenName attribute information * @return formated user's givenname * @throws EidasAttributeException if NO attribute is available @@ -229,17 +175,12 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor { */ protected String processGivenName(Object givenNameObj) throws EidPostProcessingException, EidasAttributeException { - if (givenNameObj == null || !(givenNameObj instanceof String)) { - throw new EidasAttributeException(Constants.eIDAS_ATTR_CURRENTGIVENNAME); - } - - return (String) givenNameObj; - + return EidasResponseUtils.processGivenName(givenNameObj); } /** * Post-Process the eIDAS FamilyName attribute. - * + * * @param familyNameObj eIDAS familyName attribute information * @return formated user's familyname * @throws EidasAttributeException if NO attribute is available @@ -247,17 +188,12 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor { */ protected String processFamilyName(Object familyNameObj) throws EidPostProcessingException, EidasAttributeException { - if (familyNameObj == null || !(familyNameObj instanceof String)) { - throw new EidasAttributeException(Constants.eIDAS_ATTR_CURRENTFAMILYNAME); - } - - return (String) familyNameObj; - + return EidasResponseUtils.processFamilyName(familyNameObj); } /** * Post-Process the eIDAS pseudonym to ERnB unique identifier. - * + * * @param personalIdObj eIDAS PersonalIdentifierAttribute * @return Unique personal identifier without country-code information * @throws EidasAttributeException if NO attribute is available @@ -265,15 +201,7 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor { */ protected String processPseudonym(Object personalIdObj) throws EidPostProcessingException, EidasAttributeException { - if (personalIdObj == null || !(personalIdObj instanceof String)) { - throw new EidasAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER); - } - - final Triple<String, String, String> eIdentifier = - EidasResponseUtils.parseEidasPersonalIdentifier((String) personalIdObj); - - return eIdentifier.getThird(); - + return EidasResponseUtils.processPseudonym(personalIdObj); } /** @@ -391,6 +319,7 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor { } protected void buildLevelOfAssurance(ISpConfiguration spConfig, Builder authnRequestBuilder) { + // TODO: set matching mode if eIDAS ref. impl. support this method // TODO: update if eIDAS ref. impl. supports exact matching for non-notified LoA @@ -412,7 +341,7 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor { log.debug("Request eIdAS node with LoA: " + loa); authnRequestBuilder.levelOfAssurance(loa); - + } } |