aboutsummaryrefslogtreecommitdiff
path: root/modules/authmodule-eIDAS-v2/src/main
diff options
context:
space:
mode:
Diffstat (limited to 'modules/authmodule-eIDAS-v2/src/main')
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java4
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java20
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java28
3 files changed, 42 insertions, 10 deletions
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
index 9ceb08ee..494d4803 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
@@ -139,6 +139,10 @@ public class Constants {
public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_ACTIVE =
CONIG_PROPS_EIDAS_SZRCLIENT + ".workarounds.datastore.sqlite.active";
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_IDA_VSZ_IDL =
+ CONIG_PROPS_EIDAS_SZRCLIENT + ".workarounds.use.getidentitylink.for.ida";
+
+
// http endpoint descriptions
public static final String eIDAS_HTTP_ENDPOINT_SP_POST = "/eidas/light/sp/post";
public static final String eIDAS_HTTP_ENDPOINT_SP_REDIRECT = "/eidas/light/sp/redirect";
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java
index 5558fdfd..11ea2843 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java
@@ -226,15 +226,15 @@ public class SzrClient {
* Request a encryped baseId from SRZ.
*
* @param personInfo Minimum dataset of person
+ * @param insertErnp insertErnp flag on SZR request
* @return encrypted baseId
* @throws SzrCommunicationException In case of a SZR error
*/
- public String getEncryptedStammzahl(final PersonInfoType personInfo)
+ public String getEncryptedStammzahl(final PersonInfoType personInfo, boolean insertErnp)
throws SzrCommunicationException {
-
final String resp;
try {
- resp = this.szr.getStammzahlEncrypted(personInfo, false);
+ resp = this.szr.getStammzahlEncrypted(personInfo, insertErnp);
} catch (SZRException_Exception e) {
throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e);
}
@@ -243,7 +243,19 @@ public class SzrClient {
throw new SzrCommunicationException("ernb.01", new Object[]{"Stammzahl response empty"}); // TODO error handling
}
- return resp;
+ return resp;
+ }
+
+ /**
+ * Request a encrypted baseId from SRZ without insertErnp.
+ *
+ * @param personInfo Minimum dataset of person
+ * @return encrypted baseId
+ * @throws SzrCommunicationException In case of a SZR error
+ */
+ public String getEncryptedStammzahl(final PersonInfoType personInfo)
+ throws SzrCommunicationException {
+ return getEncryptedStammzahl(personInfo, false);
}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
index 18ddab42..ce737526 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
@@ -150,12 +150,9 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
if (pendingReq.getServiceProviderConfiguration()
.isConfigurationValue(MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE, false)) {
- // work-around, because getEncryptedStammzahl does not support insertERnP for eIDAS entities
- SzrResultHolder idlResult = requestSzrForIdentityLink(personInfo);
-
- // get encrypted baseId
- String vsz = szrClient.getEncryptedStammzahl(buildGetEncryptedBaseIdReq(idlResult.identityLink));
-
+ // get VSZ
+ String vsz = getVszForPerson(personInfo);
+
//write revision-Log entry and extended infos personal-identifier mapping
revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_VSZ_RECEIVED);
writeExtendedRevisionLogEntry(simpleAttrMap, eidData);
@@ -224,6 +221,25 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
}
}
+
+ private String getVszForPerson(PersonInfoType personInfo) throws SzrCommunicationException, EaafException {
+ if (basicConfig.getBasicConfigurationBoolean(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_IDA_VSZ_IDL, true)) {
+ log.debug("IDA workaround is active. Requesting IDL to insert person into ERnP .... ");
+
+ // work-around, because getEncryptedStammzahl does not support insertERnP for eIDAS entities
+ SzrResultHolder idlResult = requestSzrForIdentityLink(personInfo);
+
+ // get encrypted baseId
+ return szrClient.getEncryptedStammzahl(buildGetEncryptedBaseIdReq(idlResult.identityLink));
+
+
+ } else {
+ return szrClient.getEncryptedStammzahl(personInfo, true);
+
+ }
+ }
+
private PersonInfoType buildGetEncryptedBaseIdReq(IIdentityLink identityLink) throws EaafBuilderException {
log.debug("Generating getVsz request from identityLink information ... ");
final PersonInfoType personInfo = new PersonInfoType();
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-31 02:36:04 +0000