aboutsummaryrefslogtreecommitdiff
path: root/modules/authmodule-eIDAS-v2
diff options
context:
space:
mode:
Diffstat (limited to 'modules/authmodule-eIDAS-v2')
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java37
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java28
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java21
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java54
4 files changed, 88 insertions, 52 deletions
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java
index fca5e583..8c294c97 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java
@@ -48,8 +48,6 @@ import javax.xml.ws.Dispatch;
import org.apache.commons.lang3.StringUtils;
import org.apache.xpath.XPathAPI;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -72,6 +70,7 @@ import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
import at.gv.egiz.eaaf.core.api.data.XmlNamespaceConstants;
import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
+import lombok.extern.slf4j.Slf4j;
import szrservices.GetBPK;
import szrservices.GetBPKResponse;
import szrservices.GetIdentityLinkEidas;
@@ -88,9 +87,9 @@ import szrservices.SignContentResponseType;
import szrservices.TravelDocumentType;
+@Slf4j
@Service("SZRClientForeIDAS")
public class SzrClient extends AbstractSoapClient {
- private static final Logger log = LoggerFactory.getLogger(SzrClient.class);
private static final String CLIENT_DEFAULT = "DefaultClient";
private static final String CLIENT_RAW = "RawClient";
@@ -125,11 +124,12 @@ public class SzrClient extends AbstractSoapClient {
try {
final GetIdentityLinkEidas getIdl = new GetIdentityLinkEidas();
getIdl.setPersonInfo(generateSzrRequest(matchedPersonData));
-
+
return getIdentityLinkGeneric(getIdl);
} catch (final Exception e) {
- log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e);
+ log.warn("SZR communication FAILED for operation: {} Reason: {}",
+ "GetIdentityLinkEidas", e.getMessage(), e);
throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e);
}
@@ -157,33 +157,13 @@ public class SzrClient extends AbstractSoapClient {
return result.getGetBPKReturn();
} catch (final SZRException_Exception e) {
- log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e);
+ log.warn("SZR communication FAILED for operation: {} Reason: {}",
+ "GetBPK", e.getMessage(), e);
throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e);
}
}
-
- /**
- * Creates a new ERnP entry.
- * TODO Is this correct? Ask BMI.
- *
- * @param eidasData Minimum dataset of person
- * @return encrypted baseId
- * @throws SzrCommunicationException In case of a SZR error
- */
- public String createNewErnpEntry(final SimpleEidasData eidasData) throws SzrCommunicationException {
- final String resp;
- try {
- resp = this.szr.getStammzahlEncrypted(generateSzrRequest(eidasData), true);
- } catch (SZRException_Exception e) {
- throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e);
- }
- if (StringUtils.isEmpty(resp)) {
- throw new SzrCommunicationException("ernb.01", new Object[]{"Stammzahl response empty"}); // TODO error handling
- }
- return resp;
- }
/**
* Request a encrypted baseId from SZR.
@@ -256,7 +236,8 @@ public class SzrClient extends AbstractSoapClient {
return resp.getOut().get(0).getValue();
} catch (final JsonProcessingException | SZRException_Exception e) {
- log.warn("Requesting bcBind by using SZR FAILED.", e);
+ log.warn("SZR communication FAILED for operation: {} Reason: {}",
+ "SignContent", e.getMessage(), e);
throw new SzrCommunicationException("ernb.02",
new Object[]{e.getMessage()}, e);
}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java
index 6b541135..2853d8ab 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java
@@ -34,8 +34,6 @@ import javax.annotation.Nullable;
import org.apache.commons.lang3.StringUtils;
import org.joda.time.DateTime;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableSet;
@@ -50,9 +48,11 @@ import eu.eidas.auth.commons.attribute.AttributeValueMarshaller;
import eu.eidas.auth.commons.attribute.AttributeValueMarshallingException;
import eu.eidas.auth.commons.attribute.AttributeValueTransliterator;
import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
+import lombok.NonNull;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class EidasResponseUtils {
- private static final Logger log = LoggerFactory.getLogger(EidasResponseUtils.class);
public static final String PERSONALIDENIFIER_VALIDATION_PATTERN = "^[A-Z,a-z]{2}/[A-Z,a-z]{2}/.*";
/**
@@ -100,17 +100,15 @@ public class EidasResponseUtils {
* @return Set of attribute values. If more then one value than the first value
* contains the 'Latin' value.
*/
- // TODO: check possible problem with nonLatinCharacters
+ // TODO: check possible problem with nonLatinCharacters
+ @NonNull
public static List<String> translateStringListAttribute(AttributeDefinition<?> attributeDefinition,
@Nullable ImmutableSet<? extends AttributeValue<?>> attributeValues) {
final List<String> stringListAttribute = new ArrayList<>();
- if (attributeValues == null) {
- log.info("Can not extract infos from 'null' attribute value");
-
- } else {
- final AttributeValueMarshaller<?> attributeValueMarshaller =
- attributeDefinition.getAttributeValueMarshaller();
- for (final AttributeValue<?> attributeValue : attributeValues) {
+ if (attributeValues != null && !attributeValues.isEmpty()) {
+ final AttributeValueMarshaller<?> attributeValueMarshaller = attributeDefinition
+ .getAttributeValueMarshaller();
+ for (final AttributeValue<?> attributeValue : attributeValues.asList()) {
String valueString = null;
try {
valueString = attributeValueMarshaller.marshal((AttributeValue) attributeValue);
@@ -149,9 +147,13 @@ public class EidasResponseUtils {
}
}
- log.trace("Extract values: {} for attr: {}",
+ log.trace("Extract values: {} for attr: {}",
StringUtils.join(stringListAttribute, ","), attributeDefinition.getFriendlyName());
-
+
+ } else {
+ log.info("Can not extract infos from '{}' attributeValue for attribute: {}",
+ attributeValues != null ? "empty" : "null", attributeDefinition.getNameUri());
+
}
return stringListAttribute;
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java
index 3c9db9ea..c8a1f190 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java
@@ -155,7 +155,7 @@ public class MatchingTaskUtils {
result.put(el.getFriendlyName(), attribute);
log.trace("Find attr '{}' with value: {}", el.getFriendlyName(), attribute);
} else {
- log.info("Ignore empty 'DateTime' attribute");
+ log.info("Ignore empty 'DateTime' attribute: {}", el.getNameUri());
}
} else if (PostalAddress.class.equals(parameterizedType)) {
final PostalAddress addressAttribute = EidasResponseUtils
@@ -164,21 +164,24 @@ public class MatchingTaskUtils {
result.put(el.getFriendlyName(), addressAttribute);
log.trace("Find attr '{}' with value: {}", el.getFriendlyName(), addressAttribute);
} else {
- log.info("Ignore empty 'PostalAddress' attribute");
+ log.info("Ignore empty 'PostalAddress' attribute: {}", el.getNameUri());
}
} else {
final List<String> natPersonIdObj = EidasResponseUtils.translateStringListAttribute(el, attributeMap.get(el));
- final String stringAttr = natPersonIdObj.get(0);
- if (StringUtils.isNotEmpty(stringAttr)) {
- result.put(el.getFriendlyName(), stringAttr);
- log.trace("Find attr '{}' with value: {}", el.getFriendlyName(), stringAttr);
+ if (natPersonIdObj.isEmpty() || StringUtils.isEmpty(natPersonIdObj.get(0))) {
+ log.info("Ignore empty 'String' attribute: {}", el.getNameUri());
+
} else {
- log.info("Ignore empty 'String' attribute");
+ result.put(el.getFriendlyName(), natPersonIdObj.get(0));
+ log.trace("Find attr '{}' with value: {}", el.getFriendlyName(), natPersonIdObj.get(0));
+
}
- }
- }
+ }
+ }
+
log.debug("Receive #{} attributes with names: {}", result.size(), result.keySet());
return result;
+
}
private MatchingTaskUtils() {
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
index bb4abfa2..023c196c 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
@@ -522,6 +522,45 @@ public class CreateIdentityLinkTaskEidNewTest {
}
}
+ @Test
+ public void checkEmptyStringAttribute() throws Exception {
+ //initialize test
+ setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+ String vsz = RandomStringUtils.randomNumeric(10);
+ when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(vsz);
+ val signContentResp = new SignContentResponseType();
+ final SignContentEntry signContentEntry = new SignContentEntry();
+ signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10));
+ signContentResp.getOut().add(signContentEntry);
+ when(szrMock.signContent(any(), any(), any())).thenReturn(signContentResp);
+
+ String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+ String bindingPubKey = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME, bindingPubKey);
+
+
+ response = buildDummyAuthResponse(true, true);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+
+
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ // check if pendingRequest was stored
+ IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+
+ //check data in session
+ final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+ Assert.assertNotNull("AuthProcessData", authProcessData);
+ Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class));
+
+ }
+
+
private Pair<KeyStore, Provider> getKeyStore() throws EaafException {
// read Connector wide config data TODO connector wide!
String keyStoreName = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_NAME);
@@ -557,9 +596,14 @@ public class CreateIdentityLinkTaskEidNewTest {
}
-
@Nonnull
private AuthenticationResponse buildDummyAuthResponse(boolean withAll) throws URISyntaxException {
+ return buildDummyAuthResponse(withAll, false);
+
+ }
+
+ @Nonnull
+ private AuthenticationResponse buildDummyAuthResponse(boolean withAll, boolean withEmpty) throws URISyntaxException {
final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
@@ -579,7 +623,13 @@ public class CreateIdentityLinkTaskEidNewTest {
attributeMap.put(attributeDef3, RandomStringUtils.randomAlphabetic(10));
attributeMap.put(attributeDef4, "2001-01-01");
if (withAll) {
- attributeMap.put(attributeDef5, RandomStringUtils.randomAlphabetic(10));
+ if (withEmpty) {
+ attributeMap.put(attributeDef5, Collections.emptySet());
+
+ } else {
+ attributeMap.put(attributeDef5, RandomStringUtils.randomAlphabetic(10));
+
+ }
attributeMap.put(attributeDef6, RandomStringUtils.randomAlphabetic(10));
}