aboutsummaryrefslogtreecommitdiff
path: root/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java
diff options
context:
space:
mode:
Diffstat (limited to 'modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java')
-rw-r--r--modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java21
1 files changed, 21 insertions, 0 deletions
diff --git a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java
index f8c14ceb..46dd714d 100644
--- a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java
+++ b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java
@@ -11,12 +11,14 @@ import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import at.asitplus.eidas.specific.core.config.ServiceProviderConfiguration;
+import at.asitplus.eidas.specific.modules.msproxyservice.exception.EidasProxyServiceException;
import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions.SpMandateModes;
import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
import at.gv.egiz.eaaf.core.api.idp.IEidAuthData;
import at.gv.egiz.eaaf.core.api.idp.IExtendedConfiguration;
import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+import eu.eidas.auth.commons.light.ILightRequest;
import lombok.NonNull;
import lombok.extern.slf4j.Slf4j;
@@ -31,6 +33,11 @@ import lombok.extern.slf4j.Slf4j;
@Slf4j
public class EJusticePersonRoleHandler implements IEidasAttributeHandler {
+ public static final String EIDAS_ATTR_EJUSTIC_NAT =
+ "http://e-justice.europa.eu/attributes/naturalperson/eJusticeNaturalPersonRole";
+ public static final String EIDAS_ATTR_EJUSTIC_JUR =
+ "http://e-justice.europa.eu/attributes/legalperson/eJusticeLegalPersonRole";
+
public static final String CONFIG_PROP_IDA_MANDATE_PROFILE = "advanced.attributes.ejusticerole.mandate.profiles";
public static final String CONFIG_PROP_IDA_MANDATE_MODE = "advanced.attributes.ejusticerole.mandate.mode";
public static final String CONFIG_PROP_IDA_ADDITIONAL_ATTRIBUTES =
@@ -140,5 +147,19 @@ public class EJusticePersonRoleHandler implements IEidasAttributeHandler {
return value;
}
+
+ @Override
+ public final void validateAuthnRequest(ILightRequest eidasRequest) throws EidasProxyServiceException {
+ boolean isNatReq =
+ eidasRequest.getRequestedAttributes().getAttributeValuesByNameUri(EIDAS_ATTR_EJUSTIC_NAT) != null;
+ boolean isJurReq =
+ eidasRequest.getRequestedAttributes().getAttributeValuesByNameUri(EIDAS_ATTR_EJUSTIC_JUR) != null;
+
+ if (isNatReq && isJurReq) {
+ log.warn("eJustice attributes for legal and natural person can NOT be requested at the same time.");
+ throw new EidasProxyServiceException("eidas.proxyservice.ejustice.01", null);
+
+ }
+ }
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-17 09:39:42 +0000