diff options
Diffstat (limited to 'modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java')
-rw-r--r-- | modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java index f8c14ceb..46dd714d 100644 --- a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java +++ b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java @@ -11,12 +11,14 @@ import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import at.asitplus.eidas.specific.core.config.ServiceProviderConfiguration; +import at.asitplus.eidas.specific.modules.msproxyservice.exception.EidasProxyServiceException; import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions.SpMandateModes; import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.idp.IEidAuthData; import at.gv.egiz.eaaf.core.api.idp.IExtendedConfiguration; import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; +import eu.eidas.auth.commons.light.ILightRequest; import lombok.NonNull; import lombok.extern.slf4j.Slf4j; @@ -31,6 +33,11 @@ import lombok.extern.slf4j.Slf4j; @Slf4j public class EJusticePersonRoleHandler implements IEidasAttributeHandler { + public static final String EIDAS_ATTR_EJUSTIC_NAT = + "http://e-justice.europa.eu/attributes/naturalperson/eJusticeNaturalPersonRole"; + public static final String EIDAS_ATTR_EJUSTIC_JUR = + "http://e-justice.europa.eu/attributes/legalperson/eJusticeLegalPersonRole"; + public static final String CONFIG_PROP_IDA_MANDATE_PROFILE = "advanced.attributes.ejusticerole.mandate.profiles"; public static final String CONFIG_PROP_IDA_MANDATE_MODE = "advanced.attributes.ejusticerole.mandate.mode"; public static final String CONFIG_PROP_IDA_ADDITIONAL_ATTRIBUTES = @@ -140,5 +147,19 @@ public class EJusticePersonRoleHandler implements IEidasAttributeHandler { return value; } + + @Override + public final void validateAuthnRequest(ILightRequest eidasRequest) throws EidasProxyServiceException { + boolean isNatReq = + eidasRequest.getRequestedAttributes().getAttributeValuesByNameUri(EIDAS_ATTR_EJUSTIC_NAT) != null; + boolean isJurReq = + eidasRequest.getRequestedAttributes().getAttributeValuesByNameUri(EIDAS_ATTR_EJUSTIC_JUR) != null; + + if (isNatReq && isJurReq) { + log.warn("eJustice attributes for legal and natural person can NOT be requested at the same time."); + throw new EidasProxyServiceException("eidas.proxyservice.ejustice.01", null); + + } + } } |