diff options
Diffstat (limited to 'modules')
8 files changed, 202 insertions, 220 deletions
| diff --git a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticWorkaroundPersonRoleHandler.java b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticWorkaroundPersonRoleHandler.java new file mode 100644 index 00000000..6f855c14 --- /dev/null +++ b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticWorkaroundPersonRoleHandler.java @@ -0,0 +1,35 @@ +package at.asitplus.eidas.specific.modules.msproxyservice.handler; + +import at.gv.egiz.eaaf.core.api.idp.IEidAuthData; +import at.gv.egiz.eaaf.core.impl.idp.EidAuthenticationData; +import lombok.NonNull; +import lombok.extern.slf4j.Slf4j; + + +/** + * eJustic PersonRole attribute-handler for natural-person use-cases only. + *  + * <p>In that special case, the legal-person mandate will be ignored and  + * eIDAS response looks like a normal authentication without mandates.</p> + *  + * @author tlenz + * + */ +@Slf4j +public class EJusticWorkaroundPersonRoleHandler extends EJusticePersonRoleHandler { +   +  @Override +  public void performAuthDataPostprocessing(@NonNull IEidAuthData authData) {         +    if (authData.isUseMandate()) { +      log.info("eJusticeNaturalPersonRole was requested by SP. " +          + "Perform work-around and partially ignoring mandate from IDA system ... ");                         +      ((EidAuthenticationData)authData).setUseMandate(false);       +             +    } else { +      log.info("eJustice attribute was requested but no mandate from ID Austria. " +          + "Something looks wrong, but use it as it is."); +       +    }         +  } + +} diff --git a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java index 6a5e4967..f8c14ceb 100644 --- a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java +++ b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java @@ -57,7 +57,13 @@ public class EJusticePersonRoleHandler implements IEidasAttributeHandler {        spConfig.getRequestedAttributes().addAll(additionalReqAttributes);        log.info("Add additional requested attributes: {}", additionalReqAttributes); -    } +    }     +  } +   +  @Override +  public void performAuthDataPostprocessing(@NonNull IEidAuthData authData) { +    log.trace("{} needs no post processing of authData, because we are in regular mode of operation.", +        EJusticePersonRoleHandler.class.getName());    } diff --git a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/IEidasAttributeHandler.java b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/IEidasAttributeHandler.java index 5a9c8d8c..36deba30 100644 --- a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/IEidasAttributeHandler.java +++ b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/IEidasAttributeHandler.java @@ -23,6 +23,15 @@ public interface IEidasAttributeHandler {    /** +   * Perform attribute-specific post-processing of authentication information. +   *  +   * @param authData authentication information from ID Austria system that should be post processed. +   */ +  @NonNull +  void performAuthDataPostprocessing(@NonNull IEidAuthData authData); +   +   +  /**     * Build eIDAS attribute-value from authentication data.     *      * @param eidAuthData Authentication data for current process diff --git a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java index f1cb8f0b..7d01deda 100644 --- a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java +++ b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java @@ -1,8 +1,11 @@  package at.asitplus.eidas.specific.modules.msproxyservice.protocol;  import java.io.IOException; +import java.util.Objects;  import java.util.Optional; +import java.util.Set;  import java.util.UUID; +import java.util.stream.Collectors;  import javax.annotation.PostConstruct;  import javax.servlet.ServletException; @@ -205,9 +208,14 @@ public class ProxyServiceAuthenticationAction implements IAction {    } + +      private ImmutableAttributeMap buildAttributesFromAuthData(IAuthData authData,        ILightRequest eidasReq) { -    final IEidAuthData eidAuthData = (IEidAuthData) authData; +     +    // eIDAS Out-Going and attribute-specific post-processing of authentication data +    final IEidAuthData eidAuthData = performAuthdataPostprocessing(authData, eidasReq); +                  final ImmutableAttributeMap.Builder attributeMap = ImmutableAttributeMap.builder();      // inject all requested attributres @@ -369,5 +377,46 @@ public class ProxyServiceAuthenticationAction implements IAction {          PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, String.class));    } +   +  /** +   * Post-processing of authentication data based on requested attributes. +   *  +   * @param authData Authentication data from ID Austria system. +   * @param eidasRequest AuthnRequest from foreign country  +   * @return AuthnRequest specific modification of authentication data +   */ +  private IEidAuthData performAuthdataPostprocessing(IAuthData authData, ILightRequest eidasRequest) { +    IEidAuthData idaAuthData = (IEidAuthData) authData; +     +    // select advanced attribute handler +    Set<String> requiredHandlers = eidasRequest.getRequestedAttributes().getAttributeMap().keySet().stream() +        .map(el -> attrRegistry.mapEidasAttributeToAttributeHandler(el.getNameUri().toString()).orElse(null)) +        .filter(Objects::nonNull) +        .distinct() +        .collect(Collectors.toSet()); + +    if (!requiredHandlers.isEmpty()) {     +      log.info("eIDAS requested attributes requires #{} specific attribute-hander. " +          + "Starting advanced post-processing of authentication data ... ", requiredHandlers.size());      +      requiredHandlers.forEach(el -> executeAttributeHandler(el, idaAuthData));       +       +    } +     +    return idaAuthData; +              +  } + +  private void executeAttributeHandler(String handlerClass, IEidAuthData authData) { +    try { +      IEidasAttributeHandler handler = context.getBean(handlerClass, IEidasAttributeHandler.class); +     +      log.trace("Perfom authData post-processing by using: {}", handler.getClass().getName()); +      handler.performAuthDataPostprocessing(authData); +       +    } catch (Exception e) { +      log.error("No custom attribute-handler implementation for: {}. Operation can NOT be performed", handlerClass, e); +       +    }      +  }  } diff --git a/modules/eidas_proxy-sevice/src/main/resources/spring/eidas_proxy-service.beans.xml b/modules/eidas_proxy-sevice/src/main/resources/spring/eidas_proxy-service.beans.xml index 38bd44da..361802eb 100644 --- a/modules/eidas_proxy-sevice/src/main/resources/spring/eidas_proxy-service.beans.xml +++ b/modules/eidas_proxy-sevice/src/main/resources/spring/eidas_proxy-service.beans.xml @@ -38,4 +38,7 @@    <bean id="at.asitplus.eidas.specific.modules.msproxyservice.handler.EJusticePersonRoleHandler"          class="at.asitplus.eidas.specific.modules.msproxyservice.handler.EJusticePersonRoleHandler" /> +  <bean id="at.asitplus.eidas.specific.modules.msproxyservice.handler.EJusticWorkaroundPersonRoleHandler" +        class="at.asitplus.eidas.specific.modules.msproxyservice.handler.EJusticWorkaroundPersonRoleHandler" /> +    </beans>
\ No newline at end of file diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java index d9bc017c..407da198 100644 --- a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java +++ b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java @@ -10,7 +10,6 @@ import static org.junit.Assert.assertTrue;  import java.net.URISyntaxException;  import java.net.URLDecoder; -import java.time.Instant;  import java.util.Arrays;  import java.util.HashMap;  import java.util.Map; @@ -43,12 +42,11 @@ import at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServicePe  import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;  import at.gv.egiz.eaaf.core.api.data.EaafConstants;  import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; -import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions.EidIdentityStatusLevelValues;  import at.gv.egiz.eaaf.core.api.idp.IAuthData; -import at.gv.egiz.eaaf.core.api.idp.IEidAuthData; -import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;  import at.gv.egiz.eaaf.core.api.idp.slo.SloInformationInterface;  import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; +import at.gv.egiz.eaaf.core.impl.idp.EidAuthenticationData;  import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;  import eu.eidas.auth.commons.attribute.AttributeDefinition;  import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; @@ -58,6 +56,7 @@ import eu.eidas.auth.commons.light.impl.LightRequest.Builder;  import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames;  import eu.eidas.specificcommunication.exception.SpecificCommunicationException;  import eu.eidas.specificcommunication.protocol.SpecificCommunicationService; +import lombok.SneakyThrows;  @RunWith(SpringJUnit4ClassRunner.class)  @ContextConfiguration(locations = { @@ -350,15 +349,15 @@ public class ProxyServiceAuthenticationActionTest {    public void responseWithJurMandate() throws EaafException, SpecificCommunicationException {      Map<String, Object> attr = new HashMap<>();      attr.put(PvpAttributeDefinitions.BPK_NAME,  -        "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));     -    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, -        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); -     +        "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));      attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,          RandomStringUtils.randomAlphabetic(10));      attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,          RandomStringUtils.randomAlphabetic(10)); -     +    +    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, +        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); +              LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();      eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()          .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()) @@ -402,8 +401,6 @@ public class ProxyServiceAuthenticationActionTest {      Map<String, Object> attr = new HashMap<>();      attr.put(PvpAttributeDefinitions.BPK_NAME,           "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));     -    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, -        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);      attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,          RandomStringUtils.randomAlphabetic(10)); @@ -411,13 +408,15 @@ public class ProxyServiceAuthenticationActionTest {          RandomStringUtils.randomAlphabetic(10));      attr.put(PvpAttributeDefinitions.MANDATE_TYPE_NAME,          "MUST_BE_UPDATED"); +    +    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, +        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);      LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();      eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()          .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())          .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first())          .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first()) -        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first())          .build());      pendingReq.setEidasRequest(eidasRequestBuilder.build()); @@ -429,7 +428,7 @@ public class ProxyServiceAuthenticationActionTest {      Assert.assertNotNull("Result should be not null", result);      ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); -    assertEquals("wrong attr. size", 8, respAttr.size());   +    assertEquals("wrong attr. size", 7, respAttr.size());        checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_PERSONALIDENTIFIER,           (String) attr.get(PvpAttributeDefinitions.BPK_NAME));      checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTFAMILYNAME, authData.getFamilyName()); @@ -442,7 +441,6 @@ public class ProxyServiceAuthenticationActionTest {          (String) attr.get(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME));      checkAttrValue(respAttr, "eJusticeLegalPersonRole", "VIP1"); -    checkAttrValue(respAttr, "eJusticeNaturalPersonRole", "VIP1");      assertNull("find nat. person subject: personalId",           getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER)); @@ -460,8 +458,6 @@ public class ProxyServiceAuthenticationActionTest {      Map<String, Object> attr = new HashMap<>();      attr.put(PvpAttributeDefinitions.BPK_NAME,           "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));     -    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, -        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);      attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,          RandomStringUtils.randomAlphabetic(10)); @@ -470,12 +466,14 @@ public class ProxyServiceAuthenticationActionTest {      attr.put(PvpAttributeDefinitions.MANDATE_TYPE_NAME,          "SECOND"); +    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, +        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); +              LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();      eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()          .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())          .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first())          .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first()) -        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first())          .build());      pendingReq.setEidasRequest(eidasRequestBuilder.build()); @@ -487,12 +485,52 @@ public class ProxyServiceAuthenticationActionTest {      Assert.assertNotNull("Result should be not null", result);      ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); -    assertEquals("wrong attr. size", 8, respAttr.size());   +    assertEquals("wrong attr. size", 7, respAttr.size());        checkAttrValue(respAttr, "eJusticeLegalPersonRole", "VIP2"); -    checkAttrValue(respAttr, "eJusticeNaturalPersonRole", "VIP2"); - +    +  } +   +  @Test  +  public void borisModeNatPersonResponse() throws EaafException, SpecificCommunicationException { +    Map<String, Object> attr = new HashMap<>(); +    attr.put(PvpAttributeDefinitions.BPK_NAME,  +        "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));     +    String familyName = RandomStringUtils.randomAlphanumeric(10); +     +    attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, +        RandomStringUtils.randomAlphabetic(10)); +    attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, +        RandomStringUtils.randomAlphabetic(10)); +    attr.put(PvpAttributeDefinitions.MANDATE_TYPE_NAME, +        "SECOND"); +     +    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, +        familyName, RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); +     +    LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest(); +    eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder() +        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()) +        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME).first()) +        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME).first()) +        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_DATEOFBIRTH).first()) +        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first()) +        .build()); +    pendingReq.setEidasRequest(eidasRequestBuilder.build()); +     +     +    //perform test +    SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData); +     +    //validate state +    Assert.assertNotNull("Result should be not null", result); +    ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); +    assertEquals("wrong attr. size", 5, respAttr.size());   +     +    checkAttrValue(respAttr, "eJusticeNaturalPersonRole", "VIP2");     +    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, familyName); +       }    @Test  @@ -500,20 +538,21 @@ public class ProxyServiceAuthenticationActionTest {      Map<String, Object> attr = new HashMap<>();      attr.put(PvpAttributeDefinitions.BPK_NAME,           "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));     -    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, -        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);      attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,          RandomStringUtils.randomAlphabetic(10));      attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,          RandomStringUtils.randomAlphabetic(10)); +    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, +        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); +    +          LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();      eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()          .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())          .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first())          .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first()) -        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first())          .build());      pendingReq.setEidasRequest(eidasRequestBuilder.build()); @@ -534,8 +573,6 @@ public class ProxyServiceAuthenticationActionTest {      Map<String, Object> attr = new HashMap<>();      attr.put(PvpAttributeDefinitions.BPK_NAME,           "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));     -    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, -        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);      attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,          RandomStringUtils.randomAlphabetic(10)); @@ -543,12 +580,14 @@ public class ProxyServiceAuthenticationActionTest {          RandomStringUtils.randomAlphabetic(10));      attr.put(PvpAttributeDefinitions.MANDATE_TYPE_NAME, ""); +    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, +        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);    +          LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();      eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()          .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())          .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first())          .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first()) -        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first())          .build());      pendingReq.setEidasRequest(eidasRequestBuilder.build()); @@ -568,9 +607,7 @@ public class ProxyServiceAuthenticationActionTest {    public void borisModeUnknownMandateType() throws EaafException, SpecificCommunicationException {      Map<String, Object> attr = new HashMap<>();      attr.put(PvpAttributeDefinitions.BPK_NAME,  -        "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));     -    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, -        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); +        "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));      attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,          RandomStringUtils.randomAlphabetic(10)); @@ -578,12 +615,14 @@ public class ProxyServiceAuthenticationActionTest {          RandomStringUtils.randomAlphabetic(10));      attr.put(PvpAttributeDefinitions.MANDATE_TYPE_NAME, RandomStringUtils.randomAlphanumeric(10)); +    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, +        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); +              LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();      eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()          .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())          .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first())          .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first()) -        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first())          .build());      pendingReq.setEidasRequest(eidasRequestBuilder.build()); @@ -616,8 +655,7 @@ public class ProxyServiceAuthenticationActionTest {          RandomStringUtils.randomAlphabetic(10));      attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME,          "1985-11-15"); -     -     +              IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,          RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); @@ -649,14 +687,15 @@ public class ProxyServiceAuthenticationActionTest {      Map<String, Object> attr = new HashMap<>();      attr.put(PvpAttributeDefinitions.BPK_NAME,           "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));     -    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, -        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); -     +      attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,          RandomStringUtils.randomAlphabetic(10));      attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,          RandomStringUtils.randomAlphabetic(10)); +    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, +        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); +              //perform test      SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData); @@ -689,13 +728,14 @@ public class ProxyServiceAuthenticationActionTest {      Map<String, Object> attr = new HashMap<>();      attr.put(PvpAttributeDefinitions.BPK_NAME,           "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));     -    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, -        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);      attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,          RandomStringUtils.randomAlphabetic(10));      attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, -        RandomStringUtils.randomAlphabetic(10)); +        RandomStringUtils.randomAlphabetic(10));     +     +    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, +        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);      //perform test      SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData); @@ -726,6 +766,7 @@ public class ProxyServiceAuthenticationActionTest {    } +  @SneakyThrows    private IAuthData generateDummyAuthData() {      return generateDummyAuthData(new HashMap<>(), EaafConstants.EIDAS_LOA_LOW,           RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1940-01-01", false); @@ -792,191 +833,30 @@ public class ProxyServiceAuthenticationActionTest {           );    } +  @SneakyThrows    private IAuthData generateDummyAuthData(Map<String, Object> attrs, String loa, String familyName, String givenName, String dateOfBirth,         boolean useMandates) {      attrs.put(PvpAttributeDefinitions.BIRTHDATE_NAME, dateOfBirth);      attrs.put(PvpAttributeDefinitions.GIVEN_NAME_NAME, givenName);      attrs.put(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, familyName); -     -    return new IEidAuthData() { -       -      @Override -      public boolean isSsoSession() { -        // TODO Auto-generated method stub -        return false; -      } -       -      @Override -      public boolean isForeigner() { -        // TODO Auto-generated method stub -        return false; -      } -       -      @Override -      public boolean isBaseIdTransferRestrication() { -        // TODO Auto-generated method stub -        return false; -      } -       -      @Override -      public Instant getSsoSessionValidTo() { -        // TODO Auto-generated method stub -        return null; -      } -       -      @Override -      public String getSessionIndex() { -        // TODO Auto-generated method stub -        return null; -      } -       -      @Override -      public String getNameIdFormat() { -        // TODO Auto-generated method stub -        return null; -      } -       -      @Override -      public String getNameID() { -        // TODO Auto-generated method stub -        return null; -      } -       -      @Override -      public IIdentityLink getIdentityLink() { -        // TODO Auto-generated method stub -        return null; -      } -       -      @Override -      public String getIdentificationValue() { -        // TODO Auto-generated method stub -        return null; -      } -       -      @Override -      public String getIdentificationType() { -        // TODO Auto-generated method stub -        return null; -      } -       -      @Override -      public String getGivenName() { -        return givenName; -      } -       -      @Override -      public <T> T getGenericData(String key, Class<T> clazz) { -        if (attrs.containsKey(key)) { -          return (T) attrs.get(key); -           -        } else { -          return null;   -        } -         -      } -       -      @Override -      public String getDateOfBirth() { -        return dateOfBirth; -      } -       -      @Override -      public String getFamilyName() { -        return familyName; -      } -       -      @Override -      public String getEncryptedSourceIdType() { -        // TODO Auto-generated method stub -        return null; -      } -       -      @Override -      public String getEncryptedSourceId() { -        // TODO Auto-generated method stub -        return null; -      } -       -      @Override -      public String getEidasQaaLevel() { -        return loa; -         -      } -       -       -      @Override -      public String getCiticenCountryCode() { -        // TODO Auto-generated method stub -        return null; -      } -       -      @Override -      public String getBpkType() { -        // TODO Auto-generated method stub -        return null; -      } -       -      @Override -      public String getBpk() { -        // TODO Auto-generated method stub -        return null; -      } -       -      @Override -      public String getAuthenticationIssuer() { -        // TODO Auto-generated method stub -        return null; -      } -       -      @Override -      public String getAuthenticationIssueInstantString() { -        // TODO Auto-generated method stub -        return null; -      } -       -      @Override -      public Instant getAuthenticationIssueInstant() { -        // TODO Auto-generated method stub -        return null; -      } - -      @Override -      public byte[] getSignerCertificate() { -        // TODO Auto-generated method stub -        return null; -      } - -      @Override -      public byte[] getEidToken() { -        // TODO Auto-generated method stub -        return null; -      } - -      @Override -      public EidIdentityStatusLevelValues getEidStatus() { -        // TODO Auto-generated method stub -        return null; -      } - -      @Override -      public String getVdaEndPointUrl() { -        // TODO Auto-generated method stub -        return null; -      } - -      @Override -      public boolean isUseMandate() { -        return useMandates; +             +    EidAuthenticationData dummyIdaData = new EidAuthenticationData();       +    dummyIdaData.setUseMandate(useMandates);  +    dummyIdaData.setEidasLoa(loa); +    dummyIdaData.setGivenName(givenName);     +    dummyIdaData.setFamilyName(familyName); +    dummyIdaData.setDateOfBirth(dateOfBirth);    +    attrs.entrySet().forEach(el -> { +      try { +        dummyIdaData.setGenericData(el.getKey(), el.getValue()); +    +      } catch (EaafStorageException e) { +        e.printStackTrace();        } - -      @Override -      public String getDateOfBirthFormated(String pattern) { -        // TODO Auto-generated method stub -        return null; -      } -    }; +    }); +     +    return dummyIdaData;    }  } diff --git a/modules/eidas_proxy-sevice/src/test/resources/config/additional-attributes.xml b/modules/eidas_proxy-sevice/src/test/resources/config/additional-attributes.xml index c7b40d90..a662c1ab 100644 --- a/modules/eidas_proxy-sevice/src/test/resources/config/additional-attributes.xml +++ b/modules/eidas_proxy-sevice/src/test/resources/config/additional-attributes.xml @@ -55,7 +55,7 @@      <entry key="4.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>      <entry key="5.NameUri">http://e-justice.europa.eu/attributes/legalperson/eJusticePersonRoleNotExist</entry> -    <entry key="5.FriendlyName">eJusticeLegalPersonRole</entry> +    <entry key="5.FriendlyName">eJusticeLegalPersonRoleNotExist</entry>      <entry key="5.PersonType">LegalPerson</entry>      <entry key="5.Required">false</entry>      <entry key="5.XmlType.NamespaceUri">http://www.w3.org/2001/XMLSchema</entry> diff --git a/modules/eidas_proxy-sevice/src/test/resources/config/idaAttributeMapping.json b/modules/eidas_proxy-sevice/src/test/resources/config/idaAttributeMapping.json index 96034d12..a7014e76 100644 --- a/modules/eidas_proxy-sevice/src/test/resources/config/idaAttributeMapping.json +++ b/modules/eidas_proxy-sevice/src/test/resources/config/idaAttributeMapping.json @@ -130,7 +130,7 @@    },    {      "eidasAttribute": "http://e-justice.europa.eu/attributes/naturalperson/eJusticeNaturalPersonRole", -    "specificAttributeHandlerClass": "at.asitplus.eidas.specific.modules.msproxyservice.handler.EJusticePersonRoleHandler", +    "specificAttributeHandlerClass": "at.asitplus.eidas.specific.modules.msproxyservice.handler.EJusticWorkaroundPersonRoleHandler",      "type": {        "mds": false,        "autoIncludeWithMandates": false | 
