aboutsummaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rw-r--r--modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticWorkaroundPersonRoleHandler.java35
-rw-r--r--modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java8
-rw-r--r--modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/IEidasAttributeHandler.java9
-rw-r--r--modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java51
-rw-r--r--modules/eidas_proxy-sevice/src/main/resources/spring/eidas_proxy-service.beans.xml3
-rw-r--r--modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java312
-rw-r--r--modules/eidas_proxy-sevice/src/test/resources/config/additional-attributes.xml2
-rw-r--r--modules/eidas_proxy-sevice/src/test/resources/config/idaAttributeMapping.json2
8 files changed, 202 insertions, 220 deletions
diff --git a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticWorkaroundPersonRoleHandler.java b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticWorkaroundPersonRoleHandler.java
new file mode 100644
index 00000000..6f855c14
--- /dev/null
+++ b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticWorkaroundPersonRoleHandler.java
@@ -0,0 +1,35 @@
+package at.asitplus.eidas.specific.modules.msproxyservice.handler;
+
+import at.gv.egiz.eaaf.core.api.idp.IEidAuthData;
+import at.gv.egiz.eaaf.core.impl.idp.EidAuthenticationData;
+import lombok.NonNull;
+import lombok.extern.slf4j.Slf4j;
+
+
+/**
+ * eJustic PersonRole attribute-handler for natural-person use-cases only.
+ *
+ * <p>In that special case, the legal-person mandate will be ignored and
+ * eIDAS response looks like a normal authentication without mandates.</p>
+ *
+ * @author tlenz
+ *
+ */
+@Slf4j
+public class EJusticWorkaroundPersonRoleHandler extends EJusticePersonRoleHandler {
+
+ @Override
+ public void performAuthDataPostprocessing(@NonNull IEidAuthData authData) {
+ if (authData.isUseMandate()) {
+ log.info("eJusticeNaturalPersonRole was requested by SP. "
+ + "Perform work-around and partially ignoring mandate from IDA system ... ");
+ ((EidAuthenticationData)authData).setUseMandate(false);
+
+ } else {
+ log.info("eJustice attribute was requested but no mandate from ID Austria. "
+ + "Something looks wrong, but use it as it is.");
+
+ }
+ }
+
+}
diff --git a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java
index 6a5e4967..f8c14ceb 100644
--- a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java
+++ b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/EJusticePersonRoleHandler.java
@@ -57,7 +57,13 @@ public class EJusticePersonRoleHandler implements IEidasAttributeHandler {
spConfig.getRequestedAttributes().addAll(additionalReqAttributes);
log.info("Add additional requested attributes: {}", additionalReqAttributes);
- }
+ }
+ }
+
+ @Override
+ public void performAuthDataPostprocessing(@NonNull IEidAuthData authData) {
+ log.trace("{} needs no post processing of authData, because we are in regular mode of operation.",
+ EJusticePersonRoleHandler.class.getName());
}
diff --git a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/IEidasAttributeHandler.java b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/IEidasAttributeHandler.java
index 5a9c8d8c..36deba30 100644
--- a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/IEidasAttributeHandler.java
+++ b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/handler/IEidasAttributeHandler.java
@@ -23,6 +23,15 @@ public interface IEidasAttributeHandler {
/**
+ * Perform attribute-specific post-processing of authentication information.
+ *
+ * @param authData authentication information from ID Austria system that should be post processed.
+ */
+ @NonNull
+ void performAuthDataPostprocessing(@NonNull IEidAuthData authData);
+
+
+ /**
* Build eIDAS attribute-value from authentication data.
*
* @param eidAuthData Authentication data for current process
diff --git a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java
index f1cb8f0b..7d01deda 100644
--- a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java
+++ b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java
@@ -1,8 +1,11 @@
package at.asitplus.eidas.specific.modules.msproxyservice.protocol;
import java.io.IOException;
+import java.util.Objects;
import java.util.Optional;
+import java.util.Set;
import java.util.UUID;
+import java.util.stream.Collectors;
import javax.annotation.PostConstruct;
import javax.servlet.ServletException;
@@ -205,9 +208,14 @@ public class ProxyServiceAuthenticationAction implements IAction {
}
+
+
private ImmutableAttributeMap buildAttributesFromAuthData(IAuthData authData,
ILightRequest eidasReq) {
- final IEidAuthData eidAuthData = (IEidAuthData) authData;
+
+ // eIDAS Out-Going and attribute-specific post-processing of authentication data
+ final IEidAuthData eidAuthData = performAuthdataPostprocessing(authData, eidasReq);
+
final ImmutableAttributeMap.Builder attributeMap = ImmutableAttributeMap.builder();
// inject all requested attributres
@@ -369,5 +377,46 @@ public class ProxyServiceAuthenticationAction implements IAction {
PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, String.class));
}
+
+ /**
+ * Post-processing of authentication data based on requested attributes.
+ *
+ * @param authData Authentication data from ID Austria system.
+ * @param eidasRequest AuthnRequest from foreign country
+ * @return AuthnRequest specific modification of authentication data
+ */
+ private IEidAuthData performAuthdataPostprocessing(IAuthData authData, ILightRequest eidasRequest) {
+ IEidAuthData idaAuthData = (IEidAuthData) authData;
+
+ // select advanced attribute handler
+ Set<String> requiredHandlers = eidasRequest.getRequestedAttributes().getAttributeMap().keySet().stream()
+ .map(el -> attrRegistry.mapEidasAttributeToAttributeHandler(el.getNameUri().toString()).orElse(null))
+ .filter(Objects::nonNull)
+ .distinct()
+ .collect(Collectors.toSet());
+
+ if (!requiredHandlers.isEmpty()) {
+ log.info("eIDAS requested attributes requires #{} specific attribute-hander. "
+ + "Starting advanced post-processing of authentication data ... ", requiredHandlers.size());
+ requiredHandlers.forEach(el -> executeAttributeHandler(el, idaAuthData));
+
+ }
+
+ return idaAuthData;
+
+ }
+
+ private void executeAttributeHandler(String handlerClass, IEidAuthData authData) {
+ try {
+ IEidasAttributeHandler handler = context.getBean(handlerClass, IEidasAttributeHandler.class);
+
+ log.trace("Perfom authData post-processing by using: {}", handler.getClass().getName());
+ handler.performAuthDataPostprocessing(authData);
+
+ } catch (Exception e) {
+ log.error("No custom attribute-handler implementation for: {}. Operation can NOT be performed", handlerClass, e);
+
+ }
+ }
}
diff --git a/modules/eidas_proxy-sevice/src/main/resources/spring/eidas_proxy-service.beans.xml b/modules/eidas_proxy-sevice/src/main/resources/spring/eidas_proxy-service.beans.xml
index 38bd44da..361802eb 100644
--- a/modules/eidas_proxy-sevice/src/main/resources/spring/eidas_proxy-service.beans.xml
+++ b/modules/eidas_proxy-sevice/src/main/resources/spring/eidas_proxy-service.beans.xml
@@ -38,4 +38,7 @@
<bean id="at.asitplus.eidas.specific.modules.msproxyservice.handler.EJusticePersonRoleHandler"
class="at.asitplus.eidas.specific.modules.msproxyservice.handler.EJusticePersonRoleHandler" />
+ <bean id="at.asitplus.eidas.specific.modules.msproxyservice.handler.EJusticWorkaroundPersonRoleHandler"
+ class="at.asitplus.eidas.specific.modules.msproxyservice.handler.EJusticWorkaroundPersonRoleHandler" />
+
</beans> \ No newline at end of file
diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java
index d9bc017c..407da198 100644
--- a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java
+++ b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java
@@ -10,7 +10,6 @@ import static org.junit.Assert.assertTrue;
import java.net.URISyntaxException;
import java.net.URLDecoder;
-import java.time.Instant;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
@@ -43,12 +42,11 @@ import at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServicePe
import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
-import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions.EidIdentityStatusLevelValues;
import at.gv.egiz.eaaf.core.api.idp.IAuthData;
-import at.gv.egiz.eaaf.core.api.idp.IEidAuthData;
-import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
import at.gv.egiz.eaaf.core.api.idp.slo.SloInformationInterface;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.EidAuthenticationData;
import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
import eu.eidas.auth.commons.attribute.AttributeDefinition;
import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
@@ -58,6 +56,7 @@ import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames;
import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
+import lombok.SneakyThrows;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(locations = {
@@ -350,15 +349,15 @@ public class ProxyServiceAuthenticationActionTest {
public void responseWithJurMandate() throws EaafException, SpecificCommunicationException {
Map<String, Object> attr = new HashMap<>();
attr.put(PvpAttributeDefinitions.BPK_NAME,
- "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
- IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
- RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
-
+ "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,
RandomStringUtils.randomAlphabetic(10));
attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
RandomStringUtils.randomAlphabetic(10));
-
+
+ IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+ RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+
LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
.put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
@@ -402,8 +401,6 @@ public class ProxyServiceAuthenticationActionTest {
Map<String, Object> attr = new HashMap<>();
attr.put(PvpAttributeDefinitions.BPK_NAME,
"AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
- IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
- RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,
RandomStringUtils.randomAlphabetic(10));
@@ -411,13 +408,15 @@ public class ProxyServiceAuthenticationActionTest {
RandomStringUtils.randomAlphabetic(10));
attr.put(PvpAttributeDefinitions.MANDATE_TYPE_NAME,
"MUST_BE_UPDATED");
+
+ IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+ RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
.put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
.put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first())
.put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first())
- .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first())
.build());
pendingReq.setEidasRequest(eidasRequestBuilder.build());
@@ -429,7 +428,7 @@ public class ProxyServiceAuthenticationActionTest {
Assert.assertNotNull("Result should be not null", result);
ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
- assertEquals("wrong attr. size", 8, respAttr.size());
+ assertEquals("wrong attr. size", 7, respAttr.size());
checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_PERSONALIDENTIFIER,
(String) attr.get(PvpAttributeDefinitions.BPK_NAME));
checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTFAMILYNAME, authData.getFamilyName());
@@ -442,7 +441,6 @@ public class ProxyServiceAuthenticationActionTest {
(String) attr.get(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME));
checkAttrValue(respAttr, "eJusticeLegalPersonRole", "VIP1");
- checkAttrValue(respAttr, "eJusticeNaturalPersonRole", "VIP1");
assertNull("find nat. person subject: personalId",
getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER));
@@ -460,8 +458,6 @@ public class ProxyServiceAuthenticationActionTest {
Map<String, Object> attr = new HashMap<>();
attr.put(PvpAttributeDefinitions.BPK_NAME,
"AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
- IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
- RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,
RandomStringUtils.randomAlphabetic(10));
@@ -470,12 +466,14 @@ public class ProxyServiceAuthenticationActionTest {
attr.put(PvpAttributeDefinitions.MANDATE_TYPE_NAME,
"SECOND");
+ IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+ RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+
LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
.put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
.put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first())
.put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first())
- .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first())
.build());
pendingReq.setEidasRequest(eidasRequestBuilder.build());
@@ -487,12 +485,52 @@ public class ProxyServiceAuthenticationActionTest {
Assert.assertNotNull("Result should be not null", result);
ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
- assertEquals("wrong attr. size", 8, respAttr.size());
+ assertEquals("wrong attr. size", 7, respAttr.size());
checkAttrValue(respAttr, "eJusticeLegalPersonRole", "VIP2");
- checkAttrValue(respAttr, "eJusticeNaturalPersonRole", "VIP2");
-
+
+ }
+
+ @Test
+ public void borisModeNatPersonResponse() throws EaafException, SpecificCommunicationException {
+ Map<String, Object> attr = new HashMap<>();
+ attr.put(PvpAttributeDefinitions.BPK_NAME,
+ "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
+ String familyName = RandomStringUtils.randomAlphanumeric(10);
+
+ attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,
+ RandomStringUtils.randomAlphabetic(10));
+ attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
+ RandomStringUtils.randomAlphabetic(10));
+ attr.put(PvpAttributeDefinitions.MANDATE_TYPE_NAME,
+ "SECOND");
+
+ IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+ familyName, RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+
+ LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
+ eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME).first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME).first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_DATEOFBIRTH).first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first())
+ .build());
+ pendingReq.setEidasRequest(eidasRequestBuilder.build());
+
+
+ //perform test
+ SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+
+ //validate state
+ Assert.assertNotNull("Result should be not null", result);
+ ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+ assertEquals("wrong attr. size", 5, respAttr.size());
+
+ checkAttrValue(respAttr, "eJusticeNaturalPersonRole", "VIP2");
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, familyName);
+
}
@Test
@@ -500,20 +538,21 @@ public class ProxyServiceAuthenticationActionTest {
Map<String, Object> attr = new HashMap<>();
attr.put(PvpAttributeDefinitions.BPK_NAME,
"AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
- IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
- RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,
RandomStringUtils.randomAlphabetic(10));
attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
RandomStringUtils.randomAlphabetic(10));
+ IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+ RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+
+
LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
.put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
.put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first())
.put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first())
- .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first())
.build());
pendingReq.setEidasRequest(eidasRequestBuilder.build());
@@ -534,8 +573,6 @@ public class ProxyServiceAuthenticationActionTest {
Map<String, Object> attr = new HashMap<>();
attr.put(PvpAttributeDefinitions.BPK_NAME,
"AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
- IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
- RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,
RandomStringUtils.randomAlphabetic(10));
@@ -543,12 +580,14 @@ public class ProxyServiceAuthenticationActionTest {
RandomStringUtils.randomAlphabetic(10));
attr.put(PvpAttributeDefinitions.MANDATE_TYPE_NAME, "");
+ IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+ RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+
LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
.put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
.put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first())
.put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first())
- .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first())
.build());
pendingReq.setEidasRequest(eidasRequestBuilder.build());
@@ -568,9 +607,7 @@ public class ProxyServiceAuthenticationActionTest {
public void borisModeUnknownMandateType() throws EaafException, SpecificCommunicationException {
Map<String, Object> attr = new HashMap<>();
attr.put(PvpAttributeDefinitions.BPK_NAME,
- "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
- IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
- RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+ "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,
RandomStringUtils.randomAlphabetic(10));
@@ -578,12 +615,14 @@ public class ProxyServiceAuthenticationActionTest {
RandomStringUtils.randomAlphabetic(10));
attr.put(PvpAttributeDefinitions.MANDATE_TYPE_NAME, RandomStringUtils.randomAlphanumeric(10));
+ IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+ RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+
LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
.put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
.put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first())
.put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first())
- .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first())
.build());
pendingReq.setEidasRequest(eidasRequestBuilder.build());
@@ -616,8 +655,7 @@ public class ProxyServiceAuthenticationActionTest {
RandomStringUtils.randomAlphabetic(10));
attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME,
"1985-11-15");
-
-
+
IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
@@ -649,14 +687,15 @@ public class ProxyServiceAuthenticationActionTest {
Map<String, Object> attr = new HashMap<>();
attr.put(PvpAttributeDefinitions.BPK_NAME,
"AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
- IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
- RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
-
+
attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,
RandomStringUtils.randomAlphabetic(10));
attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
RandomStringUtils.randomAlphabetic(10));
+ IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+ RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+
//perform test
SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
@@ -689,13 +728,14 @@ public class ProxyServiceAuthenticationActionTest {
Map<String, Object> attr = new HashMap<>();
attr.put(PvpAttributeDefinitions.BPK_NAME,
"AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
- IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
- RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,
RandomStringUtils.randomAlphabetic(10));
attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
- RandomStringUtils.randomAlphabetic(10));
+ RandomStringUtils.randomAlphabetic(10));
+
+ IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+ RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
//perform test
SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
@@ -726,6 +766,7 @@ public class ProxyServiceAuthenticationActionTest {
}
+ @SneakyThrows
private IAuthData generateDummyAuthData() {
return generateDummyAuthData(new HashMap<>(), EaafConstants.EIDAS_LOA_LOW,
RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1940-01-01", false);
@@ -792,191 +833,30 @@ public class ProxyServiceAuthenticationActionTest {
);
}
+ @SneakyThrows
private IAuthData generateDummyAuthData(Map<String, Object> attrs, String loa, String familyName, String givenName, String dateOfBirth,
boolean useMandates) {
attrs.put(PvpAttributeDefinitions.BIRTHDATE_NAME, dateOfBirth);
attrs.put(PvpAttributeDefinitions.GIVEN_NAME_NAME, givenName);
attrs.put(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, familyName);
-
- return new IEidAuthData() {
-
- @Override
- public boolean isSsoSession() {
- // TODO Auto-generated method stub
- return false;
- }
-
- @Override
- public boolean isForeigner() {
- // TODO Auto-generated method stub
- return false;
- }
-
- @Override
- public boolean isBaseIdTransferRestrication() {
- // TODO Auto-generated method stub
- return false;
- }
-
- @Override
- public Instant getSsoSessionValidTo() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getSessionIndex() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getNameIdFormat() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getNameID() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public IIdentityLink getIdentityLink() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getIdentificationValue() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getIdentificationType() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getGivenName() {
- return givenName;
- }
-
- @Override
- public <T> T getGenericData(String key, Class<T> clazz) {
- if (attrs.containsKey(key)) {
- return (T) attrs.get(key);
-
- } else {
- return null;
- }
-
- }
-
- @Override
- public String getDateOfBirth() {
- return dateOfBirth;
- }
-
- @Override
- public String getFamilyName() {
- return familyName;
- }
-
- @Override
- public String getEncryptedSourceIdType() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getEncryptedSourceId() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getEidasQaaLevel() {
- return loa;
-
- }
-
-
- @Override
- public String getCiticenCountryCode() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getBpkType() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getBpk() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getAuthenticationIssuer() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getAuthenticationIssueInstantString() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public Instant getAuthenticationIssueInstant() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public byte[] getSignerCertificate() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public byte[] getEidToken() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public EidIdentityStatusLevelValues getEidStatus() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getVdaEndPointUrl() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public boolean isUseMandate() {
- return useMandates;
+
+ EidAuthenticationData dummyIdaData = new EidAuthenticationData();
+ dummyIdaData.setUseMandate(useMandates);
+ dummyIdaData.setEidasLoa(loa);
+ dummyIdaData.setGivenName(givenName);
+ dummyIdaData.setFamilyName(familyName);
+ dummyIdaData.setDateOfBirth(dateOfBirth);
+ attrs.entrySet().forEach(el -> {
+ try {
+ dummyIdaData.setGenericData(el.getKey(), el.getValue());
+
+ } catch (EaafStorageException e) {
+ e.printStackTrace();
}
-
- @Override
- public String getDateOfBirthFormated(String pattern) {
- // TODO Auto-generated method stub
- return null;
- }
- };
+ });
+
+ return dummyIdaData;
}
}
diff --git a/modules/eidas_proxy-sevice/src/test/resources/config/additional-attributes.xml b/modules/eidas_proxy-sevice/src/test/resources/config/additional-attributes.xml
index c7b40d90..a662c1ab 100644
--- a/modules/eidas_proxy-sevice/src/test/resources/config/additional-attributes.xml
+++ b/modules/eidas_proxy-sevice/src/test/resources/config/additional-attributes.xml
@@ -55,7 +55,7 @@
<entry key="4.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
<entry key="5.NameUri">http://e-justice.europa.eu/attributes/legalperson/eJusticePersonRoleNotExist</entry>
- <entry key="5.FriendlyName">eJusticeLegalPersonRole</entry>
+ <entry key="5.FriendlyName">eJusticeLegalPersonRoleNotExist</entry>
<entry key="5.PersonType">LegalPerson</entry>
<entry key="5.Required">false</entry>
<entry key="5.XmlType.NamespaceUri">http://www.w3.org/2001/XMLSchema</entry>
diff --git a/modules/eidas_proxy-sevice/src/test/resources/config/idaAttributeMapping.json b/modules/eidas_proxy-sevice/src/test/resources/config/idaAttributeMapping.json
index 96034d12..a7014e76 100644
--- a/modules/eidas_proxy-sevice/src/test/resources/config/idaAttributeMapping.json
+++ b/modules/eidas_proxy-sevice/src/test/resources/config/idaAttributeMapping.json
@@ -130,7 +130,7 @@
},
{
"eidasAttribute": "http://e-justice.europa.eu/attributes/naturalperson/eJusticeNaturalPersonRole",
- "specificAttributeHandlerClass": "at.asitplus.eidas.specific.modules.msproxyservice.handler.EJusticePersonRoleHandler",
+ "specificAttributeHandlerClass": "at.asitplus.eidas.specific.modules.msproxyservice.handler.EJusticWorkaroundPersonRoleHandler",
"type": {
"mds": false,
"autoIncludeWithMandates": false