From bb04051b8854d452a94df8488157e5234e1afea7 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Thu, 1 Dec 2022 10:43:37 +0100 Subject: feat(ernp): change handling of entities with status "PersonAmtlichBeenden" again - filter all entries that are marked as "PersonAmtlichBeenden" - set flag 'allowNewErnpEntryByUser' to false in case of matching steps that requires single hit --- .../auth/eidas/v2/clients/ernp/ErnpRestClient.java | 54 +++++++++++++++------- .../eidas/v2/test/clients/ErnpRestClientTest.java | 14 ++++-- 2 files changed, 46 insertions(+), 22 deletions(-) diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/ernp/ErnpRestClient.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/ernp/ErnpRestClient.java index 8b34bbef..0334df0a 100644 --- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/ernp/ErnpRestClient.java +++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/ernp/ErnpRestClient.java @@ -427,11 +427,10 @@ public class ErnpRestClient implements IErnpClient { // check final result if (activePersons.isEmpty()) { - log.error("ERnP entry, which was selected by matching, looks already closed. " - + "Automated operations on closed entries not supported my matching"); - throw new WorkflowException(processStepFiendlyname, - "ERnP entry, which was selected by matching, is not active any more.", true); - + log.info("ERnP entry, which was selected by matching, looks already closed. " + + "Disallow new ERnP entries by user selection"); + return new ErnpRegisterResult(Collections.emptyList(), false); + } else if (activePersons.size() > 1) { log.error("Find more-than-one ERnP entry with search criteria that has to be unique"); throw new WorkflowException(processStepFiendlyname, @@ -932,21 +931,53 @@ public class ErnpRestClient implements IErnpClient { return config; } + private GenericRequestParams buildGenericRequestParameters() { + return GenericRequestParams.builder() + .clientBehkz(basicConfig.getBasicConfiguration( + Constants.CONIG_PROPS_EIDAS_ZMRCLIENT_REQ_ORGANIZATION_NR)) + .clientName(MessageFormat.format(Constants.CLIENT_INFO, versionHolder.getVersion())) + .clientRequestTime(OffsetDateTime.now()) + .clientRequestId(TransactionIdUtils.getTransactionId()) + .build(); + + } + @Getter public static class ErnpRegisterResult { + /** + * Flag that indicates if ERnP entries by user decision is allowed. + */ + private final boolean allowErnpEntryByUser; + private final List fullErnpResults; /** * Build reduced ERnP register result. + * + *

New ERnP entries are allowed by default

* * @param list {@link List} of ERnP entities */ public ErnpRegisterResult(List list) { - fullErnpResults = list; + this(list, true); } + /** + * Build reduced ERnP register result. + * + * @param list {@link List} of ERnP entities + * @param allowNewErnpEntries true to allow new ERnP entries by user decision, + * otherwise false + */ + public ErnpRegisterResult(List list, boolean allowNewErnpEntries) { + fullErnpResults = list; + allowErnpEntryByUser = allowNewErnpEntries; + + } + + /** * Get all active ERnP results. * @@ -993,17 +1024,6 @@ public class ErnpRestClient implements IErnpClient { } - private GenericRequestParams buildGenericRequestParameters() { - return GenericRequestParams.builder() - .clientBehkz(basicConfig.getBasicConfiguration( - Constants.CONIG_PROPS_EIDAS_ZMRCLIENT_REQ_ORGANIZATION_NR)) - .clientName(MessageFormat.format(Constants.CLIENT_INFO, versionHolder.getVersion())) - .clientRequestTime(OffsetDateTime.now()) - .clientRequestId(TransactionIdUtils.getTransactionId()) - .build(); - - } - @Builder @Getter private static class GenericRequestParams { diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ErnpRestClientTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ErnpRestClientTest.java index dcf0bc00..8057eafe 100644 --- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ErnpRestClientTest.java +++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ErnpRestClientTest.java @@ -404,10 +404,14 @@ public class ErnpRestClientTest { .setHeader("Content-Type", "application/json;charset=utf-8")); // execute operation - EidasSAuthenticationException error = assertThrows("wrong Exception", EidasSAuthenticationException.class, - () -> client.searchWithPersonIdentifier(eidasDataFirst.getPseudonym(), cc)); - assertEquals("wrong errorCode", "module.eidasauth.matching.03", error.getErrorId()); - mockWebServer.takeRequest(); + ErnpRegisterResult resp = client.searchWithPersonIdentifier(eidasDataFirst.getPseudonym(), cc); + + // validate state + mockWebServer.takeRequest(); + assertNotNull("no ERnP response", resp); + assertEquals("wrong resp size", 0, resp.getPersonResult().size()); + assertEquals("wrong resp size", 0, resp.getZmrPersonResult().size()); + assertFalse("newErnpEntryAllowed", resp.isAllowErnpEntryByUser()); } @@ -532,6 +536,7 @@ public class ErnpRestClientTest { assertNotNull("no ERnP response", resp); assertEquals("wrong resp size", 1, resp.getPersonResult().size()); assertEquals("wrong resp size", 0, resp.getZmrPersonResult().size()); + assertTrue("newErnpEntryAllowed", resp.isAllowErnpEntryByUser()); RegisterResult persInfo = resp.getPersonResult().get(0); assertEquals("wrong familyname", "CtKKrtUe", persInfo.getFamilyName()); assertEquals("wrong givenName", "dUeYzUFg", persInfo.getGivenName()); @@ -795,7 +800,6 @@ public class ErnpRestClientTest { .setHeader("Content-Type", "application/json;charset=utf-8")); // execute operation - // execute operation ErnpRegisterResult resp = client.add(eidasDataFirst); // validate request -- cgit v1.2.3