From bab20b30d6a2ed9c5a6e739260027d23b933dc00 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 22 Jan 2021 12:16:21 +0100 Subject: add basic modules for integration of MS-specific eIDAS Proxy-Service --- basicConfig/logback_config.xml | 70 ++++++++++++++++++++++-------------------- 1 file changed, 36 insertions(+), 34 deletions(-) (limited to 'basicConfig') diff --git a/basicConfig/logback_config.xml b/basicConfig/logback_config.xml index 0a53b1ec..ddb9f864 100644 --- a/basicConfig/logback_config.xml +++ b/basicConfig/logback_config.xml @@ -8,20 +8,20 @@ - + - ${catalina.base}/logs/eIDAS_node.log + ${catalina.base}/logs/ms_specific_node.log.log - %5p | %d{dd HH:mm:ss,SSS} | %t | %m%n + %5p | %d{ISO8601} | %X{transactionId} | %t | %logger{16} | %m%n - - 9999 - ${catalina.base}/logs/eIDAS_node.log.%i + + ${catalina.base}/logs/ms_specific_node.log.%d{yyyy-MM-dd} 10000KB + ${catalina.base}/logs/eidas-ms-reversion.log @@ -36,20 +36,7 @@ 10000KB - - - ${catalina.base}/logs/eidas-ms-reversion.log - - %5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n - - - 9999 - ${catalina.base}/logs/eidas-ms-reversion.log.%i - - - 10000KB - - + ${catalina.base}/logs/eidas-ms-statistic.log @@ -64,39 +51,54 @@ 10000KB + ${catalina.base}/logs/console.log %5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n - - 9999 - ${catalina.base}/logs/console.log.%i + + ${catalina.base}/logs/eidas-ms-statistic.log.%d{yyyy-MM-dd} - - 10000KB - + %5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %20c | %10t | %m%n - - + + + - - -

- +

- - + + + + + + + + + + + + + + + + + + + + +

-- cgit v1.2.3 From b419fcc99808d550490b7a4bf1e03baf4cacc6fc Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Tue, 4 May 2021 11:57:00 +0200 Subject: fix some small bugs --- basicConfig/templates/error_message.html | 11 +++++------ connector/pom.xml | 5 ++++- .../resources/process/id_austria.Authentication.process.xml | 4 ++-- .../test/IdAustriaEidasProxyAuthenticationModulImplTest.java | 5 +++++ .../test/resources/spring/SpringTest-context_basic_test.xml | 4 ++++ 5 files changed, 20 insertions(+), 9 deletions(-) (limited to 'basicConfig') diff --git a/basicConfig/templates/error_message.html b/basicConfig/templates/error_message.html index b1367962..f0bbf830 100644 --- a/basicConfig/templates/error_message.html +++ b/basicConfig/templates/error_message.html @@ -13,9 +13,9 @@

Authentication error arise

Error Header

@@ -24,9 +24,8 @@

Code :

Msg :

- -

+ + diff --git a/connector/pom.xml b/connector/pom.xml index 244a08fb..8ec63765 100644 --- a/connector/pom.xml +++ b/connector/pom.xml @@ -44,6 +44,10 @@ + + at.gv.egiz.eaaf + eaaf_module_pvp2_sp + at.asitplus.eidas.ms_specific connector_lib @@ -159,7 +163,6 @@ at.asitplus.eidas.ms_specific.modules authmodule-eIDAS-v2 - tests test test-jar diff --git a/eidas_modules/authmodule_id-austria/src/main/resources/process/id_austria.Authentication.process.xml b/eidas_modules/authmodule_id-austria/src/main/resources/process/id_austria.Authentication.process.xml index ebd5c54d..e8a83e68 100644 --- a/eidas_modules/authmodule_id-austria/src/main/resources/process/id_austria.Authentication.process.xml +++ b/eidas_modules/authmodule_id-austria/src/main/resources/process/id_austria.Authentication.process.xml @@ -1,6 +1,6 @@ + xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"> @@ -10,7 +10,7 @@ - + diff --git a/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/IdAustriaEidasProxyAuthenticationModulImplTest.java b/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/IdAustriaEidasProxyAuthenticationModulImplTest.java index 733d2e19..5a4c8b7e 100644 --- a/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/IdAustriaEidasProxyAuthenticationModulImplTest.java +++ b/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/IdAustriaEidasProxyAuthenticationModulImplTest.java @@ -20,6 +20,7 @@ import at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServicePe import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; import at.gv.egiz.eaaf.core.api.idp.IConfiguration; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.api.idp.process.ProcessEngine; import at.gv.egiz.eaaf.core.impl.idp.auth.modules.ModuleRegistration; import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyConfiguration; import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; @@ -35,6 +36,8 @@ public class IdAustriaEidasProxyAuthenticationModulImplTest { @Autowired ModuleRegistration moduleReg; @Autowired ResourceLoader loader; + @Autowired ProcessEngine processEngine; + private final ExecutionContext executionContext = new ExecutionContextImpl(); private DummySpConfiguration oaParam; @@ -79,6 +82,8 @@ public class IdAustriaEidasProxyAuthenticationModulImplTest { Assert.assertNotNull("Process is null", result); Assert.assertEquals("Process Id not match", "idAustriaForEidasProxyService", result); + Assert.assertNotNull("Can not initalize process", processEngine.createProcessInstance(result)); + } @Test diff --git a/eidas_modules/authmodule_id-austria/src/test/resources/spring/SpringTest-context_basic_test.xml b/eidas_modules/authmodule_id-austria/src/test/resources/spring/SpringTest-context_basic_test.xml index 16959dc5..99778839 100644 --- a/eidas_modules/authmodule_id-austria/src/test/resources/spring/SpringTest-context_basic_test.xml +++ b/eidas_modules/authmodule_id-austria/src/test/resources/spring/SpringTest-context_basic_test.xml @@ -25,4 +25,8 @@ + + \ No newline at end of file -- cgit v1.2.3 From 9d1d6626032aa59eb169e310ed239b94c0bc5447 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Fri, 3 Jun 2022 16:02:01 +0200 Subject: chore(config): split default configuration into MS-Connector and MS-Proxy-Servie --- basicConfig/default_config.properties | 115 --------- basicConfig/log4j.properties | 54 ---- basicConfig/logback_config.xml | 104 -------- basicConfig/ms-connector/default_config.properties | 115 +++++++++ basicConfig/ms-connector/logback_config.xml | 104 ++++++++ .../ms-connector/properties/messages.properties | 214 ++++++++++++++++ .../ms-connector/properties/messages_de.properties | 161 ++++++++++++ .../ms-connector/templates/countrySelection.html | 133 ++++++++++ .../templates/countrySelection_example.html | 54 ++++ .../ms-connector/templates/eidas_node_forward.html | 36 +++ .../ms-connector/templates/error_message.html | 60 +++++ .../ms-connector/templates/language_selection.html | 15 ++ .../ms-connector/templates/other_login_method.html | 153 +++++++++++ .../ms-connector/templates/pvp2_post_binding.html | 36 +++ basicConfig/ms-connector/templates/residency.html | 285 +++++++++++++++++++++ basicConfig/ms-connector/webcontent/autocommit.js | 5 + basicConfig/ms-connector/webcontent/css/common.css | 156 +++++++++++ .../ms-connector/webcontent/css/css_country.css | 185 +++++++++++++ .../ms-connector/webcontent/css/css_error.css | 26 ++ .../ms-connector/webcontent/img/ajax-loader.gif | Bin 0 -> 673 bytes .../ms-connector/webcontent/js/jquery-3.6.0.min.js | 2 + .../ms-connector/webcontent/js/js_country.js | 42 +++ .../ms-proxyservice/default_config.properties | 115 +++++++++ basicConfig/ms-proxyservice/logback_config.xml | 104 ++++++++ .../ms-proxyservice/properties/messages.properties | 214 ++++++++++++++++ .../properties/messages_de.properties | 161 ++++++++++++ .../templates/eidas_node_forward.html | 36 +++ .../ms-proxyservice/templates/error_message.html | 60 +++++ .../templates/pvp2_post_binding.html | 36 +++ .../ms-proxyservice/webcontent/autocommit.js | 5 + .../ms-proxyservice/webcontent/css/common.css | 156 +++++++++++ .../ms-proxyservice/webcontent/css/css_error.css | 26 ++ .../ms-proxyservice/webcontent/img/ajax-loader.gif | Bin 0 -> 673 bytes basicConfig/properties/messages.properties | 214 ---------------- basicConfig/properties/messages_de.properties | 161 ------------ basicConfig/templates/countrySelection.html | 133 ---------- .../templates/countrySelection_example.html | 54 ---- basicConfig/templates/eidas_node_forward.html | 36 --- basicConfig/templates/error_message.html | 60 ----- basicConfig/templates/language_selection.html | 15 -- basicConfig/templates/other_login_method.html | 153 ----------- basicConfig/templates/pvp2_post_binding.html | 36 --- basicConfig/templates/residency.html | 285 --------------------- basicConfig/webcontent/autocommit.js | 5 - basicConfig/webcontent/css/common.css | 156 ----------- basicConfig/webcontent/css/css_country.css | 185 ------------- basicConfig/webcontent/css/css_error.css | 26 -- basicConfig/webcontent/img/ajax-loader.gif | Bin 673 -> 0 bytes basicConfig/webcontent/js/jquery-3.6.0.min.js | 2 - basicConfig/webcontent/js/js_country.js | 42 --- connector/pom.xml | 8 - connector/src/assembly/assembly_dir.xml | 16 +- connector/src/assembly/assembly_zip.xml | 16 +- .../utils/CountrySelectionProcessImplTest.java | 2 +- infos/Handbuch_MS-eIDAS-Node.docx | Bin 50668 -> 0 bytes infos/history.txt | 75 ------ infos/ms-connector/Handbuch_MS-eIDAS-Node.docx | Bin 0 -> 50668 bytes .../handbook/Handbuch_MS-eIDAS-Node.pdf | Bin 0 -> 585307 bytes infos/ms-connector/history.txt | 75 ++++++ infos/ms-connector/readme_1.0.3-snapshot.txt | 22 ++ infos/ms-connector/readme_1.1.0.txt | 81 ++++++ infos/ms-connector/readme_1.2.0.md | 59 +++++ infos/ms-connector/readme_1.2.1.md | 57 +++++ infos/ms-connector/readme_1.2.2.md | 60 +++++ infos/ms-connector/readme_1.2.3.md | 59 +++++ infos/ms-connector/readme_1.2.4.md | 65 +++++ infos/ms-connector/readme_1.3.0.md | 118 +++++++++ infos/ms-proxyservice/Handbuch_MS-eIDAS-Node.docx | Bin 0 -> 50668 bytes .../handbook/Handbuch_MS-eIDAS-Node.pdf | Bin 0 -> 585307 bytes infos/ms-proxyservice/history.txt | 10 + infos/ms-proxyservice/readme_1.0.1.md | 49 ++++ infos/readme_1.0.3-snapshot.txt | 22 -- infos/readme_1.1.0.txt | 81 ------ infos/readme_1.2.0.md | 59 ----- infos/readme_1.2.1.md | 57 ----- infos/readme_1.2.2.md | 60 ----- infos/readme_1.2.3.md | 59 ----- infos/readme_1.2.4.md | 65 ----- infos/readme_1.3.0.md | 118 --------- .../resources/config/junit_config_1.properties | 6 +- .../src/assembly/assembly_dir.xml | 66 +++++ .../src/assembly/assembly_zip.xml | 65 +++++ 82 files changed, 3513 insertions(+), 2448 deletions(-) delete mode 100644 basicConfig/default_config.properties delete mode 100644 basicConfig/log4j.properties delete mode 100644 basicConfig/logback_config.xml create mode 100644 basicConfig/ms-connector/default_config.properties create mode 100644 basicConfig/ms-connector/logback_config.xml create mode 100644 basicConfig/ms-connector/properties/messages.properties create mode 100644 basicConfig/ms-connector/properties/messages_de.properties create mode 100644 basicConfig/ms-connector/templates/countrySelection.html create mode 100644 basicConfig/ms-connector/templates/countrySelection_example.html create mode 100644 basicConfig/ms-connector/templates/eidas_node_forward.html create mode 100644 basicConfig/ms-connector/templates/error_message.html create mode 100644 basicConfig/ms-connector/templates/language_selection.html create mode 100644 basicConfig/ms-connector/templates/other_login_method.html create mode 100644 basicConfig/ms-connector/templates/pvp2_post_binding.html create mode 100644 basicConfig/ms-connector/templates/residency.html create mode 100644 basicConfig/ms-connector/webcontent/autocommit.js create mode 100644 basicConfig/ms-connector/webcontent/css/common.css create mode 100644 basicConfig/ms-connector/webcontent/css/css_country.css create mode 100644 basicConfig/ms-connector/webcontent/css/css_error.css create mode 100644 basicConfig/ms-connector/webcontent/img/ajax-loader.gif create mode 100644 basicConfig/ms-connector/webcontent/js/jquery-3.6.0.min.js create mode 100644 basicConfig/ms-connector/webcontent/js/js_country.js create mode 100644 basicConfig/ms-proxyservice/default_config.properties create mode 100644 basicConfig/ms-proxyservice/logback_config.xml create mode 100644 basicConfig/ms-proxyservice/properties/messages.properties create mode 100644 basicConfig/ms-proxyservice/properties/messages_de.properties create mode 100644 basicConfig/ms-proxyservice/templates/eidas_node_forward.html create mode 100644 basicConfig/ms-proxyservice/templates/error_message.html create mode 100644 basicConfig/ms-proxyservice/templates/pvp2_post_binding.html create mode 100644 basicConfig/ms-proxyservice/webcontent/autocommit.js create mode 100644 basicConfig/ms-proxyservice/webcontent/css/common.css create mode 100644 basicConfig/ms-proxyservice/webcontent/css/css_error.css create mode 100644 basicConfig/ms-proxyservice/webcontent/img/ajax-loader.gif delete mode 100644 basicConfig/properties/messages.properties delete mode 100644 basicConfig/properties/messages_de.properties delete mode 100644 basicConfig/templates/countrySelection.html delete mode 100644 basicConfig/templates/countrySelection_example.html delete mode 100644 basicConfig/templates/eidas_node_forward.html delete mode 100644 basicConfig/templates/error_message.html delete mode 100644 basicConfig/templates/language_selection.html delete mode 100644 basicConfig/templates/other_login_method.html delete mode 100644 basicConfig/templates/pvp2_post_binding.html delete mode 100644 basicConfig/templates/residency.html delete mode 100644 basicConfig/webcontent/autocommit.js delete mode 100644 basicConfig/webcontent/css/common.css delete mode 100644 basicConfig/webcontent/css/css_country.css delete mode 100644 basicConfig/webcontent/css/css_error.css delete mode 100644 basicConfig/webcontent/img/ajax-loader.gif delete mode 100644 basicConfig/webcontent/js/jquery-3.6.0.min.js delete mode 100644 basicConfig/webcontent/js/js_country.js delete mode 100644 infos/Handbuch_MS-eIDAS-Node.docx delete mode 100644 infos/history.txt create mode 100644 infos/ms-connector/Handbuch_MS-eIDAS-Node.docx create mode 100644 infos/ms-connector/handbook/Handbuch_MS-eIDAS-Node.pdf create mode 100644 infos/ms-connector/history.txt create mode 100644 infos/ms-connector/readme_1.0.3-snapshot.txt create mode 100644 infos/ms-connector/readme_1.1.0.txt create mode 100644 infos/ms-connector/readme_1.2.0.md create mode 100644 infos/ms-connector/readme_1.2.1.md create mode 100644 infos/ms-connector/readme_1.2.2.md create mode 100644 infos/ms-connector/readme_1.2.3.md create mode 100644 infos/ms-connector/readme_1.2.4.md create mode 100644 infos/ms-connector/readme_1.3.0.md create mode 100644 infos/ms-proxyservice/Handbuch_MS-eIDAS-Node.docx create mode 100644 infos/ms-proxyservice/handbook/Handbuch_MS-eIDAS-Node.pdf create mode 100644 infos/ms-proxyservice/history.txt create mode 100644 infos/ms-proxyservice/readme_1.0.1.md delete mode 100644 infos/readme_1.0.3-snapshot.txt delete mode 100644 infos/readme_1.1.0.txt delete mode 100644 infos/readme_1.2.0.md delete mode 100644 infos/readme_1.2.1.md delete mode 100644 infos/readme_1.2.2.md delete mode 100644 infos/readme_1.2.3.md delete mode 100644 infos/readme_1.2.4.md delete mode 100644 infos/readme_1.3.0.md create mode 100644 ms_specific_proxyservice/src/assembly/assembly_dir.xml create mode 100644 ms_specific_proxyservice/src/assembly/assembly_zip.xml (limited to 'basicConfig') diff --git a/basicConfig/default_config.properties b/basicConfig/default_config.properties deleted file mode 100644 index b14c0221..00000000 --- a/basicConfig/default_config.properties +++ /dev/null @@ -1,115 +0,0 @@ -## Basic service configuration -eidas.ms.context.url.prefix= -eidas.ms.core.configRootDir=file:./ - - -##Monitoring -eidas.ms.monitoring.eIDASNode.metadata.url= - - -##Specific logger configuration -eidas.ms.technicallog.write.MDS.into.techlog=true -eidas.ms.revisionlog.write.MDS.into.revisionlog=true -eidas.ms.revisionlog.logIPAddressOfUser=true - - -## extended validation of pending-request Id's -eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret - - -############################################# -#### eIDAS Ref. Implementation connector #### -eidas.ms.auth.eIDAS.eid.testidentity.default=false - -## eIDAS Request configuration -eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs=Austria - -eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector -eidas.ms.auth.eIDAS.node_v2.forward.endpoint= - - -############################################# -#### eIDAS identity-matching ###### -# ZMR communication -eidas.ms.auth.eIDAS.zmrclient.endpoint=https://stportal.bmi.gv.at/at.gv.bmi.zmrsrv-a/soap/ZMRService -eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.type=pkcs12 -eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.path=keys/.... -eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.password= -eidas.ms.auth.eIDAS.zmrclient.ssl.key.alias= -eidas.ms.auth.eIDAS.zmrclient.ssl.key.password= -eidas.ms.auth.eIDAS.zmrclient.req.organisation.behoerdennr= - -# ERnP communication -eidas.ms.auth.eIDAS.ernpclient.endpoint=https://stportal.bmi.gv.at/at.gv.bmi.erpsrv-a/srv/rest/ -eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.type=pkcs12 -eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.path=keys/.... -eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.password= -eidas.ms.auth.eIDAS.ernpclient.ssl.key.alias= -eidas.ms.auth.eIDAS.ernpclient.ssl.key.password= -eidas.ms.auth.eIDAS.ernpclient.req.organisation.behoerdennr= - -# SAML2 ID Austria client for matching -eidas.ms.modules.idaustriaclient.keystore.type=jks -eidas.ms.modules.idaustriaclient.keystore.path=keys/... -eidas.ms.modules.idaustriaclient.keystore.password= -eidas.ms.modules.idaustriaclient.metadata.sign.alias= -eidas.ms.modules.idaustriaclient.metadata.sign.password= -eidas.ms.modules.idaustriaclient.request.sign.alias= -eidas.ms.modules.idaustriaclient.request.sign.password= -eidas.ms.modules.idaustriaclient.response.encryption.alias= -eidas.ms.modules.idaustriaclient.response.encryption.password= - -eidas.ms.modules.idaustriaclient.truststore.type=jks -eidas.ms.modules.idaustriaclient.truststore.path=keys/id_austria_truststore.jks -eidas.ms.modules.idaustriaclient.truststore.password=trustIda - -eidas.ms.modules.idaustriaclient.idaustria.idp.entityId=https://eid2.oesterreich.gv.at/auth/idp/shibboleth - - - -############################################# -#### SZR communication ###### -eidas.ms.auth.eIDAS.szrclient.useTestService=true -eidas.ms.auth.eIDAS.szrclient.endpoint.prod=https://stportal.bmi.gv.at/at.gv.bmi.sz2-n-p/SZR -eidas.ms.auth.eIDAS.szrclient.endpoint.test=https://stportal.bmi.gv.at/at.gv.bmi.sz2-n-a/SZR -eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.type=pkcs12 -eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/..... -eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password= -eidas.ms.auth.eIDAS.szrclient.ssl.key.alias= -eidas.ms.auth.eIDAS.szrclient.ssl.key.password= - - -############################################# -#### IDA-AuthBlock configuration ###### -eidas.ms.auth.eIDAS.authblock.keystore.type=jks -eidas.ms.auth.eIDAS.authblock.keystore.path=keys/teststore.jks -eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s -eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair -eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s - - -################################################# -#### PVP2 S-Profile end-point configuration #### -eidas.ms.pvp2.keystore.type=jks -eidas.ms.pvp2.keystore.path=keys/..... -eidas.ms.pvp2.keystore.password= -eidas.ms.pvp2.key.metadata.alias= -eidas.ms.pvp2.key.metadata.password= -eidas.ms.pvp2.key.signing.alias= -eidas.ms.pvp2.key.signing.password= -eidas.ms.pvp2.metadata.validity=24 - -eidas.ms.pvp2.metadata.organisation.name=JUnit -eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit -eidas.ms.pvp2.metadata.organisation.url=http://junit.test -eidas.ms.pvp2.metadata.contact.givenname=Max -eidas.ms.pvp2.metadata.contact.surname=Mustermann -eidas.ms.pvp2.metadata.contact.email=max@junit.test - - -## Service Provider configuration -eidas.ms.sp.0.uniqueID= -eidas.ms.sp.0.pvp2.metadata.truststore= -eidas.ms.sp.0.pvp2.metadata.truststore.password= -eidas.ms.sp.0.newEidMode=false - diff --git a/basicConfig/log4j.properties b/basicConfig/log4j.properties deleted file mode 100644 index 4426ea7e..00000000 --- a/basicConfig/log4j.properties +++ /dev/null @@ -1,54 +0,0 @@ -# commons-logging setup -org.apache.commons.logging.LogFactory=org.apache.commons.logging.impl.Log4jFactory - -# define log4j root loggers -log4j.rootLogger=warn,stdout, console - -log4j.logger.at.gv.egiz.eidas.specific=info, msnode -log4j.logger.at.gv.egiz.eidas.specific.connector.logger.RevisionLogger=info, reversion -log4j.logger.at.gv.egiz.eidas.specific.connector.logger.StatisticLogger=info, statistic -log4j.logger.eu.eidas=info, EIDASNODE - -log4j.additivity.at.gv.egiz.eidas.specific=false -log4j.additivity.at.gv.egiz.eidas.specific.connector.logger.RevisionLogger=false -log4j.additivity.at.gv.egiz.eidas.specific.connector.logger.StatisticLogger=false -log4j.additivity.eu.eidas=false - -log4j.appender.console=org.apache.log4j.ConsoleAppender -log4j.appender.console.layout=org.apache.log4j.PatternLayout -log4j.appender.console.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %20c | %10t | %m%n - -log4j.appender.stdout=org.apache.log4j.RollingFileAppender -log4j.appender.stdout.File=${catalina.base}/logs/console.log -log4j.appender.stdout.MaxFileSize=10000KB -log4j.appender.stdout.MaxBackupIndex=9999 -log4j.appender.stdout.layout=org.apache.log4j.PatternLayout -log4j.appender.stdout.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n - -log4j.appender.msnode=org.apache.log4j.RollingFileAppender -log4j.appender.msnode.File=${catalina.base}/logs/eidas-ms-reversion.log -log4j.appender.msnode.MaxFileSize=10000KB -log4j.appender.msnode.MaxBackupIndex=9999 -log4j.appender.msnode.layout=org.apache.log4j.PatternLayout -log4j.appender.msnode.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n - -log4j.appender.reversion=org.apache.log4j.RollingFileAppender -log4j.appender.reversion.File=${catalina.base}/logs/eidas-ms-reversion.log -log4j.appender.reversion.MaxFileSize=10000KB -log4j.appender.reversion.MaxBackupIndex=9999 -log4j.appender.reversion.layout=org.apache.log4j.PatternLayout -log4j.appender.reversion.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n - -log4j.appender.statistic=org.apache.log4j.RollingFileAppender -log4j.appender.statistic.File=${catalina.base}/logs/eidas-ms-statistic.log -log4j.appender.statistic.MaxFileSize=10000KB -log4j.appender.statistic.MaxBackupIndex=9999 -log4j.appender.statistic.layout=org.apache.log4j.PatternLayout -log4j.appender.statistic.layout.ConversionPattern=%m%n - -log4j.appender.EIDASNODE=org.apache.log4j.RollingFileAppender -log4j.appender.EIDASNODE.File=${catalina.base}/logs/eIDAS_node.log -log4j.appender.EIDASNODE.MaxFileSize=10000KB -log4j.appender.EIDASNODE.MaxBackupIndex=9999 -log4j.appender.EIDASNODE.layout=org.apache.log4j.PatternLayout -log4j.appender.EIDASNODE.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n \ No newline at end of file diff --git a/basicConfig/logback_config.xml b/basicConfig/logback_config.xml deleted file mode 100644 index ddb9f864..00000000 --- a/basicConfig/logback_config.xml +++ /dev/null @@ -1,104 +0,0 @@ - - - - - - - - - - - - - ${catalina.base}/logs/ms_specific_node.log.log - - %5p | %d{ISO8601} | %X{transactionId} | %t | %logger{16} | %m%n - - - ${catalina.base}/logs/ms_specific_node.log.%d{yyyy-MM-dd} - - - 10000KB - - - - - - ${catalina.base}/logs/eidas-ms-reversion.log - - %5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n - - - 9999 - ${catalina.base}/logs/eidas-ms-reversion.log.%i - - - 10000KB - - - - - - ${catalina.base}/logs/eidas-ms-statistic.log - - %5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n - - - 9999 - ${catalina.base}/logs/eidas-ms-statistic.log.%i - - - 10000KB - - - - - - ${catalina.base}/logs/console.log - - %5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n - - - ${catalina.base}/logs/eidas-ms-statistic.log.%d{yyyy-MM-dd} - - - - - - %5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %20c | %10t | %m%n - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/basicConfig/ms-connector/default_config.properties b/basicConfig/ms-connector/default_config.properties new file mode 100644 index 00000000..b14c0221 --- /dev/null +++ b/basicConfig/ms-connector/default_config.properties @@ -0,0 +1,115 @@ +## Basic service configuration +eidas.ms.context.url.prefix= +eidas.ms.core.configRootDir=file:./ + + +##Monitoring +eidas.ms.monitoring.eIDASNode.metadata.url= + + +##Specific logger configuration +eidas.ms.technicallog.write.MDS.into.techlog=true +eidas.ms.revisionlog.write.MDS.into.revisionlog=true +eidas.ms.revisionlog.logIPAddressOfUser=true + + +## extended validation of pending-request Id's +eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret + + +############################################# +#### eIDAS Ref. Implementation connector #### +eidas.ms.auth.eIDAS.eid.testidentity.default=false + +## eIDAS Request configuration +eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs=Austria + +eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector +eidas.ms.auth.eIDAS.node_v2.forward.endpoint= + + +############################################# +#### eIDAS identity-matching ###### +# ZMR communication +eidas.ms.auth.eIDAS.zmrclient.endpoint=https://stportal.bmi.gv.at/at.gv.bmi.zmrsrv-a/soap/ZMRService +eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.type=pkcs12 +eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.path=keys/.... +eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.password= +eidas.ms.auth.eIDAS.zmrclient.ssl.key.alias= +eidas.ms.auth.eIDAS.zmrclient.ssl.key.password= +eidas.ms.auth.eIDAS.zmrclient.req.organisation.behoerdennr= + +# ERnP communication +eidas.ms.auth.eIDAS.ernpclient.endpoint=https://stportal.bmi.gv.at/at.gv.bmi.erpsrv-a/srv/rest/ +eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.type=pkcs12 +eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.path=keys/.... +eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.password= +eidas.ms.auth.eIDAS.ernpclient.ssl.key.alias= +eidas.ms.auth.eIDAS.ernpclient.ssl.key.password= +eidas.ms.auth.eIDAS.ernpclient.req.organisation.behoerdennr= + +# SAML2 ID Austria client for matching +eidas.ms.modules.idaustriaclient.keystore.type=jks +eidas.ms.modules.idaustriaclient.keystore.path=keys/... +eidas.ms.modules.idaustriaclient.keystore.password= +eidas.ms.modules.idaustriaclient.metadata.sign.alias= +eidas.ms.modules.idaustriaclient.metadata.sign.password= +eidas.ms.modules.idaustriaclient.request.sign.alias= +eidas.ms.modules.idaustriaclient.request.sign.password= +eidas.ms.modules.idaustriaclient.response.encryption.alias= +eidas.ms.modules.idaustriaclient.response.encryption.password= + +eidas.ms.modules.idaustriaclient.truststore.type=jks +eidas.ms.modules.idaustriaclient.truststore.path=keys/id_austria_truststore.jks +eidas.ms.modules.idaustriaclient.truststore.password=trustIda + +eidas.ms.modules.idaustriaclient.idaustria.idp.entityId=https://eid2.oesterreich.gv.at/auth/idp/shibboleth + + + +############################################# +#### SZR communication ###### +eidas.ms.auth.eIDAS.szrclient.useTestService=true +eidas.ms.auth.eIDAS.szrclient.endpoint.prod=https://stportal.bmi.gv.at/at.gv.bmi.sz2-n-p/SZR +eidas.ms.auth.eIDAS.szrclient.endpoint.test=https://stportal.bmi.gv.at/at.gv.bmi.sz2-n-a/SZR +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.type=pkcs12 +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/..... +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password= +eidas.ms.auth.eIDAS.szrclient.ssl.key.alias= +eidas.ms.auth.eIDAS.szrclient.ssl.key.password= + + +############################################# +#### IDA-AuthBlock configuration ###### +eidas.ms.auth.eIDAS.authblock.keystore.type=jks +eidas.ms.auth.eIDAS.authblock.keystore.path=keys/teststore.jks +eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s +eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair +eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s + + +################################################# +#### PVP2 S-Profile end-point configuration #### +eidas.ms.pvp2.keystore.type=jks +eidas.ms.pvp2.keystore.path=keys/..... +eidas.ms.pvp2.keystore.password= +eidas.ms.pvp2.key.metadata.alias= +eidas.ms.pvp2.key.metadata.password= +eidas.ms.pvp2.key.signing.alias= +eidas.ms.pvp2.key.signing.password= +eidas.ms.pvp2.metadata.validity=24 + +eidas.ms.pvp2.metadata.organisation.name=JUnit +eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit +eidas.ms.pvp2.metadata.organisation.url=http://junit.test +eidas.ms.pvp2.metadata.contact.givenname=Max +eidas.ms.pvp2.metadata.contact.surname=Mustermann +eidas.ms.pvp2.metadata.contact.email=max@junit.test + + +## Service Provider configuration +eidas.ms.sp.0.uniqueID= +eidas.ms.sp.0.pvp2.metadata.truststore= +eidas.ms.sp.0.pvp2.metadata.truststore.password= +eidas.ms.sp.0.newEidMode=false + diff --git a/basicConfig/ms-connector/logback_config.xml b/basicConfig/ms-connector/logback_config.xml new file mode 100644 index 00000000..ddb9f864 --- /dev/null +++ b/basicConfig/ms-connector/logback_config.xml @@ -0,0 +1,104 @@ + + + + + + + + + + + + + ${catalina.base}/logs/ms_specific_node.log.log + + %5p | %d{ISO8601} | %X{transactionId} | %t | %logger{16} | %m%n + + + ${catalina.base}/logs/ms_specific_node.log.%d{yyyy-MM-dd} + + + 10000KB + + + + + + ${catalina.base}/logs/eidas-ms-reversion.log + + %5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n + + + 9999 + ${catalina.base}/logs/eidas-ms-reversion.log.%i + + + 10000KB + + + + + + ${catalina.base}/logs/eidas-ms-statistic.log + + %5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n + + + 9999 + ${catalina.base}/logs/eidas-ms-statistic.log.%i + + + 10000KB + + + + + + ${catalina.base}/logs/console.log + + %5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n + + + ${catalina.base}/logs/eidas-ms-statistic.log.%d{yyyy-MM-dd} + + + + + + %5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %20c | %10t | %m%n + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/basicConfig/ms-connector/properties/messages.properties b/basicConfig/ms-connector/properties/messages.properties new file mode 100644 index 00000000..8d2b692c --- /dev/null +++ b/basicConfig/ms-connector/properties/messages.properties @@ -0,0 +1,214 @@ +####### GUI elements #### +gui.general.language.selection.title=Language selection +gui.general.language.selection.de=Deutsch +gui.general.language.selection.en=English + +##Errorpage template +gui.errorpage.msg.title=Authentication error +gui.errorpage.msg.information=The authentication stops on account of a process error: +gui.errorpage.msg.errorcode=Error Code: +gui.errorpage.msg.errormsg=Error Message: +gui.errorpage.msg.stacktrace=Stacktrace: + +##Country-Selection page +gui.countryselection.title=eIDAS-Login country selection +gui.countryselection.logo.bmi.alt=Logo BMI +gui.countryselection.link.bmi=Mainpage BMI +gui.countryselection.header1=Federal Ministry of Internal Affairs +gui.countryselection.header2=Austrian Central eIDAS Node +gui.countryselection.header3=Operated by Federal Ministry of Internal Affairs +gui.countryselection.header.selection=Select your country +gui.countryselection.cancel=Cancel +gui.countryselection.cancle=Cancel +gui.countryselection.notsupportedinfo=If you cannot find your country in this list then your electronic identity (eID) is not yet supported. + +gui.countryselection.infos.general.header=Information on Logins with European eIDs +gui.countryselection.infos.general.link.1=eIDAS regulation of the European Union +gui.countryselection.infos.general.link.2=Austrian Supplementary Register for Natural Persons (ERnP) +gui.countryselection.infos.general.part.1=This is the central eIDAS node of the Republic of Austria, operated by the +gui.countryselection.infos.general.part.2=It enables logins at Austrian online services using an electronic identity (eID) of another EU member state. You have been redirected to this page, as you have initiated a login to an online service using the option "EU Login". +gui.countryselection.infos.general.part.3=The central eIDAS node of the Republic of Austria allows you to login to Austrian online services using the eID of your home country. This way, compliance with the +gui.countryselection.infos.general.part.4=, which regulates the mutual cross-border acceptance of national eIDs, is achieved. The mutual cross-border acceptance of national eIDs is implemented successively within the EU. Currently, the central eIDAS node of the Republic of Austria supports logins using the eID systems of the Member States mentioned above. More Member States will be added according to availability of their respective eID solutions. +gui.countryselection.infos.general.part.5=After selecting your home country on this page, you are forwarded to the familiar login environment of the selected member state. There, you can login with your eID as usual. After successful completion of the login process, you are automatically forwarded and logged in to the online service, from which you have been redirected to this page. During your first login, your eID data is also registered in the +gui.countryselection.infos.general.part.6=This ensures that you will also be successfully and uniquely identified in subsequent logins at Austrian online services. + +gui.matching.otherloginmethod.header=Assignment of your login information +gui.matching.otherloginmethod.info.text=Your login information could not be clearly integrated into the Austrian eID system. Further information is required for an unique integration. +gui.matching.otherloginmethod.ida=You have an ID Austria +gui.matching.otherloginmethod.eidas=You can provide additional information via eIDAS +gui.matching.otherloginmethod.residence=Have you ever lived in Austria? +gui.matching.otherloginmethod.addmeasnew=Add me as new entity in Austrian eID system + +gui.matching.otherloginmethod.error.title=Matching of further information failed: +gui.matching.otherloginmethod.error.msg=No identity match with additional information. Use another option or provide more information. + + +gui.countryselection.country.be=Belgium +gui.countryselection.country.be.logo.alt=Belgium-eID +gui.countryselection.country.hr=Croatia +gui.countryselection.country.hr.logo.alt=Croatia-eID +gui.countryselection.country.cy=Cyprus +gui.countryselection.country.cy.logo.alt=Cyprus-eID +gui.countryselection.country.cz=Czech Republic +gui.countryselection.country.cz.logo.alt=Czech Republic-eID +gui.countryselection.country.ee=Estonia +gui.countryselection.country.ee.logo.alt=Estonia-eID +gui.countryselection.country.de=Germany +gui.countryselection.country.de.logo.alt=German-eID +gui.countryselection.country.is=Iceland +gui.countryselection.country.is.logo.alt=Iceland-eID +gui.countryselection.country.it=Italy +gui.countryselection.country.it.logo.alt=Italy-eID +gui.countryselection.country.lt=Lithuania +gui.countryselection.country.lt.logo.alt=Lithuania-eID +gui.countryselection.country.lv=Latvia +gui.countryselection.country.lv.logo.alt=Latvia-eID +gui.countryselection.country.nl=Netherlands +gui.countryselection.country.nl.logo.alt=Netherlands-eID +gui.countryselection.country.pl=Poland +gui.countryselection.country.pl.logo.alt=Poland-eID +gui.countryselection.country.pt=Portugal +gui.countryselection.country.pt.logo.alt=Portugal-eID +gui.countryselection.country.si=Slovenia +gui.countryselection.country.si.logo.alt=Slovenia-eID +gui.countryselection.country.es=Spain +gui.countryselection.country.es.logo.alt=Spain-eID + +gui.countryselection.country.bg=Bulgaria +gui.countryselection.country.bg.logo.alt=Bulgaria-eID +gui.countryselection.country.dk=Denmark +gui.countryselection.country.dk.logo.alt=Denmark-eID +gui.countryselection.country.fi=Finland +gui.countryselection.country.fi.logo.alt=Finland-eID +gui.countryselection.country.fr=France +gui.countryselection.country.fr.logo.alt=France-eID +gui.countryselection.country.el=Greece +gui.countryselection.country.el.logo.alt=Greece-eID +gui.countryselection.country.hu=Hungary +gui.countryselection.country.hu.logo.alt=Hungary-eID +gui.countryselection.country.ie=Ireland +gui.countryselection.country.ie.logo.alt=Ireland-eID +gui.countryselection.country.ir=Ireland +gui.countryselection.country.ir.logo.alt=Ireland-eID +gui.countryselection.country.lu=Luxembourg +gui.countryselection.country.lu.logo.alt=Luxembourg-eID +gui.countryselection.country.mt=Malta +gui.countryselection.country.mt.logo.alt=Malta-eID +gui.countryselection.country.no=Norway +gui.countryselection.country.no.logo.alt=Norway-eID +gui.countryselection.country.ro=Romania +gui.countryselection.country.ro.logo.alt=Romania-eID +gui.countryselection.country.sk=Slovakia +gui.countryselection.country.sk.logo.alt=Slovakia-eID +gui.countryselection.country.se=Sweden +gui.countryselection.country.se.logo.alt=Sweden-eID +gui.countryselection.country.sw=Sweden +gui.countryselection.country.sw.logo.alt=Sweden-eID +gui.countryselection.country.uk=United Kingdom +gui.countryselection.country.uk.logo.alt=United Kingdom-eID + +gui.countryselection.country.testcountry=TestCountry +gui.countryselection.country.testcountry.logo.alt=Testcountry-eID + +gui.countryselection.mode.prod=Production +gui.countryselection.mode.qs=QS +gui.countryselection.mode.test=Test +gui.countryselection.mode.dev=Development + +# images +gui.countryselection.country.be.img = /img/countries/Belgium-EU_.png +gui.countryselection.country.bg.img = /img/countries/Bulgaria-EU_.png +gui.countryselection.country.hr.img = /img/countries/Croatia-EU_.png +gui.countryselection.country.cy.img = /img/countries/Cyprus-EU_.png +gui.countryselection.country.cz.img = /img/countries/CzechRepublic-EU_.png +gui.countryselection.country.dk.img = /img/countries/Denmark-EU_.png +gui.countryselection.country.ee.img = /img/countries/Estonia-EU_.png +gui.countryselection.country.fi.img = /img/countries/Finland-EU_.png +gui.countryselection.country.fr.img = /img/countries/France-EU_.png +gui.countryselection.country.de.img = /img/countries/germany-eu_.png +gui.countryselection.country.el.img = /img/countries/Greece-EU_.png +gui.countryselection.country.hu.img = /img/countries/Hungary-EU_.png +gui.countryselection.country.is.img = /img/countries/Iceland.png +gui.countryselection.country.ie.img = /img/countries/Ireland-EU_.png +gui.countryselection.country.it.img = /img/countries/Italy-EU_.png +gui.countryselection.country.lv.img = /img/countries/Latvia-EU_.png +gui.countryselection.country.lt.img = /img/countries/Lithuania-EU_.png +gui.countryselection.country.lu.img = /img/countries/Luxembourg-EU_.png +gui.countryselection.country.mt.img = /img/countries/Malta-EU_.png +gui.countryselection.country.po.img = /img/countries/Poland-EU_.png +gui.countryselection.country.pt.img = /img/countries/Portugal-EU_.png +gui.countryselection.country.ro.img = /img/countries/Romania-EU_.png +gui.countryselection.country.sk.img = /img/countries/Slovakia-EU_.png +gui.countryselection.country.si.img = /img/countries/Slovenia-EU_.png +gui.countryselection.country.es.img = /img/countries/Spain-EU_.png +gui.countryselection.country.se.img = /img/countries/Sweden-EU_.png +gui.countryselection.country.nl.img = /img/countries/TheNetherlands-EU_.png +gui.countryselection.country.uk.img = /img/countries/UnitedKingdom-EU_.png + + +##### Matching operations +##Other Login Methods page +gui.otherlogin.title=eIDAS-Login Other Login Methods +gui.otherlogin.header.selection=Personal data not found + +gui.otherlogin.info.first=Your personal data from the conducted EU login could not be clearly assigned to any register entry in the registers of the Austrian administration. This may be due to a missing register entry of your personal data, or an incorrect match of your login data and your register entry stored in the registers. +gui.otherlogin.info.second=The following describes options to achieve a correct assignment: +gui.otherlogin.info.list.1=If you have an Austrian Mobile-Phone Signature (or ID Austria) or an alternative possibility of an EU login, please log in again using one of these options. For this purpose, please use the corresponding button for “ID Austria” or “Alternative EU-Login”. +gui.otherlogin.info.list.2=If you do not have either of the two additional registration options mentioned above, please continue with the button “No alternative login”. + +gui.otherlogin.button.hs=ID Austria +gui.otherlogin.button.eidas=Alternative EU-Login +gui.otherlogin.button.none=No alternative login +gui.otherlogin.button.inserternp=Create new register entry +gui.otherlogin.cancel=Cancel + +gui.otherlogin.inserternp.header.selection=Re-registration +gui.otherlogin.inserternp.first=Your personal data could not be clearly assigned to any entry in the registers of the Austrian administration. +gui.otherlogin.inserternp.second=Allow the re-registration of your personal data in the registers of the Austrian administration to complete the registration process successfully. +gui.otherlogin.inserternp.third.prefix=Attention: If you think you already have an entry in the registers of the Austrian administration, it is recommended not to allow your data to be entered again at this point in order to avoid double entries. In this case, please contact +gui.otherlogin.inserternp.third.postfix=, to arrange a manual assignment of your personal data. + + +module.eidasauth.matching.00=Matching failed, because find more than one ZMR entries with one eIDAS personal-identifier +module.eidasauth.matching.01=Matching failed, because of an ZMR communication error. Reason: {0} +module.eidasauth.matching.02=Matching failed, because ZMR response contains historic information which is not supported. +module.eidasauth.matching.03=Matching failed in workflow step: {0} with error: {1} +module.eidasauth.matching.04=An error occurred while loading your data from official registers. Please contact the suppot. +module.eidasauth.matching.11=Matching failed, because of an ERnP communication error. Reason: {0} +module.eidasauth.matching.12=Matching failed, because ERnP response contains historic information which is not supported. +module.eidasauth.matching.21=Matching be using residence information failed by missing input information. Add all required information. +module.eidasauth.matching.22=Can not find an unique match by using residence information. Provide more or other data, use another method for matching. +module.eidasauth.matching.23=Matching be using ID Austria was canceled. Use another method for matching. +module.eidasauth.matching.24=Matching be using ID Austria not possible. Use another method for matching. +module.eidasauth.matching.25=Matching be using alternative eIDAS authentication not possible. Provide more or other data, or use another method for matching. +module.eidasauth.matching.26=Matching be using alternative eIDAS authentication not possible, because Name or Country not matched. Provide more or other data or use another method for matching. +module.eidasauth.matching.29=Matching be using other information failed. Provide more or other data, or use another method for matching. +module.eidasauth.matching.99=Matching failed, because of an unexpected processing error. Reason: {0} + + +##Austrian Residency page +gui.residency.title=Austrian Residency +gui.residency.header.selection=Search for Austrian residence +gui.residency.header.help=You can search for the address that you have been registered at in the past. Please enter a \ + postcode, municipality or village first to start the search. + +gui.residency.info.first=If you have a current or former registered residence in Austria, an assignment to your existing register entry can be made by entering the residence data. Please use the form below to enter your residence details. +gui.residency.info.second=First, please enter a postal code, municipality or locality and subsequently start the search for your home address using the "Search" button. Afterwards, you will be interactively supported in completing the address of residence, where you just have to follow the instructions on the form. You can restart the search process at any time by clicking the button "Delete". If all residence data has been filled in completely via the search function, please continue with the button "Continue". +gui.residency.info.third=If you do not have a current or former place of residence in Austria, please continue with the button "No residence available". + +gui.residency.header.inputinvalid=Be sure to enter a value for Municipality or Village +gui.residency.cancel=Cancel +gui.residency.back=No residence available +gui.residency.search=Search +gui.residency.clear=Clear +gui.residency.proceed=Continue +gui.residency.updated=Updated your input +gui.residency.found=Found {0} results, click on one result to refine your search +gui.residency.unique=Unique result found, please proceed +gui.residency.error=Error on Backend Call +gui.residency.input.postleitzahl=Postcode +gui.residency.input.municipality=Municipality +gui.residency.input.village=Village +gui.residency.input.street=Street +gui.residency.input.number=Number + diff --git a/basicConfig/ms-connector/properties/messages_de.properties b/basicConfig/ms-connector/properties/messages_de.properties new file mode 100644 index 00000000..76624ebe --- /dev/null +++ b/basicConfig/ms-connector/properties/messages_de.properties @@ -0,0 +1,161 @@ +####### GUI elements #### +gui.general.language.selection.title=Sprachauswahl +gui.general.language.selection.de=Deutsch +gui.general.language.selection.en=English + +##Errorpage template +gui.errorpage.msg.title=Es ist ein Fehler aufgetreten +gui.errorpage.msg.information=Der Anmeldevorgang wurde aufgrund eines Fehlers beendet: +gui.errorpage.msg.errorcode=Fehlercode: +gui.errorpage.msg.errormsg=Fehlermeldung: +gui.errorpage.msg.stacktrace=Stacktrace: + +##Country-Selection page +gui.countryselection.title=eIDAS-Login Länderauswahl +gui.countryselection.logo.bmi.alt=Logo BMI +gui.countryselection.link.bmi=Startseite BMI +gui.countryselection.header1=Bundesministerium für Inneres +gui.countryselection.header2=Zentraler eIDAS Knoten der Republik Österreich +gui.countryselection.header3=Betrieben durch das Bundesministerium für Inneres +gui.countryselection.header.selection=Wählen Sie Ihr Land +gui.countryselection.cancel=Abbrechen +gui.countryselection.cancle=Abbrechen +gui.countryselection.notsupportedinfo=Wenn Sie Ihr Land in dieser Aufzählung nicht entdecken, dann wird Ihre elektronische Identität (eID) leider noch nicht unterstützt. + +gui.countryselection.infos.general.header=Information zur Anmeldung über Europäische eIDs +gui.countryselection.infos.general.link.1=eIDAS-Verordnung der Europäischen Union +gui.countryselection.infos.general.link.2=Ergänzungsregister für natürliche Personen (ERnP) +gui.countryselection.infos.general.part.1=Sie befinden sich am zentralen eIDAS-Knoten der Republik Österreich. Dieser wird vom Österreichischen +gui.countryselection.infos.general.part.2=betrieben und ermöglicht eine Anmeldungen zu österreichischen Online-Anwendungen unter Verwendung einer elektronischen Identität (eID) anderer EU-Mitgliedstaaten. Sie wurden hierher weitergeleitet, da Sie in einer Online-Anwendung eine Anmeldung via EU-Login initiiert haben. +gui.countryselection.infos.general.part.3=Der zentrale eIDAS-Knoten der Republik Österreich ermöglicht Ihnen eine Anmeldung zu österreichischen Online-Anwendungen mit der eID Ihres Herkunftsstaates. Damit werden die Vorgaben der +gui.countryselection.infos.general.part.4=erfüllt, die eine staatenübergreifende Akzeptanz nationaler eIDs vorsieht. Die wechselseitige Anerkennung nationaler eIDs erfolgt in der EU schrittweise. Aktuell unterstützt der zentrale eIDAS-Knoten der Republik Österreich Anmeldungen mit den eID-Systemen der oben angeführten Mitgliedstaaten. Diese Liste wird laufend erweitert. +gui.countryselection.infos.general.part.5=Nachdem Sie auf dieser Seite einen Mitgliedsstaat ausgewählt haben, werden Sie an die gewohnte Anmeldeumgebung des jeweiligen Mitgliedsstaats weitergeleitet. Dort können Sie sich mit Ihrer eID wie gewohnt anmelden. Haben Sie den Anmeldeprozess erfolgreich abgeschlossen, werden Sie automatisch an die Online-Anwendung, von der aus Sie auf diese Auswahlseite gelangt sind, weitergeleitet und dort mit den Identitätsdaten Ihrer eID angemeldet. Gleichzeitig werden Sie bei Ihrer ersten Anmeldung auf diesem Weg mit Ihren eID-Daten in das österreichische +gui.countryselection.infos.general.part.6=eingetragen. Damit wird sichergestellt, dass Sie auch im Rahmen zukünftiger Anmeldeprozesse zu österreichischen Online-Anwendungen erfolgreich und eindeutig identifiziert werden können. + + +gui.countryselection.country.be=Belgien +gui.countryselection.country.be.logo.alt=Belgische-eID +gui.countryselection.country.hr=Kroatien +gui.countryselection.country.hr.logo.alt=Kroatische-eID +gui.countryselection.country.cy=Zypern +gui.countryselection.country.cy.logo.alt=Zypriotische-eID +gui.countryselection.country.cz=Tschechische Republik +gui.countryselection.country.cz.logo.alt=Tschechische Republik-eID +gui.countryselection.country.ee=Estland +gui.countryselection.country.ee.logo.alt=Estländische-eID +gui.countryselection.country.de=Deutschland +gui.countryselection.country.de.logo.alt=Deutsche-eID +gui.countryselection.country.is=Island +gui.countryselection.country.is.logo.alt=Isländische-eID +gui.countryselection.country.it=Italien +gui.countryselection.country.it.logo.alt=Italienische-eID +gui.countryselection.country.lt=Litauen +gui.countryselection.country.lt.logo.alt=Litauische-eID +gui.countryselection.country.lv=Lettland +gui.countryselection.country.lv.logo.alt=Lettische-eID +gui.countryselection.country.nl=Niederlande +gui.countryselection.country.nl.logo.alt=Niederländische-eID +gui.countryselection.country.pl=Polen +gui.countryselection.country.pl.logo.alt=Polnische-eID +gui.countryselection.country.pt=Portugal +gui.countryselection.country.pt.logo.alt=Portugisische-eID +gui.countryselection.country.si=Slowenien +gui.countryselection.country.si.logo.alt=Slowenische-eID +gui.countryselection.country.es=Spanien +gui.countryselection.country.es.logo.alt=Spanische-eID + +gui.countryselection.country.bg=Bulgarien +gui.countryselection.country.bg.logo.alt=Bulgarische-eID +gui.countryselection.country.dk=Dänemark +gui.countryselection.country.dk.logo.alt=Dänische-eID +gui.countryselection.country.fi=Finnland +gui.countryselection.country.fi.logo.alt=Finische-eID +gui.countryselection.country.fr=Frankreich +gui.countryselection.country.fr.logo.alt=Französiche-eID +gui.countryselection.country.gr=Griechenland +gui.countryselection.country.gr.logo.alt=Griechische-eID +gui.countryselection.country.hu=Ungarn +gui.countryselection.country.hu.logo.alt=Ungarische-eID +gui.countryselection.country.ir=Irland +gui.countryselection.country.ir.logo.alt=Irische-eID +gui.countryselection.country.lu=Luxemburg +gui.countryselection.country.lu.logo.alt=Luxemburgische-eID +gui.countryselection.country.mt=Malta +gui.countryselection.country.mt.logo.alt=Malta-eID +gui.countryselection.country.ro=Rumänien +gui.countryselection.country.ro.logo.alt=Rumänische-eID +gui.countryselection.country.sk=Slowakei +gui.countryselection.country.sk.logo.alt=Slowakische-eID +gui.countryselection.country.sw=Schweden +gui.countryselection.country.sw.logo.alt=Schwedische-eID +gui.countryselection.country.uk=Großbritannien +gui.countryselection.country.uk.logo.alt=Britische-eID + +gui.countryselection.country.testcountry=Testland +gui.countryselection.country.testcountry.logo.alt=Testland-eID + +gui.countryselection.mode.prod=Produktion +gui.countryselection.mode.qs=Qualitätsicherung +gui.countryselection.mode.test=Test +gui.countryselection.mode.dev=Development + + +##### Matching operations +##Other Login Methods page +gui.otherlogin.title=eIDAS-Login Alternative Anmeldemethoden +gui.otherlogin.header.selection=Personendaten nicht gefunden +gui.otherlogin.button.hs=ID Austria +gui.otherlogin.button.eidas=Alternativer eIDAS Login +gui.otherlogin.button.none=Keine alternative Anmeldemöglichkeit +gui.otherlogin.button.inserternp=Eine neue österreichische Identity auf Basis meiner eIDAS Daten erzeugen +gui.otherlogin.cancel=Abbrechen + +gui.otherlogin.info.first=Ihre Personendaten aus dem eben erfolgten EU-Login konnten in den Registern der österreichischen Verwaltung keinem Registereintrag eindeutig zugeordnet werden. Das kann daran liegen, dass Sie in den Registern bisher nicht eingetragen sind, oder ihre aktuellen Anmeldedaten nicht vollständig mit den in den Registern hinterlegten Daten zu Ihrer Person übereinstimmen. +gui.otherlogin.info.second=Sie haben folgende Möglichkeiten, um eine korrekte Zuordnung zu erreichen: +gui.otherlogin.info.list.1=Wenn Sie über eine österreichische ID Austria (oder Handy-Signatur) oder über eine alternative Möglichkeit eines EU-Logins verfügen, melden Sie sich mit diesen bitte erneut an. Verwenden Sie dazu bitte die entsprechende Schaltfläche „ID Austria“ oder „Alternativer EU-Login“. +gui.otherlogin.info.list.2=Verfügen Sie über keine der beiden oben genannten zusätzlichen Anmeldemöglichkeiten, setzen Sie bitte über die Schaltfläche „Keine alternative Anmeldemöglichkeit“ fort + +gui.otherlogin.inserternp.header.selection=Neueintragung +gui.otherlogin.inserternp.first=Ihre Personendaten konnten in den Registern der österreichischen Verwaltung keinem Eintrag eindeutig zugeordnet werden. +gui.otherlogin.inserternp.second=Erlauben Sie die Neueintragung ihrer Personendaten in den Registern der österreichischen Verwaltung, um den Anmeldevorgang erfolgreich abzuschließen. +gui.otherlogin.inserternp.third.prefix=Achtung: Wenn Sie der Meinung sind, in den Registern der österreichischen Verwaltung bereits einen Eintrag zu haben, wird empfohlen, an dieser Stelle keine Neueintragung Ihrer Daten zu erlauben, um doppelte Einträge zu verhindern. Kontaktieren Sie in diesem Fall bitte +gui.otherlogin.inserternp.third.postfix=, um eine manuelle Zuordnung der Daten zu veranlassen. + +module.eidasauth.matching.04=Während der Kommunikation mit einem offiziellen Register ist ein Fehler aufgetreten. Bitte kontaktieren Sie den Support. +module.eidasauth.matching.21=Das Matching auf Basis eine Wohnanschrift in Österreich schlug fehl. Es wurden nicht alle erforderlichen Parameter für eine Suche mittels Wohnanschrift eingegeben. +module.eidasauth.matching.22=Das Matching auf Basis eine Wohnanschrift in Österreich schlug fehl. Matching auf Basis einer bestanden oder bestehenden Wohnanschrift konnte nicht durchgeführt werden. +module.eidasauth.matching.23=Matching auf Basis eines ID Autria wurde abgebrochen. Nutzen Sie eine andere Matchingmethode. +module.eidasauth.matching.24=Matching auf Basis eines ID Autria schlug fehl. Nutzen Sie eine andere Matchingmethode. +module.eidasauth.matching.25=Matching auf Basis einer alternativen eIDAS Anmeldung schlug fehl. Stellen Sie weitere Informationen bereit oder nutzen Sie eine andere Matchingmethode. +module.eidasauth.matching.26=Matching auf Basis einer alternativen eIDAS Anmeldung schlug fehl, da sich entweder der Name oder das Quelland unterscheidet. Stellen Sie weitere Informationen bereit oder nutzen Sie eine andere Matchingmethode. +module.eidasauth.matching.99=Matching schlug Aufgrund eines internen Fehler fehl. Ursache: {0} + + +##Austrian Residency page +gui.residency.title=Österreichischer Wohnsitz +gui.residency.header.selection=Suche nach Österreichischem Wohnsitz +gui.residency.header.help=Hier können Sie nach einem Wohnsitze in Österreich suchen. Bitte geben Sie zuerst eine \ + Postleitzahl, Gemeinde oder Ortschaft ein um die Suche zu starten. + +gui.residency.info.first=Haben Sie einen aktuellen oder ehemaligen gemeldeten Wohnsitz in Österreich, kann eine Zuordnung zu Ihrem bestehenden Registereintrag über Eingabe der Wohnsitzdaten erfolgen. Bitte benutzen Sie das untenstehende Formular, um Ihre Wohnsitzdaten einzugeben. +gui.residency.info.second=Bitte geben Sie dazu zuerst eine Postleitzahl, Gemeinde oder Ortschaft ein und starten Sie die Suche Ihrer Wohnsitzadresse dann über die Schaltfläche „Suche“. Sie werden in weiterer Folge bei der Vervollständigung der Wohnsitzadresse interaktiv unterstützt. Folgen Sie dazu den Anweisungen im Formular. Über die Schaltfläche „Löschen“ können Sie den Suchvorgang jederzeit neu starten. Wurden alle Wohnsitzdaten über die Suchfunktion vollständig befüllt, setzen Sie bitte über die Schaltfläche „Fortfahren“ fort. +gui.residency.info.third=Haben sie keinen aktuellen oder ehemaligen Wohnsitz in Österreich, setzen Sie bitte über die Schaltfläche „Kein Wohnsitz vorhanden“ fort. + +gui.residency.header.inputinvalid=Bitte geben Sie einen Wert für Gemeinde oder Ortschaft ein +gui.residency.cancel=Abbrechen +gui.residency.back=Kein Wohnsitz vorhanden +gui.residency.search=Suche +gui.residency.clear=Löschen +gui.residency.proceed=Fortfahren +gui.residency.updated=Eingabe aktualisiert +gui.residency.found={0} Ergebnisse gefunden, klicken Sie auf ein Ergebnis um die Suche zu verfeinern +gui.residency.unique=Eindeutiges Ergebnis gefunden, bitte fortfahren +gui.residency.error=Fehler bei Addresssuche +gui.residency.input.postleitzahl=PLZ +gui.residency.input.municipality=Gemeinde +gui.residency.input.village=Ortschaft +gui.residency.input.street=Straße +gui.residency.input.number=Nummer + + + diff --git a/basicConfig/ms-connector/templates/countrySelection.html b/basicConfig/ms-connector/templates/countrySelection.html new file mode 100644 index 00000000..275d20f6 --- /dev/null +++ b/basicConfig/ms-connector/templates/countrySelection.html @@ -0,0 +1,133 @@ + + + + + + + + eIDAS-Login Länderauswahl + + + + + +

Zentraler eIDAS Knoten der Republik Österreich

Betrieben durch das Bundesministerium für Inneres

+ +

Wählen Sie Ihr Land / Select your country

+ + + +

+ +

+ + + + + +

Wenn Sie Ihr Land in dieser Aufzählung nicht entdecken ...

+ +

Information zur Anmeldung über Europäische eIDs

+ first part + Bundesministerium für Inneres + second part +

+ +

+ third part + eIDAS-Verordnung der Europäischen Union + fourth part +

+ +

+ fived part + + sixed part +

+ +

+ + + diff --git a/basicConfig/ms-connector/templates/countrySelection_example.html b/basicConfig/ms-connector/templates/countrySelection_example.html new file mode 100644 index 00000000..39d96225 --- /dev/null +++ b/basicConfig/ms-connector/templates/countrySelection_example.html @@ -0,0 +1,54 @@ + + + + + + + + + eIDAS-Login Länderauswahl + + + +

+ LanguageSelectionBlock +

+ +

Select your country

+ + + + + +

+ + + +

+ + diff --git a/basicConfig/ms-connector/templates/eidas_node_forward.html b/basicConfig/ms-connector/templates/eidas_node_forward.html new file mode 100644 index 00000000..4486d146 --- /dev/null +++ b/basicConfig/ms-connector/templates/eidas_node_forward.html @@ -0,0 +1,36 @@ + + + + + + + + +

Your login is being processed. Thank you for + waiting.

+ + + + + \ No newline at end of file diff --git a/basicConfig/ms-connector/templates/error_message.html b/basicConfig/ms-connector/templates/error_message.html new file mode 100644 index 00000000..0d8d2d4e --- /dev/null +++ b/basicConfig/ms-connector/templates/error_message.html @@ -0,0 +1,60 @@ + + + + + + + An error arise ... + + + + + +

Error Header

+ +

Error Information

+
+ + + + +

Code:

+ +

Msg:

+ +

fullError

+ +

+ + + + diff --git a/basicConfig/ms-connector/templates/language_selection.html b/basicConfig/ms-connector/templates/language_selection.html new file mode 100644 index 00000000..8d34c73b --- /dev/null +++ b/basicConfig/ms-connector/templates/language_selection.html @@ -0,0 +1,15 @@ + + + + + +

+ Spache1 + + Spache2 +

+ + + + diff --git a/basicConfig/ms-connector/templates/other_login_method.html b/basicConfig/ms-connector/templates/other_login_method.html new file mode 100644 index 00000000..120b0ecd --- /dev/null +++ b/basicConfig/ms-connector/templates/other_login_method.html @@ -0,0 +1,153 @@ + + + + + + + eIDAS-Login Other Login Methods + + + + +

Zentraler eIDAS Knoten der Republik Österreich

Betrieben durch das Bundesministerium für Inneres

+ +

Generate new ERnP entry

+ +

Insert ERnP first block

Insert ERnP second block

+ Insert ERnP third block / part 1 + BMI-IKT-eIDAS-Betrieb@bmi.gv.at + Insert ERnP third block / part 3 +

+ +

+ + +

+ +

No person data found

+ +

Info text after MDS search with one or more results

Prefix for option list

ID Austria or alterantive eIDAS Login
Search with Address

+ +

Detailed +

Generell +

+ + +

+ + + +

+ +

+ + +

+ +

+ + + diff --git a/basicConfig/ms-connector/templates/pvp2_post_binding.html b/basicConfig/ms-connector/templates/pvp2_post_binding.html new file mode 100644 index 00000000..8f72da13 --- /dev/null +++ b/basicConfig/ms-connector/templates/pvp2_post_binding.html @@ -0,0 +1,36 @@ +## ## Velocity Template for SAML 2 HTTP-POST binding ## ## Velocity +##context may contain the following properties ## action - String - the +##action URL for the form ## RelayState - String - the relay state for the +##message ## SAMLRequest - String - the Base64 encoded SAML Request ## +##SAMLResponse - String - the Base64 encoded SAML Response + + + + + + + + +

Your login is being processed. Thank you for + waiting.

+ + + + + \ No newline at end of file diff --git a/basicConfig/ms-connector/templates/residency.html b/basicConfig/ms-connector/templates/residency.html new file mode 100644 index 00000000..26812ec0 --- /dev/null +++ b/basicConfig/ms-connector/templates/residency.html @@ -0,0 +1,285 @@ + + + + + + + + Österreichischer Wohnsitz + + + + + + +

Zentraler eIDAS Knoten der Republik Österreich

Betrieben durch das Bundesministerium für Inneres

+ +

Search your Austrian Residency

+ +

Info text for matching by address

HowTo search by address

+ +

Detailed +

Generell +

+ +

+ + + +

+ + +

+ +

Alternativ infos and back

+
+ + + + +

+ +

+ + + + + + + + + + + + + + +

+ +

+ + + diff --git a/basicConfig/ms-connector/webcontent/autocommit.js b/basicConfig/ms-connector/webcontent/autocommit.js new file mode 100644 index 00000000..d21a5651 --- /dev/null +++ b/basicConfig/ms-connector/webcontent/autocommit.js @@ -0,0 +1,5 @@ +function autoCommmit() { + document.forms[0].submit(); +} + +document.addEventListener('DOMContentLoaded', autoCommmit); \ No newline at end of file diff --git a/basicConfig/ms-connector/webcontent/css/common.css b/basicConfig/ms-connector/webcontent/css/common.css new file mode 100644 index 00000000..14fe622d --- /dev/null +++ b/basicConfig/ms-connector/webcontent/css/common.css @@ -0,0 +1,156 @@ +body { + background-image: none; + margin: 0px; + font-family: "Helvetica Neue", Helvetica, Arial, sans-serif; +} + +div.header { + background-color: #e9ecef; + padding-top: 28px; + padding-left: 137px; + padding-right: 137px; + padding-bottom: 12px; +} +div.titlebar { + padding: 0px; +} +div.titlebar div { +} +.hidden { + display: none; +} +ul.nav_oben { + padding: 0px; + margin: 0px; + text-align: right; + text-transform: uppercase; +} +li { + display: inline-block; +} +div.header a { + text-decoration: none; + color: black; +} +a { + text-decoration: none; + color: #a22c1c; +} + +.block { + /* override country.css */ + display: flex; + flex-direction: row; + flex-wrap: wrap; + cursor: pointer; + text-decoration: none; + padding-right:2%; + width: 200px; + padding-bottom: 20px; +} + +@media only screen and (min-width: 1000px) { + div.header { + padding-left: 137px; + padding-right: 137px; + } + .content { + padding-left: 137px; + padding-right: 137px; + } + footer { + padding-left: 137px; + padding-right: 137px; + } +} +@media only screen and (max-width: 999px) { + div.header { + padding-left: 1em; + padding-right: 1em; + } + .content { + padding-left: 1em; + padding-right: 1em; + } + footer { + padding-left: 1em; + padding-right: 1em; + } +} + +div.subtitle h1 { + padding: 0px; + margin: 0px; + font-size: 130%; + align: right; +} +div.subtitle h2 { + padding: 0px; + margin: 0px; + font-size: 115%; +} +footer { + left: 0; + padding-top: 1em; + bottom: 0; + width: 100%; + height: 2em; + background-color: rgb(162,44,28); + color: white; +} +.float { + float: left; +} +.floatright { + float: right; +} +.copyright { + width: 66%; + font-size: 80%; +} + + + + +#countries { + padding-bottom: 40px; +} + +#country { + display: flex; + flex-direction: row; + flex-wrap: wrap; + align-items: center; + padding-bottom: 20px; +} + +.countryimage { + width:50px; + height:50px; + padding-right: 2%; + padding-bottom: 4%; +} + +input.cancel-button { +} + +input[type=submit].country-button { + width: inherit; +/* text-align: left; */ +} + +input[type=button], input[type=submit].country-button, input[type=reset] { + display:flex; + background-color:transparent; + border:none; + color: black; + text-decoration: none; + cursor: pointer; + /* center things like its 2019 (using display:flex) */ + align-items: center; + justify-content: center; +} + +form { + justify-content: center; +} diff --git a/basicConfig/ms-connector/webcontent/css/css_country.css b/basicConfig/ms-connector/webcontent/css/css_country.css new file mode 100644 index 00000000..e193126c --- /dev/null +++ b/basicConfig/ms-connector/webcontent/css/css_country.css @@ -0,0 +1,185 @@ +@charset "utf-8"; +body { + background-image: none; + margin: 0px; + font-family: "Helvetica Neue", Helvetica, Arial, sans-serif; +} + +#page { + padding-top: 2%; + padding-left: 10%; +} + +#country { + display: flex; + flex-direction: row; + flex-wrap: wrap; + align-items: center; +} + +#matchingError { + border: 2px solid rgb(162, 44, 28); + padding: 1em; + width: 80%; + margin-top: 2em; + margin-bottom: 2em; +} + +.block { + display: flex; + flex-direction: row; + flex-wrap: wrap; + cursor: pointer; + text-decoration: none; + padding-right: 2%; + width: 250px; + justify-content: center; +} + +.countryimage { + width: 50px; + height: 50px; + padding-right: 2%; + padding-bottom: 4%; +} + +input[type=button], input[type=submit], input[type=reset] { + display: flex; + background-color: transparent; + border: none; + color: black; + text-decoration: none; + cursor: pointer; +} + +#testEnvironment { + border: none; + color: black; + padding: 10px 20px; + text-decoration: none; + margin: 4px 2px; + height: 3%; + display: inline-block; + vertical-align: middle; + width: 40%; +} + +#button { + background-color: transparent; + border: none; +} + +.primaryButton { + height: 4em; +} + +.singleButton { + padding-left: 2em; +} + +.mainDescription { + width: 80%; +} + + +div.mainDescription li { + display: list-item; + +} + +div.header { + background-color: #e9ecef; + padding-top: 28px; + padding-left: 137px; + padding-right: 137px; + padding-bottom: 12px; +} + +div.titlebar { + padding: 0px; +} + +div.titlebar div { +} + +.hidden { + display: none; +} + +ul.nav_oben { + padding: 0px; + margin: 0px; + text-align: right; + text-transform: uppercase; +} + +li { + display: inline-block; +} + +div.header a { + text-decoration: none; + color: black; +} + +a { + text-decoration: none; + color: #a22c1c; +} + +.content { + padding-left: 137px; + padding-right: 137px; +} + +div.subtitle h1 { + padding: 0px; + margin: 0px; + font-size: 130%; + align: right; +} + +div.subtitle h2 { + padding: 0px; + margin: 0px; + font-size: 115%; +} + +footer { + position: fixed; + left: 0; + padding-left: 137px; + padding-right: 137px; + padding-top: 1em; + bottom: 0; + width: 100%; + height: 2em; + background-color: rgb(162, 44, 28); + color: white; +} + +.float { + float: left; +} + +.floatright { + float: right; +} + +.copyright { + width: 66%; + font-size: 80%; +} + +#countries, #country { + padding-bottom: 40px; +} + +input[type=submit] { + width: inherit; + /* text-align: left; */ +} + +form { + justify-content: center; +} diff --git a/basicConfig/ms-connector/webcontent/css/css_error.css b/basicConfig/ms-connector/webcontent/css/css_error.css new file mode 100644 index 00000000..d772df43 --- /dev/null +++ b/basicConfig/ms-connector/webcontent/css/css_error.css @@ -0,0 +1,26 @@ +@charset "utf-8"; + body { + padding-left: 5%; + background-color: #F9F9F9; + } + #page { + padding-top: 2%; + padding-right: 10%; + padding-left: 5%; + } + + .OA_header { + font-size: 2.1em; + padding-top:1%; + margin-bottom: 1%; + margin-top: 1%; + + } + + #alert_area { + float:left; + width: 100%; + } + + + diff --git a/basicConfig/ms-connector/webcontent/img/ajax-loader.gif b/basicConfig/ms-connector/webcontent/img/ajax-loader.gif new file mode 100644 index 00000000..f2a1bc0c Binary files /dev/null and b/basicConfig/ms-connector/webcontent/img/ajax-loader.gif differ diff --git a/basicConfig/ms-connector/webcontent/js/jquery-3.6.0.min.js b/basicConfig/ms-connector/webcontent/js/jquery-3.6.0.min.js new file mode 100644 index 00000000..c4c6022f --- /dev/null +++ b/basicConfig/ms-connector/webcontent/js/jquery-3.6.0.min.js @@ -0,0 +1,2 @@ +/*! jQuery v3.6.0 | (c) OpenJS Foundation and other contributors | jquery.org/license */ +!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"object"==typeof e||"function"==typeof e?n[o.call(e)]||"object":typeof e}var f="3.6.0",S=function(e,t){return new S.fn.init(e,t)};function p(e){var t=!!e&&"length"in e&&e.length,n=w(e);return!m(e)&&!x(e)&&("array"===n||0===t||"number"==typeof t&&0+~]|"+M+")"+M+"*"),U=new RegExp(M+"|>"),X=new RegExp(F),V=new RegExp("^"+I+"$"),G={ID:new RegExp("^#("+I+")"),CLASS:new RegExp("^\\.("+I+")"),TAG:new RegExp("^("+I+"|[*])"),ATTR:new RegExp("^"+W),PSEUDO:new RegExp("^"+F),CHILD:new RegExp("^:(only|first|last|nth|nth-last)-(child|of-type)(?:\$"+M+"*(even|odd|(([+-]|)(\\d*)n|)"+M+"*(?:([+-]|)"+M+"*(\\d+)|))"+M+"*\$|)","i"),bool:new RegExp("^(?:"+R+")$","i"),needsContext:new RegExp("^"+M+"*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\$"+M+"*((?:-\\d)?\\d*)"+M+"*\$|)(?=[^-]|$)","i")},Y=/HTML$/i,Q=/^(?:input|select|textarea|button)$/i,J=/^h\d$/i,K=/^[^{]+\{\s*\[native \w/,Z=/^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,ee=/[+~]/,te=new RegExp("\\\\[\\da-fA-F]{1,6}"+M+"?|\\\\([^\\r\\n\\f])","g"),ne=function(e,t){var n="0x"+e.slice(1)-65536;return t||(n<0?String.fromCharCode(n+65536):String.fromCharCode(n>>10|55296,1023&n|56320))},re=/([\0-\x1f\x7f]|^-?\d)|^-$|[^\0-\x1f\x7f-\uFFFF\w-]/g,ie=function(e,t){return t?"\0"===e?"\ufffd":e.slice(0,-1)+"\\"+e.charCodeAt(e.length-1).toString(16)+" ":"\\"+e},oe=function(){T()},ae=be(function(e){return!0===e.disabled&&"fieldset"===e.nodeName.toLowerCase()},{dir:"parentNode",next:"legend"});try{H.apply(t=O.call(p.childNodes),p.childNodes),t[p.childNodes.length].nodeType}catch(e){H={apply:t.length?function(e,t){L.apply(e,O.call(t))}:function(e,t){var n=e.length,r=0;while(e[n++]=t[r++]);e.length=n-1}}}function se(t,e,n,r){var i,o,a,s,u,l,c,f=e&&e.ownerDocument,p=e?e.nodeType:9;if(n=n||[],"string"!=typeof t||!t||1!==p&&9!==p&&11!==p)return n;if(!r&&(T(e),e=e||C,E)){if(11!==p&&(u=Z.exec(t)))if(i=u[1]){if(9===p){if(!(a=e.getElementById(i)))return n;if(a.id===i)return n.push(a),n}else if(f&&(a=f.getElementById(i))&&y(e,a)&&a.id===i)return n.push(a),n}else{if(u[2])return H.apply(n,e.getElementsByTagName(t)),n;if((i=u[3])&&d.getElementsByClassName&&e.getElementsByClassName)return H.apply(n,e.getElementsByClassName(i)),n}if(d.qsa&&!N[t+" "]&&(!v||!v.test(t))&&(1!==p||"object"!==e.nodeName.toLowerCase())){if(c=t,f=e,1===p&&(U.test(t)||z.test(t))){(f=ee.test(t)&&ye(e.parentNode)||e)===e&&d.scope||((s=e.getAttribute("id"))?s=s.replace(re,ie):e.setAttribute("id",s=S)),o=(l=h(t)).length;while(o--)l[o]=(s?"#"+s:":scope")+" "+xe(l[o]);c=l.join(",")}try{return H.apply(n,f.querySelectorAll(c)),n}catch(e){N(t,!0)}finally{s===S&&e.removeAttribute("id")}}}return g(t.replace($,"$1"),e,n,r)}function ue(){var r=[];return function e(t,n){return r.push(t+" ")>b.cacheLength&&delete e[r.shift()],e[t+" "]=n}}function le(e){return e[S]=!0,e}function ce(e){var t=C.createElement("fieldset");try{return!!e(t)}catch(e){return!1}finally{t.parentNode&&t.parentNode.removeChild(t),t=null}}function fe(e,t){var n=e.split("|"),r=n.length;while(r--)b.attrHandle[n[r]]=t}function pe(e,t){var n=t&&e,r=n&&1===e.nodeType&&1===t.nodeType&&e.sourceIndex-t.sourceIndex;if(r)return r;if(n)while(n=n.nextSibling)if(n===t)return-1;return e?1:-1}function de(t){return function(e){return"input"===e.nodeName.toLowerCase()&&e.type===t}}function he(n){return function(e){var t=e.nodeName.toLowerCase();return("input"===t||"button"===t)&&e.type===n}}function ge(t){return function(e){return"form"in e?e.parentNode&&!1===e.disabled?"label"in e?"label"in e.parentNode?e.parentNode.disabled===t:e.disabled===t:e.isDisabled===t||e.isDisabled!==!t&&ae(e)===t:e.disabled===t:"label"in e&&e.disabled===t}}function ve(a){return le(function(o){return o=+o,le(function(e,t){var n,r=a([],e.length,o),i=r.length;while(i--)e[n=r[i]]&&(e[n]=!(t[n]=e[n]))})})}function ye(e){return e&&"undefined"!=typeof e.getElementsByTagName&&e}for(e in d=se.support={},i=se.isXML=function(e){var t=e&&e.namespaceURI,n=e&&(e.ownerDocument||e).documentElement;return!Y.test(t||n&&n.nodeName||"HTML")},T=se.setDocument=function(e){var t,n,r=e?e.ownerDocument||e:p;return r!=C&&9===r.nodeType&&r.documentElement&&(a=(C=r).documentElement,E=!i(C),p!=C&&(n=C.defaultView)&&n.top!==n&&(n.addEventListener?n.addEventListener("unload",oe,!1):n.attachEvent&&n.attachEvent("onunload",oe)),d.scope=ce(function(e){return a.appendChild(e).appendChild(C.createElement("div")),"undefined"!=typeof e.querySelectorAll&&!e.querySelectorAll(":scope fieldset div").length}),d.attributes=ce(function(e){return e.className="i",!e.getAttribute("className")}),d.getElementsByTagName=ce(function(e){return e.appendChild(C.createComment("")),!e.getElementsByTagName("*").length}),d.getElementsByClassName=K.test(C.getElementsByClassName),d.getById=ce(function(e){return a.appendChild(e).id=S,!C.getElementsByName||!C.getElementsByName(S).length}),d.getById?(b.filter.ID=function(e){var t=e.replace(te,ne);return function(e){return e.getAttribute("id")===t}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n=t.getElementById(e);return n?[n]:[]}}):(b.filter.ID=function(e){var n=e.replace(te,ne);return function(e){var t="undefined"!=typeof e.getAttributeNode&&e.getAttributeNode("id");return t&&t.value===n}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n,r,i,o=t.getElementById(e);if(o){if((n=o.getAttributeNode("id"))&&n.value===e)return[o];i=t.getElementsByName(e),r=0;while(o=i[r++])if((n=o.getAttributeNode("id"))&&n.value===e)return[o]}return[]}}),b.find.TAG=d.getElementsByTagName?function(e,t){return"undefined"!=typeof t.getElementsByTagName?t.getElementsByTagName(e):d.qsa?t.querySelectorAll(e):void 0}:function(e,t){var n,r=[],i=0,o=t.getElementsByTagName(e);if("*"===e){while(n=o[i++])1===n.nodeType&&r.push(n);return r}return o},b.find.CLASS=d.getElementsByClassName&&function(e,t){if("undefined"!=typeof t.getElementsByClassName&&E)return t.getElementsByClassName(e)},s=[],v=[],(d.qsa=K.test(C.querySelectorAll))&&(ce(function(e){var t;a.appendChild(e).innerHTML="",e.querySelectorAll("[msallowcapture^='']").length&&v.push("[*^$]="+M+"*(?:''|\"\")"),e.querySelectorAll("[selected]").length||v.push("\\["+M+"*(?:value|"+R+")"),e.querySelectorAll("[id~="+S+"-]").length||v.push("~="),(t=C.createElement("input")).setAttribute("name",""),e.appendChild(t),e.querySelectorAll("[name='']").length||v.push("\\["+M+"*name"+M+"*="+M+"*(?:''|\"\")"),e.querySelectorAll(":checked").length||v.push(":checked"),e.querySelectorAll("a#"+S+"+*").length||v.push(".#.+[+~]"),e.querySelectorAll("\\\f"),v.push("[\\r\\n\\f]")}),ce(function(e){e.innerHTML="";var t=C.createElement("input");t.setAttribute("type","hidden"),e.appendChild(t).setAttribute("name","D"),e.querySelectorAll("[name=d]").length&&v.push("name"+M+"*[*^$|!~]?="),2!==e.querySelectorAll(":enabled").length&&v.push(":enabled",":disabled"),a.appendChild(e).disabled=!0,2!==e.querySelectorAll(":disabled").length&&v.push(":enabled",":disabled"),e.querySelectorAll("*,:x"),v.push(",.*:")})),(d.matchesSelector=K.test(c=a.matches||a.webkitMatchesSelector||a.mozMatchesSelector||a.oMatchesSelector||a.msMatchesSelector))&&ce(function(e){d.disconnectedMatch=c.call(e,"*"),c.call(e,"[s!='']:x"),s.push("!=",F)}),v=v.length&&new RegExp(v.join("|")),s=s.length&&new RegExp(s.join("|")),t=K.test(a.compareDocumentPosition),y=t||K.test(a.contains)?function(e,t){var n=9===e.nodeType?e.documentElement:e,r=t&&t.parentNode;return e===r||!(!r||1!==r.nodeType||!(n.contains?n.contains(r):e.compareDocumentPosition&&16&e.compareDocumentPosition(r)))}:function(e,t){if(t)while(t=t.parentNode)if(t===e)return!0;return!1},j=t?function(e,t){if(e===t)return l=!0,0;var n=!e.compareDocumentPosition-!t.compareDocumentPosition;return n||(1&(n=(e.ownerDocument||e)==(t.ownerDocument||t)?e.compareDocumentPosition(t):1)||!d.sortDetached&&t.compareDocumentPosition(e)===n?e==C||e.ownerDocument==p&&y(p,e)?-1:t==C||t.ownerDocument==p&&y(p,t)?1:u?P(u,e)-P(u,t):0:4&n?-1:1)}:function(e,t){if(e===t)return l=!0,0;var n,r=0,i=e.parentNode,o=t.parentNode,a=[e],s=[t];if(!i||!o)return e==C?-1:t==C?1:i?-1:o?1:u?P(u,e)-P(u,t):0;if(i===o)return pe(e,t);n=e;while(n=n.parentNode)a.unshift(n);n=t;while(n=n.parentNode)s.unshift(n);while(a[r]===s[r])r++;return r?pe(a[r],s[r]):a[r]==p?-1:s[r]==p?1:0}),C},se.matches=function(e,t){return se(e,null,null,t)},se.matchesSelector=function(e,t){if(T(e),d.matchesSelector&&E&&!N[t+" "]&&(!s||!s.test(t))&&(!v||!v.test(t)))try{var n=c.call(e,t);if(n||d.disconnectedMatch||e.document&&11!==e.document.nodeType)return n}catch(e){N(t,!0)}return 0":{dir:"parentNode",first:!0}," ":{dir:"parentNode"},"+":{dir:"previousSibling",first:!0},"~":{dir:"previousSibling"}},preFilter:{ATTR:function(e){return e[1]=e[1].replace(te,ne),e[3]=(e[3]||e[4]||e[5]||"").replace(te,ne),"~="===e[2]&&(e[3]=" "+e[3]+" "),e.slice(0,4)},CHILD:function(e){return e[1]=e[1].toLowerCase(),"nth"===e[1].slice(0,3)?(e[3]||se.error(e[0]),e[4]=+(e[4]?e[5]+(e[6]||1):2*("even"===e[3]||"odd"===e[3])),e[5]=+(e[7]+e[8]||"odd"===e[3])):e[3]&&se.error(e[0]),e},PSEUDO:function(e){var t,n=!e[6]&&e[2];return G.CHILD.test(e[0])?null:(e[3]?e[2]=e[4]||e[5]||"":n&&X.test(n)&&(t=h(n,!0))&&(t=n.indexOf(")",n.length-t)-n.length)&&(e[0]=e[0].slice(0,t),e[2]=n.slice(0,t)),e.slice(0,3))}},filter:{TAG:function(e){var t=e.replace(te,ne).toLowerCase();return"*"===e?function(){return!0}:function(e){return e.nodeName&&e.nodeName.toLowerCase()===t}},CLASS:function(e){var t=m[e+" "];return t||(t=new RegExp("(^|"+M+")"+e+"("+M+"|$)"))&&m(e,function(e){return t.test("string"==typeof e.className&&e.className||"undefined"!=typeof e.getAttribute&&e.getAttribute("class")||"")})},ATTR:function(n,r,i){return function(e){var t=se.attr(e,n);return null==t?"!="===r:!r||(t+="","="===r?t===i:"!="===r?t!==i:"^="===r?i&&0===t.indexOf(i):"*="===r?i&&-1:\x20\t\r\n\f]*)[\x20\t\r\n\f]*\/?>(?:<\/\1>|)$/i;function j(e,n,r){return m(n)?S.grep(e,function(e,t){return!!n.call(e,t,e)!==r}):n.nodeType?S.grep(e,function(e){return e===n!==r}):"string"!=typeof n?S.grep(e,function(e){return-1)[^>]*|#([\w-]+))$/;(S.fn.init=function(e,t,n){var r,i;if(!e)return this;if(n=n||D,"string"==typeof e){if(!(r="<"===e[0]&&">"===e[e.length-1]&&3<=e.length?[null,e,null]:q.exec(e))||!r[1]&&t)return!t||t.jquery?(t||n).find(e):this.constructor(t).find(e);if(r[1]){if(t=t instanceof S?t[0]:t,S.merge(this,S.parseHTML(r[1],t&&t.nodeType?t.ownerDocument||t:E,!0)),N.test(r[1])&&S.isPlainObject(t))for(r in t)m(this[r])?this[r](t[r]):this.attr(r,t[r]);return this}return(i=E.getElementById(r[2]))&&(this[0]=i,this.length=1),this}return e.nodeType?(this[0]=e,this.length=1,this):m(e)?void 0!==n.ready?n.ready(e):e(S):S.makeArray(e,this)}).prototype=S.fn,D=S(E);var L=/^(?:parents|prev(?:Until|All))/,H={children:!0,contents:!0,next:!0,prev:!0};function O(e,t){while((e=e[t])&&1!==e.nodeType);return e}S.fn.extend({has:function(e){var t=S(e,this),n=t.length;return this.filter(function(){for(var e=0;e\x20\t\r\n\f]*)/i,he=/^$|^module$|\/(?:java|ecma)script/i;ce=E.createDocumentFragment().appendChild(E.createElement("div")),(fe=E.createElement("input")).setAttribute("type","radio"),fe.setAttribute("checked","checked"),fe.setAttribute("name","t"),ce.appendChild(fe),y.checkClone=ce.cloneNode(!0).cloneNode(!0).lastChild.checked,ce.innerHTML="",y.noCloneChecked=!!ce.cloneNode(!0).lastChild.defaultValue,ce.innerHTML="",y.option=!!ce.lastChild;var ge={thead:[1,"","

"],col:[2,"","

"],tr:[2,"","

"],td:[3,"","

Your login is being processed. Thank you for + waiting.

+ + + + + \ No newline at end of file diff --git a/basicConfig/ms-proxyservice/templates/error_message.html b/basicConfig/ms-proxyservice/templates/error_message.html new file mode 100644 index 00000000..0d8d2d4e --- /dev/null +++ b/basicConfig/ms-proxyservice/templates/error_message.html @@ -0,0 +1,60 @@ + + + + + + + An error arise ... + + + + + +

Error Header

+ +

Error Information

+
+ + + + +

Code:

+ +

Msg:

+ +

fullError

+ +

+ + + + diff --git a/basicConfig/ms-proxyservice/templates/pvp2_post_binding.html b/basicConfig/ms-proxyservice/templates/pvp2_post_binding.html new file mode 100644 index 00000000..8f72da13 --- /dev/null +++ b/basicConfig/ms-proxyservice/templates/pvp2_post_binding.html @@ -0,0 +1,36 @@ +## ## Velocity Template for SAML 2 HTTP-POST binding ## ## Velocity +##context may contain the following properties ## action - String - the +##action URL for the form ## RelayState - String - the relay state for the +##message ## SAMLRequest - String - the Base64 encoded SAML Request ## +##SAMLResponse - String - the Base64 encoded SAML Response + + + + + + + + +

Your login is being processed. Thank you for + waiting.

+ + + + + \ No newline at end of file diff --git a/basicConfig/ms-proxyservice/webcontent/autocommit.js b/basicConfig/ms-proxyservice/webcontent/autocommit.js new file mode 100644 index 00000000..d21a5651 --- /dev/null +++ b/basicConfig/ms-proxyservice/webcontent/autocommit.js @@ -0,0 +1,5 @@ +function autoCommmit() { + document.forms[0].submit(); +} + +document.addEventListener('DOMContentLoaded', autoCommmit); \ No newline at end of file diff --git a/basicConfig/ms-proxyservice/webcontent/css/common.css b/basicConfig/ms-proxyservice/webcontent/css/common.css new file mode 100644 index 00000000..14fe622d --- /dev/null +++ b/basicConfig/ms-proxyservice/webcontent/css/common.css @@ -0,0 +1,156 @@ +body { + background-image: none; + margin: 0px; + font-family: "Helvetica Neue", Helvetica, Arial, sans-serif; +} + +div.header { + background-color: #e9ecef; + padding-top: 28px; + padding-left: 137px; + padding-right: 137px; + padding-bottom: 12px; +} +div.titlebar { + padding: 0px; +} +div.titlebar div { +} +.hidden { + display: none; +} +ul.nav_oben { + padding: 0px; + margin: 0px; + text-align: right; + text-transform: uppercase; +} +li { + display: inline-block; +} +div.header a { + text-decoration: none; + color: black; +} +a { + text-decoration: none; + color: #a22c1c; +} + +.block { + /* override country.css */ + display: flex; + flex-direction: row; + flex-wrap: wrap; + cursor: pointer; + text-decoration: none; + padding-right:2%; + width: 200px; + padding-bottom: 20px; +} + +@media only screen and (min-width: 1000px) { + div.header { + padding-left: 137px; + padding-right: 137px; + } + .content { + padding-left: 137px; + padding-right: 137px; + } + footer { + padding-left: 137px; + padding-right: 137px; + } +} +@media only screen and (max-width: 999px) { + div.header { + padding-left: 1em; + padding-right: 1em; + } + .content { + padding-left: 1em; + padding-right: 1em; + } + footer { + padding-left: 1em; + padding-right: 1em; + } +} + +div.subtitle h1 { + padding: 0px; + margin: 0px; + font-size: 130%; + align: right; +} +div.subtitle h2 { + padding: 0px; + margin: 0px; + font-size: 115%; +} +footer { + left: 0; + padding-top: 1em; + bottom: 0; + width: 100%; + height: 2em; + background-color: rgb(162,44,28); + color: white; +} +.float { + float: left; +} +.floatright { + float: right; +} +.copyright { + width: 66%; + font-size: 80%; +} + + + + +#countries { + padding-bottom: 40px; +} + +#country { + display: flex; + flex-direction: row; + flex-wrap: wrap; + align-items: center; + padding-bottom: 20px; +} + +.countryimage { + width:50px; + height:50px; + padding-right: 2%; + padding-bottom: 4%; +} + +input.cancel-button { +} + +input[type=submit].country-button { + width: inherit; +/* text-align: left; */ +} + +input[type=button], input[type=submit].country-button, input[type=reset] { + display:flex; + background-color:transparent; + border:none; + color: black; + text-decoration: none; + cursor: pointer; + /* center things like its 2019 (using display:flex) */ + align-items: center; + justify-content: center; +} + +form { + justify-content: center; +} diff --git a/basicConfig/ms-proxyservice/webcontent/css/css_error.css b/basicConfig/ms-proxyservice/webcontent/css/css_error.css new file mode 100644 index 00000000..d772df43 --- /dev/null +++ b/basicConfig/ms-proxyservice/webcontent/css/css_error.css @@ -0,0 +1,26 @@ +@charset "utf-8"; + body { + padding-left: 5%; + background-color: #F9F9F9; + } + #page { + padding-top: 2%; + padding-right: 10%; + padding-left: 5%; + } + + .OA_header { + font-size: 2.1em; + padding-top:1%; + margin-bottom: 1%; + margin-top: 1%; + + } + + #alert_area { + float:left; + width: 100%; + } + + + diff --git a/basicConfig/ms-proxyservice/webcontent/img/ajax-loader.gif b/basicConfig/ms-proxyservice/webcontent/img/ajax-loader.gif new file mode 100644 index 00000000..f2a1bc0c Binary files /dev/null and b/basicConfig/ms-proxyservice/webcontent/img/ajax-loader.gif differ diff --git a/basicConfig/properties/messages.properties b/basicConfig/properties/messages.properties deleted file mode 100644 index 8d2b692c..00000000 --- a/basicConfig/properties/messages.properties +++ /dev/null @@ -1,214 +0,0 @@ -####### GUI elements #### -gui.general.language.selection.title=Language selection -gui.general.language.selection.de=Deutsch -gui.general.language.selection.en=English - -##Errorpage template -gui.errorpage.msg.title=Authentication error -gui.errorpage.msg.information=The authentication stops on account of a process error: -gui.errorpage.msg.errorcode=Error Code: -gui.errorpage.msg.errormsg=Error Message: -gui.errorpage.msg.stacktrace=Stacktrace: - -##Country-Selection page -gui.countryselection.title=eIDAS-Login country selection -gui.countryselection.logo.bmi.alt=Logo BMI -gui.countryselection.link.bmi=Mainpage BMI -gui.countryselection.header1=Federal Ministry of Internal Affairs -gui.countryselection.header2=Austrian Central eIDAS Node -gui.countryselection.header3=Operated by Federal Ministry of Internal Affairs -gui.countryselection.header.selection=Select your country -gui.countryselection.cancel=Cancel -gui.countryselection.cancle=Cancel -gui.countryselection.notsupportedinfo=If you cannot find your country in this list then your electronic identity (eID) is not yet supported. - -gui.countryselection.infos.general.header=Information on Logins with European eIDs -gui.countryselection.infos.general.link.1=eIDAS regulation of the European Union -gui.countryselection.infos.general.link.2=Austrian Supplementary Register for Natural Persons (ERnP) -gui.countryselection.infos.general.part.1=This is the central eIDAS node of the Republic of Austria, operated by the -gui.countryselection.infos.general.part.2=It enables logins at Austrian online services using an electronic identity (eID) of another EU member state. You have been redirected to this page, as you have initiated a login to an online service using the option "EU Login". -gui.countryselection.infos.general.part.3=The central eIDAS node of the Republic of Austria allows you to login to Austrian online services using the eID of your home country. This way, compliance with the -gui.countryselection.infos.general.part.4=, which regulates the mutual cross-border acceptance of national eIDs, is achieved. The mutual cross-border acceptance of national eIDs is implemented successively within the EU. Currently, the central eIDAS node of the Republic of Austria supports logins using the eID systems of the Member States mentioned above. More Member States will be added according to availability of their respective eID solutions. -gui.countryselection.infos.general.part.5=After selecting your home country on this page, you are forwarded to the familiar login environment of the selected member state. There, you can login with your eID as usual. After successful completion of the login process, you are automatically forwarded and logged in to the online service, from which you have been redirected to this page. During your first login, your eID data is also registered in the -gui.countryselection.infos.general.part.6=This ensures that you will also be successfully and uniquely identified in subsequent logins at Austrian online services. - -gui.matching.otherloginmethod.header=Assignment of your login information -gui.matching.otherloginmethod.info.text=Your login information could not be clearly integrated into the Austrian eID system. Further information is required for an unique integration. -gui.matching.otherloginmethod.ida=You have an ID Austria -gui.matching.otherloginmethod.eidas=You can provide additional information via eIDAS -gui.matching.otherloginmethod.residence=Have you ever lived in Austria? -gui.matching.otherloginmethod.addmeasnew=Add me as new entity in Austrian eID system - -gui.matching.otherloginmethod.error.title=Matching of further information failed: -gui.matching.otherloginmethod.error.msg=No identity match with additional information. Use another option or provide more information. - - -gui.countryselection.country.be=Belgium -gui.countryselection.country.be.logo.alt=Belgium-eID -gui.countryselection.country.hr=Croatia -gui.countryselection.country.hr.logo.alt=Croatia-eID -gui.countryselection.country.cy=Cyprus -gui.countryselection.country.cy.logo.alt=Cyprus-eID -gui.countryselection.country.cz=Czech Republic -gui.countryselection.country.cz.logo.alt=Czech Republic-eID -gui.countryselection.country.ee=Estonia -gui.countryselection.country.ee.logo.alt=Estonia-eID -gui.countryselection.country.de=Germany -gui.countryselection.country.de.logo.alt=German-eID -gui.countryselection.country.is=Iceland -gui.countryselection.country.is.logo.alt=Iceland-eID -gui.countryselection.country.it=Italy -gui.countryselection.country.it.logo.alt=Italy-eID -gui.countryselection.country.lt=Lithuania -gui.countryselection.country.lt.logo.alt=Lithuania-eID -gui.countryselection.country.lv=Latvia -gui.countryselection.country.lv.logo.alt=Latvia-eID -gui.countryselection.country.nl=Netherlands -gui.countryselection.country.nl.logo.alt=Netherlands-eID -gui.countryselection.country.pl=Poland -gui.countryselection.country.pl.logo.alt=Poland-eID -gui.countryselection.country.pt=Portugal -gui.countryselection.country.pt.logo.alt=Portugal-eID -gui.countryselection.country.si=Slovenia -gui.countryselection.country.si.logo.alt=Slovenia-eID -gui.countryselection.country.es=Spain -gui.countryselection.country.es.logo.alt=Spain-eID - -gui.countryselection.country.bg=Bulgaria -gui.countryselection.country.bg.logo.alt=Bulgaria-eID -gui.countryselection.country.dk=Denmark -gui.countryselection.country.dk.logo.alt=Denmark-eID -gui.countryselection.country.fi=Finland -gui.countryselection.country.fi.logo.alt=Finland-eID -gui.countryselection.country.fr=France -gui.countryselection.country.fr.logo.alt=France-eID -gui.countryselection.country.el=Greece -gui.countryselection.country.el.logo.alt=Greece-eID -gui.countryselection.country.hu=Hungary -gui.countryselection.country.hu.logo.alt=Hungary-eID -gui.countryselection.country.ie=Ireland -gui.countryselection.country.ie.logo.alt=Ireland-eID -gui.countryselection.country.ir=Ireland -gui.countryselection.country.ir.logo.alt=Ireland-eID -gui.countryselection.country.lu=Luxembourg -gui.countryselection.country.lu.logo.alt=Luxembourg-eID -gui.countryselection.country.mt=Malta -gui.countryselection.country.mt.logo.alt=Malta-eID -gui.countryselection.country.no=Norway -gui.countryselection.country.no.logo.alt=Norway-eID -gui.countryselection.country.ro=Romania -gui.countryselection.country.ro.logo.alt=Romania-eID -gui.countryselection.country.sk=Slovakia -gui.countryselection.country.sk.logo.alt=Slovakia-eID -gui.countryselection.country.se=Sweden -gui.countryselection.country.se.logo.alt=Sweden-eID -gui.countryselection.country.sw=Sweden -gui.countryselection.country.sw.logo.alt=Sweden-eID -gui.countryselection.country.uk=United Kingdom -gui.countryselection.country.uk.logo.alt=United Kingdom-eID - -gui.countryselection.country.testcountry=TestCountry -gui.countryselection.country.testcountry.logo.alt=Testcountry-eID - -gui.countryselection.mode.prod=Production -gui.countryselection.mode.qs=QS -gui.countryselection.mode.test=Test -gui.countryselection.mode.dev=Development - -# images -gui.countryselection.country.be.img = /img/countries/Belgium-EU_.png -gui.countryselection.country.bg.img = /img/countries/Bulgaria-EU_.png -gui.countryselection.country.hr.img = /img/countries/Croatia-EU_.png -gui.countryselection.country.cy.img = /img/countries/Cyprus-EU_.png -gui.countryselection.country.cz.img = /img/countries/CzechRepublic-EU_.png -gui.countryselection.country.dk.img = /img/countries/Denmark-EU_.png -gui.countryselection.country.ee.img = /img/countries/Estonia-EU_.png -gui.countryselection.country.fi.img = /img/countries/Finland-EU_.png -gui.countryselection.country.fr.img = /img/countries/France-EU_.png -gui.countryselection.country.de.img = /img/countries/germany-eu_.png -gui.countryselection.country.el.img = /img/countries/Greece-EU_.png -gui.countryselection.country.hu.img = /img/countries/Hungary-EU_.png -gui.countryselection.country.is.img = /img/countries/Iceland.png -gui.countryselection.country.ie.img = /img/countries/Ireland-EU_.png -gui.countryselection.country.it.img = /img/countries/Italy-EU_.png -gui.countryselection.country.lv.img = /img/countries/Latvia-EU_.png -gui.countryselection.country.lt.img = /img/countries/Lithuania-EU_.png -gui.countryselection.country.lu.img = /img/countries/Luxembourg-EU_.png -gui.countryselection.country.mt.img = /img/countries/Malta-EU_.png -gui.countryselection.country.po.img = /img/countries/Poland-EU_.png -gui.countryselection.country.pt.img = /img/countries/Portugal-EU_.png -gui.countryselection.country.ro.img = /img/countries/Romania-EU_.png -gui.countryselection.country.sk.img = /img/countries/Slovakia-EU_.png -gui.countryselection.country.si.img = /img/countries/Slovenia-EU_.png -gui.countryselection.country.es.img = /img/countries/Spain-EU_.png -gui.countryselection.country.se.img = /img/countries/Sweden-EU_.png -gui.countryselection.country.nl.img = /img/countries/TheNetherlands-EU_.png -gui.countryselection.country.uk.img = /img/countries/UnitedKingdom-EU_.png - - -##### Matching operations -##Other Login Methods page -gui.otherlogin.title=eIDAS-Login Other Login Methods -gui.otherlogin.header.selection=Personal data not found - -gui.otherlogin.info.first=Your personal data from the conducted EU login could not be clearly assigned to any register entry in the registers of the Austrian administration. This may be due to a missing register entry of your personal data, or an incorrect match of your login data and your register entry stored in the registers. -gui.otherlogin.info.second=The following describes options to achieve a correct assignment: -gui.otherlogin.info.list.1=If you have an Austrian Mobile-Phone Signature (or ID Austria) or an alternative possibility of an EU login, please log in again using one of these options. For this purpose, please use the corresponding button for “ID Austria” or “Alternative EU-Login”. -gui.otherlogin.info.list.2=If you do not have either of the two additional registration options mentioned above, please continue with the button “No alternative login”. - -gui.otherlogin.button.hs=ID Austria -gui.otherlogin.button.eidas=Alternative EU-Login -gui.otherlogin.button.none=No alternative login -gui.otherlogin.button.inserternp=Create new register entry -gui.otherlogin.cancel=Cancel - -gui.otherlogin.inserternp.header.selection=Re-registration -gui.otherlogin.inserternp.first=Your personal data could not be clearly assigned to any entry in the registers of the Austrian administration. -gui.otherlogin.inserternp.second=Allow the re-registration of your personal data in the registers of the Austrian administration to complete the registration process successfully. -gui.otherlogin.inserternp.third.prefix=Attention: If you think you already have an entry in the registers of the Austrian administration, it is recommended not to allow your data to be entered again at this point in order to avoid double entries. In this case, please contact -gui.otherlogin.inserternp.third.postfix=, to arrange a manual assignment of your personal data. - - -module.eidasauth.matching.00=Matching failed, because find more than one ZMR entries with one eIDAS personal-identifier -module.eidasauth.matching.01=Matching failed, because of an ZMR communication error. Reason: {0} -module.eidasauth.matching.02=Matching failed, because ZMR response contains historic information which is not supported. -module.eidasauth.matching.03=Matching failed in workflow step: {0} with error: {1} -module.eidasauth.matching.04=An error occurred while loading your data from official registers. Please contact the suppot. -module.eidasauth.matching.11=Matching failed, because of an ERnP communication error. Reason: {0} -module.eidasauth.matching.12=Matching failed, because ERnP response contains historic information which is not supported. -module.eidasauth.matching.21=Matching be using residence information failed by missing input information. Add all required information. -module.eidasauth.matching.22=Can not find an unique match by using residence information. Provide more or other data, use another method for matching. -module.eidasauth.matching.23=Matching be using ID Austria was canceled. Use another method for matching. -module.eidasauth.matching.24=Matching be using ID Austria not possible. Use another method for matching. -module.eidasauth.matching.25=Matching be using alternative eIDAS authentication not possible. Provide more or other data, or use another method for matching. -module.eidasauth.matching.26=Matching be using alternative eIDAS authentication not possible, because Name or Country not matched. Provide more or other data or use another method for matching. -module.eidasauth.matching.29=Matching be using other information failed. Provide more or other data, or use another method for matching. -module.eidasauth.matching.99=Matching failed, because of an unexpected processing error. Reason: {0} - - -##Austrian Residency page -gui.residency.title=Austrian Residency -gui.residency.header.selection=Search for Austrian residence -gui.residency.header.help=You can search for the address that you have been registered at in the past. Please enter a \ - postcode, municipality or village first to start the search. - -gui.residency.info.first=If you have a current or former registered residence in Austria, an assignment to your existing register entry can be made by entering the residence data. Please use the form below to enter your residence details. -gui.residency.info.second=First, please enter a postal code, municipality or locality and subsequently start the search for your home address using the "Search" button. Afterwards, you will be interactively supported in completing the address of residence, where you just have to follow the instructions on the form. You can restart the search process at any time by clicking the button "Delete". If all residence data has been filled in completely via the search function, please continue with the button "Continue". -gui.residency.info.third=If you do not have a current or former place of residence in Austria, please continue with the button "No residence available". - -gui.residency.header.inputinvalid=Be sure to enter a value for Municipality or Village -gui.residency.cancel=Cancel -gui.residency.back=No residence available -gui.residency.search=Search -gui.residency.clear=Clear -gui.residency.proceed=Continue -gui.residency.updated=Updated your input -gui.residency.found=Found {0} results, click on one result to refine your search -gui.residency.unique=Unique result found, please proceed -gui.residency.error=Error on Backend Call -gui.residency.input.postleitzahl=Postcode -gui.residency.input.municipality=Municipality -gui.residency.input.village=Village -gui.residency.input.street=Street -gui.residency.input.number=Number - diff --git a/basicConfig/properties/messages_de.properties b/basicConfig/properties/messages_de.properties deleted file mode 100644 index 76624ebe..00000000 --- a/basicConfig/properties/messages_de.properties +++ /dev/null @@ -1,161 +0,0 @@ -####### GUI elements #### -gui.general.language.selection.title=Sprachauswahl -gui.general.language.selection.de=Deutsch -gui.general.language.selection.en=English - -##Errorpage template -gui.errorpage.msg.title=Es ist ein Fehler aufgetreten -gui.errorpage.msg.information=Der Anmeldevorgang wurde aufgrund eines Fehlers beendet: -gui.errorpage.msg.errorcode=Fehlercode: -gui.errorpage.msg.errormsg=Fehlermeldung: -gui.errorpage.msg.stacktrace=Stacktrace: - -##Country-Selection page -gui.countryselection.title=eIDAS-Login Länderauswahl -gui.countryselection.logo.bmi.alt=Logo BMI -gui.countryselection.link.bmi=Startseite BMI -gui.countryselection.header1=Bundesministerium für Inneres -gui.countryselection.header2=Zentraler eIDAS Knoten der Republik Österreich -gui.countryselection.header3=Betrieben durch das Bundesministerium für Inneres -gui.countryselection.header.selection=Wählen Sie Ihr Land -gui.countryselection.cancel=Abbrechen -gui.countryselection.cancle=Abbrechen -gui.countryselection.notsupportedinfo=Wenn Sie Ihr Land in dieser Aufzählung nicht entdecken, dann wird Ihre elektronische Identität (eID) leider noch nicht unterstützt. - -gui.countryselection.infos.general.header=Information zur Anmeldung über Europäische eIDs -gui.countryselection.infos.general.link.1=eIDAS-Verordnung der Europäischen Union -gui.countryselection.infos.general.link.2=Ergänzungsregister für natürliche Personen (ERnP) -gui.countryselection.infos.general.part.1=Sie befinden sich am zentralen eIDAS-Knoten der Republik Österreich. Dieser wird vom Österreichischen -gui.countryselection.infos.general.part.2=betrieben und ermöglicht eine Anmeldungen zu österreichischen Online-Anwendungen unter Verwendung einer elektronischen Identität (eID) anderer EU-Mitgliedstaaten. Sie wurden hierher weitergeleitet, da Sie in einer Online-Anwendung eine Anmeldung via EU-Login initiiert haben. -gui.countryselection.infos.general.part.3=Der zentrale eIDAS-Knoten der Republik Österreich ermöglicht Ihnen eine Anmeldung zu österreichischen Online-Anwendungen mit der eID Ihres Herkunftsstaates. Damit werden die Vorgaben der -gui.countryselection.infos.general.part.4=erfüllt, die eine staatenübergreifende Akzeptanz nationaler eIDs vorsieht. Die wechselseitige Anerkennung nationaler eIDs erfolgt in der EU schrittweise. Aktuell unterstützt der zentrale eIDAS-Knoten der Republik Österreich Anmeldungen mit den eID-Systemen der oben angeführten Mitgliedstaaten. Diese Liste wird laufend erweitert. -gui.countryselection.infos.general.part.5=Nachdem Sie auf dieser Seite einen Mitgliedsstaat ausgewählt haben, werden Sie an die gewohnte Anmeldeumgebung des jeweiligen Mitgliedsstaats weitergeleitet. Dort können Sie sich mit Ihrer eID wie gewohnt anmelden. Haben Sie den Anmeldeprozess erfolgreich abgeschlossen, werden Sie automatisch an die Online-Anwendung, von der aus Sie auf diese Auswahlseite gelangt sind, weitergeleitet und dort mit den Identitätsdaten Ihrer eID angemeldet. Gleichzeitig werden Sie bei Ihrer ersten Anmeldung auf diesem Weg mit Ihren eID-Daten in das österreichische -gui.countryselection.infos.general.part.6=eingetragen. Damit wird sichergestellt, dass Sie auch im Rahmen zukünftiger Anmeldeprozesse zu österreichischen Online-Anwendungen erfolgreich und eindeutig identifiziert werden können. - - -gui.countryselection.country.be=Belgien -gui.countryselection.country.be.logo.alt=Belgische-eID -gui.countryselection.country.hr=Kroatien -gui.countryselection.country.hr.logo.alt=Kroatische-eID -gui.countryselection.country.cy=Zypern -gui.countryselection.country.cy.logo.alt=Zypriotische-eID -gui.countryselection.country.cz=Tschechische Republik -gui.countryselection.country.cz.logo.alt=Tschechische Republik-eID -gui.countryselection.country.ee=Estland -gui.countryselection.country.ee.logo.alt=Estländische-eID -gui.countryselection.country.de=Deutschland -gui.countryselection.country.de.logo.alt=Deutsche-eID -gui.countryselection.country.is=Island -gui.countryselection.country.is.logo.alt=Isländische-eID -gui.countryselection.country.it=Italien -gui.countryselection.country.it.logo.alt=Italienische-eID -gui.countryselection.country.lt=Litauen -gui.countryselection.country.lt.logo.alt=Litauische-eID -gui.countryselection.country.lv=Lettland -gui.countryselection.country.lv.logo.alt=Lettische-eID -gui.countryselection.country.nl=Niederlande -gui.countryselection.country.nl.logo.alt=Niederländische-eID -gui.countryselection.country.pl=Polen -gui.countryselection.country.pl.logo.alt=Polnische-eID -gui.countryselection.country.pt=Portugal -gui.countryselection.country.pt.logo.alt=Portugisische-eID -gui.countryselection.country.si=Slowenien -gui.countryselection.country.si.logo.alt=Slowenische-eID -gui.countryselection.country.es=Spanien -gui.countryselection.country.es.logo.alt=Spanische-eID - -gui.countryselection.country.bg=Bulgarien -gui.countryselection.country.bg.logo.alt=Bulgarische-eID -gui.countryselection.country.dk=Dänemark -gui.countryselection.country.dk.logo.alt=Dänische-eID -gui.countryselection.country.fi=Finnland -gui.countryselection.country.fi.logo.alt=Finische-eID -gui.countryselection.country.fr=Frankreich -gui.countryselection.country.fr.logo.alt=Französiche-eID -gui.countryselection.country.gr=Griechenland -gui.countryselection.country.gr.logo.alt=Griechische-eID -gui.countryselection.country.hu=Ungarn -gui.countryselection.country.hu.logo.alt=Ungarische-eID -gui.countryselection.country.ir=Irland -gui.countryselection.country.ir.logo.alt=Irische-eID -gui.countryselection.country.lu=Luxemburg -gui.countryselection.country.lu.logo.alt=Luxemburgische-eID -gui.countryselection.country.mt=Malta -gui.countryselection.country.mt.logo.alt=Malta-eID -gui.countryselection.country.ro=Rumänien -gui.countryselection.country.ro.logo.alt=Rumänische-eID -gui.countryselection.country.sk=Slowakei -gui.countryselection.country.sk.logo.alt=Slowakische-eID -gui.countryselection.country.sw=Schweden -gui.countryselection.country.sw.logo.alt=Schwedische-eID -gui.countryselection.country.uk=Großbritannien -gui.countryselection.country.uk.logo.alt=Britische-eID - -gui.countryselection.country.testcountry=Testland -gui.countryselection.country.testcountry.logo.alt=Testland-eID - -gui.countryselection.mode.prod=Produktion -gui.countryselection.mode.qs=Qualitätsicherung -gui.countryselection.mode.test=Test -gui.countryselection.mode.dev=Development - - -##### Matching operations -##Other Login Methods page -gui.otherlogin.title=eIDAS-Login Alternative Anmeldemethoden -gui.otherlogin.header.selection=Personendaten nicht gefunden -gui.otherlogin.button.hs=ID Austria -gui.otherlogin.button.eidas=Alternativer eIDAS Login -gui.otherlogin.button.none=Keine alternative Anmeldemöglichkeit -gui.otherlogin.button.inserternp=Eine neue österreichische Identity auf Basis meiner eIDAS Daten erzeugen -gui.otherlogin.cancel=Abbrechen - -gui.otherlogin.info.first=Ihre Personendaten aus dem eben erfolgten EU-Login konnten in den Registern der österreichischen Verwaltung keinem Registereintrag eindeutig zugeordnet werden. Das kann daran liegen, dass Sie in den Registern bisher nicht eingetragen sind, oder ihre aktuellen Anmeldedaten nicht vollständig mit den in den Registern hinterlegten Daten zu Ihrer Person übereinstimmen. -gui.otherlogin.info.second=Sie haben folgende Möglichkeiten, um eine korrekte Zuordnung zu erreichen: -gui.otherlogin.info.list.1=Wenn Sie über eine österreichische ID Austria (oder Handy-Signatur) oder über eine alternative Möglichkeit eines EU-Logins verfügen, melden Sie sich mit diesen bitte erneut an. Verwenden Sie dazu bitte die entsprechende Schaltfläche „ID Austria“ oder „Alternativer EU-Login“. -gui.otherlogin.info.list.2=Verfügen Sie über keine der beiden oben genannten zusätzlichen Anmeldemöglichkeiten, setzen Sie bitte über die Schaltfläche „Keine alternative Anmeldemöglichkeit“ fort - -gui.otherlogin.inserternp.header.selection=Neueintragung -gui.otherlogin.inserternp.first=Ihre Personendaten konnten in den Registern der österreichischen Verwaltung keinem Eintrag eindeutig zugeordnet werden. -gui.otherlogin.inserternp.second=Erlauben Sie die Neueintragung ihrer Personendaten in den Registern der österreichischen Verwaltung, um den Anmeldevorgang erfolgreich abzuschließen. -gui.otherlogin.inserternp.third.prefix=Achtung: Wenn Sie der Meinung sind, in den Registern der österreichischen Verwaltung bereits einen Eintrag zu haben, wird empfohlen, an dieser Stelle keine Neueintragung Ihrer Daten zu erlauben, um doppelte Einträge zu verhindern. Kontaktieren Sie in diesem Fall bitte -gui.otherlogin.inserternp.third.postfix=, um eine manuelle Zuordnung der Daten zu veranlassen. - -module.eidasauth.matching.04=Während der Kommunikation mit einem offiziellen Register ist ein Fehler aufgetreten. Bitte kontaktieren Sie den Support. -module.eidasauth.matching.21=Das Matching auf Basis eine Wohnanschrift in Österreich schlug fehl. Es wurden nicht alle erforderlichen Parameter für eine Suche mittels Wohnanschrift eingegeben. -module.eidasauth.matching.22=Das Matching auf Basis eine Wohnanschrift in Österreich schlug fehl. Matching auf Basis einer bestanden oder bestehenden Wohnanschrift konnte nicht durchgeführt werden. -module.eidasauth.matching.23=Matching auf Basis eines ID Autria wurde abgebrochen. Nutzen Sie eine andere Matchingmethode. -module.eidasauth.matching.24=Matching auf Basis eines ID Autria schlug fehl. Nutzen Sie eine andere Matchingmethode. -module.eidasauth.matching.25=Matching auf Basis einer alternativen eIDAS Anmeldung schlug fehl. Stellen Sie weitere Informationen bereit oder nutzen Sie eine andere Matchingmethode. -module.eidasauth.matching.26=Matching auf Basis einer alternativen eIDAS Anmeldung schlug fehl, da sich entweder der Name oder das Quelland unterscheidet. Stellen Sie weitere Informationen bereit oder nutzen Sie eine andere Matchingmethode. -module.eidasauth.matching.99=Matching schlug Aufgrund eines internen Fehler fehl. Ursache: {0} - - -##Austrian Residency page -gui.residency.title=Österreichischer Wohnsitz -gui.residency.header.selection=Suche nach Österreichischem Wohnsitz -gui.residency.header.help=Hier können Sie nach einem Wohnsitze in Österreich suchen. Bitte geben Sie zuerst eine \ - Postleitzahl, Gemeinde oder Ortschaft ein um die Suche zu starten. - -gui.residency.info.first=Haben Sie einen aktuellen oder ehemaligen gemeldeten Wohnsitz in Österreich, kann eine Zuordnung zu Ihrem bestehenden Registereintrag über Eingabe der Wohnsitzdaten erfolgen. Bitte benutzen Sie das untenstehende Formular, um Ihre Wohnsitzdaten einzugeben. -gui.residency.info.second=Bitte geben Sie dazu zuerst eine Postleitzahl, Gemeinde oder Ortschaft ein und starten Sie die Suche Ihrer Wohnsitzadresse dann über die Schaltfläche „Suche“. Sie werden in weiterer Folge bei der Vervollständigung der Wohnsitzadresse interaktiv unterstützt. Folgen Sie dazu den Anweisungen im Formular. Über die Schaltfläche „Löschen“ können Sie den Suchvorgang jederzeit neu starten. Wurden alle Wohnsitzdaten über die Suchfunktion vollständig befüllt, setzen Sie bitte über die Schaltfläche „Fortfahren“ fort. -gui.residency.info.third=Haben sie keinen aktuellen oder ehemaligen Wohnsitz in Österreich, setzen Sie bitte über die Schaltfläche „Kein Wohnsitz vorhanden“ fort. - -gui.residency.header.inputinvalid=Bitte geben Sie einen Wert für Gemeinde oder Ortschaft ein -gui.residency.cancel=Abbrechen -gui.residency.back=Kein Wohnsitz vorhanden -gui.residency.search=Suche -gui.residency.clear=Löschen -gui.residency.proceed=Fortfahren -gui.residency.updated=Eingabe aktualisiert -gui.residency.found={0} Ergebnisse gefunden, klicken Sie auf ein Ergebnis um die Suche zu verfeinern -gui.residency.unique=Eindeutiges Ergebnis gefunden, bitte fortfahren -gui.residency.error=Fehler bei Addresssuche -gui.residency.input.postleitzahl=PLZ -gui.residency.input.municipality=Gemeinde -gui.residency.input.village=Ortschaft -gui.residency.input.street=Straße -gui.residency.input.number=Nummer - - - diff --git a/basicConfig/templates/countrySelection.html b/basicConfig/templates/countrySelection.html deleted file mode 100644 index 275d20f6..00000000 --- a/basicConfig/templates/countrySelection.html +++ /dev/null @@ -1,133 +0,0 @@ - - - - - - - - eIDAS-Login Länderauswahl - - - - - -

Zentraler eIDAS Knoten der Republik Österreich

Betrieben durch das Bundesministerium für Inneres

- -

Wählen Sie Ihr Land / Select your country

- - - -

- -

- - - - - -

Wenn Sie Ihr Land in dieser Aufzählung nicht entdecken ...

- -

Information zur Anmeldung über Europäische eIDs

- first part - Bundesministerium für Inneres - second part -

- -

- third part - eIDAS-Verordnung der Europäischen Union - fourth part -

- -

- fived part - - sixed part -

- -

- - - diff --git a/basicConfig/templates/countrySelection_example.html b/basicConfig/templates/countrySelection_example.html deleted file mode 100644 index 39d96225..00000000 --- a/basicConfig/templates/countrySelection_example.html +++ /dev/null @@ -1,54 +0,0 @@ - - - - - - - - - eIDAS-Login Länderauswahl - - - -

- LanguageSelectionBlock -

- -

Select your country

- - - - - -

- - - -

- - diff --git a/basicConfig/templates/eidas_node_forward.html b/basicConfig/templates/eidas_node_forward.html deleted file mode 100644 index 4486d146..00000000 --- a/basicConfig/templates/eidas_node_forward.html +++ /dev/null @@ -1,36 +0,0 @@ - - - - - - - - -

Your login is being processed. Thank you for - waiting.

- - - - - \ No newline at end of file diff --git a/basicConfig/templates/error_message.html b/basicConfig/templates/error_message.html deleted file mode 100644 index 0d8d2d4e..00000000 --- a/basicConfig/templates/error_message.html +++ /dev/null @@ -1,60 +0,0 @@ - - - - - - - An error arise ... - - - - - -

Error Header

- -

Error Information

-
- - - - -

Code:

- -

Msg:

- -

fullError

- -

- - - - diff --git a/basicConfig/templates/language_selection.html b/basicConfig/templates/language_selection.html deleted file mode 100644 index 8d34c73b..00000000 --- a/basicConfig/templates/language_selection.html +++ /dev/null @@ -1,15 +0,0 @@ - - - - - -

- Spache1 - - Spache2 -

- - - - diff --git a/basicConfig/templates/other_login_method.html b/basicConfig/templates/other_login_method.html deleted file mode 100644 index 120b0ecd..00000000 --- a/basicConfig/templates/other_login_method.html +++ /dev/null @@ -1,153 +0,0 @@ - - - - - - - eIDAS-Login Other Login Methods - - - - -

Zentraler eIDAS Knoten der Republik Österreich

Betrieben durch das Bundesministerium für Inneres

- -

Generate new ERnP entry

- -

Insert ERnP first block

Insert ERnP second block

- Insert ERnP third block / part 1 - BMI-IKT-eIDAS-Betrieb@bmi.gv.at - Insert ERnP third block / part 3 -

- -

- - -

- -

No person data found

- -

Info text after MDS search with one or more results

Prefix for option list

ID Austria or alterantive eIDAS Login
Search with Address

- -

Detailed -

Generell -

- - -

- - - -

- -

- - -

- -

- - - diff --git a/basicConfig/templates/pvp2_post_binding.html b/basicConfig/templates/pvp2_post_binding.html deleted file mode 100644 index 8f72da13..00000000 --- a/basicConfig/templates/pvp2_post_binding.html +++ /dev/null @@ -1,36 +0,0 @@ -## ## Velocity Template for SAML 2 HTTP-POST binding ## ## Velocity -##context may contain the following properties ## action - String - the -##action URL for the form ## RelayState - String - the relay state for the -##message ## SAMLRequest - String - the Base64 encoded SAML Request ## -##SAMLResponse - String - the Base64 encoded SAML Response - - - - - - - - -

Your login is being processed. Thank you for - waiting.

- - - - - \ No newline at end of file diff --git a/basicConfig/templates/residency.html b/basicConfig/templates/residency.html deleted file mode 100644 index 26812ec0..00000000 --- a/basicConfig/templates/residency.html +++ /dev/null @@ -1,285 +0,0 @@ - - - - - - - - Österreichischer Wohnsitz - - - - - - -

Zentraler eIDAS Knoten der Republik Österreich

Betrieben durch das Bundesministerium für Inneres

- -

Search your Austrian Residency

- -

Info text for matching by address

HowTo search by address

- -

Detailed -

Generell -

- -

- - - -

- - -

- -

Alternativ infos and back

-
- - - - -

- -

- - - - - - - - - - - - - - -

- -

- - - diff --git a/basicConfig/webcontent/autocommit.js b/basicConfig/webcontent/autocommit.js deleted file mode 100644 index d21a5651..00000000 --- a/basicConfig/webcontent/autocommit.js +++ /dev/null @@ -1,5 +0,0 @@ -function autoCommmit() { - document.forms[0].submit(); -} - -document.addEventListener('DOMContentLoaded', autoCommmit); \ No newline at end of file diff --git a/basicConfig/webcontent/css/common.css b/basicConfig/webcontent/css/common.css deleted file mode 100644 index 14fe622d..00000000 --- a/basicConfig/webcontent/css/common.css +++ /dev/null @@ -1,156 +0,0 @@ -body { - background-image: none; - margin: 0px; - font-family: "Helvetica Neue", Helvetica, Arial, sans-serif; -} - -div.header { - background-color: #e9ecef; - padding-top: 28px; - padding-left: 137px; - padding-right: 137px; - padding-bottom: 12px; -} -div.titlebar { - padding: 0px; -} -div.titlebar div { -} -.hidden { - display: none; -} -ul.nav_oben { - padding: 0px; - margin: 0px; - text-align: right; - text-transform: uppercase; -} -li { - display: inline-block; -} -div.header a { - text-decoration: none; - color: black; -} -a { - text-decoration: none; - color: #a22c1c; -} - -.block { - /* override country.css */ - display: flex; - flex-direction: row; - flex-wrap: wrap; - cursor: pointer; - text-decoration: none; - padding-right:2%; - width: 200px; - padding-bottom: 20px; -} - -@media only screen and (min-width: 1000px) { - div.header { - padding-left: 137px; - padding-right: 137px; - } - .content { - padding-left: 137px; - padding-right: 137px; - } - footer { - padding-left: 137px; - padding-right: 137px; - } -} -@media only screen and (max-width: 999px) { - div.header { - padding-left: 1em; - padding-right: 1em; - } - .content { - padding-left: 1em; - padding-right: 1em; - } - footer { - padding-left: 1em; - padding-right: 1em; - } -} - -div.subtitle h1 { - padding: 0px; - margin: 0px; - font-size: 130%; - align: right; -} -div.subtitle h2 { - padding: 0px; - margin: 0px; - font-size: 115%; -} -footer { - left: 0; - padding-top: 1em; - bottom: 0; - width: 100%; - height: 2em; - background-color: rgb(162,44,28); - color: white; -} -.float { - float: left; -} -.floatright { - float: right; -} -.copyright { - width: 66%; - font-size: 80%; -} - - - - -#countries { - padding-bottom: 40px; -} - -#country { - display: flex; - flex-direction: row; - flex-wrap: wrap; - align-items: center; - padding-bottom: 20px; -} - -.countryimage { - width:50px; - height:50px; - padding-right: 2%; - padding-bottom: 4%; -} - -input.cancel-button { -} - -input[type=submit].country-button { - width: inherit; -/* text-align: left; */ -} - -input[type=button], input[type=submit].country-button, input[type=reset] { - display:flex; - background-color:transparent; - border:none; - color: black; - text-decoration: none; - cursor: pointer; - /* center things like its 2019 (using display:flex) */ - align-items: center; - justify-content: center; -} - -form { - justify-content: center; -} diff --git a/basicConfig/webcontent/css/css_country.css b/basicConfig/webcontent/css/css_country.css deleted file mode 100644 index e193126c..00000000 --- a/basicConfig/webcontent/css/css_country.css +++ /dev/null @@ -1,185 +0,0 @@ -@charset "utf-8"; -body { - background-image: none; - margin: 0px; - font-family: "Helvetica Neue", Helvetica, Arial, sans-serif; -} - -#page { - padding-top: 2%; - padding-left: 10%; -} - -#country { - display: flex; - flex-direction: row; - flex-wrap: wrap; - align-items: center; -} - -#matchingError { - border: 2px solid rgb(162, 44, 28); - padding: 1em; - width: 80%; - margin-top: 2em; - margin-bottom: 2em; -} - -.block { - display: flex; - flex-direction: row; - flex-wrap: wrap; - cursor: pointer; - text-decoration: none; - padding-right: 2%; - width: 250px; - justify-content: center; -} - -.countryimage { - width: 50px; - height: 50px; - padding-right: 2%; - padding-bottom: 4%; -} - -input[type=button], input[type=submit], input[type=reset] { - display: flex; - background-color: transparent; - border: none; - color: black; - text-decoration: none; - cursor: pointer; -} - -#testEnvironment { - border: none; - color: black; - padding: 10px 20px; - text-decoration: none; - margin: 4px 2px; - height: 3%; - display: inline-block; - vertical-align: middle; - width: 40%; -} - -#button { - background-color: transparent; - border: none; -} - -.primaryButton { - height: 4em; -} - -.singleButton { - padding-left: 2em; -} - -.mainDescription { - width: 80%; -} - - -div.mainDescription li { - display: list-item; - -} - -div.header { - background-color: #e9ecef; - padding-top: 28px; - padding-left: 137px; - padding-right: 137px; - padding-bottom: 12px; -} - -div.titlebar { - padding: 0px; -} - -div.titlebar div { -} - -.hidden { - display: none; -} - -ul.nav_oben { - padding: 0px; - margin: 0px; - text-align: right; - text-transform: uppercase; -} - -li { - display: inline-block; -} - -div.header a { - text-decoration: none; - color: black; -} - -a { - text-decoration: none; - color: #a22c1c; -} - -.content { - padding-left: 137px; - padding-right: 137px; -} - -div.subtitle h1 { - padding: 0px; - margin: 0px; - font-size: 130%; - align: right; -} - -div.subtitle h2 { - padding: 0px; - margin: 0px; - font-size: 115%; -} - -footer { - position: fixed; - left: 0; - padding-left: 137px; - padding-right: 137px; - padding-top: 1em; - bottom: 0; - width: 100%; - height: 2em; - background-color: rgb(162, 44, 28); - color: white; -} - -.float { - float: left; -} - -.floatright { - float: right; -} - -.copyright { - width: 66%; - font-size: 80%; -} - -#countries, #country { - padding-bottom: 40px; -} - -input[type=submit] { - width: inherit; - /* text-align: left; */ -} - -form { - justify-content: center; -} diff --git a/basicConfig/webcontent/css/css_error.css b/basicConfig/webcontent/css/css_error.css deleted file mode 100644 index d772df43..00000000 --- a/basicConfig/webcontent/css/css_error.css +++ /dev/null @@ -1,26 +0,0 @@ -@charset "utf-8"; - body { - padding-left: 5%; - background-color: #F9F9F9; - } - #page { - padding-top: 2%; - padding-right: 10%; - padding-left: 5%; - } - - .OA_header { - font-size: 2.1em; - padding-top:1%; - margin-bottom: 1%; - margin-top: 1%; - - } - - #alert_area { - float:left; - width: 100%; - } - - - diff --git a/basicConfig/webcontent/img/ajax-loader.gif b/basicConfig/webcontent/img/ajax-loader.gif deleted file mode 100644 index f2a1bc0c..00000000 Binary files a/basicConfig/webcontent/img/ajax-loader.gif and /dev/null differ diff --git a/basicConfig/webcontent/js/jquery-3.6.0.min.js b/basicConfig/webcontent/js/jquery-3.6.0.min.js deleted file mode 100644 index c4c6022f..00000000 --- a/basicConfig/webcontent/js/jquery-3.6.0.min.js +++ /dev/null @@ -1,2 +0,0 @@ -/*! jQuery v3.6.0 | (c) OpenJS Foundation and other contributors | jquery.org/license */ -!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"object"==typeof e||"function"==typeof e?n[o.call(e)]||"object":typeof e}var f="3.6.0",S=function(e,t){return new S.fn.init(e,t)};function p(e){var t=!!e&&"length"in e&&e.length,n=w(e);return!m(e)&&!x(e)&&("array"===n||0===t||"number"==typeof t&&0+~]|"+M+")"+M+"*"),U=new RegExp(M+"|>"),X=new RegExp(F),V=new RegExp("^"+I+"$"),G={ID:new RegExp("^#("+I+")"),CLASS:new RegExp("^\\.("+I+")"),TAG:new RegExp("^("+I+"|[*])"),ATTR:new RegExp("^"+W),PSEUDO:new RegExp("^"+F),CHILD:new RegExp("^:(only|first|last|nth|nth-last)-(child|of-type)(?:\$"+M+"*(even|odd|(([+-]|)(\\d*)n|)"+M+"*(?:([+-]|)"+M+"*(\\d+)|))"+M+"*\$|)","i"),bool:new RegExp("^(?:"+R+")$","i"),needsContext:new RegExp("^"+M+"*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\$"+M+"*((?:-\\d)?\\d*)"+M+"*\$|)(?=[^-]|$)","i")},Y=/HTML$/i,Q=/^(?:input|select|textarea|button)$/i,J=/^h\d$/i,K=/^[^{]+\{\s*\[native \w/,Z=/^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,ee=/[+~]/,te=new RegExp("\\\\[\\da-fA-F]{1,6}"+M+"?|\\\\([^\\r\\n\\f])","g"),ne=function(e,t){var n="0x"+e.slice(1)-65536;return t||(n<0?String.fromCharCode(n+65536):String.fromCharCode(n>>10|55296,1023&n|56320))},re=/([\0-\x1f\x7f]|^-?\d)|^-$|[^\0-\x1f\x7f-\uFFFF\w-]/g,ie=function(e,t){return t?"\0"===e?"\ufffd":e.slice(0,-1)+"\\"+e.charCodeAt(e.length-1).toString(16)+" ":"\\"+e},oe=function(){T()},ae=be(function(e){return!0===e.disabled&&"fieldset"===e.nodeName.toLowerCase()},{dir:"parentNode",next:"legend"});try{H.apply(t=O.call(p.childNodes),p.childNodes),t[p.childNodes.length].nodeType}catch(e){H={apply:t.length?function(e,t){L.apply(e,O.call(t))}:function(e,t){var n=e.length,r=0;while(e[n++]=t[r++]);e.length=n-1}}}function se(t,e,n,r){var i,o,a,s,u,l,c,f=e&&e.ownerDocument,p=e?e.nodeType:9;if(n=n||[],"string"!=typeof t||!t||1!==p&&9!==p&&11!==p)return n;if(!r&&(T(e),e=e||C,E)){if(11!==p&&(u=Z.exec(t)))if(i=u[1]){if(9===p){if(!(a=e.getElementById(i)))return n;if(a.id===i)return n.push(a),n}else if(f&&(a=f.getElementById(i))&&y(e,a)&&a.id===i)return n.push(a),n}else{if(u[2])return H.apply(n,e.getElementsByTagName(t)),n;if((i=u[3])&&d.getElementsByClassName&&e.getElementsByClassName)return H.apply(n,e.getElementsByClassName(i)),n}if(d.qsa&&!N[t+" "]&&(!v||!v.test(t))&&(1!==p||"object"!==e.nodeName.toLowerCase())){if(c=t,f=e,1===p&&(U.test(t)||z.test(t))){(f=ee.test(t)&&ye(e.parentNode)||e)===e&&d.scope||((s=e.getAttribute("id"))?s=s.replace(re,ie):e.setAttribute("id",s=S)),o=(l=h(t)).length;while(o--)l[o]=(s?"#"+s:":scope")+" "+xe(l[o]);c=l.join(",")}try{return H.apply(n,f.querySelectorAll(c)),n}catch(e){N(t,!0)}finally{s===S&&e.removeAttribute("id")}}}return g(t.replace($,"$1"),e,n,r)}function ue(){var r=[];return function e(t,n){return r.push(t+" ")>b.cacheLength&&delete e[r.shift()],e[t+" "]=n}}function le(e){return e[S]=!0,e}function ce(e){var t=C.createElement("fieldset");try{return!!e(t)}catch(e){return!1}finally{t.parentNode&&t.parentNode.removeChild(t),t=null}}function fe(e,t){var n=e.split("|"),r=n.length;while(r--)b.attrHandle[n[r]]=t}function pe(e,t){var n=t&&e,r=n&&1===e.nodeType&&1===t.nodeType&&e.sourceIndex-t.sourceIndex;if(r)return r;if(n)while(n=n.nextSibling)if(n===t)return-1;return e?1:-1}function de(t){return function(e){return"input"===e.nodeName.toLowerCase()&&e.type===t}}function he(n){return function(e){var t=e.nodeName.toLowerCase();return("input"===t||"button"===t)&&e.type===n}}function ge(t){return function(e){return"form"in e?e.parentNode&&!1===e.disabled?"label"in e?"label"in e.parentNode?e.parentNode.disabled===t:e.disabled===t:e.isDisabled===t||e.isDisabled!==!t&&ae(e)===t:e.disabled===t:"label"in e&&e.disabled===t}}function ve(a){return le(function(o){return o=+o,le(function(e,t){var n,r=a([],e.length,o),i=r.length;while(i--)e[n=r[i]]&&(e[n]=!(t[n]=e[n]))})})}function ye(e){return e&&"undefined"!=typeof e.getElementsByTagName&&e}for(e in d=se.support={},i=se.isXML=function(e){var t=e&&e.namespaceURI,n=e&&(e.ownerDocument||e).documentElement;return!Y.test(t||n&&n.nodeName||"HTML")},T=se.setDocument=function(e){var t,n,r=e?e.ownerDocument||e:p;return r!=C&&9===r.nodeType&&r.documentElement&&(a=(C=r).documentElement,E=!i(C),p!=C&&(n=C.defaultView)&&n.top!==n&&(n.addEventListener?n.addEventListener("unload",oe,!1):n.attachEvent&&n.attachEvent("onunload",oe)),d.scope=ce(function(e){return a.appendChild(e).appendChild(C.createElement("div")),"undefined"!=typeof e.querySelectorAll&&!e.querySelectorAll(":scope fieldset div").length}),d.attributes=ce(function(e){return e.className="i",!e.getAttribute("className")}),d.getElementsByTagName=ce(function(e){return e.appendChild(C.createComment("")),!e.getElementsByTagName("*").length}),d.getElementsByClassName=K.test(C.getElementsByClassName),d.getById=ce(function(e){return a.appendChild(e).id=S,!C.getElementsByName||!C.getElementsByName(S).length}),d.getById?(b.filter.ID=function(e){var t=e.replace(te,ne);return function(e){return e.getAttribute("id")===t}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n=t.getElementById(e);return n?[n]:[]}}):(b.filter.ID=function(e){var n=e.replace(te,ne);return function(e){var t="undefined"!=typeof e.getAttributeNode&&e.getAttributeNode("id");return t&&t.value===n}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n,r,i,o=t.getElementById(e);if(o){if((n=o.getAttributeNode("id"))&&n.value===e)return[o];i=t.getElementsByName(e),r=0;while(o=i[r++])if((n=o.getAttributeNode("id"))&&n.value===e)return[o]}return[]}}),b.find.TAG=d.getElementsByTagName?function(e,t){return"undefined"!=typeof t.getElementsByTagName?t.getElementsByTagName(e):d.qsa?t.querySelectorAll(e):void 0}:function(e,t){var n,r=[],i=0,o=t.getElementsByTagName(e);if("*"===e){while(n=o[i++])1===n.nodeType&&r.push(n);return r}return o},b.find.CLASS=d.getElementsByClassName&&function(e,t){if("undefined"!=typeof t.getElementsByClassName&&E)return t.getElementsByClassName(e)},s=[],v=[],(d.qsa=K.test(C.querySelectorAll))&&(ce(function(e){var t;a.appendChild(e).innerHTML="",e.querySelectorAll("[msallowcapture^='']").length&&v.push("[*^$]="+M+"*(?:''|\"\")"),e.querySelectorAll("[selected]").length||v.push("\\["+M+"*(?:value|"+R+")"),e.querySelectorAll("[id~="+S+"-]").length||v.push("~="),(t=C.createElement("input")).setAttribute("name",""),e.appendChild(t),e.querySelectorAll("[name='']").length||v.push("\\["+M+"*name"+M+"*="+M+"*(?:''|\"\")"),e.querySelectorAll(":checked").length||v.push(":checked"),e.querySelectorAll("a#"+S+"+*").length||v.push(".#.+[+~]"),e.querySelectorAll("\\\f"),v.push("[\\r\\n\\f]")}),ce(function(e){e.innerHTML="";var t=C.createElement("input");t.setAttribute("type","hidden"),e.appendChild(t).setAttribute("name","D"),e.querySelectorAll("[name=d]").length&&v.push("name"+M+"*[*^$|!~]?="),2!==e.querySelectorAll(":enabled").length&&v.push(":enabled",":disabled"),a.appendChild(e).disabled=!0,2!==e.querySelectorAll(":disabled").length&&v.push(":enabled",":disabled"),e.querySelectorAll("*,:x"),v.push(",.*:")})),(d.matchesSelector=K.test(c=a.matches||a.webkitMatchesSelector||a.mozMatchesSelector||a.oMatchesSelector||a.msMatchesSelector))&&ce(function(e){d.disconnectedMatch=c.call(e,"*"),c.call(e,"[s!='']:x"),s.push("!=",F)}),v=v.length&&new RegExp(v.join("|")),s=s.length&&new RegExp(s.join("|")),t=K.test(a.compareDocumentPosition),y=t||K.test(a.contains)?function(e,t){var n=9===e.nodeType?e.documentElement:e,r=t&&t.parentNode;return e===r||!(!r||1!==r.nodeType||!(n.contains?n.contains(r):e.compareDocumentPosition&&16&e.compareDocumentPosition(r)))}:function(e,t){if(t)while(t=t.parentNode)if(t===e)return!0;return!1},j=t?function(e,t){if(e===t)return l=!0,0;var n=!e.compareDocumentPosition-!t.compareDocumentPosition;return n||(1&(n=(e.ownerDocument||e)==(t.ownerDocument||t)?e.compareDocumentPosition(t):1)||!d.sortDetached&&t.compareDocumentPosition(e)===n?e==C||e.ownerDocument==p&&y(p,e)?-1:t==C||t.ownerDocument==p&&y(p,t)?1:u?P(u,e)-P(u,t):0:4&n?-1:1)}:function(e,t){if(e===t)return l=!0,0;var n,r=0,i=e.parentNode,o=t.parentNode,a=[e],s=[t];if(!i||!o)return e==C?-1:t==C?1:i?-1:o?1:u?P(u,e)-P(u,t):0;if(i===o)return pe(e,t);n=e;while(n=n.parentNode)a.unshift(n);n=t;while(n=n.parentNode)s.unshift(n);while(a[r]===s[r])r++;return r?pe(a[r],s[r]):a[r]==p?-1:s[r]==p?1:0}),C},se.matches=function(e,t){return se(e,null,null,t)},se.matchesSelector=function(e,t){if(T(e),d.matchesSelector&&E&&!N[t+" "]&&(!s||!s.test(t))&&(!v||!v.test(t)))try{var n=c.call(e,t);if(n||d.disconnectedMatch||e.document&&11!==e.document.nodeType)return n}catch(e){N(t,!0)}return 0":{dir:"parentNode",first:!0}," ":{dir:"parentNode"},"+":{dir:"previousSibling",first:!0},"~":{dir:"previousSibling"}},preFilter:{ATTR:function(e){return e[1]=e[1].replace(te,ne),e[3]=(e[3]||e[4]||e[5]||"").replace(te,ne),"~="===e[2]&&(e[3]=" "+e[3]+" "),e.slice(0,4)},CHILD:function(e){return e[1]=e[1].toLowerCase(),"nth"===e[1].slice(0,3)?(e[3]||se.error(e[0]),e[4]=+(e[4]?e[5]+(e[6]||1):2*("even"===e[3]||"odd"===e[3])),e[5]=+(e[7]+e[8]||"odd"===e[3])):e[3]&&se.error(e[0]),e},PSEUDO:function(e){var t,n=!e[6]&&e[2];return G.CHILD.test(e[0])?null:(e[3]?e[2]=e[4]||e[5]||"":n&&X.test(n)&&(t=h(n,!0))&&(t=n.indexOf(")",n.length-t)-n.length)&&(e[0]=e[0].slice(0,t),e[2]=n.slice(0,t)),e.slice(0,3))}},filter:{TAG:function(e){var t=e.replace(te,ne).toLowerCase();return"*"===e?function(){return!0}:function(e){return e.nodeName&&e.nodeName.toLowerCase()===t}},CLASS:function(e){var t=m[e+" "];return t||(t=new RegExp("(^|"+M+")"+e+"("+M+"|$)"))&&m(e,function(e){return t.test("string"==typeof e.className&&e.className||"undefined"!=typeof e.getAttribute&&e.getAttribute("class")||"")})},ATTR:function(n,r,i){return function(e){var t=se.attr(e,n);return null==t?"!="===r:!r||(t+="","="===r?t===i:"!="===r?t!==i:"^="===r?i&&0===t.indexOf(i):"*="===r?i&&-1:\x20\t\r\n\f]*)[\x20\t\r\n\f]*\/?>(?:<\/\1>|)$/i;function j(e,n,r){return m(n)?S.grep(e,function(e,t){return!!n.call(e,t,e)!==r}):n.nodeType?S.grep(e,function(e){return e===n!==r}):"string"!=typeof n?S.grep(e,function(e){return-1)[^>]*|#([\w-]+))$/;(S.fn.init=function(e,t,n){var r,i;if(!e)return this;if(n=n||D,"string"==typeof e){if(!(r="<"===e[0]&&">"===e[e.length-1]&&3<=e.length?[null,e,null]:q.exec(e))||!r[1]&&t)return!t||t.jquery?(t||n).find(e):this.constructor(t).find(e);if(r[1]){if(t=t instanceof S?t[0]:t,S.merge(this,S.parseHTML(r[1],t&&t.nodeType?t.ownerDocument||t:E,!0)),N.test(r[1])&&S.isPlainObject(t))for(r in t)m(this[r])?this[r](t[r]):this.attr(r,t[r]);return this}return(i=E.getElementById(r[2]))&&(this[0]=i,this.length=1),this}return e.nodeType?(this[0]=e,this.length=1,this):m(e)?void 0!==n.ready?n.ready(e):e(S):S.makeArray(e,this)}).prototype=S.fn,D=S(E);var L=/^(?:parents|prev(?:Until|All))/,H={children:!0,contents:!0,next:!0,prev:!0};function O(e,t){while((e=e[t])&&1!==e.nodeType);return e}S.fn.extend({has:function(e){var t=S(e,this),n=t.length;return this.filter(function(){for(var e=0;e\x20\t\r\n\f]*)/i,he=/^$|^module$|\/(?:java|ecma)script/i;ce=E.createDocumentFragment().appendChild(E.createElement("div")),(fe=E.createElement("input")).setAttribute("type","radio"),fe.setAttribute("checked","checked"),fe.setAttribute("name","t"),ce.appendChild(fe),y.checkClone=ce.cloneNode(!0).cloneNode(!0).lastChild.checked,ce.innerHTML="",y.noCloneChecked=!!ce.cloneNode(!0).lastChild.defaultValue,ce.innerHTML="",y.option=!!ce.lastChild;var ge={thead:[1,"","

"],col:[2,"","

"],tr:[2,"","

"],td:[3,"","

"],_default:[0,"",""]};function ve(e,t){var n;return n="undefined"!=typeof e.getElementsByTagName?e.getElementsByTagName(t||"*"):"undefined"!=typeof e.querySelectorAll?e.querySelectorAll(t||"*"):[],void 0===t||t&&A(e,t)?S.merge([e],n):n}function ye(e,t){for(var n=0,r=e.length;n",""]);var me=/<|&#?\w+;/;function xe(e,t,n,r,i){for(var o,a,s,u,l,c,f=t.createDocumentFragment(),p=[],d=0,h=e.length;d\s*$/g;function je(e,t){return A(e,"table")&&A(11!==t.nodeType?t:t.firstChild,"tr")&&S(e).children("tbody")[0]||e}function De(e){return e.type=(null!==e.getAttribute("type"))+"/"+e.type,e}function qe(e){return"true/"===(e.type||"").slice(0,5)?e.type=e.type.slice(5):e.removeAttribute("type"),e}function Le(e,t){var n,r,i,o,a,s;if(1===t.nodeType){if(Y.hasData(e)&&(s=Y.get(e).events))for(i in Y.remove(t,"handle events"),s)for(n=0,r=s[i].length;n").attr(n.scriptAttrs||{}).prop({charset:n.scriptCharset,src:n.url}).on("load error",i=function(e){r.remove(),i=null,e&&t("error"===e.type?404:200,e.type)}),E.head.appendChild(r[0])},abort:function(){i&&i()}}});var _t,zt=[],Ut=/(=)\?(?=&|$)|\?\?/;S.ajaxSetup({jsonp:"callback",jsonpCallback:function(){var e=zt.pop()||S.expando+"_"+wt.guid++;return this[e]=!0,e}}),S.ajaxPrefilter("json jsonp",function(e,t,n){var r,i,o,a=!1!==e.jsonp&&(Ut.test(e.url)?"url":"string"==typeof e.data&&0===(e.contentType||"").indexOf("application/x-www-form-urlencoded")&&Ut.test(e.data)&&"data");if(a||"jsonp"===e.dataTypes[0])return r=e.jsonpCallback=m(e.jsonpCallback)?e.jsonpCallback():e.jsonpCallback,a?e[a]=e[a].replace(Ut,"$1"+r):!1!==e.jsonp&&(e.url+=(Tt.test(e.url)?"&":"?")+e.jsonp+"="+r),e.converters["script json"]=function(){return o||S.error(r+" was not called"),o[0]},e.dataTypes[0]="json",i=C[r],C[r]=function(){o=arguments},n.always(function(){void 0===i?S(C).removeProp(r):C[r]=i,e[r]&&(e.jsonpCallback=t.jsonpCallback,zt.push(r)),o&&m(i)&&i(o[0]),o=i=void 0}),"script"}),y.createHTMLDocument=((_t=E.implementation.createHTMLDocument("").body).innerHTML="",2===_t.childNodes.length),S.parseHTML=function(e,t,n){return"string"!=typeof e?[]:("boolean"==typeof t&&(n=t,t=!1),t||(y.createHTMLDocument?((r=(t=E.implementation.createHTMLDocument("")).createElement("base")).href=E.location.href,t.head.appendChild(r)):t=E),o=!n&&[],(i=N.exec(e))?[t.createElement(i[1])]:(i=xe([e],t,o),o&&o.length&&S(o).remove(),S.merge([],i.childNodes)));var r,i,o},S.fn.load=function(e,t,n){var r,i,o,a=this,s=e.indexOf(" ");return-1").append(S.parseHTML(e)).find(r):e)}).always(n&&function(e,t){a.each(function(){n.apply(this,o||[e.responseText,t,e])})}),this},S.expr.pseudos.animated=function(t){return S.grep(S.timers,function(e){return t===e.elem}).length},S.offset={setOffset:function(e,t,n){var r,i,o,a,s,u,l=S.css(e,"position"),c=S(e),f={};"static"===l&&(e.style.position="relative"),s=c.offset(),o=S.css(e,"top"),u=S.css(e,"left"),("absolute"===l||"fixed"===l)&&-1<(o+u).indexOf("auto")?(a=(r=c.position()).top,i=r.left):(a=parseFloat(o)||0,i=parseFloat(u)||0),m(t)&&(t=t.call(e,n,S.extend({},s))),null!=t.top&&(f.top=t.top-s.top+a),null!=t.left&&(f.left=t.left-s.left+i),"using"in t?t.using.call(e,f):c.css(f)}},S.fn.extend({offset:function(t){if(arguments.length)return void 0===t?this:this.each(function(e){S.offset.setOffset(this,t,e)});var e,n,r=this[0];return r?r.getClientRects().length?(e=r.getBoundingClientRect(),n=r.ownerDocument.defaultView,{top:e.top+n.pageYOffset,left:e.left+n.pageXOffset}):{top:0,left:0}:void 0},position:function(){if(this[0]){var e,t,n,r=this[0],i={top:0,left:0};if("fixed"===S.css(r,"position"))t=r.getBoundingClientRect();else{t=this.offset(),n=r.ownerDocument,e=r.offsetParent||n.documentElement;while(e&&(e===n.body||e===n.documentElement)&&"static"===S.css(e,"position"))e=e.parentNode;e&&e!==r&&1===e.nodeType&&((i=S(e).offset()).top+=S.css(e,"borderTopWidth",!0),i.left+=S.css(e,"borderLeftWidth",!0))}return{top:t.top-i.top-S.css(r,"marginTop",!0),left:t.left-i.left-S.css(r,"marginLeft",!0)}}},offsetParent:function(){return this.map(function(){var e=this.offsetParent;while(e&&"static"===S.css(e,"position"))e=e.offsetParent;return e||re})}}),S.each({scrollLeft:"pageXOffset",scrollTop:"pageYOffset"},function(t,i){var o="pageYOffset"===i;S.fn[t]=function(e){return $(this,function(e,t,n){var r;if(x(e)?r=e:9===e.nodeType&&(r=e.defaultView),void 0===n)return r?r[i]:e[t];r?r.scrollTo(o?r.pageXOffset:n,o?n:r.pageYOffset):e[t]=n},t,e,arguments.length)}}),S.each(["top","left"],function(e,n){S.cssHooks[n]=Fe(y.pixelPosition,function(e,t){if(t)return t=We(e,n),Pe.test(t)?S(e).position()[n]+"px":t})}),S.each({Height:"height",Width:"width"},function(a,s){S.each({padding:"inner"+a,content:s,"":"outer"+a},function(r,o){S.fn[o]=function(e,t){var n=arguments.length&&(r||"boolean"!=typeof e),i=r||(!0===e||!0===t?"margin":"border");return $(this,function(e,t,n){var r;return x(e)?0===o.indexOf("outer")?e["inner"+a]:e.document.documentElement["client"+a]:9===e.nodeType?(r=e.documentElement,Math.max(e.body["scroll"+a],r["scroll"+a],e.body["offset"+a],r["offset"+a],r["client"+a])):void 0===n?S.css(e,t,i):S.style(e,t,n,i)},s,n?e:void 0,n)}})}),S.each(["ajaxStart","ajaxStop","ajaxComplete","ajaxError","ajaxSuccess","ajaxSend"],function(e,t){S.fn[t]=function(e){return this.on(t,e)}}),S.fn.extend({bind:function(e,t,n){return this.on(e,null,t,n)},unbind:function(e,t){return this.off(e,null,t)},delegate:function(e,t,n,r){return this.on(t,e,n,r)},undelegate:function(e,t,n){return 1===arguments.length?this.off(e,"**"):this.off(t,e||"**",n)},hover:function(e,t){return this.mouseenter(e).mouseleave(t||e)}}),S.each("blur focus focusin focusout resize scroll click dblclick mousedown mouseup mousemove mouseover mouseout mouseenter mouseleave change select submit keydown keypress keyup contextmenu".split(" "),function(e,n){S.fn[n]=function(e,t){return 0at.asitplus.eidas.ms_specific.modules authmodule-eIDAS-v2 - - at.asitplus.eidas.ms_specific.modules - eidas_proxy-sevice - - - at.asitplus.eidas.ms_specific.modules - authmodule_id-austria - at.gv.egiz.eaaf diff --git a/connector/src/assembly/assembly_dir.xml b/connector/src/assembly/assembly_dir.xml index bc12a470..f7bd45a1 100644 --- a/connector/src/assembly/assembly_dir.xml +++ b/connector/src/assembly/assembly_dir.xml @@ -35,19 +35,31 @@ ./config **/extconfig/** + **/ms-connector/** + **/ms-proxyservice/** - ${project.parent.basedir}/infos/ + ${project.parent.basedir}/basicConfig/ms-connector/ + ./config + + + ${project.parent.basedir}/infos/ms-connector/ ./infos readme_${project.version}.txt readme_${project.version}.md history.txt - eIDAS_Ref_Impl/* handbook/* + + ${project.parent.basedir}/infos/ + ./infos + + eIDAS_Ref_Impl/* + + diff --git a/connector/src/assembly/assembly_zip.xml b/connector/src/assembly/assembly_zip.xml index dcb7dab0..56d684c0 100644 --- a/connector/src/assembly/assembly_zip.xml +++ b/connector/src/assembly/assembly_zip.xml @@ -35,19 +35,31 @@ ./config **/extconfig/** + **/ms-connector/** + **/ms-proxyservice/** - ${project.parent.basedir}/infos/ + ${project.parent.basedir}/basicConfig/ms-connector/ + ./config + + + ${project.parent.basedir}/infos/ms-connector/ ./infos readme_${project.version}.txt readme_${project.version}.md history.txt - eIDAS_Ref_Impl/* handbook/* + + ${project.parent.basedir}/infos/ + ./infos + + eIDAS_Ref_Impl/* + + diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/CountrySelectionProcessImplTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/CountrySelectionProcessImplTest.java index 368a8e4e..7d82c120 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/CountrySelectionProcessImplTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/CountrySelectionProcessImplTest.java @@ -48,7 +48,7 @@ public class CountrySelectionProcessImplTest { @BeforeClass public static void classInitializer() { final String current = new java.io.File(".").toURI().toString(); - System.setProperty("eidas.ms.configuration", current + "../basicConfig/default_config.properties"); + System.setProperty("eidas.ms.configuration", current + "../basicConfig/ms-connector/default_config.properties"); } diff --git a/infos/Handbuch_MS-eIDAS-Node.docx b/infos/Handbuch_MS-eIDAS-Node.docx deleted file mode 100644 index 86e7b596..00000000 Binary files a/infos/Handbuch_MS-eIDAS-Node.docx and /dev/null differ diff --git a/infos/history.txt b/infos/history.txt deleted file mode 100644 index 73c2bdf7..00000000 --- a/infos/history.txt +++ /dev/null @@ -1,75 +0,0 @@ -Dieses Dokument zeigt die Veränderungen und Erweiterungen am eIDAS MS-Connector - -Version 1.3.0 (2022-05-19): - - Mindestens Java 11 erforderlich - - Erweitertes Identitätsmatching welches sowohl bestehende ZMR und ERnP Einträge berücksichtigt - - Integration der vom BM.I übermittelten UX Templates in die Beispielkonfiguration - - Bugfix - - Fehler bei der Verarbeitung von leeren Attributewerten behoben - - Akutalisierung von Drittherstellerbibliotheken - - openSAML 4.0.1 - - EAAF-Components 1.3.2 - - SpringBoot 2.5.13 - - Spring-Framework 5.3.20 - - Apache CXF 3.5.2 - -Version 1.2.4 (2022-04-05): - - Bugfix - - Mögliche RCE Schwachstelle via Spring Framework behoben (CVE-2022-22965) - - Work-Around für insertErnp im ID Austria Betriebsmodus - - Akutalisierung von Drittherstellerbibliotheken - - Spring-Core 5.3.18 - - Spring-Boot 2.5.12 - - thymeleaf-spring5 3.0.15.RELEASE - - Apache CXF 3.4.6 - - Google Guava 31.1-jre - - Jackson 2.13.2 - - Joda-Time 2.10.14 - - jose4j 0.7.11 - - log4j 2.17.2 - - slf4j 1.7.36 - -Version 1.2.3 (2021-10-21): - - Bugfix - - Inkompatibilität zwischen AT MS-Connector und ID Austria System behoben - - Logging optimiert und Beispielkonfiguration um TransactionsId erweitert - - Akutalisierung von Drittherstellerbibliotheken - -Version 1.2.2 (2021-06-26): - - Bugfix - - Inkompatibilität zwischen AT MS-Connector, EidasNode v2.5 und Deutscher Middleware behoben - -Version 1.2.1 (2021-05-28): - - Bugfix - - Möglichen Fehler in der Sprachauswahl via GUI behoben - -Version 1.2 (2021-05-12): - - Erforderliche Anpassungen zur Integration in den ID Austria - - Update auf eIDAS Ref. Impl. 2.5.0 (Implementiert eIDAS Spezifikation 1.2) https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eIDAS-Node+version+2.5 - - Codestabilisierung - - Monitoring und HealthChecks Verbesserungen - - Akutalisierung von Drittherstellerbibliotheken - -Version 1.1 (2019-12-13): - - Update auf eIDAS Ref. Impl. 2.4.0 mit Apache Ignite Cache https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eIDAS-Node+version+2.4 - - Statischer Service-Provider Name für öffentliche Applikationen - - Mindest LoA, welche für Requests an eIDAS Proxy-Services verwendet wird. - - Requested Attributes je Land konfigurierbar - - Neue Template-Engine mit i18n Unterstützung - - Neuer Algorithmus zur Generierung von Sessiontokens - - Akutalisierung von Drittherstellerbibliotheken - -Version 1.0.1 (2019-08-02): - - Update auf eIDAS Ref. Impl. 2.2.0 - - Bugfix - - Ungültige Zeichenkodierung bei nonLatin Zeichen behoben - - Akutalisierung von Drittherstellerbibliotheken - -Version 1.0 (2018-10-30): - - Initiale Version des eIDAS MS-Connector - - - - - - diff --git a/infos/ms-connector/Handbuch_MS-eIDAS-Node.docx b/infos/ms-connector/Handbuch_MS-eIDAS-Node.docx new file mode 100644 index 00000000..86e7b596 Binary files /dev/null and b/infos/ms-connector/Handbuch_MS-eIDAS-Node.docx differ diff --git a/infos/ms-connector/handbook/Handbuch_MS-eIDAS-Node.pdf b/infos/ms-connector/handbook/Handbuch_MS-eIDAS-Node.pdf new file mode 100644 index 00000000..c61dc7b9 Binary files /dev/null and b/infos/ms-connector/handbook/Handbuch_MS-eIDAS-Node.pdf differ diff --git a/infos/ms-connector/history.txt b/infos/ms-connector/history.txt new file mode 100644 index 00000000..73c2bdf7 --- /dev/null +++ b/infos/ms-connector/history.txt @@ -0,0 +1,75 @@ +Dieses Dokument zeigt die Veränderungen und Erweiterungen am eIDAS MS-Connector + +Version 1.3.0 (2022-05-19): + - Mindestens Java 11 erforderlich + - Erweitertes Identitätsmatching welches sowohl bestehende ZMR und ERnP Einträge berücksichtigt + - Integration der vom BM.I übermittelten UX Templates in die Beispielkonfiguration + - Bugfix + - Fehler bei der Verarbeitung von leeren Attributewerten behoben + - Akutalisierung von Drittherstellerbibliotheken + - openSAML 4.0.1 + - EAAF-Components 1.3.2 + - SpringBoot 2.5.13 + - Spring-Framework 5.3.20 + - Apache CXF 3.5.2 + +Version 1.2.4 (2022-04-05): + - Bugfix + - Mögliche RCE Schwachstelle via Spring Framework behoben (CVE-2022-22965) + - Work-Around für insertErnp im ID Austria Betriebsmodus + - Akutalisierung von Drittherstellerbibliotheken + - Spring-Core 5.3.18 + - Spring-Boot 2.5.12 + - thymeleaf-spring5 3.0.15.RELEASE + - Apache CXF 3.4.6 + - Google Guava 31.1-jre + - Jackson 2.13.2 + - Joda-Time 2.10.14 + - jose4j 0.7.11 + - log4j 2.17.2 + - slf4j 1.7.36 + +Version 1.2.3 (2021-10-21): + - Bugfix + - Inkompatibilität zwischen AT MS-Connector und ID Austria System behoben + - Logging optimiert und Beispielkonfiguration um TransactionsId erweitert + - Akutalisierung von Drittherstellerbibliotheken + +Version 1.2.2 (2021-06-26): + - Bugfix + - Inkompatibilität zwischen AT MS-Connector, EidasNode v2.5 und Deutscher Middleware behoben + +Version 1.2.1 (2021-05-28): + - Bugfix + - Möglichen Fehler in der Sprachauswahl via GUI behoben + +Version 1.2 (2021-05-12): + - Erforderliche Anpassungen zur Integration in den ID Austria + - Update auf eIDAS Ref. Impl. 2.5.0 (Implementiert eIDAS Spezifikation 1.2) https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eIDAS-Node+version+2.5 + - Codestabilisierung + - Monitoring und HealthChecks Verbesserungen + - Akutalisierung von Drittherstellerbibliotheken + +Version 1.1 (2019-12-13): + - Update auf eIDAS Ref. Impl. 2.4.0 mit Apache Ignite Cache https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eIDAS-Node+version+2.4 + - Statischer Service-Provider Name für öffentliche Applikationen + - Mindest LoA, welche für Requests an eIDAS Proxy-Services verwendet wird. + - Requested Attributes je Land konfigurierbar + - Neue Template-Engine mit i18n Unterstützung + - Neuer Algorithmus zur Generierung von Sessiontokens + - Akutalisierung von Drittherstellerbibliotheken + +Version 1.0.1 (2019-08-02): + - Update auf eIDAS Ref. Impl. 2.2.0 + - Bugfix + - Ungültige Zeichenkodierung bei nonLatin Zeichen behoben + - Akutalisierung von Drittherstellerbibliotheken + +Version 1.0 (2018-10-30): + - Initiale Version des eIDAS MS-Connector + + + + + + diff --git a/infos/ms-connector/readme_1.0.3-snapshot.txt b/infos/ms-connector/readme_1.0.3-snapshot.txt new file mode 100644 index 00000000..b0b255af --- /dev/null +++ b/infos/ms-connector/readme_1.0.3-snapshot.txt @@ -0,0 +1,22 @@ +MS-Connector v1.0.2 Release vom 11.09.2019 + +Dieses Release erlaubt die Konfiguration eines mindest LoA, welche für Requests +an eIDAS Proxy-Services verwendet wird. + +MS-Connector v1.0.2: + - Der MS-Connector v1.0.2 umfasst eine Anpassung bezüglich des erforderlichen + LoA am eIDAS Proxy-Service. Ab dieser Version ist es möglich einen mindest LoA + am MS-Connector zu konfigurieren, welcher auf jeden Fall am eIDAS Proxy-Service + requested wird. + + - Mit diesem Update ergibt sich eine optionale Anpassungen an der Konfiguration: + - Das Property "eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum" + (z.B. eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high ) + definiert das erforderliche mindest LoA. Als Defaultwert ist LoA 'high' hinterlegt, falls + der Konfigurationsparameter nicht vorhanden ist. + + - Der Releasebuild für die Version v1.0.2 befindet sich unter $RELEASEPACKAGE/ms_connector-1.0.2.war + + + + \ No newline at end of file diff --git a/infos/ms-connector/readme_1.1.0.txt b/infos/ms-connector/readme_1.1.0.txt new file mode 100644 index 00000000..eaaaa343 --- /dev/null +++ b/infos/ms-connector/readme_1.1.0.txt @@ -0,0 +1,81 @@ +MS-Connector v1.1.0 Release vom 13.12.2019 + +Der Releasebuild für die Version v1.1.0 befindet sich unter "$RELEASEPACKAGE/ms_connector-1.1.0.war" + +Mit dieser Version ergeben sich folgende funktionale Änderungen: + - Update auf eIDAS Ref. Impl. 2.4.0 mit Apache Ignite Cache + https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eIDAS-Node+version+2.4 + - Statischer Service-Provider Name für öffentliche Applikationen + - Mindest LoA, welche für Requests an eIDAS Proxy-Services verwendet wird. + - Requested Attributes je Land konfigurierbar + - Neue Template-Engine mit i18n Unterstützung + - Neuer Algorithmus zur Generierung von Sessiontokens + + +Configurationsanpassungen: + Eine vollständige Beispielkonfiguration befindet sich im Verzeichnis + "$RELEASEPACKAGE/config". Nachfolgend eine kurze Aufstellung der Konfigurations- + änderungen in dieser Version. + + - Erforderlich + - eIDAS Ref. Impl. 2.4.0 Anpassungen + - Neue Apache Ignite configuration unter "eIDAS/igniteSpecificCommunication.xml" + Die Konfiguration der Caches () kann direkt verwendet werden. + Je nach Betrieb im Cluster ist wahrschenlich eine Anpassung der Konfiguration für den + Clusterbetrieb () entsprechend der Infrastruktur erforderlich. + - Anpassungen an eIDAS/specificCommunicationDefinitionConnector.xml und + eIDAS/specificCommunicationDefinitionProxyservice.xml + + - SessionToken Generierung. Diese Parameter müssen auf allen Nodes im Cluster-Betrieb + identisch konfiguriert sein. + - Das Property "eidas.ms.core.pendingrequestid.maxlifetime" + (z.B. eidas.ms.core.pendingrequestid.maxlifetime=300 ) definiert die Gültigkeitszeit + eines Tokens ins Sekunden + - Das Property "eidas.ms.core.pendingrequestid.digist.algorithm" + (z.B. eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256 ) definiert + den Algorithmus zur Integritätssicherung + - Das Property "eidas.ms.core.pendingrequestid.digist.secret" + (z.B. eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret ) definiert + das Passwort zur Integritätssicherung + + - Neue Templates mit i18n: + - Es wurden alle Templates im bestehen "templates/" Verzeichnis der Version 1.0.x überarbeitet. + Somit ist eine Anpassung der bestehenden Templates / Übernahme der neuen Templates zwingend erforderlich. + Das in der Beispielkonfiguration enthaltene Template "countrySelection.html" beinhaltet die + Anpassung des am 10.12.2019 per Mail übermittelten BM.I Templates an die neue Template Engine. + + - Über die Property "eidas.ms.webcontent.templates" + (z.B. eidas.ms.webcontent.templates=templates/ ) muss das Verzeichnis mit dem GUI Templates + angegeben werden + + - Über das Property "eidas.ms.webcontent.properties" + (z.B. eidas.ms.webcontent.properties=properties/messages ) müssen die i18n Resourcen hinterlegt + werden. + + - Optional: + - Über die Properties "eidas.ms.auth.eIDAS.node_v2.attributes.requested.cc.onlynatural.x" + (z.B. eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.4=PlaceOfBirth,false ) + können länderspezifisch Attribute angefordert werden, wobei + 'cc' den countryCode des Landes definiert + Als Attributewert dienen wie zuvor die "FriendlyNames","isRequired" Eigenschaften der eIDAS Attribute + + - Das Property "eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum" + (z.B. eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high ) + definiert das erforderliche mindest LoA. Als Defaultwert ist LoA 'high' hinterlegt, falls + der Konfigurationsparameter nicht vorhanden ist. + + - Das Property "eidas.ms.webcontent.templates.countryselection" + (z.B. eidas.ms.webcontent.templates.countryselection=countrySelection_example.html) + definiert das Länderauswahltemplete welches für die Darstellung der Länderauswahl + verwendet werden soll. Als Defaultparameter ist 'countrySelection.html' hinterlegt. + + - Das Property "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs" + (z.B. eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true ) aktiviert + die Verwendung eines statischen Providernames für eIDAS Requests bei öffentlichen Anwendungen. + Defaultwert: true + + - Das Property "eidas.ms.auth.eIDAS.node_v.staticProviderNameForPublicSPs " + (z.B. eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs=ERnP ) definiert den + statischen Providernames für eIDAS Requests bei öffentlichen Anwendungen. + Defaultwert: ERnP + \ No newline at end of file diff --git a/infos/ms-connector/readme_1.2.0.md b/infos/ms-connector/readme_1.2.0.md new file mode 100644 index 00000000..2b4638cf --- /dev/null +++ b/infos/ms-connector/readme_1.2.0.md @@ -0,0 +1,59 @@ +# MS-Connector v1.2.0 Release vom 12.05.2021 + +Der MS-Connector implementiert eine Bridge zwischen dem österreichischen E-ID System und dem eIDAS Framework um ausländischen Benutzern eine Anmeldung am österreichischen Service-Providern zu ermöglichen. + +### Änderungen in dieser Version + + - Erforderliche Anpassungen zur Integration in den ID Austria + + - Update auf eIDAS Ref. Impl. 2.5.0 (Implementiert eIDAS Spezifikation 1.2) + https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eIDAS-Node+version+2.5 + + - Codestabilisierung + + - Monitoring und HealthChecks Verbesserungen + + - Akutalisierung von Drittherstellerbibliotheken + + + + +### Durchführen eines Updates + +Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehenden MS-specific eIDAS Connectors auf die aktuelle Version 1.2.0. Das vollständige Handbuch mit allen Konfigurationsparametern finden Sie im Releasepackage im Verzeichnis: _infos/handbook/_ + +### Ausgehend von einer bestehenden Version 1.1.0 + +1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an +2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.0-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. +3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers +4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties) und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie im Handbuch zum AT MS-Connector. +5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde. Sofern die entsprechenden Datein an die bestehende Infrastruktur angepasst wurden so müssen diese Änderungen übernommen werden. + - __MsConnectorPackage__/config/templates/error_message.html + - __MsConnectorPackage__/config/eIDAS/igniteSpecificCommunication.xml + Hinweis: Siehe auch Update-Hinweise zur EIDAS-Node v2.5 +6. Erstellung neuer Dateien + - _KeyStore für ID Austria AuthBlock:_ Erstellen eines KeyStore mit mit öffentlichem und privaten Schlüssel welcher für die JWS Signature des technischen ID Austria AuthBlocks verwendet werden soll. +7. Neue Konfigurationsparameter + - *Allgemeine Konfiguration* + - ```eidas.ms.core.configRootDir``` + - *ID Austria Umsetzung* + - ```eidas.ms.auth.eIDAS.authblock.keystore.type``` + - ```eidas.ms.auth.eIDAS.authblock.keystore.path``` + - ```eidas.ms.auth.eIDAS.authblock.keystore.password``` + - ```eidas.ms.auth.eIDAS.authblock.key.alias``` + - ```eidas.ms.auth.eIDAS.authblock.key.password``` + - *Service-Provider Konfiguration Konfiguration* + - ```eidas.ms.sp.x.newEidMode``` +8. Gelöschte Konfigurationsparameter + + - ```authhandler.modules.bindingservice.bpk.target``` +9. Neue optionale Konfigurationsparameter + - *Allgemeine Konfiguration* + - ```eidas.ms.core.logging.level.info.errorcodes``` + - *eIDAS Node Kommunikation* + * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm``` + * ```eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll``` + - *ID Austria Umsetzung* + - ```eidas.ms.auth.eIDAS.eid.testidentity.default``` + - ```eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject``` diff --git a/infos/ms-connector/readme_1.2.1.md b/infos/ms-connector/readme_1.2.1.md new file mode 100644 index 00000000..290a12db --- /dev/null +++ b/infos/ms-connector/readme_1.2.1.md @@ -0,0 +1,57 @@ +# MS-Connector v1.2.1 Release vom 28.05.2021 + +Der MS-Connector implementiert eine Bridge zwischen dem österreichischen E-ID System und dem eIDAS Framework um ausländischen Benutzern eine Anmeldung am österreichischen Service-Providern zu ermöglichen. + +### Änderungen in dieser Version + + - Erforderliche Anpassungen zur Integration in den ID Austria + - Update auf eIDAS Ref. Impl. 2.5.0 (Implementiert eIDAS Spezifikation 1.2) + https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eIDAS-Node+version+2.5 + - Codestabilisierung + - Monitoring und HealthChecks Verbesserungen + - Akutalisierung von Drittherstellerbibliotheken + - Bugfix in Version 1.2.1 + - Möglichen Fehler in der Sprachauswahl via GUI behoben + + + + +### Durchführen eines Updates + +Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehenden MS-specific eIDAS Connectors auf die aktuelle Version 1.2.1. Das vollständige Handbuch mit allen Konfigurationsparametern finden Sie im Releasepackage im Verzeichnis: _infos/handbook/_ + +### Ausgehend von einer bestehenden Version 1.1.0 + +1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an +2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.1-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. +3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers +4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties) und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie im Handbuch zum AT MS-Connector. +5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde. Sofern die entsprechenden Datein an die bestehende Infrastruktur angepasst wurden so müssen diese Änderungen übernommen werden. + - __MsConnectorPackage__/config/templates/error_message.html + - __MsConnectorPackage__/config/eIDAS/igniteSpecificCommunication.xml + Hinweis: Siehe auch Update-Hinweise zur EIDAS-Node v2.5 +6. Erstellung neuer Dateien + - _KeyStore für ID Austria AuthBlock:_ Erstellen eines KeyStore mit mit öffentlichem und privaten Schlüssel welcher für die JWS Signature des technischen ID Austria AuthBlocks verwendet werden soll. +7. Neue Konfigurationsparameter + - *Allgemeine Konfiguration* + - ```eidas.ms.core.configRootDir``` + - *ID Austria Umsetzung* + - ```eidas.ms.auth.eIDAS.authblock.keystore.type``` + - ```eidas.ms.auth.eIDAS.authblock.keystore.path``` + - ```eidas.ms.auth.eIDAS.authblock.keystore.password``` + - ```eidas.ms.auth.eIDAS.authblock.key.alias``` + - ```eidas.ms.auth.eIDAS.authblock.key.password``` + - *Service-Provider Konfiguration Konfiguration* + - ```eidas.ms.sp.x.newEidMode``` +8. Gelöschte Konfigurationsparameter + + - ```authhandler.modules.bindingservice.bpk.target``` +9. Neue optionale Konfigurationsparameter + - *Allgemeine Konfiguration* + - ```eidas.ms.core.logging.level.info.errorcodes``` + - *eIDAS Node Kommunikation* + * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm``` + * ```eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll``` + - *ID Austria Umsetzung* + - ```eidas.ms.auth.eIDAS.eid.testidentity.default``` + - ```eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject``` diff --git a/infos/ms-connector/readme_1.2.2.md b/infos/ms-connector/readme_1.2.2.md new file mode 100644 index 00000000..6e7abdd0 --- /dev/null +++ b/infos/ms-connector/readme_1.2.2.md @@ -0,0 +1,60 @@ +# MS-Connector v1.2.2 Release vom 26.06.2021 + +Der MS-Connector implementiert eine Bridge zwischen dem österreichischen E-ID System und dem eIDAS Framework um ausländischen Benutzern eine Anmeldung am österreichischen Service-Providern zu ermöglichen. + +### Änderungen in dieser Version + + - Bugfix + - Inkompatibilität zwischen AT MS-Connector, EidasNode v2.5 und Deutscher Middleware behoben + + + + +### Durchführen eines Updates + +Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehenden MS-specific eIDAS Connectors auf die aktuelle Version 1.2.2. Das vollständige Handbuch mit allen Konfigurationsparametern finden Sie im Releasepackage im Verzeichnis: _infos/handbook/_ + +### Ausgehend von einer bestehenden Version 1.2.x + +1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an +2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.2-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. +3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers +4. Neue optionale Konfigurationsparameter + - *Allgemeine Konfiguration* + - ```eidas.ms.auth.eIDAS.node_v2.requested.nameIdFormat``` + +### Ausgehend von einer bestehenden Version 1.1.0 + +1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an +2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.2-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. +3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers +4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties) und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie im Handbuch zum AT MS-Connector. +5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde. Sofern die entsprechenden Datein an die bestehende Infrastruktur angepasst wurden so müssen diese Änderungen übernommen werden. + - __MsConnectorPackage__/config/templates/error_message.html + - __MsConnectorPackage__/config/eIDAS/igniteSpecificCommunication.xml + Hinweis: Siehe auch Update-Hinweise zur EIDAS-Node v2.5 +6. Erstellung neuer Dateien + - _KeyStore für ID Austria AuthBlock:_ Erstellen eines KeyStore mit mit öffentlichem und privaten Schlüssel welcher für die JWS Signature des technischen ID Austria AuthBlocks verwendet werden soll. +7. Neue Konfigurationsparameter + - *Allgemeine Konfiguration* + - ```eidas.ms.core.configRootDir``` + - *ID Austria Umsetzung* + - ```eidas.ms.auth.eIDAS.authblock.keystore.type``` + - ```eidas.ms.auth.eIDAS.authblock.keystore.path``` + - ```eidas.ms.auth.eIDAS.authblock.keystore.password``` + - ```eidas.ms.auth.eIDAS.authblock.key.alias``` + - ```eidas.ms.auth.eIDAS.authblock.key.password``` + - *Service-Provider Konfiguration Konfiguration* + - ```eidas.ms.sp.x.newEidMode``` +8. Gelöschte Konfigurationsparameter + + - ```authhandler.modules.bindingservice.bpk.target``` +9. Neue optionale Konfigurationsparameter + - *Allgemeine Konfiguration* + - ```eidas.ms.core.logging.level.info.errorcodes``` + - *eIDAS Node Kommunikation* + * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm``` + * ```eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll``` + - *ID Austria Umsetzung* + - ```eidas.ms.auth.eIDAS.eid.testidentity.default``` + - ```eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject``` diff --git a/infos/ms-connector/readme_1.2.3.md b/infos/ms-connector/readme_1.2.3.md new file mode 100644 index 00000000..e3a56d31 --- /dev/null +++ b/infos/ms-connector/readme_1.2.3.md @@ -0,0 +1,59 @@ +# MS-Connector v1.2.3 Release vom 21.10.2021 + +Der MS-Connector implementiert eine Bridge zwischen dem österreichischen E-ID System und dem eIDAS Framework um ausländischen Benutzern eine Anmeldung am österreichischen Service-Providern zu ermöglichen. + +### Änderungen in dieser Version + + - Logging optimiert und Beispielkonfiguration um TransactionsId erweitert + - Bugfix + - Inkompatibilität zwischen AT MS-Connector und ID Austria System behoben +- Akutalisierung von Drittherstellerbibliotheken + + + + +### Durchführen eines Updates + +Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehenden MS-specific eIDAS Connectors auf die aktuelle Version 1.2.3. Das vollständige Handbuch mit allen Konfigurationsparametern finden Sie im Releasepackage im Verzeichnis: _infos/handbook/_ + +### Ausgehend von einer bestehenden Version 1.2.x + +1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an +2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.3-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. +3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers + +### Ausgehend von einer bestehenden Version 1.1.0 + +1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an +2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.3-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. +3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers +4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties) und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie im Handbuch zum AT MS-Connector. +5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde. Sofern die entsprechenden Datein an die bestehende Infrastruktur angepasst wurden so müssen diese Änderungen übernommen werden. + - __MsConnectorPackage__/config/templates/error_message.html + - __MsConnectorPackage__/config/eIDAS/igniteSpecificCommunication.xml + Hinweis: Siehe auch Update-Hinweise zur EIDAS-Node v2.5 +6. Erstellung neuer Dateien + - _KeyStore für ID Austria AuthBlock:_ Erstellen eines KeyStore mit mit öffentlichem und privaten Schlüssel welcher für die JWS Signature des technischen ID Austria AuthBlocks verwendet werden soll. +7. Neue Konfigurationsparameter + - *Allgemeine Konfiguration* + - ```eidas.ms.core.configRootDir``` + - *ID Austria Umsetzung* + - ```eidas.ms.auth.eIDAS.authblock.keystore.type``` + - ```eidas.ms.auth.eIDAS.authblock.keystore.path``` + - ```eidas.ms.auth.eIDAS.authblock.keystore.password``` + - ```eidas.ms.auth.eIDAS.authblock.key.alias``` + - ```eidas.ms.auth.eIDAS.authblock.key.password``` + - *Service-Provider Konfiguration Konfiguration* + - ```eidas.ms.sp.x.newEidMode``` +8. Gelöschte Konfigurationsparameter + + - ```authhandler.modules.bindingservice.bpk.target``` +9. Neue optionale Konfigurationsparameter + - *Allgemeine Konfiguration* + - ```eidas.ms.core.logging.level.info.errorcodes``` + - *eIDAS Node Kommunikation* + * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm``` + * ```eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll``` + - *ID Austria Umsetzung* + - ```eidas.ms.auth.eIDAS.eid.testidentity.default``` + - ```eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject``` diff --git a/infos/ms-connector/readme_1.2.4.md b/infos/ms-connector/readme_1.2.4.md new file mode 100644 index 00000000..fd393a10 --- /dev/null +++ b/infos/ms-connector/readme_1.2.4.md @@ -0,0 +1,65 @@ +# MS-Connector v1.2.4 Release vom 05.04.2022 + +Der MS-Connector implementiert eine Bridge zwischen dem österreichischen E-ID System und dem eIDAS Framework um ausländischen Benutzern eine Anmeldung am österreichischen Service-Providern zu ermöglichen. + +### Änderungen in dieser Version + + - Bugfix + - Mögliche RCE Schwachstelle in Spring Framework behoben ([CVE-2022-22965](https://tanzu.vmware.com/security/cve-2022-22965)) + - Work-Around für insertErnp im ID Austria Betriebsmodus + + - Akutalisierung von Drittherstellerbibliotheken + + + + +### Durchführen eines Updates + +Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehenden MS-specific eIDAS Connectors auf die aktuelle Version 1.2.4. Das vollständige Handbuch mit allen Konfigurationsparametern finden Sie im Releasepackage im Verzeichnis: _infos/handbook/_ + +### Ausgehend von einer bestehenden Version 1.2.x + +1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an +2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.4-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. +3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers +4. Neue optionale Konfigurationsparameter + - *SZR Kommunikation* + - ```eidas.ms.auth.eIDAS.szrclient.workarounds.use.getidentitylink.for.ida``` + +### Ausgehend von einer bestehenden Version 1.1.0 + +1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an +2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.4-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. +3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers +4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties) und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie im Handbuch zum AT MS-Connector. +5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde. Sofern die entsprechenden Datein an die bestehende Infrastruktur angepasst wurden so müssen diese Änderungen übernommen werden. + - __MsConnectorPackage__/config/templates/error_message.html + - __MsConnectorPackage__/config/eIDAS/igniteSpecificCommunication.xml + Hinweis: Siehe auch Update-Hinweise zur EIDAS-Node v2.5 +6. Erstellung neuer Dateien + - _KeyStore für ID Austria AuthBlock:_ Erstellen eines KeyStore mit mit öffentlichem und privaten Schlüssel welcher für die JWS Signature des technischen ID Austria AuthBlocks verwendet werden soll. +7. Neue Konfigurationsparameter + - *Allgemeine Konfiguration* + - ```eidas.ms.core.configRootDir``` + - *ID Austria Umsetzung* + - ```eidas.ms.auth.eIDAS.authblock.keystore.type``` + - ```eidas.ms.auth.eIDAS.authblock.keystore.path``` + - ```eidas.ms.auth.eIDAS.authblock.keystore.password``` + - ```eidas.ms.auth.eIDAS.authblock.key.alias``` + - ```eidas.ms.auth.eIDAS.authblock.key.password``` + - *Service-Provider Konfiguration Konfiguration* + - ```eidas.ms.sp.x.newEidMode``` +8. Gelöschte Konfigurationsparameter + + - ```authhandler.modules.bindingservice.bpk.target``` +9. Neue optionale Konfigurationsparameter + - *Allgemeine Konfiguration* + - ```eidas.ms.core.logging.level.info.errorcodes``` + - *eIDAS Node Kommunikation* + * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm``` + * ```eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll``` + - *ID Austria Umsetzung* + - ```eidas.ms.auth.eIDAS.eid.testidentity.default``` + - ```eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject``` + - *SZR Kommunikation* + - ```eidas.ms.auth.eIDAS.szrclient.workarounds.use.getidentitylink.for.ida``` diff --git a/infos/ms-connector/readme_1.3.0.md b/infos/ms-connector/readme_1.3.0.md new file mode 100644 index 00000000..da639ca6 --- /dev/null +++ b/infos/ms-connector/readme_1.3.0.md @@ -0,0 +1,118 @@ +# MS-Connector v1.3.0 Release vom 19.05.2022 + +Der MS-Connector implementiert eine Bridge zwischen dem österreichischen E-ID System und dem eIDAS Framework um ausländischen Benutzern eine Anmeldung am österreichischen Service-Providern zu ermöglichen. + +### Änderungen in dieser Version + + - Mindestens Java 11 erforderlich + - Erweitertes Identitätsmatching welches sowohl bestehende ZMR und ERnP Einträge berücksichtigt + - Integration der vom BM.I übermittelten UX Templates in die Beispielkonfiguration + - Bugfix + - Fehler bei der Verarbeitung von leeren Attributewerten behoben + - Akutalisierung von Drittherstellerbibliotheken + - openSAML 4.0.1 + - EAAF-Components 1.3.2 + - SpringBoot 2.5.13 + - Spring-Framework 5.3.20 + - Apache CXF 3.5.2 + + +### Durchführen eines Updates + +Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehenden MS-specific eIDAS Connectors auf die aktuelle Version 1.3.0. Das vollständige Handbuch mit allen Konfigurationsparametern finden Sie im Releasepackage im Verzeichnis: _infos/handbook/_ + +### Ausgehend von einer bestehenden Version 1.2.x + +1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an + +2. Entpacken Sie das Releasepacket *ms_specific_connector-1.3.0-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. + +3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers + +4. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde + + * Vollständige Übernahme: __MsConnectorPackage__/config/templates/other_login_method.html + * Vollständige Übernahme: __MsConnectorPackage__/config/templates/residency.html + * Vollständige Übernahme: __MsConnectorPackage__/config/properties/messages.properties + * Vollständige Übernahme: __MsConnectorPackage__/config/properties/messages_de.properties + * Vollständige Übernahme: __MsConnectorPackage__/config/keys/id_austria_truststore.jks + +5. Neue Konfigurationsparameter + + Eine Beispielkonfiguration befindet sich in: __MsConnectorPackage__/config/default_config.properties + + - *ZMR Client* + - ```eidas.ms.auth.eIDAS.zmrclient.endpoint``` + - ```eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.type``` + - ```eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.path``` + - ```eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.password``` + - ```eidas.ms.auth.eIDAS.zmrclient.ssl.key.alias``` + - ```eidas.ms.auth.eIDAS.zmrclient.ssl.key.password``` + - ```eidas.ms.auth.eIDAS.zmrclient.req.organisation.behoerdennr``` + - *ERnP Client* + - ```eidas.ms.auth.eIDAS.ernpclient.endpoint``` + - ```eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.type``` + - ```eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.path``` + - ```eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.password``` + - ```eidas.ms.auth.eIDAS.ernpclient.ssl.key.alias``` + - ```eidas.ms.auth.eIDAS.ernpclient.ssl.key.password``` + - ```eidas.ms.auth.eIDAS.ernpclient.req.organisation.behoerdennr``` + - *ID Austria Client für Matching* + - ```eidas.ms.modules.idaustriaclient.keystore.type``` + - ```eidas.ms.modules.idaustriaclient.keystore.path``` + - ```eidas.ms.modules.idaustriaclient.keystore.password``` + - ```eidas.ms.modules.idaustriaclient.metadata.sign.alias``` + - ```eidas.ms.modules.idaustriaclient.metadata.sign.password``` + - ```eidas.ms.modules.idaustriaclient.request.sign.alias``` + - ```eidas.ms.modules.idaustriaclient.request.sign.password``` + - ```eidas.ms.modules.idaustriaclient.response.encryption.alias``` + - ```eidas.ms.modules.idaustriaclient.response.encryption.password``` + - ```eidas.ms.modules.idaustriaclient.truststore.type``` + - ```eidas.ms.modules.idaustriaclient.truststore.path``` + - ```eidas.ms.modules.idaustriaclient.truststore.password``` + - ```eidas.ms.modules.idaustriaclient.idaustria.idp.entityId``` + +6. Neue optionale Konfigurationsparameter + + - *ZMR Client* + - ```eidas.ms.auth.eIDAS.zmrclient.ssl.trustStore.type``` + - ```eidas.ms.auth.eIDAS.zmrclient.ssl.trustStore.path``` + - ```eidas.ms.auth.eIDAS.zmrclient.ssl.trustStore.password``` + - ```eidas.ms.auth.eIDAS.zmrclient.timeout.connection``` + - ```eidas.ms.auth.eIDAS.zmrclient.timeout.response``` + - ```eidas.ms.auth.eIDAS.zmrclient.req.update.reason.code``` + - ```eidas.ms.auth.eIDAS.zmrclient.req.update.reason.text``` + - ```eidas.ms.auth.eIDAS.zmrclient.debug.logfullmessages``` + - *ERnP Client* + * ```eidas.ms.client.http.connection.timeout.request``` + * ```eidas.ms.client.http.connection.timeout.socket``` + +7. Registrierung am ID Austria System + + Eine mögliche Matching Variante stellt das Matching über einen bestehenden ID Austria dar. Hierfür ist eine Registrierung am ID Austria System erforderlich. Aus Sicht des MS-Connectors sind folgende Registrierungsparameter auf jeden Fall notwendig: + + - Eindeutige Identifier: + + - P-Stage: https://eidas.bmi.gv.at/ms_connector/sp/idaustria/metadata + - T-Stage: https://eidas-test.bmi.gv.at/ms_connector/sp/idaustria/metadata + + - bPK-Berech: **ZP** + + - Attribute: + + - Ausstellungsland + - Vorname (wird für öffentliche SP's per Default übertragen) + - Familienname (wird für öffentliche SP's per Default übertragen) + - Geburtsdatum (wird für öffentliche SP's per Default übertragen) + - bPK (wird per Default übertragen) + - Authentifizierungslevel des Bürgers (wird per Default übertragen) + + - SAML2 Metadaten + + Die für die Registrierung benötigten SAML2 Metadaten werden automatisch generiert und können unter den folgenden Endpunkten abgerufen werden. + + - P-Stage: https://eidas.bmi.gv.at/ms_connector/sp/idaustria/metadata + - T-Stage: https://eidas-test.bmi.gv.at/ms_connector/sp/idaustria/metadata + + + diff --git a/infos/ms-proxyservice/Handbuch_MS-eIDAS-Node.docx b/infos/ms-proxyservice/Handbuch_MS-eIDAS-Node.docx new file mode 100644 index 00000000..86e7b596 Binary files /dev/null and b/infos/ms-proxyservice/Handbuch_MS-eIDAS-Node.docx differ diff --git a/infos/ms-proxyservice/handbook/Handbuch_MS-eIDAS-Node.pdf b/infos/ms-proxyservice/handbook/Handbuch_MS-eIDAS-Node.pdf new file mode 100644 index 00000000..c61dc7b9 Binary files /dev/null and b/infos/ms-proxyservice/handbook/Handbuch_MS-eIDAS-Node.pdf differ diff --git a/infos/ms-proxyservice/history.txt b/infos/ms-proxyservice/history.txt new file mode 100644 index 00000000..048ae73a --- /dev/null +++ b/infos/ms-proxyservice/history.txt @@ -0,0 +1,10 @@ +Dieses Dokument zeigt die Veränderungen und Erweiterungen am eIDAS MS-Proxy-Service + +Version 1.0 (2022-xx-xx): + - Initiale Version des eIDAS MS-Proxy-Service + + + + + + diff --git a/infos/ms-proxyservice/readme_1.0.1.md b/infos/ms-proxyservice/readme_1.0.1.md new file mode 100644 index 00000000..4f761a16 --- /dev/null +++ b/infos/ms-proxyservice/readme_1.0.1.md @@ -0,0 +1,49 @@ +# MS-Proxy-Service v1.0.1 Release vom xx.xx.2022 + +Das MS-Proxy-Service implementiert eine Bridge zwischen dem österreichischen E-ID System und dem eIDAS Framework um österreichischen Benutzern eine Anmeldung an ausländischen Service-Providern zu ermöglichen. + +### Änderungen in dieser Version + + - Initiale Version des eIDAS MS-Proxy-Service + + + +### Durchführen eines Updates + +Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehenden MS-Proxy-Service auf die aktuelle Version 1.0.1. Das vollständige Handbuch mit allen Konfigurationsparametern finden Sie im Releasepackage im Verzeichnis: _infos/handbook/_ + +### Ausgehend von einer bestehenden Version 1.0.0 + +1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an +2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.0-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. +3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers +4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties) und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie im Handbuch zum AT MS-Connector. +5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde. Sofern die entsprechenden Datein an die bestehende Infrastruktur angepasst wurden so müssen diese Änderungen übernommen werden. + - __MsConnectorPackage__/config/templates/error_message.html + - __MsConnectorPackage__/config/eIDAS/igniteSpecificCommunication.xml + Hinweis: Siehe auch Update-Hinweise zur EIDAS-Node v2.5 +6. Erstellung neuer Dateien + - _KeyStore für ID Austria AuthBlock:_ Erstellen eines KeyStore mit mit öffentlichem und privaten Schlüssel welcher für die JWS Signature des technischen ID Austria AuthBlocks verwendet werden soll. +7. Neue Konfigurationsparameter + - *Allgemeine Konfiguration* + - ```eidas.ms.core.configRootDir``` + - *ID Austria Umsetzung* + - ```eidas.ms.auth.eIDAS.authblock.keystore.type``` + - ```eidas.ms.auth.eIDAS.authblock.keystore.path``` + - ```eidas.ms.auth.eIDAS.authblock.keystore.password``` + - ```eidas.ms.auth.eIDAS.authblock.key.alias``` + - ```eidas.ms.auth.eIDAS.authblock.key.password``` + - *Service-Provider Konfiguration Konfiguration* + - ```eidas.ms.sp.x.newEidMode``` +8. Gelöschte Konfigurationsparameter + + - ```authhandler.modules.bindingservice.bpk.target``` +9. Neue optionale Konfigurationsparameter + - *Allgemeine Konfiguration* + - ```eidas.ms.core.logging.level.info.errorcodes``` + - *eIDAS Node Kommunikation* + * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm``` + * ```eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll``` + - *ID Austria Umsetzung* + - ```eidas.ms.auth.eIDAS.eid.testidentity.default``` + - ```eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject``` diff --git a/infos/readme_1.0.3-snapshot.txt b/infos/readme_1.0.3-snapshot.txt deleted file mode 100644 index b0b255af..00000000 --- a/infos/readme_1.0.3-snapshot.txt +++ /dev/null @@ -1,22 +0,0 @@ -MS-Connector v1.0.2 Release vom 11.09.2019 - -Dieses Release erlaubt die Konfiguration eines mindest LoA, welche für Requests -an eIDAS Proxy-Services verwendet wird. - -MS-Connector v1.0.2: - - Der MS-Connector v1.0.2 umfasst eine Anpassung bezüglich des erforderlichen - LoA am eIDAS Proxy-Service. Ab dieser Version ist es möglich einen mindest LoA - am MS-Connector zu konfigurieren, welcher auf jeden Fall am eIDAS Proxy-Service - requested wird. - - - Mit diesem Update ergibt sich eine optionale Anpassungen an der Konfiguration: - - Das Property "eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum" - (z.B. eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high ) - definiert das erforderliche mindest LoA. Als Defaultwert ist LoA 'high' hinterlegt, falls - der Konfigurationsparameter nicht vorhanden ist. - - - Der Releasebuild für die Version v1.0.2 befindet sich unter $RELEASEPACKAGE/ms_connector-1.0.2.war - - - - \ No newline at end of file diff --git a/infos/readme_1.1.0.txt b/infos/readme_1.1.0.txt deleted file mode 100644 index eaaaa343..00000000 --- a/infos/readme_1.1.0.txt +++ /dev/null @@ -1,81 +0,0 @@ -MS-Connector v1.1.0 Release vom 13.12.2019 - -Der Releasebuild für die Version v1.1.0 befindet sich unter "$RELEASEPACKAGE/ms_connector-1.1.0.war" - -Mit dieser Version ergeben sich folgende funktionale Änderungen: - - Update auf eIDAS Ref. Impl. 2.4.0 mit Apache Ignite Cache - https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eIDAS-Node+version+2.4 - - Statischer Service-Provider Name für öffentliche Applikationen - - Mindest LoA, welche für Requests an eIDAS Proxy-Services verwendet wird. - - Requested Attributes je Land konfigurierbar - - Neue Template-Engine mit i18n Unterstützung - - Neuer Algorithmus zur Generierung von Sessiontokens - - -Configurationsanpassungen: - Eine vollständige Beispielkonfiguration befindet sich im Verzeichnis - "$RELEASEPACKAGE/config". Nachfolgend eine kurze Aufstellung der Konfigurations- - änderungen in dieser Version. - - - Erforderlich - - eIDAS Ref. Impl. 2.4.0 Anpassungen - - Neue Apache Ignite configuration unter "eIDAS/igniteSpecificCommunication.xml" - Die Konfiguration der Caches () kann direkt verwendet werden. - Je nach Betrieb im Cluster ist wahrschenlich eine Anpassung der Konfiguration für den - Clusterbetrieb () entsprechend der Infrastruktur erforderlich. - - Anpassungen an eIDAS/specificCommunicationDefinitionConnector.xml und - eIDAS/specificCommunicationDefinitionProxyservice.xml - - - SessionToken Generierung. Diese Parameter müssen auf allen Nodes im Cluster-Betrieb - identisch konfiguriert sein. - - Das Property "eidas.ms.core.pendingrequestid.maxlifetime" - (z.B. eidas.ms.core.pendingrequestid.maxlifetime=300 ) definiert die Gültigkeitszeit - eines Tokens ins Sekunden - - Das Property "eidas.ms.core.pendingrequestid.digist.algorithm" - (z.B. eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256 ) definiert - den Algorithmus zur Integritätssicherung - - Das Property "eidas.ms.core.pendingrequestid.digist.secret" - (z.B. eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret ) definiert - das Passwort zur Integritätssicherung - - - Neue Templates mit i18n: - - Es wurden alle Templates im bestehen "templates/" Verzeichnis der Version 1.0.x überarbeitet. - Somit ist eine Anpassung der bestehenden Templates / Übernahme der neuen Templates zwingend erforderlich. - Das in der Beispielkonfiguration enthaltene Template "countrySelection.html" beinhaltet die - Anpassung des am 10.12.2019 per Mail übermittelten BM.I Templates an die neue Template Engine. - - - Über die Property "eidas.ms.webcontent.templates" - (z.B. eidas.ms.webcontent.templates=templates/ ) muss das Verzeichnis mit dem GUI Templates - angegeben werden - - - Über das Property "eidas.ms.webcontent.properties" - (z.B. eidas.ms.webcontent.properties=properties/messages ) müssen die i18n Resourcen hinterlegt - werden. - - - Optional: - - Über die Properties "eidas.ms.auth.eIDAS.node_v2.attributes.requested.cc.onlynatural.x" - (z.B. eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.4=PlaceOfBirth,false ) - können länderspezifisch Attribute angefordert werden, wobei - 'cc' den countryCode des Landes definiert - Als Attributewert dienen wie zuvor die "FriendlyNames","isRequired" Eigenschaften der eIDAS Attribute - - - Das Property "eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum" - (z.B. eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high ) - definiert das erforderliche mindest LoA. Als Defaultwert ist LoA 'high' hinterlegt, falls - der Konfigurationsparameter nicht vorhanden ist. - - - Das Property "eidas.ms.webcontent.templates.countryselection" - (z.B. eidas.ms.webcontent.templates.countryselection=countrySelection_example.html) - definiert das Länderauswahltemplete welches für die Darstellung der Länderauswahl - verwendet werden soll. Als Defaultparameter ist 'countrySelection.html' hinterlegt. - - - Das Property "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs" - (z.B. eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true ) aktiviert - die Verwendung eines statischen Providernames für eIDAS Requests bei öffentlichen Anwendungen. - Defaultwert: true - - - Das Property "eidas.ms.auth.eIDAS.node_v.staticProviderNameForPublicSPs " - (z.B. eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs=ERnP ) definiert den - statischen Providernames für eIDAS Requests bei öffentlichen Anwendungen. - Defaultwert: ERnP - \ No newline at end of file diff --git a/infos/readme_1.2.0.md b/infos/readme_1.2.0.md deleted file mode 100644 index 2b4638cf..00000000 --- a/infos/readme_1.2.0.md +++ /dev/null @@ -1,59 +0,0 @@ -# MS-Connector v1.2.0 Release vom 12.05.2021 - -Der MS-Connector implementiert eine Bridge zwischen dem österreichischen E-ID System und dem eIDAS Framework um ausländischen Benutzern eine Anmeldung am österreichischen Service-Providern zu ermöglichen. - -### Änderungen in dieser Version - - - Erforderliche Anpassungen zur Integration in den ID Austria - - - Update auf eIDAS Ref. Impl. 2.5.0 (Implementiert eIDAS Spezifikation 1.2) - https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eIDAS-Node+version+2.5 - - - Codestabilisierung - - - Monitoring und HealthChecks Verbesserungen - - - Akutalisierung von Drittherstellerbibliotheken - - - - -### Durchführen eines Updates - -Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehenden MS-specific eIDAS Connectors auf die aktuelle Version 1.2.0. Das vollständige Handbuch mit allen Konfigurationsparametern finden Sie im Releasepackage im Verzeichnis: _infos/handbook/_ - -### Ausgehend von einer bestehenden Version 1.1.0 - -1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an -2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.0-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. -3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers -4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties) und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie im Handbuch zum AT MS-Connector. -5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde. Sofern die entsprechenden Datein an die bestehende Infrastruktur angepasst wurden so müssen diese Änderungen übernommen werden. - - __MsConnectorPackage__/config/templates/error_message.html - - __MsConnectorPackage__/config/eIDAS/igniteSpecificCommunication.xml - Hinweis: Siehe auch Update-Hinweise zur EIDAS-Node v2.5 -6. Erstellung neuer Dateien - - _KeyStore für ID Austria AuthBlock:_ Erstellen eines KeyStore mit mit öffentlichem und privaten Schlüssel welcher für die JWS Signature des technischen ID Austria AuthBlocks verwendet werden soll. -7. Neue Konfigurationsparameter - - *Allgemeine Konfiguration* - - ```eidas.ms.core.configRootDir``` - - *ID Austria Umsetzung* - - ```eidas.ms.auth.eIDAS.authblock.keystore.type``` - - ```eidas.ms.auth.eIDAS.authblock.keystore.path``` - - ```eidas.ms.auth.eIDAS.authblock.keystore.password``` - - ```eidas.ms.auth.eIDAS.authblock.key.alias``` - - ```eidas.ms.auth.eIDAS.authblock.key.password``` - - *Service-Provider Konfiguration Konfiguration* - - ```eidas.ms.sp.x.newEidMode``` -8. Gelöschte Konfigurationsparameter - - - ```authhandler.modules.bindingservice.bpk.target``` -9. Neue optionale Konfigurationsparameter - - *Allgemeine Konfiguration* - - ```eidas.ms.core.logging.level.info.errorcodes``` - - *eIDAS Node Kommunikation* - * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm``` - * ```eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll``` - - *ID Austria Umsetzung* - - ```eidas.ms.auth.eIDAS.eid.testidentity.default``` - - ```eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject``` diff --git a/infos/readme_1.2.1.md b/infos/readme_1.2.1.md deleted file mode 100644 index 290a12db..00000000 --- a/infos/readme_1.2.1.md +++ /dev/null @@ -1,57 +0,0 @@ -# MS-Connector v1.2.1 Release vom 28.05.2021 - -Der MS-Connector implementiert eine Bridge zwischen dem österreichischen E-ID System und dem eIDAS Framework um ausländischen Benutzern eine Anmeldung am österreichischen Service-Providern zu ermöglichen. - -### Änderungen in dieser Version - - - Erforderliche Anpassungen zur Integration in den ID Austria - - Update auf eIDAS Ref. Impl. 2.5.0 (Implementiert eIDAS Spezifikation 1.2) - https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eIDAS-Node+version+2.5 - - Codestabilisierung - - Monitoring und HealthChecks Verbesserungen - - Akutalisierung von Drittherstellerbibliotheken - - Bugfix in Version 1.2.1 - - Möglichen Fehler in der Sprachauswahl via GUI behoben - - - - -### Durchführen eines Updates - -Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehenden MS-specific eIDAS Connectors auf die aktuelle Version 1.2.1. Das vollständige Handbuch mit allen Konfigurationsparametern finden Sie im Releasepackage im Verzeichnis: _infos/handbook/_ - -### Ausgehend von einer bestehenden Version 1.1.0 - -1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an -2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.1-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. -3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers -4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties) und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie im Handbuch zum AT MS-Connector. -5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde. Sofern die entsprechenden Datein an die bestehende Infrastruktur angepasst wurden so müssen diese Änderungen übernommen werden. - - __MsConnectorPackage__/config/templates/error_message.html - - __MsConnectorPackage__/config/eIDAS/igniteSpecificCommunication.xml - Hinweis: Siehe auch Update-Hinweise zur EIDAS-Node v2.5 -6. Erstellung neuer Dateien - - _KeyStore für ID Austria AuthBlock:_ Erstellen eines KeyStore mit mit öffentlichem und privaten Schlüssel welcher für die JWS Signature des technischen ID Austria AuthBlocks verwendet werden soll. -7. Neue Konfigurationsparameter - - *Allgemeine Konfiguration* - - ```eidas.ms.core.configRootDir``` - - *ID Austria Umsetzung* - - ```eidas.ms.auth.eIDAS.authblock.keystore.type``` - - ```eidas.ms.auth.eIDAS.authblock.keystore.path``` - - ```eidas.ms.auth.eIDAS.authblock.keystore.password``` - - ```eidas.ms.auth.eIDAS.authblock.key.alias``` - - ```eidas.ms.auth.eIDAS.authblock.key.password``` - - *Service-Provider Konfiguration Konfiguration* - - ```eidas.ms.sp.x.newEidMode``` -8. Gelöschte Konfigurationsparameter - - - ```authhandler.modules.bindingservice.bpk.target``` -9. Neue optionale Konfigurationsparameter - - *Allgemeine Konfiguration* - - ```eidas.ms.core.logging.level.info.errorcodes``` - - *eIDAS Node Kommunikation* - * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm``` - * ```eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll``` - - *ID Austria Umsetzung* - - ```eidas.ms.auth.eIDAS.eid.testidentity.default``` - - ```eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject``` diff --git a/infos/readme_1.2.2.md b/infos/readme_1.2.2.md deleted file mode 100644 index 6e7abdd0..00000000 --- a/infos/readme_1.2.2.md +++ /dev/null @@ -1,60 +0,0 @@ -# MS-Connector v1.2.2 Release vom 26.06.2021 - -Der MS-Connector implementiert eine Bridge zwischen dem österreichischen E-ID System und dem eIDAS Framework um ausländischen Benutzern eine Anmeldung am österreichischen Service-Providern zu ermöglichen. - -### Änderungen in dieser Version - - - Bugfix - - Inkompatibilität zwischen AT MS-Connector, EidasNode v2.5 und Deutscher Middleware behoben - - - - -### Durchführen eines Updates - -Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehenden MS-specific eIDAS Connectors auf die aktuelle Version 1.2.2. Das vollständige Handbuch mit allen Konfigurationsparametern finden Sie im Releasepackage im Verzeichnis: _infos/handbook/_ - -### Ausgehend von einer bestehenden Version 1.2.x - -1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an -2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.2-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. -3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers -4. Neue optionale Konfigurationsparameter - - *Allgemeine Konfiguration* - - ```eidas.ms.auth.eIDAS.node_v2.requested.nameIdFormat``` - -### Ausgehend von einer bestehenden Version 1.1.0 - -1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an -2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.2-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. -3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers -4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties) und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie im Handbuch zum AT MS-Connector. -5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde. Sofern die entsprechenden Datein an die bestehende Infrastruktur angepasst wurden so müssen diese Änderungen übernommen werden. - - __MsConnectorPackage__/config/templates/error_message.html - - __MsConnectorPackage__/config/eIDAS/igniteSpecificCommunication.xml - Hinweis: Siehe auch Update-Hinweise zur EIDAS-Node v2.5 -6. Erstellung neuer Dateien - - _KeyStore für ID Austria AuthBlock:_ Erstellen eines KeyStore mit mit öffentlichem und privaten Schlüssel welcher für die JWS Signature des technischen ID Austria AuthBlocks verwendet werden soll. -7. Neue Konfigurationsparameter - - *Allgemeine Konfiguration* - - ```eidas.ms.core.configRootDir``` - - *ID Austria Umsetzung* - - ```eidas.ms.auth.eIDAS.authblock.keystore.type``` - - ```eidas.ms.auth.eIDAS.authblock.keystore.path``` - - ```eidas.ms.auth.eIDAS.authblock.keystore.password``` - - ```eidas.ms.auth.eIDAS.authblock.key.alias``` - - ```eidas.ms.auth.eIDAS.authblock.key.password``` - - *Service-Provider Konfiguration Konfiguration* - - ```eidas.ms.sp.x.newEidMode``` -8. Gelöschte Konfigurationsparameter - - - ```authhandler.modules.bindingservice.bpk.target``` -9. Neue optionale Konfigurationsparameter - - *Allgemeine Konfiguration* - - ```eidas.ms.core.logging.level.info.errorcodes``` - - *eIDAS Node Kommunikation* - * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm``` - * ```eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll``` - - *ID Austria Umsetzung* - - ```eidas.ms.auth.eIDAS.eid.testidentity.default``` - - ```eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject``` diff --git a/infos/readme_1.2.3.md b/infos/readme_1.2.3.md deleted file mode 100644 index e3a56d31..00000000 --- a/infos/readme_1.2.3.md +++ /dev/null @@ -1,59 +0,0 @@ -# MS-Connector v1.2.3 Release vom 21.10.2021 - -Der MS-Connector implementiert eine Bridge zwischen dem österreichischen E-ID System und dem eIDAS Framework um ausländischen Benutzern eine Anmeldung am österreichischen Service-Providern zu ermöglichen. - -### Änderungen in dieser Version - - - Logging optimiert und Beispielkonfiguration um TransactionsId erweitert - - Bugfix - - Inkompatibilität zwischen AT MS-Connector und ID Austria System behoben -- Akutalisierung von Drittherstellerbibliotheken - - - - -### Durchführen eines Updates - -Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehenden MS-specific eIDAS Connectors auf die aktuelle Version 1.2.3. Das vollständige Handbuch mit allen Konfigurationsparametern finden Sie im Releasepackage im Verzeichnis: _infos/handbook/_ - -### Ausgehend von einer bestehenden Version 1.2.x - -1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an -2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.3-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. -3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers - -### Ausgehend von einer bestehenden Version 1.1.0 - -1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an -2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.3-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. -3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers -4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties) und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie im Handbuch zum AT MS-Connector. -5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde. Sofern die entsprechenden Datein an die bestehende Infrastruktur angepasst wurden so müssen diese Änderungen übernommen werden. - - __MsConnectorPackage__/config/templates/error_message.html - - __MsConnectorPackage__/config/eIDAS/igniteSpecificCommunication.xml - Hinweis: Siehe auch Update-Hinweise zur EIDAS-Node v2.5 -6. Erstellung neuer Dateien - - _KeyStore für ID Austria AuthBlock:_ Erstellen eines KeyStore mit mit öffentlichem und privaten Schlüssel welcher für die JWS Signature des technischen ID Austria AuthBlocks verwendet werden soll. -7. Neue Konfigurationsparameter - - *Allgemeine Konfiguration* - - ```eidas.ms.core.configRootDir``` - - *ID Austria Umsetzung* - - ```eidas.ms.auth.eIDAS.authblock.keystore.type``` - - ```eidas.ms.auth.eIDAS.authblock.keystore.path``` - - ```eidas.ms.auth.eIDAS.authblock.keystore.password``` - - ```eidas.ms.auth.eIDAS.authblock.key.alias``` - - ```eidas.ms.auth.eIDAS.authblock.key.password``` - - *Service-Provider Konfiguration Konfiguration* - - ```eidas.ms.sp.x.newEidMode``` -8. Gelöschte Konfigurationsparameter - - - ```authhandler.modules.bindingservice.bpk.target``` -9. Neue optionale Konfigurationsparameter - - *Allgemeine Konfiguration* - - ```eidas.ms.core.logging.level.info.errorcodes``` - - *eIDAS Node Kommunikation* - * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm``` - * ```eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll``` - - *ID Austria Umsetzung* - - ```eidas.ms.auth.eIDAS.eid.testidentity.default``` - - ```eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject``` diff --git a/infos/readme_1.2.4.md b/infos/readme_1.2.4.md deleted file mode 100644 index fd393a10..00000000 --- a/infos/readme_1.2.4.md +++ /dev/null @@ -1,65 +0,0 @@ -# MS-Connector v1.2.4 Release vom 05.04.2022 - -Der MS-Connector implementiert eine Bridge zwischen dem österreichischen E-ID System und dem eIDAS Framework um ausländischen Benutzern eine Anmeldung am österreichischen Service-Providern zu ermöglichen. - -### Änderungen in dieser Version - - - Bugfix - - Mögliche RCE Schwachstelle in Spring Framework behoben ([CVE-2022-22965](https://tanzu.vmware.com/security/cve-2022-22965)) - - Work-Around für insertErnp im ID Austria Betriebsmodus - - - Akutalisierung von Drittherstellerbibliotheken - - - - -### Durchführen eines Updates - -Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehenden MS-specific eIDAS Connectors auf die aktuelle Version 1.2.4. Das vollständige Handbuch mit allen Konfigurationsparametern finden Sie im Releasepackage im Verzeichnis: _infos/handbook/_ - -### Ausgehend von einer bestehenden Version 1.2.x - -1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an -2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.4-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. -3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers -4. Neue optionale Konfigurationsparameter - - *SZR Kommunikation* - - ```eidas.ms.auth.eIDAS.szrclient.workarounds.use.getidentitylink.for.ida``` - -### Ausgehend von einer bestehenden Version 1.1.0 - -1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an -2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.4-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. -3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers -4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties) und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie im Handbuch zum AT MS-Connector. -5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde. Sofern die entsprechenden Datein an die bestehende Infrastruktur angepasst wurden so müssen diese Änderungen übernommen werden. - - __MsConnectorPackage__/config/templates/error_message.html - - __MsConnectorPackage__/config/eIDAS/igniteSpecificCommunication.xml - Hinweis: Siehe auch Update-Hinweise zur EIDAS-Node v2.5 -6. Erstellung neuer Dateien - - _KeyStore für ID Austria AuthBlock:_ Erstellen eines KeyStore mit mit öffentlichem und privaten Schlüssel welcher für die JWS Signature des technischen ID Austria AuthBlocks verwendet werden soll. -7. Neue Konfigurationsparameter - - *Allgemeine Konfiguration* - - ```eidas.ms.core.configRootDir``` - - *ID Austria Umsetzung* - - ```eidas.ms.auth.eIDAS.authblock.keystore.type``` - - ```eidas.ms.auth.eIDAS.authblock.keystore.path``` - - ```eidas.ms.auth.eIDAS.authblock.keystore.password``` - - ```eidas.ms.auth.eIDAS.authblock.key.alias``` - - ```eidas.ms.auth.eIDAS.authblock.key.password``` - - *Service-Provider Konfiguration Konfiguration* - - ```eidas.ms.sp.x.newEidMode``` -8. Gelöschte Konfigurationsparameter - - - ```authhandler.modules.bindingservice.bpk.target``` -9. Neue optionale Konfigurationsparameter - - *Allgemeine Konfiguration* - - ```eidas.ms.core.logging.level.info.errorcodes``` - - *eIDAS Node Kommunikation* - * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm``` - * ```eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll``` - - *ID Austria Umsetzung* - - ```eidas.ms.auth.eIDAS.eid.testidentity.default``` - - ```eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject``` - - *SZR Kommunikation* - - ```eidas.ms.auth.eIDAS.szrclient.workarounds.use.getidentitylink.for.ida``` diff --git a/infos/readme_1.3.0.md b/infos/readme_1.3.0.md deleted file mode 100644 index da639ca6..00000000 --- a/infos/readme_1.3.0.md +++ /dev/null @@ -1,118 +0,0 @@ -# MS-Connector v1.3.0 Release vom 19.05.2022 - -Der MS-Connector implementiert eine Bridge zwischen dem österreichischen E-ID System und dem eIDAS Framework um ausländischen Benutzern eine Anmeldung am österreichischen Service-Providern zu ermöglichen. - -### Änderungen in dieser Version - - - Mindestens Java 11 erforderlich - - Erweitertes Identitätsmatching welches sowohl bestehende ZMR und ERnP Einträge berücksichtigt - - Integration der vom BM.I übermittelten UX Templates in die Beispielkonfiguration - - Bugfix - - Fehler bei der Verarbeitung von leeren Attributewerten behoben - - Akutalisierung von Drittherstellerbibliotheken - - openSAML 4.0.1 - - EAAF-Components 1.3.2 - - SpringBoot 2.5.13 - - Spring-Framework 5.3.20 - - Apache CXF 3.5.2 - - -### Durchführen eines Updates - -Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehenden MS-specific eIDAS Connectors auf die aktuelle Version 1.3.0. Das vollständige Handbuch mit allen Konfigurationsparametern finden Sie im Releasepackage im Verzeichnis: _infos/handbook/_ - -### Ausgehend von einer bestehenden Version 1.2.x - -1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an - -2. Entpacken Sie das Releasepacket *ms_specific_connector-1.3.0-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. - -3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers - -4. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde - - * Vollständige Übernahme: __MsConnectorPackage__/config/templates/other_login_method.html - * Vollständige Übernahme: __MsConnectorPackage__/config/templates/residency.html - * Vollständige Übernahme: __MsConnectorPackage__/config/properties/messages.properties - * Vollständige Übernahme: __MsConnectorPackage__/config/properties/messages_de.properties - * Vollständige Übernahme: __MsConnectorPackage__/config/keys/id_austria_truststore.jks - -5. Neue Konfigurationsparameter - - Eine Beispielkonfiguration befindet sich in: __MsConnectorPackage__/config/default_config.properties - - - *ZMR Client* - - ```eidas.ms.auth.eIDAS.zmrclient.endpoint``` - - ```eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.type``` - - ```eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.path``` - - ```eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.password``` - - ```eidas.ms.auth.eIDAS.zmrclient.ssl.key.alias``` - - ```eidas.ms.auth.eIDAS.zmrclient.ssl.key.password``` - - ```eidas.ms.auth.eIDAS.zmrclient.req.organisation.behoerdennr``` - - *ERnP Client* - - ```eidas.ms.auth.eIDAS.ernpclient.endpoint``` - - ```eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.type``` - - ```eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.path``` - - ```eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.password``` - - ```eidas.ms.auth.eIDAS.ernpclient.ssl.key.alias``` - - ```eidas.ms.auth.eIDAS.ernpclient.ssl.key.password``` - - ```eidas.ms.auth.eIDAS.ernpclient.req.organisation.behoerdennr``` - - *ID Austria Client für Matching* - - ```eidas.ms.modules.idaustriaclient.keystore.type``` - - ```eidas.ms.modules.idaustriaclient.keystore.path``` - - ```eidas.ms.modules.idaustriaclient.keystore.password``` - - ```eidas.ms.modules.idaustriaclient.metadata.sign.alias``` - - ```eidas.ms.modules.idaustriaclient.metadata.sign.password``` - - ```eidas.ms.modules.idaustriaclient.request.sign.alias``` - - ```eidas.ms.modules.idaustriaclient.request.sign.password``` - - ```eidas.ms.modules.idaustriaclient.response.encryption.alias``` - - ```eidas.ms.modules.idaustriaclient.response.encryption.password``` - - ```eidas.ms.modules.idaustriaclient.truststore.type``` - - ```eidas.ms.modules.idaustriaclient.truststore.path``` - - ```eidas.ms.modules.idaustriaclient.truststore.password``` - - ```eidas.ms.modules.idaustriaclient.idaustria.idp.entityId``` - -6. Neue optionale Konfigurationsparameter - - - *ZMR Client* - - ```eidas.ms.auth.eIDAS.zmrclient.ssl.trustStore.type``` - - ```eidas.ms.auth.eIDAS.zmrclient.ssl.trustStore.path``` - - ```eidas.ms.auth.eIDAS.zmrclient.ssl.trustStore.password``` - - ```eidas.ms.auth.eIDAS.zmrclient.timeout.connection``` - - ```eidas.ms.auth.eIDAS.zmrclient.timeout.response``` - - ```eidas.ms.auth.eIDAS.zmrclient.req.update.reason.code``` - - ```eidas.ms.auth.eIDAS.zmrclient.req.update.reason.text``` - - ```eidas.ms.auth.eIDAS.zmrclient.debug.logfullmessages``` - - *ERnP Client* - * ```eidas.ms.client.http.connection.timeout.request``` - * ```eidas.ms.client.http.connection.timeout.socket``` - -7. Registrierung am ID Austria System - - Eine mögliche Matching Variante stellt das Matching über einen bestehenden ID Austria dar. Hierfür ist eine Registrierung am ID Austria System erforderlich. Aus Sicht des MS-Connectors sind folgende Registrierungsparameter auf jeden Fall notwendig: - - - Eindeutige Identifier: - - - P-Stage: https://eidas.bmi.gv.at/ms_connector/sp/idaustria/metadata - - T-Stage: https://eidas-test.bmi.gv.at/ms_connector/sp/idaustria/metadata - - - bPK-Berech: **ZP** - - - Attribute: - - - Ausstellungsland - - Vorname (wird für öffentliche SP's per Default übertragen) - - Familienname (wird für öffentliche SP's per Default übertragen) - - Geburtsdatum (wird für öffentliche SP's per Default übertragen) - - bPK (wird per Default übertragen) - - Authentifizierungslevel des Bürgers (wird per Default übertragen) - - - SAML2 Metadaten - - Die für die Registrierung benötigten SAML2 Metadaten werden automatisch generiert und können unter den folgenden Endpunkten abgerufen werden. - - - P-Stage: https://eidas.bmi.gv.at/ms_connector/sp/idaustria/metadata - - T-Stage: https://eidas-test.bmi.gv.at/ms_connector/sp/idaustria/metadata - - - diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties index 6d97513a..41f0fe7b 100644 --- a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties +++ b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties @@ -19,9 +19,9 @@ eidas.ms.revisionlog.write.MDS.into.revisionlog=true eidas.ms.revisionlog.logIPAddressOfUser=true ##Directory for static Web content -eidas.ms.webcontent.static.directory=../../../../../../basicConfig/webcontent/ -eidas.ms.webcontent.templates=../../../../../../basicConfig/templates/ -eidas.ms.webcontent.properties=../../../../../../basicConfig/properties/messages +eidas.ms.webcontent.static.directory=../../../../../../basicConfig/ms-connector/webcontent/ +eidas.ms.webcontent.templates=../../../../../../basicConfig/ms-connector/templates/ +eidas.ms.webcontent.properties=../../../../../../basicConfig/ms-connector/properties/messages ## extended validation of pending-request Id's eidas.ms.core.pendingrequestid.maxlifetime=300 diff --git a/ms_specific_proxyservice/src/assembly/assembly_dir.xml b/ms_specific_proxyservice/src/assembly/assembly_dir.xml new file mode 100644 index 00000000..8c5452ff --- /dev/null +++ b/ms_specific_proxyservice/src/assembly/assembly_dir.xml @@ -0,0 +1,66 @@ + + + dir + + dir + + false + + + ${project.build.directory}/${project.build.finalName}.war + ./ + + + + + ${project.parent.basedir} + ./ + + LICENSES.txt + + true + + + ${project.parent.basedir}/licenses + ./licenses + + + ${project.build.directory}/thirdparty_licenses + ./licenses + + + ${project.parent.basedir}/basicConfig/ + ./config + + **/extconfig/** + **/ms-connector/** + **/ms-proxyservice/** + + + + ${project.parent.basedir}/basicConfig/ms-proxyservice/ + ./config + + + ${project.parent.basedir}/infos/ms-proxyservice/ + ./infos + + + readme_${project.version}.txt + readme_${project.version}.md + history.txt + eIDAS_Ref_Impl/* + handbook/* + + + + ${project.parent.basedir}/infos/ + ./infos + + eIDAS_Ref_Impl/* + + + + diff --git a/ms_specific_proxyservice/src/assembly/assembly_zip.xml b/ms_specific_proxyservice/src/assembly/assembly_zip.xml new file mode 100644 index 00000000..117f990b --- /dev/null +++ b/ms_specific_proxyservice/src/assembly/assembly_zip.xml @@ -0,0 +1,65 @@ + + + dist + + zip + + false + + + ${project.build.directory}/${project.build.finalName}.war + ./ + + + + + ${project.parent.basedir} + ./ + + LICENSES.txt + + true + + + ${project.parent.basedir}/licenses + ./licenses + + + ${project.build.directory}/thirdparty_licenses + ./licenses + + + ${project.parent.basedir}/basicConfig/ + ./config + + **/extconfig/** + **/ms-connector/** + **/ms-proxyservice/** + + + + ${project.parent.basedir}/basicConfig/ms-proxyservice/ + ./config + + + ${project.parent.basedir}/infos/ms-proxyservice/ + ./infos + + + readme_${project.version}.txt + readme_${project.version}.md + history.txt + handbook/* + + + + ${project.parent.basedir}/infos/ + ./infos + + eIDAS_Ref_Impl/* + + + + -- cgit v1.2.3 From 559858cf7916b3bb13613623b9b5697b3dcc34d9 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Fri, 3 Jun 2022 16:23:27 +0200 Subject: doc(config): update default configurations --- basicConfig/ms-connector/logback_config.xml | 22 +-- .../ms-proxyservice/default_config.properties | 122 ++++--------- basicConfig/ms-proxyservice/logback_config.xml | 34 ++-- .../ms-proxyservice/properties/messages.properties | 200 --------------------- .../properties/messages_de.properties | 149 --------------- 5 files changed, 56 insertions(+), 471 deletions(-) (limited to 'basicConfig') diff --git a/basicConfig/ms-connector/logback_config.xml b/basicConfig/ms-connector/logback_config.xml index ddb9f864..a6a2738f 100644 --- a/basicConfig/ms-connector/logback_config.xml +++ b/basicConfig/ms-connector/logback_config.xml @@ -59,7 +59,7 @@ %5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n - ${catalina.base}/logs/eidas-ms-statistic.log.%d{yyyy-MM-dd} + ${catalina.base}/logs/console.log.%d{yyyy-MM-dd} @@ -69,28 +69,18 @@ - +

- - - - - - - +

- - - -

- - - + + +

diff --git a/basicConfig/ms-proxyservice/default_config.properties b/basicConfig/ms-proxyservice/default_config.properties index b14c0221..27126cb6 100644 --- a/basicConfig/ms-proxyservice/default_config.properties +++ b/basicConfig/ms-proxyservice/default_config.properties @@ -3,14 +3,14 @@ eidas.ms.context.url.prefix= eidas.ms.core.configRootDir=file:./ -##Monitoring -eidas.ms.monitoring.eIDASNode.metadata.url= +##Directory for static Web content +eidas.ms.webcontent.static.directory=webcontent/ +eidas.ms.webcontent.templates=templates/ +eidas.ms.webcontent.properties=properties/messages -##Specific logger configuration -eidas.ms.technicallog.write.MDS.into.techlog=true -eidas.ms.revisionlog.write.MDS.into.revisionlog=true -eidas.ms.revisionlog.logIPAddressOfUser=true +##Monitoring +eidas.ms.monitoring.eIDASNode.metadata.url= ## extended validation of pending-request Id's @@ -19,86 +19,31 @@ eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret ############################################# #### eIDAS Ref. Implementation connector #### -eidas.ms.auth.eIDAS.eid.testidentity.default=false - -## eIDAS Request configuration -eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs=Austria +eidas.ms.auth.eIDAS.node_v2.proxy.entityId=ownSpecificProxy +eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint= -eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector -eidas.ms.auth.eIDAS.node_v2.forward.endpoint= +# Mandate configuration +eidas.ms.auth.eIDAS.proxy.mandates.enabled=false +#eidas.ms.auth.eIDAS.proxy.mandates.profiles.natural.default= +#eidas.ms.auth.eIDAS.proxy.mandates.profiles.legal.default= -############################################# -#### eIDAS identity-matching ###### -# ZMR communication -eidas.ms.auth.eIDAS.zmrclient.endpoint=https://stportal.bmi.gv.at/at.gv.bmi.zmrsrv-a/soap/ZMRService -eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.type=pkcs12 -eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.path=keys/.... -eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.password= -eidas.ms.auth.eIDAS.zmrclient.ssl.key.alias= -eidas.ms.auth.eIDAS.zmrclient.ssl.key.password= -eidas.ms.auth.eIDAS.zmrclient.req.organisation.behoerdennr= - -# ERnP communication -eidas.ms.auth.eIDAS.ernpclient.endpoint=https://stportal.bmi.gv.at/at.gv.bmi.erpsrv-a/srv/rest/ -eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.type=pkcs12 -eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.path=keys/.... -eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.password= -eidas.ms.auth.eIDAS.ernpclient.ssl.key.alias= -eidas.ms.auth.eIDAS.ernpclient.ssl.key.password= -eidas.ms.auth.eIDAS.ernpclient.req.organisation.behoerdennr= - -# SAML2 ID Austria client for matching -eidas.ms.modules.idaustriaclient.keystore.type=jks -eidas.ms.modules.idaustriaclient.keystore.path=keys/... -eidas.ms.modules.idaustriaclient.keystore.password= -eidas.ms.modules.idaustriaclient.metadata.sign.alias= -eidas.ms.modules.idaustriaclient.metadata.sign.password= -eidas.ms.modules.idaustriaclient.request.sign.alias= -eidas.ms.modules.idaustriaclient.request.sign.password= -eidas.ms.modules.idaustriaclient.response.encryption.alias= -eidas.ms.modules.idaustriaclient.response.encryption.password= - -eidas.ms.modules.idaustriaclient.truststore.type=jks -eidas.ms.modules.idaustriaclient.truststore.path=keys/id_austria_truststore.jks -eidas.ms.modules.idaustriaclient.truststore.password=trustIda - -eidas.ms.modules.idaustriaclient.idaustria.idp.entityId=https://eid2.oesterreich.gv.at/auth/idp/shibboleth +## special foreign eIDAS-Connector configuration +#eidas.ms.connector.0.uniqueID= +#eidas.ms.connector.0.countryCode=CC +#eidas.ms.connector.0.mandates.enabled=false +#eidas.ms.connector.0.mandates.natural= +#eidas.ms.connector.0.mandates.legal= +#eidas.ms.connector.0.auth.idaustria.entityId= -############################################# -#### SZR communication ###### -eidas.ms.auth.eIDAS.szrclient.useTestService=true -eidas.ms.auth.eIDAS.szrclient.endpoint.prod=https://stportal.bmi.gv.at/at.gv.bmi.sz2-n-p/SZR -eidas.ms.auth.eIDAS.szrclient.endpoint.test=https://stportal.bmi.gv.at/at.gv.bmi.sz2-n-a/SZR -eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.type=pkcs12 -eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/..... -eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password= -eidas.ms.auth.eIDAS.szrclient.ssl.key.alias= -eidas.ms.auth.eIDAS.szrclient.ssl.key.password= +## PVP2 S-Profile communication with ID Austria System +# EntityId and optional metadata of ID Austria System +eidas.ms.modules.idaustriaauth.idp.entityId=https://eid.oesterreich.gv.at/auth/idp/shibboleth -############################################# -#### IDA-AuthBlock configuration ###### -eidas.ms.auth.eIDAS.authblock.keystore.type=jks -eidas.ms.auth.eIDAS.authblock.keystore.path=keys/teststore.jks -eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s -eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair -eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s - - -################################################# -#### PVP2 S-Profile end-point configuration #### -eidas.ms.pvp2.keystore.type=jks -eidas.ms.pvp2.keystore.path=keys/..... -eidas.ms.pvp2.keystore.password= -eidas.ms.pvp2.key.metadata.alias= -eidas.ms.pvp2.key.metadata.password= -eidas.ms.pvp2.key.signing.alias= -eidas.ms.pvp2.key.signing.password= -eidas.ms.pvp2.metadata.validity=24 - +# Common SAML2 configuration eidas.ms.pvp2.metadata.organisation.name=JUnit eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit eidas.ms.pvp2.metadata.organisation.url=http://junit.test @@ -106,10 +51,19 @@ eidas.ms.pvp2.metadata.contact.givenname=Max eidas.ms.pvp2.metadata.contact.surname=Mustermann eidas.ms.pvp2.metadata.contact.email=max@junit.test - -## Service Provider configuration -eidas.ms.sp.0.uniqueID= -eidas.ms.sp.0.pvp2.metadata.truststore= -eidas.ms.sp.0.pvp2.metadata.truststore.password= -eidas.ms.sp.0.newEidMode=false +# SAML2 client configuration +eidas.ms.modules.idaustriaauth.keystore.type=jks +eidas.ms.modules.idaustriaauth.keystore.path=keys/.... +eidas.ms.modules.idaustriaauth.keystore.password= +eidas.ms.modules.idaustriaauth.metadata.sign.alias= +eidas.ms.modules.idaustriaauth.metadata.sign.password= +eidas.ms.modules.idaustriaauth.request.sign.alias= +eidas.ms.modules.idaustriaauth.request.sign.password= +eidas.ms.modules.idaustriaauth.response.encryption.alias= +eidas.ms.modules.idaustriaauth.response.encryption.password= + +# TrustStore IDA SAML2 Metadaten +eidas.ms.modules.idaustriaauth.truststore.type=jks +eidas.ms.modules.idaustriaauth.truststore.path=keys/truststore_ida.jks +eidas.ms.modules.idaustriaauth.truststore.password=password diff --git a/basicConfig/ms-proxyservice/logback_config.xml b/basicConfig/ms-proxyservice/logback_config.xml index ddb9f864..d2bf5d85 100644 --- a/basicConfig/ms-proxyservice/logback_config.xml +++ b/basicConfig/ms-proxyservice/logback_config.xml @@ -10,12 +10,12 @@ - ${catalina.base}/logs/ms_specific_node.log.log + ${catalina.base}/logs/ms_specific_proxyservice.log.log %5p | %d{ISO8601} | %X{transactionId} | %t | %logger{16} | %m%n - ${catalina.base}/logs/ms_specific_node.log.%d{yyyy-MM-dd} + ${catalina.base}/logs/ms_specific_proxyservice.log.%d{yyyy-MM-dd} 10000KB @@ -24,13 +24,13 @@ - ${catalina.base}/logs/eidas-ms-reversion.log + ${catalina.base}/logs/eidas-ms-reversion_proxyservice.log %5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n 9999 - ${catalina.base}/logs/eidas-ms-reversion.log.%i + ${catalina.base}/logs/eidas-ms-reversion_proxyservice.log.%i 10000KB @@ -39,13 +39,13 @@ - ${catalina.base}/logs/eidas-ms-statistic.log + ${catalina.base}/logs/eidas-ms-statistic_proxyservice.log %5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n 9999 - ${catalina.base}/logs/eidas-ms-statistic.log.%i + ${catalina.base}/logs/eidas-ms-statistic_proxyservice.log.%i 10000KB @@ -59,7 +59,7 @@ %5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n - ${catalina.base}/logs/eidas-ms-statistic.log.%d{yyyy-MM-dd} + ${catalina.base}/logs/console.log.%d{yyyy-MM-dd} @@ -69,28 +69,18 @@ - +

- - - - - - - +

- - - -

- - - + + +

diff --git a/basicConfig/ms-proxyservice/properties/messages.properties b/basicConfig/ms-proxyservice/properties/messages.properties index 8d2b692c..03b355fa 100644 --- a/basicConfig/ms-proxyservice/properties/messages.properties +++ b/basicConfig/ms-proxyservice/properties/messages.properties @@ -1,8 +1,3 @@ -####### GUI elements #### -gui.general.language.selection.title=Language selection -gui.general.language.selection.de=Deutsch -gui.general.language.selection.en=English - ##Errorpage template gui.errorpage.msg.title=Authentication error gui.errorpage.msg.information=The authentication stops on account of a process error: @@ -15,200 +10,5 @@ gui.countryselection.title=eIDAS-Login country selection gui.countryselection.logo.bmi.alt=Logo BMI gui.countryselection.link.bmi=Mainpage BMI gui.countryselection.header1=Federal Ministry of Internal Affairs -gui.countryselection.header2=Austrian Central eIDAS Node -gui.countryselection.header3=Operated by Federal Ministry of Internal Affairs -gui.countryselection.header.selection=Select your country -gui.countryselection.cancel=Cancel -gui.countryselection.cancle=Cancel -gui.countryselection.notsupportedinfo=If you cannot find your country in this list then your electronic identity (eID) is not yet supported. - -gui.countryselection.infos.general.header=Information on Logins with European eIDs -gui.countryselection.infos.general.link.1=eIDAS regulation of the European Union -gui.countryselection.infos.general.link.2=Austrian Supplementary Register for Natural Persons (ERnP) -gui.countryselection.infos.general.part.1=This is the central eIDAS node of the Republic of Austria, operated by the -gui.countryselection.infos.general.part.2=It enables logins at Austrian online services using an electronic identity (eID) of another EU member state. You have been redirected to this page, as you have initiated a login to an online service using the option "EU Login". -gui.countryselection.infos.general.part.3=The central eIDAS node of the Republic of Austria allows you to login to Austrian online services using the eID of your home country. This way, compliance with the -gui.countryselection.infos.general.part.4=, which regulates the mutual cross-border acceptance of national eIDs, is achieved. The mutual cross-border acceptance of national eIDs is implemented successively within the EU. Currently, the central eIDAS node of the Republic of Austria supports logins using the eID systems of the Member States mentioned above. More Member States will be added according to availability of their respective eID solutions. -gui.countryselection.infos.general.part.5=After selecting your home country on this page, you are forwarded to the familiar login environment of the selected member state. There, you can login with your eID as usual. After successful completion of the login process, you are automatically forwarded and logged in to the online service, from which you have been redirected to this page. During your first login, your eID data is also registered in the -gui.countryselection.infos.general.part.6=This ensures that you will also be successfully and uniquely identified in subsequent logins at Austrian online services. - -gui.matching.otherloginmethod.header=Assignment of your login information -gui.matching.otherloginmethod.info.text=Your login information could not be clearly integrated into the Austrian eID system. Further information is required for an unique integration. -gui.matching.otherloginmethod.ida=You have an ID Austria -gui.matching.otherloginmethod.eidas=You can provide additional information via eIDAS -gui.matching.otherloginmethod.residence=Have you ever lived in Austria? -gui.matching.otherloginmethod.addmeasnew=Add me as new entity in Austrian eID system - -gui.matching.otherloginmethod.error.title=Matching of further information failed: -gui.matching.otherloginmethod.error.msg=No identity match with additional information. Use another option or provide more information. - - -gui.countryselection.country.be=Belgium -gui.countryselection.country.be.logo.alt=Belgium-eID -gui.countryselection.country.hr=Croatia -gui.countryselection.country.hr.logo.alt=Croatia-eID -gui.countryselection.country.cy=Cyprus -gui.countryselection.country.cy.logo.alt=Cyprus-eID -gui.countryselection.country.cz=Czech Republic -gui.countryselection.country.cz.logo.alt=Czech Republic-eID -gui.countryselection.country.ee=Estonia -gui.countryselection.country.ee.logo.alt=Estonia-eID -gui.countryselection.country.de=Germany -gui.countryselection.country.de.logo.alt=German-eID -gui.countryselection.country.is=Iceland -gui.countryselection.country.is.logo.alt=Iceland-eID -gui.countryselection.country.it=Italy -gui.countryselection.country.it.logo.alt=Italy-eID -gui.countryselection.country.lt=Lithuania -gui.countryselection.country.lt.logo.alt=Lithuania-eID -gui.countryselection.country.lv=Latvia -gui.countryselection.country.lv.logo.alt=Latvia-eID -gui.countryselection.country.nl=Netherlands -gui.countryselection.country.nl.logo.alt=Netherlands-eID -gui.countryselection.country.pl=Poland -gui.countryselection.country.pl.logo.alt=Poland-eID -gui.countryselection.country.pt=Portugal -gui.countryselection.country.pt.logo.alt=Portugal-eID -gui.countryselection.country.si=Slovenia -gui.countryselection.country.si.logo.alt=Slovenia-eID -gui.countryselection.country.es=Spain -gui.countryselection.country.es.logo.alt=Spain-eID - -gui.countryselection.country.bg=Bulgaria -gui.countryselection.country.bg.logo.alt=Bulgaria-eID -gui.countryselection.country.dk=Denmark -gui.countryselection.country.dk.logo.alt=Denmark-eID -gui.countryselection.country.fi=Finland -gui.countryselection.country.fi.logo.alt=Finland-eID -gui.countryselection.country.fr=France -gui.countryselection.country.fr.logo.alt=France-eID -gui.countryselection.country.el=Greece -gui.countryselection.country.el.logo.alt=Greece-eID -gui.countryselection.country.hu=Hungary -gui.countryselection.country.hu.logo.alt=Hungary-eID -gui.countryselection.country.ie=Ireland -gui.countryselection.country.ie.logo.alt=Ireland-eID -gui.countryselection.country.ir=Ireland -gui.countryselection.country.ir.logo.alt=Ireland-eID -gui.countryselection.country.lu=Luxembourg -gui.countryselection.country.lu.logo.alt=Luxembourg-eID -gui.countryselection.country.mt=Malta -gui.countryselection.country.mt.logo.alt=Malta-eID -gui.countryselection.country.no=Norway -gui.countryselection.country.no.logo.alt=Norway-eID -gui.countryselection.country.ro=Romania -gui.countryselection.country.ro.logo.alt=Romania-eID -gui.countryselection.country.sk=Slovakia -gui.countryselection.country.sk.logo.alt=Slovakia-eID -gui.countryselection.country.se=Sweden -gui.countryselection.country.se.logo.alt=Sweden-eID -gui.countryselection.country.sw=Sweden -gui.countryselection.country.sw.logo.alt=Sweden-eID -gui.countryselection.country.uk=United Kingdom -gui.countryselection.country.uk.logo.alt=United Kingdom-eID - -gui.countryselection.country.testcountry=TestCountry -gui.countryselection.country.testcountry.logo.alt=Testcountry-eID - -gui.countryselection.mode.prod=Production -gui.countryselection.mode.qs=QS -gui.countryselection.mode.test=Test -gui.countryselection.mode.dev=Development - -# images -gui.countryselection.country.be.img = /img/countries/Belgium-EU_.png -gui.countryselection.country.bg.img = /img/countries/Bulgaria-EU_.png -gui.countryselection.country.hr.img = /img/countries/Croatia-EU_.png -gui.countryselection.country.cy.img = /img/countries/Cyprus-EU_.png -gui.countryselection.country.cz.img = /img/countries/CzechRepublic-EU_.png -gui.countryselection.country.dk.img = /img/countries/Denmark-EU_.png -gui.countryselection.country.ee.img = /img/countries/Estonia-EU_.png -gui.countryselection.country.fi.img = /img/countries/Finland-EU_.png -gui.countryselection.country.fr.img = /img/countries/France-EU_.png -gui.countryselection.country.de.img = /img/countries/germany-eu_.png -gui.countryselection.country.el.img = /img/countries/Greece-EU_.png -gui.countryselection.country.hu.img = /img/countries/Hungary-EU_.png -gui.countryselection.country.is.img = /img/countries/Iceland.png -gui.countryselection.country.ie.img = /img/countries/Ireland-EU_.png -gui.countryselection.country.it.img = /img/countries/Italy-EU_.png -gui.countryselection.country.lv.img = /img/countries/Latvia-EU_.png -gui.countryselection.country.lt.img = /img/countries/Lithuania-EU_.png -gui.countryselection.country.lu.img = /img/countries/Luxembourg-EU_.png -gui.countryselection.country.mt.img = /img/countries/Malta-EU_.png -gui.countryselection.country.po.img = /img/countries/Poland-EU_.png -gui.countryselection.country.pt.img = /img/countries/Portugal-EU_.png -gui.countryselection.country.ro.img = /img/countries/Romania-EU_.png -gui.countryselection.country.sk.img = /img/countries/Slovakia-EU_.png -gui.countryselection.country.si.img = /img/countries/Slovenia-EU_.png -gui.countryselection.country.es.img = /img/countries/Spain-EU_.png -gui.countryselection.country.se.img = /img/countries/Sweden-EU_.png -gui.countryselection.country.nl.img = /img/countries/TheNetherlands-EU_.png -gui.countryselection.country.uk.img = /img/countries/UnitedKingdom-EU_.png - - -##### Matching operations -##Other Login Methods page -gui.otherlogin.title=eIDAS-Login Other Login Methods -gui.otherlogin.header.selection=Personal data not found - -gui.otherlogin.info.first=Your personal data from the conducted EU login could not be clearly assigned to any register entry in the registers of the Austrian administration. This may be due to a missing register entry of your personal data, or an incorrect match of your login data and your register entry stored in the registers. -gui.otherlogin.info.second=The following describes options to achieve a correct assignment: -gui.otherlogin.info.list.1=If you have an Austrian Mobile-Phone Signature (or ID Austria) or an alternative possibility of an EU login, please log in again using one of these options. For this purpose, please use the corresponding button for “ID Austria” or “Alternative EU-Login”. -gui.otherlogin.info.list.2=If you do not have either of the two additional registration options mentioned above, please continue with the button “No alternative login”. - -gui.otherlogin.button.hs=ID Austria -gui.otherlogin.button.eidas=Alternative EU-Login -gui.otherlogin.button.none=No alternative login -gui.otherlogin.button.inserternp=Create new register entry -gui.otherlogin.cancel=Cancel - -gui.otherlogin.inserternp.header.selection=Re-registration -gui.otherlogin.inserternp.first=Your personal data could not be clearly assigned to any entry in the registers of the Austrian administration. -gui.otherlogin.inserternp.second=Allow the re-registration of your personal data in the registers of the Austrian administration to complete the registration process successfully. -gui.otherlogin.inserternp.third.prefix=Attention: If you think you already have an entry in the registers of the Austrian administration, it is recommended not to allow your data to be entered again at this point in order to avoid double entries. In this case, please contact -gui.otherlogin.inserternp.third.postfix=, to arrange a manual assignment of your personal data. - - -module.eidasauth.matching.00=Matching failed, because find more than one ZMR entries with one eIDAS personal-identifier -module.eidasauth.matching.01=Matching failed, because of an ZMR communication error. Reason: {0} -module.eidasauth.matching.02=Matching failed, because ZMR response contains historic information which is not supported. -module.eidasauth.matching.03=Matching failed in workflow step: {0} with error: {1} -module.eidasauth.matching.04=An error occurred while loading your data from official registers. Please contact the suppot. -module.eidasauth.matching.11=Matching failed, because of an ERnP communication error. Reason: {0} -module.eidasauth.matching.12=Matching failed, because ERnP response contains historic information which is not supported. -module.eidasauth.matching.21=Matching be using residence information failed by missing input information. Add all required information. -module.eidasauth.matching.22=Can not find an unique match by using residence information. Provide more or other data, use another method for matching. -module.eidasauth.matching.23=Matching be using ID Austria was canceled. Use another method for matching. -module.eidasauth.matching.24=Matching be using ID Austria not possible. Use another method for matching. -module.eidasauth.matching.25=Matching be using alternative eIDAS authentication not possible. Provide more or other data, or use another method for matching. -module.eidasauth.matching.26=Matching be using alternative eIDAS authentication not possible, because Name or Country not matched. Provide more or other data or use another method for matching. -module.eidasauth.matching.29=Matching be using other information failed. Provide more or other data, or use another method for matching. -module.eidasauth.matching.99=Matching failed, because of an unexpected processing error. Reason: {0} - -##Austrian Residency page -gui.residency.title=Austrian Residency -gui.residency.header.selection=Search for Austrian residence -gui.residency.header.help=You can search for the address that you have been registered at in the past. Please enter a \ - postcode, municipality or village first to start the search. - -gui.residency.info.first=If you have a current or former registered residence in Austria, an assignment to your existing register entry can be made by entering the residence data. Please use the form below to enter your residence details. -gui.residency.info.second=First, please enter a postal code, municipality or locality and subsequently start the search for your home address using the "Search" button. Afterwards, you will be interactively supported in completing the address of residence, where you just have to follow the instructions on the form. You can restart the search process at any time by clicking the button "Delete". If all residence data has been filled in completely via the search function, please continue with the button "Continue". -gui.residency.info.third=If you do not have a current or former place of residence in Austria, please continue with the button "No residence available". - -gui.residency.header.inputinvalid=Be sure to enter a value for Municipality or Village -gui.residency.cancel=Cancel -gui.residency.back=No residence available -gui.residency.search=Search -gui.residency.clear=Clear -gui.residency.proceed=Continue -gui.residency.updated=Updated your input -gui.residency.found=Found {0} results, click on one result to refine your search -gui.residency.unique=Unique result found, please proceed -gui.residency.error=Error on Backend Call -gui.residency.input.postleitzahl=Postcode -gui.residency.input.municipality=Municipality -gui.residency.input.village=Village -gui.residency.input.street=Street -gui.residency.input.number=Number diff --git a/basicConfig/ms-proxyservice/properties/messages_de.properties b/basicConfig/ms-proxyservice/properties/messages_de.properties index 76624ebe..4e843e44 100644 --- a/basicConfig/ms-proxyservice/properties/messages_de.properties +++ b/basicConfig/ms-proxyservice/properties/messages_de.properties @@ -1,8 +1,3 @@ -####### GUI elements #### -gui.general.language.selection.title=Sprachauswahl -gui.general.language.selection.de=Deutsch -gui.general.language.selection.en=English - ##Errorpage template gui.errorpage.msg.title=Es ist ein Fehler aufgetreten gui.errorpage.msg.information=Der Anmeldevorgang wurde aufgrund eines Fehlers beendet: @@ -15,147 +10,3 @@ gui.countryselection.title=eIDAS-Login Länderauswahl gui.countryselection.logo.bmi.alt=Logo BMI gui.countryselection.link.bmi=Startseite BMI gui.countryselection.header1=Bundesministerium für Inneres -gui.countryselection.header2=Zentraler eIDAS Knoten der Republik Österreich -gui.countryselection.header3=Betrieben durch das Bundesministerium für Inneres -gui.countryselection.header.selection=Wählen Sie Ihr Land -gui.countryselection.cancel=Abbrechen -gui.countryselection.cancle=Abbrechen -gui.countryselection.notsupportedinfo=Wenn Sie Ihr Land in dieser Aufzählung nicht entdecken, dann wird Ihre elektronische Identität (eID) leider noch nicht unterstützt. - -gui.countryselection.infos.general.header=Information zur Anmeldung über Europäische eIDs -gui.countryselection.infos.general.link.1=eIDAS-Verordnung der Europäischen Union -gui.countryselection.infos.general.link.2=Ergänzungsregister für natürliche Personen (ERnP) -gui.countryselection.infos.general.part.1=Sie befinden sich am zentralen eIDAS-Knoten der Republik Österreich. Dieser wird vom Österreichischen -gui.countryselection.infos.general.part.2=betrieben und ermöglicht eine Anmeldungen zu österreichischen Online-Anwendungen unter Verwendung einer elektronischen Identität (eID) anderer EU-Mitgliedstaaten. Sie wurden hierher weitergeleitet, da Sie in einer Online-Anwendung eine Anmeldung via EU-Login initiiert haben. -gui.countryselection.infos.general.part.3=Der zentrale eIDAS-Knoten der Republik Österreich ermöglicht Ihnen eine Anmeldung zu österreichischen Online-Anwendungen mit der eID Ihres Herkunftsstaates. Damit werden die Vorgaben der -gui.countryselection.infos.general.part.4=erfüllt, die eine staatenübergreifende Akzeptanz nationaler eIDs vorsieht. Die wechselseitige Anerkennung nationaler eIDs erfolgt in der EU schrittweise. Aktuell unterstützt der zentrale eIDAS-Knoten der Republik Österreich Anmeldungen mit den eID-Systemen der oben angeführten Mitgliedstaaten. Diese Liste wird laufend erweitert. -gui.countryselection.infos.general.part.5=Nachdem Sie auf dieser Seite einen Mitgliedsstaat ausgewählt haben, werden Sie an die gewohnte Anmeldeumgebung des jeweiligen Mitgliedsstaats weitergeleitet. Dort können Sie sich mit Ihrer eID wie gewohnt anmelden. Haben Sie den Anmeldeprozess erfolgreich abgeschlossen, werden Sie automatisch an die Online-Anwendung, von der aus Sie auf diese Auswahlseite gelangt sind, weitergeleitet und dort mit den Identitätsdaten Ihrer eID angemeldet. Gleichzeitig werden Sie bei Ihrer ersten Anmeldung auf diesem Weg mit Ihren eID-Daten in das österreichische -gui.countryselection.infos.general.part.6=eingetragen. Damit wird sichergestellt, dass Sie auch im Rahmen zukünftiger Anmeldeprozesse zu österreichischen Online-Anwendungen erfolgreich und eindeutig identifiziert werden können. - - -gui.countryselection.country.be=Belgien -gui.countryselection.country.be.logo.alt=Belgische-eID -gui.countryselection.country.hr=Kroatien -gui.countryselection.country.hr.logo.alt=Kroatische-eID -gui.countryselection.country.cy=Zypern -gui.countryselection.country.cy.logo.alt=Zypriotische-eID -gui.countryselection.country.cz=Tschechische Republik -gui.countryselection.country.cz.logo.alt=Tschechische Republik-eID -gui.countryselection.country.ee=Estland -gui.countryselection.country.ee.logo.alt=Estländische-eID -gui.countryselection.country.de=Deutschland -gui.countryselection.country.de.logo.alt=Deutsche-eID -gui.countryselection.country.is=Island -gui.countryselection.country.is.logo.alt=Isländische-eID -gui.countryselection.country.it=Italien -gui.countryselection.country.it.logo.alt=Italienische-eID -gui.countryselection.country.lt=Litauen -gui.countryselection.country.lt.logo.alt=Litauische-eID -gui.countryselection.country.lv=Lettland -gui.countryselection.country.lv.logo.alt=Lettische-eID -gui.countryselection.country.nl=Niederlande -gui.countryselection.country.nl.logo.alt=Niederländische-eID -gui.countryselection.country.pl=Polen -gui.countryselection.country.pl.logo.alt=Polnische-eID -gui.countryselection.country.pt=Portugal -gui.countryselection.country.pt.logo.alt=Portugisische-eID -gui.countryselection.country.si=Slowenien -gui.countryselection.country.si.logo.alt=Slowenische-eID -gui.countryselection.country.es=Spanien -gui.countryselection.country.es.logo.alt=Spanische-eID - -gui.countryselection.country.bg=Bulgarien -gui.countryselection.country.bg.logo.alt=Bulgarische-eID -gui.countryselection.country.dk=Dänemark -gui.countryselection.country.dk.logo.alt=Dänische-eID -gui.countryselection.country.fi=Finnland -gui.countryselection.country.fi.logo.alt=Finische-eID -gui.countryselection.country.fr=Frankreich -gui.countryselection.country.fr.logo.alt=Französiche-eID -gui.countryselection.country.gr=Griechenland -gui.countryselection.country.gr.logo.alt=Griechische-eID -gui.countryselection.country.hu=Ungarn -gui.countryselection.country.hu.logo.alt=Ungarische-eID -gui.countryselection.country.ir=Irland -gui.countryselection.country.ir.logo.alt=Irische-eID -gui.countryselection.country.lu=Luxemburg -gui.countryselection.country.lu.logo.alt=Luxemburgische-eID -gui.countryselection.country.mt=Malta -gui.countryselection.country.mt.logo.alt=Malta-eID -gui.countryselection.country.ro=Rumänien -gui.countryselection.country.ro.logo.alt=Rumänische-eID -gui.countryselection.country.sk=Slowakei -gui.countryselection.country.sk.logo.alt=Slowakische-eID -gui.countryselection.country.sw=Schweden -gui.countryselection.country.sw.logo.alt=Schwedische-eID -gui.countryselection.country.uk=Großbritannien -gui.countryselection.country.uk.logo.alt=Britische-eID - -gui.countryselection.country.testcountry=Testland -gui.countryselection.country.testcountry.logo.alt=Testland-eID - -gui.countryselection.mode.prod=Produktion -gui.countryselection.mode.qs=Qualitätsicherung -gui.countryselection.mode.test=Test -gui.countryselection.mode.dev=Development - - -##### Matching operations -##Other Login Methods page -gui.otherlogin.title=eIDAS-Login Alternative Anmeldemethoden -gui.otherlogin.header.selection=Personendaten nicht gefunden -gui.otherlogin.button.hs=ID Austria -gui.otherlogin.button.eidas=Alternativer eIDAS Login -gui.otherlogin.button.none=Keine alternative Anmeldemöglichkeit -gui.otherlogin.button.inserternp=Eine neue österreichische Identity auf Basis meiner eIDAS Daten erzeugen -gui.otherlogin.cancel=Abbrechen - -gui.otherlogin.info.first=Ihre Personendaten aus dem eben erfolgten EU-Login konnten in den Registern der österreichischen Verwaltung keinem Registereintrag eindeutig zugeordnet werden. Das kann daran liegen, dass Sie in den Registern bisher nicht eingetragen sind, oder ihre aktuellen Anmeldedaten nicht vollständig mit den in den Registern hinterlegten Daten zu Ihrer Person übereinstimmen. -gui.otherlogin.info.second=Sie haben folgende Möglichkeiten, um eine korrekte Zuordnung zu erreichen: -gui.otherlogin.info.list.1=Wenn Sie über eine österreichische ID Austria (oder Handy-Signatur) oder über eine alternative Möglichkeit eines EU-Logins verfügen, melden Sie sich mit diesen bitte erneut an. Verwenden Sie dazu bitte die entsprechende Schaltfläche „ID Austria“ oder „Alternativer EU-Login“. -gui.otherlogin.info.list.2=Verfügen Sie über keine der beiden oben genannten zusätzlichen Anmeldemöglichkeiten, setzen Sie bitte über die Schaltfläche „Keine alternative Anmeldemöglichkeit“ fort - -gui.otherlogin.inserternp.header.selection=Neueintragung -gui.otherlogin.inserternp.first=Ihre Personendaten konnten in den Registern der österreichischen Verwaltung keinem Eintrag eindeutig zugeordnet werden. -gui.otherlogin.inserternp.second=Erlauben Sie die Neueintragung ihrer Personendaten in den Registern der österreichischen Verwaltung, um den Anmeldevorgang erfolgreich abzuschließen. -gui.otherlogin.inserternp.third.prefix=Achtung: Wenn Sie der Meinung sind, in den Registern der österreichischen Verwaltung bereits einen Eintrag zu haben, wird empfohlen, an dieser Stelle keine Neueintragung Ihrer Daten zu erlauben, um doppelte Einträge zu verhindern. Kontaktieren Sie in diesem Fall bitte -gui.otherlogin.inserternp.third.postfix=, um eine manuelle Zuordnung der Daten zu veranlassen. - -module.eidasauth.matching.04=Während der Kommunikation mit einem offiziellen Register ist ein Fehler aufgetreten. Bitte kontaktieren Sie den Support. -module.eidasauth.matching.21=Das Matching auf Basis eine Wohnanschrift in Österreich schlug fehl. Es wurden nicht alle erforderlichen Parameter für eine Suche mittels Wohnanschrift eingegeben. -module.eidasauth.matching.22=Das Matching auf Basis eine Wohnanschrift in Österreich schlug fehl. Matching auf Basis einer bestanden oder bestehenden Wohnanschrift konnte nicht durchgeführt werden. -module.eidasauth.matching.23=Matching auf Basis eines ID Autria wurde abgebrochen. Nutzen Sie eine andere Matchingmethode. -module.eidasauth.matching.24=Matching auf Basis eines ID Autria schlug fehl. Nutzen Sie eine andere Matchingmethode. -module.eidasauth.matching.25=Matching auf Basis einer alternativen eIDAS Anmeldung schlug fehl. Stellen Sie weitere Informationen bereit oder nutzen Sie eine andere Matchingmethode. -module.eidasauth.matching.26=Matching auf Basis einer alternativen eIDAS Anmeldung schlug fehl, da sich entweder der Name oder das Quelland unterscheidet. Stellen Sie weitere Informationen bereit oder nutzen Sie eine andere Matchingmethode. -module.eidasauth.matching.99=Matching schlug Aufgrund eines internen Fehler fehl. Ursache: {0} - - -##Austrian Residency page -gui.residency.title=Österreichischer Wohnsitz -gui.residency.header.selection=Suche nach Österreichischem Wohnsitz -gui.residency.header.help=Hier können Sie nach einem Wohnsitze in Österreich suchen. Bitte geben Sie zuerst eine \ - Postleitzahl, Gemeinde oder Ortschaft ein um die Suche zu starten. - -gui.residency.info.first=Haben Sie einen aktuellen oder ehemaligen gemeldeten Wohnsitz in Österreich, kann eine Zuordnung zu Ihrem bestehenden Registereintrag über Eingabe der Wohnsitzdaten erfolgen. Bitte benutzen Sie das untenstehende Formular, um Ihre Wohnsitzdaten einzugeben. -gui.residency.info.second=Bitte geben Sie dazu zuerst eine Postleitzahl, Gemeinde oder Ortschaft ein und starten Sie die Suche Ihrer Wohnsitzadresse dann über die Schaltfläche „Suche“. Sie werden in weiterer Folge bei der Vervollständigung der Wohnsitzadresse interaktiv unterstützt. Folgen Sie dazu den Anweisungen im Formular. Über die Schaltfläche „Löschen“ können Sie den Suchvorgang jederzeit neu starten. Wurden alle Wohnsitzdaten über die Suchfunktion vollständig befüllt, setzen Sie bitte über die Schaltfläche „Fortfahren“ fort. -gui.residency.info.third=Haben sie keinen aktuellen oder ehemaligen Wohnsitz in Österreich, setzen Sie bitte über die Schaltfläche „Kein Wohnsitz vorhanden“ fort. - -gui.residency.header.inputinvalid=Bitte geben Sie einen Wert für Gemeinde oder Ortschaft ein -gui.residency.cancel=Abbrechen -gui.residency.back=Kein Wohnsitz vorhanden -gui.residency.search=Suche -gui.residency.clear=Löschen -gui.residency.proceed=Fortfahren -gui.residency.updated=Eingabe aktualisiert -gui.residency.found={0} Ergebnisse gefunden, klicken Sie auf ein Ergebnis um die Suche zu verfeinern -gui.residency.unique=Eindeutiges Ergebnis gefunden, bitte fortfahren -gui.residency.error=Fehler bei Addresssuche -gui.residency.input.postleitzahl=PLZ -gui.residency.input.municipality=Gemeinde -gui.residency.input.village=Ortschaft -gui.residency.input.street=Straße -gui.residency.input.number=Nummer - - - -- cgit v1.2.3 From 3d9d419a40b17de1f94d46cbc2f5b345a93bff00 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Wed, 8 Jun 2022 12:32:16 +0200 Subject: feat(eidas): perform mapping between IDA and eIDAS attributes based on external configuration --- .../ms-proxyservice/misc/idaAttributeMapping.json | 170 +++++++++ .../SpRequiredAttributersAttributeBuilder.java | 63 ++++ .../tasks/ReceiveFromIdAustriaSystemTask.java | 30 +- .../tasks/RequestIdAustriaSystemTask.java | 6 + .../at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder | 1 + .../SpRequiredAttributersAttributeBuilderTest.java | 72 ++++ .../test/task/ReceiveAuthnResponseTaskTest.java | 24 +- .../test/task/RequestIdAustriaSystemTaskTest.java | 72 ++-- .../eidas/specific/core/MsEidasNodeConstants.java | 13 +- .../core/builder/AuthenticationDataBuilder.java | 185 ++++++++-- .../main/resources/specific_eIDAS_core.beans.xml | 3 - .../test/utils/AuthenticationDataBuilderTest.java | 311 +++++++++++++++- .../msproxyservice/dto/attributes/Type.java | 7 + .../protocol/ProxyServiceAuthenticationAction.java | 297 +++++++--------- .../service/ProxyEidasAttributeRegistry.java | 34 +- .../ProxyServiceAuthenticationActionTest.java | 217 +++++++++-- .../services/ProxyEidasAttributeRegistryTest.java | 35 ++ .../test/resources/config/idaAttributeMapping.json | 56 ++- .../resources/specific_eIDAS_connector.beans.xml | 3 + .../builder/ProxyAuthenticationDataBuilder.java | 38 ++ .../main/resources/specific_eIDAS_proxy.beans.xml | 3 + .../ProxyAuthenticationDataBuilderTest.java | 395 +++++++++++++++++++++ .../config/junit_config_1_springboot.properties | 2 +- pom.xml | 2 +- 24 files changed, 1713 insertions(+), 326 deletions(-) create mode 100644 basicConfig/ms-proxyservice/misc/idaAttributeMapping.json create mode 100644 modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/builder/attributes/SpRequiredAttributersAttributeBuilder.java create mode 100644 modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/builder/attributes/SpRequiredAttributersAttributeBuilderTest.java create mode 100644 ms_specific_proxyservice/src/main/java/at/asitplus/eidas/specific/proxy/builder/ProxyAuthenticationDataBuilder.java create mode 100644 ms_specific_proxyservice/src/test/java/at/asitplus/eidas/specific/proxy/test/builder/ProxyAuthenticationDataBuilderTest.java (limited to 'basicConfig') diff --git a/basicConfig/ms-proxyservice/misc/idaAttributeMapping.json b/basicConfig/ms-proxyservice/misc/idaAttributeMapping.json new file mode 100644 index 00000000..7c44b48a --- /dev/null +++ b/basicConfig/ms-proxyservice/misc/idaAttributeMapping.json @@ -0,0 +1,170 @@ +[ + { + "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", + "idaAttribute": { + "basic": "urn:oid:1.2.40.0.10.2.1.1.149", + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.98" + }, + "type": { + "mds": true, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/CurrentGivenName", + "idaAttribute": { + "basic": "urn:oid:2.5.4.42", + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.78" + }, + "type": { + "mds": true, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/CurrentFamilyName", + "idaAttribute": { + "basic": "urn:oid:1.2.40.0.10.2.1.1.261.20", + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.80" + }, + "type": { + "mds": true, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/DateOfBirth", + "idaAttribute": { + "basic": "urn:oid:1.2.40.0.10.2.1.1.55", + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.82" + }, + "type": { + "mds": true, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth", + "idaAttribute": {}, + "type": { + "mds": false, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/BirthName", + "idaAttribute": {}, + "type": { + "mds": false, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/legalperson/LegalPersonIdentifier", + "idaAttribute": { + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.100" + }, + "addionalRequiredAttributes" : [ + "urn:oid:1.2.40.0.10.2.1.1.149", + "urn:oid:2.5.4.42", + "urn:oid:1.2.40.0.10.2.1.1.261.20", + "urn:oid:1.2.40.0.10.2.1.1.55" + ], + "type": { + "mds": true, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/legalperson/LegalName", + "idaAttribute": { + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.84" + }, + "type": { + "mds": true, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/representative/PersonIdentifier", + "idaAttribute": { + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.149" + }, + "type": { + "mds": true, + "autoIncludeWithMandates": true + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/representative/CurrentFamilyName", + "idaAttribute": { + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.20" + }, + "type": { + "mds": true, + "autoIncludeWithMandates": true + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/representative/CurrentGivenName", + "idaAttribute": { + "withMandates": "urn:oid:2.5.4.42" + }, + "type": { + "mds": true, + "autoIncludeWithMandates": true + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/representative/DateOfBirth", + "idaAttribute": { + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.55" + }, + "type": { + "mds": true, + "autoIncludeWithMandates": true + } + }, + { + "eidasAttribute": "*", + "idaAttribute": { + "basic": "urn:oid:1.2.40.0.10.2.1.1.261.32", + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.32" + }, + "type": { + "mds": false, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "*", + "idaAttribute": { + "basic": "urn:oid:1.2.40.0.10.2.1.1.261.108", + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.108" + }, + "type": { + "mds": false, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "*", + "idaAttribute": { + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.68" + }, + "type": { + "mds": false, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "*", + "idaAttribute": { + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.106" + }, + "type": { + "mds": false, + "autoIncludeWithMandates": false + } + } +] diff --git a/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/builder/attributes/SpRequiredAttributersAttributeBuilder.java b/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/builder/attributes/SpRequiredAttributersAttributeBuilder.java new file mode 100644 index 00000000..61687088 --- /dev/null +++ b/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/builder/attributes/SpRequiredAttributersAttributeBuilder.java @@ -0,0 +1,63 @@ +/* + * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a + * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European + * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in + * compliance with the Licence. You may obtain a copy of the Licence at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software distributed under the Licence + * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the Licence for the specific language governing permissions and limitations under + * the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text file for details on the + * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative + * works that you distribute must include a readable copy of the "NOTICE" text file. +*/ + +package at.asitplus.eidas.specific.modules.auth.idaustria.builder.attributes; + +import org.apache.commons.lang3.StringUtils; + +import at.asitplus.eidas.specific.core.config.ServiceProviderConfiguration; +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import lombok.extern.slf4j.Slf4j; + +@Slf4j +public class SpRequiredAttributersAttributeBuilder + implements IAttributeBuilder, ExtendedPvpAttributeDefinitions { + + @Override + public String getName() { + return SP_REQUIRED_ATTRIBUTES_NAME; + } + + @Override + public ATT build(final ISpConfiguration oaParam, final IAuthData authData, + final IAttributeGenerator g) + throws AttributeBuilderException { + if (oaParam instanceof ServiceProviderConfiguration) { + return g.buildStringAttribute(SP_REQUIRED_ATTRIBUTES_FRIENDLY_NAME, SP_REQUIRED_ATTRIBUTES_NAME, + StringUtils.join(((ServiceProviderConfiguration)oaParam).getRequestedAttributes(), ",")); + + } else { + log.warn("Can not build attribute for required IDA attributes, because SP config-implementation does not match."); + return null; + + } + } + + @Override + public ATT buildEmpty(final IAttributeGenerator g) { + return g.buildEmptyAttribute(SP_REQUIRED_ATTRIBUTES_FRIENDLY_NAME, SP_REQUIRED_ATTRIBUTES_NAME); + + } + +} diff --git a/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/ReceiveFromIdAustriaSystemTask.java b/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/ReceiveFromIdAustriaSystemTask.java index e486b851..17e0e0d5 100644 --- a/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/ReceiveFromIdAustriaSystemTask.java +++ b/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/ReceiveFromIdAustriaSystemTask.java @@ -16,7 +16,6 @@ import org.opensaml.saml.saml2.core.StatusCode; import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; import org.springframework.beans.factory.annotation.Autowired; -import at.asitplus.eidas.specific.core.MsEidasNodeConstants; import at.asitplus.eidas.specific.modules.auth.idaustria.IdAustriaAuthConstants; import at.asitplus.eidas.specific.modules.auth.idaustria.utils.IdAustriaAuthCredentialProvider; import at.asitplus.eidas.specific.modules.auth.idaustria.utils.IdAustriaAuthMetadataProvider; @@ -234,8 +233,7 @@ public class ReceiveFromIdAustriaSystemTask extends AbstractAuthServletTask { // inject all attributes into session final Set includedAttrNames = extractor.getAllIncludeAttributeNames(); for (final String attrName : includedAttrNames) { - injectAuthInfosIntoSession(session, attrName, - extractor.getSingleAttributeValue(attrName)); + injectAuthInfosIntoSession(session, attrName, extractor.getSingleAttributeValue(attrName)); } @@ -306,31 +304,11 @@ public class ReceiveFromIdAustriaSystemTask extends AbstractAuthServletTask { private void injectAuthInfosIntoSession(AuthProcessDataWrapper session, String attrName, String attrValue) throws EaafStorageException, IOException { log.trace("Inject attribute: {} with value: {} into AuthSession", attrName, attrValue); - log.debug("Inject attribute: {} into AuthSession", attrName); - if (PvpAttributeDefinitions.BPK_NAME.equals(attrName)) { - log.trace("Find bPK attribute. Extract eIDAS identifier ... "); - session.setGenericDataToSession(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, - extractBpkFromResponse(attrValue)); - - } else { - session.setGenericDataToSession(attrName, attrValue); - - } - + log.debug("Inject attribute: {} into AuthSession", attrName); + session.setGenericDataToSession(attrName, attrValue); + } - private String extractBpkFromResponse(String pvpBpkAttrValue) { - final String[] split = pvpBpkAttrValue.split(":", 2); - if (split.length == 2) { - return split[1]; - - } else { - log.warn("PVP bPK attribute: {} has wrong format. Use it as it is.", pvpBpkAttrValue); - return pvpBpkAttrValue; - - } - } - private Pair preProcessAuthResponse(PvpSProfileResponse msg) throws IOException, MarshallingException, TransformerException, CredentialsNotAvailableException, AuthnResponseValidationException, SamlAssertionValidationExeption { diff --git a/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java b/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java index 66aadde6..bbe9b45f 100644 --- a/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java +++ b/modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java @@ -160,6 +160,12 @@ public class RequestIdAustriaSystemTask extends AbstractAuthServletTask { injectAttribute(attributs, PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, selectHighestLoa(pendingReq.getServiceProviderConfiguration().getRequiredLoA())); + // set list of IDA attributes as attribute + injectAttribute(attributs, ExtendedPvpAttributeDefinitions.SP_REQUIRED_ATTRIBUTES_NAME, + StringUtils.join( + pendingReq.getServiceProviderConfiguration(ServiceProviderConfiguration.class).getRequestedAttributes(), + ",")); + //set ProviderName if available String providerName = ((ProxyServicePendingRequest)pendingReq).getEidasRequest().getProviderName(); if (StringUtils.isNotEmpty(providerName)) { diff --git a/modules/authmodule_id-austria/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder b/modules/authmodule_id-austria/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder index 65e9482c..3b20d687 100644 --- a/modules/authmodule_id-austria/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder +++ b/modules/authmodule_id-austria/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder @@ -1 +1,2 @@ at.asitplus.eidas.specific.modules.auth.idaustria.builder.attributes.EidasConnecorUniqueIdAttributeBuilder +at.asitplus.eidas.specific.modules.auth.idaustria.builder.attributes.SpRequiredAttributersAttributeBuilder diff --git a/modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/builder/attributes/SpRequiredAttributersAttributeBuilderTest.java b/modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/builder/attributes/SpRequiredAttributersAttributeBuilderTest.java new file mode 100644 index 00000000..2fe420df --- /dev/null +++ b/modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/builder/attributes/SpRequiredAttributersAttributeBuilderTest.java @@ -0,0 +1,72 @@ +package at.asitplus.eidas.specific.modules.auth.idaustria.test.builder.attributes; + +import static org.junit.Assert.assertEquals; + +import java.util.List; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.internal.util.collections.Sets; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.asitplus.eidas.specific.core.config.ServiceProviderConfiguration; +import at.asitplus.eidas.specific.modules.auth.idaustria.builder.attributes.SpRequiredAttributersAttributeBuilder; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import at.gv.egiz.eaaf.core.impl.idp.auth.attributes.AbstractAttributeBuilderTest; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyConfiguration; +import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration(locations = { + "/spring/SpringTest-context_basic_mapConfig.xml", + "/spring/SpringTest-context_basic_test.xml", +}) +public class SpRequiredAttributersAttributeBuilderTest extends AbstractAttributeBuilderTest { + +private final IAttributeBuilder attrBuilder = new SpRequiredAttributersAttributeBuilder(); + + @Test + public void attributeName() { + Assert.assertEquals("Wrong attribute name", + "urn:eidgvat:attributes.RequiredAttributes", attrBuilder.getName()); + + } + + @Test + public void checkEmptyAttribute() { + String value = attrBuilder.buildEmpty(gen); + Assert.assertNull("Attr. not null", value); + + } + + @Test + public void withWrongSpConfig() throws AttributeBuilderException, Exception { + String value = attrBuilder.build(spConfig, buildAuthData(), gen); + Assert.assertNull("Attr. not null", value); + + } + + @Test + public void withAttributeValue() throws AttributeBuilderException, Exception { + ServiceProviderConfiguration sp = new ServiceProviderConfiguration(spConfigMap, new DummyConfiguration()); + sp.setRequestedAttributes(Sets.newSet( + "aabbccdd", + RandomStringUtils.randomAlphanumeric(10), + PvpAttributeDefinitions.BIRTHDATE_NAME)); + + + String value = attrBuilder.build(sp, buildAuthData(), gen); + + List elements = KeyValueUtils.getListOfCsvValues(value); + assertEquals("wrong number of attributes", sp.getRequestedAttributes().size(), elements.size()); + sp.getRequestedAttributes().forEach( + el -> elements.contains(el)); + + } + +} diff --git a/modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/ReceiveAuthnResponseTaskTest.java b/modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/ReceiveAuthnResponseTaskTest.java index c452fe22..c3be6dad 100644 --- a/modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/ReceiveAuthnResponseTaskTest.java +++ b/modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/ReceiveAuthnResponseTaskTest.java @@ -36,7 +36,6 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; -import at.asitplus.eidas.specific.core.MsEidasNodeConstants; import at.asitplus.eidas.specific.core.config.ServiceProviderConfiguration; import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap; import at.asitplus.eidas.specific.modules.auth.idaustria.IdAustriaAuthConstants; @@ -542,14 +541,14 @@ public class ReceiveAuthnResponseTaskTest { assertTrue("eidProcess flag", session.isEidProcess()); assertFalse("useMandate flag", session.isMandateUsed()); - checkAttributeInSession(session,PvpAttributeDefinitions.GIVEN_NAME_NAME, "Max"); - checkAttributeInSession(session,PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, "Mustermann"); - checkAttributeInSession(session,PvpAttributeDefinitions.BIRTHDATE_NAME, "1940-01-01"); - checkAttributeInSession(session,PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, "http://eidas.europa.eu/LoA/high"); - checkAttributeInSession(session,PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, "AT"); + checkAttributeInSession(session, PvpAttributeDefinitions.GIVEN_NAME_NAME, "Max"); + checkAttributeInSession(session, PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, "Mustermann"); + checkAttributeInSession(session, PvpAttributeDefinitions.BIRTHDATE_NAME, "1940-01-01"); + checkAttributeInSession(session, PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, "http://eidas.europa.eu/LoA/high"); + checkAttributeInSession(session, PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, "AT"); //pre-generated eIDAS identifer - checkAttributeInSession(session, MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, "QVGm48cqcM4UcyhDTNGYmVdrIoY="); + checkAttributeInSession(session, PvpAttributeDefinitions.BPK_NAME, "AT+XX:QVGm48cqcM4UcyhDTNGYmVdrIoY="); } @@ -587,7 +586,7 @@ public class ReceiveAuthnResponseTaskTest { checkAttributeInSession(session,PvpAttributeDefinitions.BIRTHDATE_NAME, "1940-01-01"); checkAttributeInSession(session,PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, "AT"); - checkAttributeInSession(session,MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, "QVGm48cqcM4UcyhDTNGYmVdrIoY="); + checkAttributeInSession(session,PvpAttributeDefinitions.BPK_NAME, "AT+CC:QVGm48cqcM4UcyhDTNGYmVdrIoY="); } @@ -625,7 +624,7 @@ public class ReceiveAuthnResponseTaskTest { checkAttributeInSession(session,PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, "AT"); //pre-generated eIDAS identifer - checkAttributeInSession(session,MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, "QVGm48cqcasfasfsafsafdM4UcyhDTNGYmVdrIoY="); + checkAttributeInSession(session,PvpAttributeDefinitions.BPK_NAME, "QVGm48cqcasfasfsafsafdM4UcyhDTNGYmVdrIoY="); } @@ -663,7 +662,7 @@ public class ReceiveAuthnResponseTaskTest { checkAttributeInSession(session,PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, "AT"); //pre-generated eIDAS identifer - checkAttributeInSession(session,MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, "QVGm48cqcasfasfsafsafdM4UcyhDTNGYmVdrIoY="); + checkAttributeInSession(session,PvpAttributeDefinitions.BPK_NAME, "AT+AB:QVGm48cqcasfasfsafsafdM4UcyhDTNGYmVdrIoY="); } @@ -708,7 +707,7 @@ public class ReceiveAuthnResponseTaskTest { checkAttributeInSession(session, PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, "urn:publicid:gv.at:baseid+XERSB"); //pre-generated eIDAS identifer - checkAttributeInSession(session, MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, "QVGm48cqcM4UcyhDTNGYmVdrIoY="); + checkAttributeInSession(session, PvpAttributeDefinitions.BPK_NAME, "AT+XX:QVGm48cqcM4UcyhDTNGYmVdrIoY="); assertNull("find nat. person bpk for mandator", session.getGenericDataFromSession( PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, String.class)); @@ -758,8 +757,7 @@ public class ReceiveAuthnResponseTaskTest { //pre-generated eIDAS identifer - checkAttributeInSession(session, MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, - "QVGm48cqcM4UcyhDTNGYmVdrIoY="); + checkAttributeInSession(session, PvpAttributeDefinitions.BPK_NAME, "AT+XX:QVGm48cqcM4UcyhDTNGYmVdrIoY="); } diff --git a/modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/RequestIdAustriaSystemTaskTest.java b/modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/RequestIdAustriaSystemTaskTest.java index f6ffc729..1feb684d 100644 --- a/modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/RequestIdAustriaSystemTaskTest.java +++ b/modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/RequestIdAustriaSystemTaskTest.java @@ -18,6 +18,7 @@ import org.junit.Before; import org.junit.BeforeClass; import org.junit.Test; import org.junit.runner.RunWith; +import org.mockito.internal.util.collections.Sets; import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport; import org.opensaml.core.xml.schema.XSString; import org.opensaml.core.xml.util.XMLObjectSupport; @@ -41,6 +42,7 @@ import at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServicePe import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions.SpMandateModes; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; @@ -213,7 +215,7 @@ public class RequestIdAustriaSystemTaskTest { //validate state final EaafRequestedAttributes reqAttr = validate(); - Assert.assertEquals("#Req Attribute", 4, reqAttr.getAttributes().size()); + Assert.assertEquals("#Req Attribute", 5, reqAttr.getAttributes().size()); Assert.assertEquals("Wrong req attr.", "urn:eidgvat:attributes.eidas.uniqueId", reqAttr.getAttributes().get(0).getName()); @@ -246,15 +248,15 @@ public class RequestIdAustriaSystemTaskTest { ((XSString)reqAttr.getAttributes().get(2).getAttributeValues().get(0)).getValue()); Assert.assertEquals("Wrong req attr.", "urn:eidgvat:attributes.ServiceProviderMandateType", - reqAttr.getAttributes().get(3).getName()); - Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(3).getAttributeValues()); + reqAttr.getAttributes().get(4).getName()); + Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(4).getAttributeValues()); Assert.assertEquals("#Req. Attr value", 1, - reqAttr.getAttributes().get(3).getAttributeValues().size()); + reqAttr.getAttributes().get(4).getAttributeValues().size()); org.springframework.util.Assert.isInstanceOf(XSString.class, - reqAttr.getAttributes().get(3).getAttributeValues().get(0), "Wrong requested Attributes Value type"); + reqAttr.getAttributes().get(4).getAttributeValues().get(0), "Wrong requested Attributes Value type"); Assert.assertEquals("Req. Attr. Value", pendingReq.getServiceProviderConfiguration(ServiceProviderConfiguration.class).getMandateMode().getMode(), - ((XSString)reqAttr.getAttributes().get(3).getAttributeValues().get(0)).getValue()); + ((XSString)reqAttr.getAttributes().get(4).getAttributeValues().get(0)).getValue()); } @@ -275,33 +277,55 @@ public class RequestIdAustriaSystemTaskTest { LightRequest eidasReq = eidasRequestBuilder.build(); pendingReq.setEidasRequest(eidasReq); + oaParam.setRequestedAttributes(Sets.newSet( + "aabbccdd", + RandomStringUtils.randomAlphanumeric(10), + PvpAttributeDefinitions.BIRTHDATE_NAME)); + //execute test task.execute(pendingReq, executionContext); //validate state final EaafRequestedAttributes reqAttr = validate(); - Assert.assertEquals("#Req Attribute", 6, reqAttr.getAttributes().size()); + Assert.assertEquals("#Req Attribute", 7, reqAttr.getAttributes().size()); - Assert.assertEquals("Wrong req attr.", "urn:eidgvat:attributes.ServiceProviderFriendlyName", + + Assert.assertEquals("Wrong req attr.", "urn:eidgvat:attributes.RequiredAttributes", reqAttr.getAttributes().get(3).getName()); - Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(1).getAttributeValues()); + Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(3).getAttributeValues()); Assert.assertEquals("#Req. Attr value", 1, reqAttr.getAttributes().get(3).getAttributeValues().size()); org.springframework.util.Assert.isInstanceOf(XSString.class, reqAttr.getAttributes().get(3).getAttributeValues().get(0), "Wrong requested Attributes Value type"); - Assert.assertEquals("Req. Attr. Value", eidasReq.getProviderName(), + + List reqProfiles = KeyValueUtils.getListOfCsvValues( ((XSString)reqAttr.getAttributes().get(3).getAttributeValues().get(0)).getValue()); + reqProfiles.stream().forEach( + el -> assertTrue("missing IDA attribute: " + el, oaParam.getRequestedAttributes().contains(el))); - Assert.assertEquals("Wrong req attr.", "urn:eidgvat:attributes.ServiceProviderUniqueId", + + Assert.assertEquals("Wrong req attr.", "urn:eidgvat:attributes.ServiceProviderFriendlyName", reqAttr.getAttributes().get(4).getName()); - Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(1).getAttributeValues()); + Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(4).getAttributeValues()); Assert.assertEquals("#Req. Attr value", 1, reqAttr.getAttributes().get(4).getAttributeValues().size()); org.springframework.util.Assert.isInstanceOf(XSString.class, reqAttr.getAttributes().get(4).getAttributeValues().get(0), "Wrong requested Attributes Value type"); - Assert.assertEquals("Req. Attr. Value", eidasReq.getRequesterId(), + Assert.assertEquals("Req. Attr. Value", eidasReq.getProviderName(), ((XSString)reqAttr.getAttributes().get(4).getAttributeValues().get(0)).getValue()); + Assert.assertEquals("Wrong req attr.", "urn:eidgvat:attributes.ServiceProviderUniqueId", + reqAttr.getAttributes().get(5).getName()); + Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(5).getAttributeValues()); + Assert.assertEquals("#Req. Attr value", 1, + reqAttr.getAttributes().get(5).getAttributeValues().size()); + org.springframework.util.Assert.isInstanceOf(XSString.class, + reqAttr.getAttributes().get(5).getAttributeValues().get(0), "Wrong requested Attributes Value type"); + Assert.assertEquals("Req. Attr. Value", eidasReq.getRequesterId(), + ((XSString)reqAttr.getAttributes().get(5).getAttributeValues().get(0)).getValue()); + + + } @Test @@ -330,31 +354,31 @@ public class RequestIdAustriaSystemTaskTest { //validate state final EaafRequestedAttributes reqAttr = validate(); - Assert.assertEquals("#Req Attribute", 7, reqAttr.getAttributes().size()); + Assert.assertEquals("#Req Attribute", 8, reqAttr.getAttributes().size()); Assert.assertEquals("Wrong req attr.", "urn:eidgvat:attributes.ServiceProviderMandateProfiles", - reqAttr.getAttributes().get(5).getName()); - Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(1).getAttributeValues()); + reqAttr.getAttributes().get(6).getName()); + Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(6).getAttributeValues()); Assert.assertEquals("#Req. Attr value", 1, - reqAttr.getAttributes().get(5).getAttributeValues().size()); + reqAttr.getAttributes().get(6).getAttributeValues().size()); org.springframework.util.Assert.isInstanceOf(XSString.class, - reqAttr.getAttributes().get(5).getAttributeValues().get(0), "Wrong requested Attributes Value type"); + reqAttr.getAttributes().get(6).getAttributeValues().get(0), "Wrong requested Attributes Value type"); List reqProfiles = KeyValueUtils.getListOfCsvValues( - ((XSString)reqAttr.getAttributes().get(5).getAttributeValues().get(0)).getValue()); + ((XSString)reqAttr.getAttributes().get(6).getAttributeValues().get(0)).getValue()); reqProfiles.stream().forEach(el -> assertTrue("missing profile: " + el, mandateProfiles.contains(el))); Assert.assertEquals("Wrong req attr.", "urn:eidgvat:attributes.ServiceProviderMandateType", - reqAttr.getAttributes().get(6).getName()); - Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(6).getAttributeValues()); + reqAttr.getAttributes().get(7).getName()); + Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(7).getAttributeValues()); Assert.assertEquals("#Req. Attr value", 1, - reqAttr.getAttributes().get(6).getAttributeValues().size()); + reqAttr.getAttributes().get(7).getAttributeValues().size()); org.springframework.util.Assert.isInstanceOf(XSString.class, - reqAttr.getAttributes().get(6).getAttributeValues().get(0), "Wrong requested Attributes Value type"); + reqAttr.getAttributes().get(7).getAttributeValues().get(0), "Wrong requested Attributes Value type"); Assert.assertEquals("Req. Attr. Value", SpMandateModes.LEGAL_FORCE.getMode(), - ((XSString)reqAttr.getAttributes().get(6).getAttributeValues().get(0)).getValue()); + ((XSString)reqAttr.getAttributes().get(7).getAttributeValues().get(0)).getValue()); } diff --git a/modules/core_common_lib/src/main/java/at/asitplus/eidas/specific/core/MsEidasNodeConstants.java b/modules/core_common_lib/src/main/java/at/asitplus/eidas/specific/core/MsEidasNodeConstants.java index be5d7c7d..8da7ddd0 100644 --- a/modules/core_common_lib/src/main/java/at/asitplus/eidas/specific/core/MsEidasNodeConstants.java +++ b/modules/core_common_lib/src/main/java/at/asitplus/eidas/specific/core/MsEidasNodeConstants.java @@ -31,7 +31,6 @@ import java.util.List; import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; import at.gv.egiz.eaaf.core.impl.data.Triple; -import at.gv.egiz.eaaf.core.impl.idp.auth.builder.AbstractAuthenticationDataBuilder; public class MsEidasNodeConstants { // ************ configuration properties ************ @@ -189,17 +188,7 @@ public class MsEidasNodeConstants { public static final String EID_BINDING_PUBLIC_KEY_NAME = "urn:eidgvat:attributes.binding.pubkey"; - - - // ---- Attribute configuration ------ - public static final String ATTR_EIDAS_PERSONAL_IDENTIFIER = - AbstractAuthenticationDataBuilder.GENERIC_AUTHDATA_IDENTIFIER + PvpAttributeDefinitions.BPK_NAME; - public static final String ATTR_EIDAS_NAT_MANDATOR_PERSONAL_IDENTIFIER = - AbstractAuthenticationDataBuilder.GENERIC_AUTHDATA_IDENTIFIER + PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME; - public static final String ATTR_EIDAS_JUR_MANDATOR_PERSONAL_IDENTIFIER = - AbstractAuthenticationDataBuilder.GENERIC_AUTHDATA_IDENTIFIER - + PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME; - + public static final String AUTH_DATA_SZR_AUTHBLOCK = "authData_AUTHBLOCK"; public static final String AUTH_DATA_EIDAS_BIND = "authData_EIDAS_BIND"; diff --git a/modules/core_common_webapp/src/main/java/at/asitplus/eidas/specific/core/builder/AuthenticationDataBuilder.java b/modules/core_common_webapp/src/main/java/at/asitplus/eidas/specific/core/builder/AuthenticationDataBuilder.java index e719735c..673b8ef5 100644 --- a/modules/core_common_webapp/src/main/java/at/asitplus/eidas/specific/core/builder/AuthenticationDataBuilder.java +++ b/modules/core_common_webapp/src/main/java/at/asitplus/eidas/specific/core/builder/AuthenticationDataBuilder.java @@ -24,73 +24,92 @@ package at.asitplus.eidas.specific.core.builder; import java.time.Instant; - -import org.springframework.stereotype.Service; +import java.util.Optional; +import java.util.Set; import at.asitplus.eidas.specific.core.MsEidasNodeConstants; +import at.asitplus.eidas.specific.core.config.ServiceProviderConfiguration; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions.EidIdentityStatusLevelValues; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.api.idp.auth.data.IAuthProcessDataContainer; +import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException; import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; import at.gv.egiz.eaaf.core.impl.data.Pair; +import at.gv.egiz.eaaf.core.impl.data.Triple; import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData; import at.gv.egiz.eaaf.core.impl.idp.EidAuthenticationData; import at.gv.egiz.eaaf.core.impl.idp.auth.builder.AbstractAuthenticationDataBuilder; import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper; import lombok.extern.slf4j.Slf4j; -@Service("AuthenticationDataBuilder") @Slf4j public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder { + private static final String ERROR_B11 = "builder.11"; + @Override - protected IAuthData buildDeprecatedAuthData(IRequest pendingReq) throws EaafException { + protected IAuthData buildDeprecatedAuthData(IRequest pendingReq) throws EaafException { final EidAuthProcessDataWrapper authProcessData = - pendingReq.getSessionData(EidAuthProcessDataWrapper.class); - EidAuthenticationData authData = new EidAuthenticationData(); - - //set basis infos + pendingReq.getSessionData(EidAuthProcessDataWrapper.class); + final EidAuthenticationData authData = new EidAuthenticationData(); + + // set basis infos super.generateDeprecatedBasicAuthData(authData, pendingReq, authProcessData); - + // set specific informations authData.setSsoSessionValidTo( Instant.now().plusSeconds(MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60)); - authData.setEidStatus(authProcessData.isTestIdentity() - ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY); - + authData.setEidStatus(authProcessData.isTestIdentity() + ? EidIdentityStatusLevelValues.TESTIDENTITY + : EidIdentityStatusLevelValues.IDENTITY); + return authData; } @Override - protected void buildServiceSpecificAuthenticationData(IAuthData authData, IRequest pendingReq) + protected void buildServiceSpecificAuthenticationData(IAuthData authData, IRequest pendingReq) throws EaafException { if (authData instanceof EidAuthenticationData) { - ((EidAuthenticationData)authData).setGenericData( - ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, + ((EidAuthenticationData) authData).setGenericData( + ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, pendingReq.getUniquePiiTransactionIdentifier()); log.trace("Inject piiTransactionId: {} into AuthData", pendingReq.getUniquePiiTransactionIdentifier()); - + // set specific informations - ((EidAuthenticationData)authData).setSsoSessionValidTo( + ((EidAuthenticationData) authData).setSsoSessionValidTo( Instant.now().plusSeconds(MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60)); - //set E-ID status-level + // set E-ID status-level final EidAuthProcessDataWrapper authProcessData = - pendingReq.getSessionData(EidAuthProcessDataWrapper.class); - ((EidAuthenticationData)authData).setEidStatus(authProcessData.isTestIdentity() - ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY); - + pendingReq.getSessionData(EidAuthProcessDataWrapper.class); + ((EidAuthenticationData) authData).setEidStatus(authProcessData.isTestIdentity() + ? EidIdentityStatusLevelValues.TESTIDENTITY + : EidIdentityStatusLevelValues.IDENTITY); + + // forward all requested IDA attributes into authData + forwardAllRequestedIdaAttributes(authProcessData, (EidAuthenticationData) authData, + pendingReq.getServiceProviderConfiguration(ServiceProviderConfiguration.class) + .getRequestedAttributes()); + + // build specific bPK attribute + buildNatPersonInfos((EidAuthenticationData) authData, authProcessData); + + // handle mandate informations + buildMandateInformation((EidAuthenticationData) authData, pendingReq, authProcessData); + } else { - throw new RuntimeException("Can not inject PiiTransactionId because AuthData is of unknown type: " + throw new RuntimeException("Can not inject PiiTransactionId because AuthData is of unknown type: " + authData.getClass().getName()); - + } - + } @Override @@ -119,4 +138,120 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder } + protected String customizeLegalPersonSourcePin(String sourcePin, String sourcePinType) { + log.trace("Use legal-person sourcePin as it is"); + return sourcePin; + + } + + protected String customizeBpkAttribute(String pvpBpkAttrValue) { + log.trace("Use natural-person bPK as it is"); + return pvpBpkAttrValue; + + } + + private void forwardAllRequestedIdaAttributes(EidAuthProcessDataWrapper authProcessData, + EidAuthenticationData authData, Set requestedIdaAttributes) { + if (requestedIdaAttributes != null && !requestedIdaAttributes.isEmpty()) { + log.trace("Forwarding IDA requested attributes ... "); + authProcessData.getGenericSessionDataStream() + .filter(el -> requestedIdaAttributes.contains(el.getKey())) + .forEach(el -> { + try { + authData.setGenericData(el.getKey(), el.getValue()); + + } catch (final EaafStorageException e) { + log.error("Can not store attribute: {} into session.", el.getKey(), e); + throw new RuntimeException(e); + + } + }); + } else { + log.trace("No IDA requested attributes to forwarding. Nothing todo"); + + } + } + + private void buildMandateInformation(EidAuthenticationData authData, IRequest pendingReq, + EidAuthProcessDataWrapper authProcessData) throws EaafAuthenticationException, EaafBuilderException, + EaafStorageException { + authData.setUseMandate(authProcessData.isMandateUsed()); + if (authProcessData.isMandateUsed()) { + log.debug("Build mandate-releated authentication data ... "); + if (authProcessData.isForeigner()) { + buildMandateInformationForEidasIncoming(); + + } else { + buildMandateInformationForEidasOutgoing(authData, pendingReq, authProcessData); + + } + } + } + + private void buildMandateInformationForEidasIncoming() { + log.debug("Find eIDAS incoming process. Generated mandate-information for ID-Austria system ... "); + + // TODO: implement IDA specific processing of foreign mandate + + } + + private void buildNatPersonInfos(EidAuthenticationData authData, + EidAuthProcessDataWrapper authProcessData) throws EaafStorageException { + // clean-up BPK attribute and forward it as new property + authData.setGenericData(PvpAttributeDefinitions.BPK_NAME, + customizeBpkAttribute(authProcessData.getGenericDataFromSession( + PvpAttributeDefinitions.BPK_NAME, String.class))); + + } + + private void buildMandateInformationForEidasOutgoing(EidAuthenticationData authData, IRequest pendingReq, + EidAuthProcessDataWrapper authProcessData) throws EaafAuthenticationException, EaafBuilderException, + EaafStorageException { + log.debug("Find eIDAS outgoing process. Generated mandate-information for other country ... "); + if (authProcessData.getGenericDataFromSession( + PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME) != null) { + final Optional> missingAttribute = + MsEidasNodeConstants.DEFAULT_REQUIRED_MANDATE_NAT_PVP_ATTRIBUTES.stream() + .filter(el -> authProcessData.getGenericDataFromSession(el.getFirst()) == null) + .findFirst(); + if (missingAttribute.isPresent()) { + log.error("ID-Austria response contains not all attributes for nat. person mandator. Missing: {}", + missingAttribute.get().getFirst()); + throw new EaafAuthenticationException(ERROR_B11, new Object[] { "Nat. person mandate" }); + + } else { + log.trace("Find nat. person mandate. Mandate can be used as it is "); + authData.setGenericData(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, + customizeBpkAttribute(authProcessData.getGenericDataFromSession( + PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, String.class))); + + } + + } else { + final Optional> missingAttribute = + MsEidasNodeConstants.DEFAULT_REQUIRED_MANDATE_JUR_PVP_ATTRIBUTES.stream() + .filter(el -> authProcessData.getGenericDataFromSession(el.getFirst()) == null) + .findFirst(); + if (missingAttribute.isPresent()) { + log.error("ID-Austria response contains not all attributes for legal. person mandator. Missing: {}", + missingAttribute.get().getFirst()); + throw new EaafAuthenticationException(ERROR_B11, new Object[] { "Legal. person mandate" }); + + } else { + log.trace( + "Find jur. person mandate. Generate eIDAS identifier from legal-person sourcePin and type ... "); + final String sourcePin = authProcessData.getGenericDataFromSession( + PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, String.class); + final String sourcePinType = authProcessData.getGenericDataFromSession( + PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, String.class); + + // customize attribute-value for source-pin + final String sourcePinToUse = customizeLegalPersonSourcePin(sourcePin, sourcePinType); + log.debug("Use legal-person eIDAS identifer: {} from baseId: {} and baseIdType: {}", + sourcePinToUse, sourcePin, sourcePinType); + authData.setGenericData(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, sourcePinToUse); + + } + } + } } diff --git a/modules/core_common_webapp/src/main/resources/specific_eIDAS_core.beans.xml b/modules/core_common_webapp/src/main/resources/specific_eIDAS_core.beans.xml index ee67d712..af3594a5 100644 --- a/modules/core_common_webapp/src/main/resources/specific_eIDAS_core.beans.xml +++ b/modules/core_common_webapp/src/main/resources/specific_eIDAS_core.beans.xml @@ -23,9 +23,6 @@ - - diff --git a/modules/core_common_webapp/src/test/java/at/asitplus/eidas/specific/core/test/utils/AuthenticationDataBuilderTest.java b/modules/core_common_webapp/src/test/java/at/asitplus/eidas/specific/core/test/utils/AuthenticationDataBuilderTest.java index 12936a59..8b2eebd4 100644 --- a/modules/core_common_webapp/src/test/java/at/asitplus/eidas/specific/core/test/utils/AuthenticationDataBuilderTest.java +++ b/modules/core_common_webapp/src/test/java/at/asitplus/eidas/specific/core/test/utils/AuthenticationDataBuilderTest.java @@ -1,6 +1,9 @@ package at.asitplus.eidas.specific.core.test.utils; import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertThrows; +import static org.junit.Assert.assertTrue; import java.io.IOException; import java.security.PublicKey; @@ -30,8 +33,11 @@ import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; import org.w3c.dom.Element; +import com.google.common.collect.Sets; + import at.asitplus.eidas.specific.core.MsEidasNodeConstants; import at.asitplus.eidas.specific.core.builder.AuthenticationDataBuilder; +import at.asitplus.eidas.specific.core.config.ServiceProviderConfiguration; import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; @@ -49,9 +55,9 @@ import at.gv.egiz.eaaf.core.impl.idp.EidAuthenticationData; import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper; import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; +import lombok.SneakyThrows; import net.shibboleth.utilities.java.support.component.ComponentInitializationException; @RunWith(SpringJUnit4ClassRunner.class) @@ -71,7 +77,8 @@ public class AuthenticationDataBuilderTest { private MockHttpServletResponse httpResp; private TestRequestImpl pendingReq; - private DummySpConfiguration oaParam; + private Map spConfig; + private ServiceProviderConfiguration oaParam; private String eidasBind; private String authBlock; @@ -86,18 +93,20 @@ public class AuthenticationDataBuilderTest { } @Before + @SneakyThrows public void initialize() throws EaafStorageException { httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); httpResp = new MockHttpServletResponse(); RequestContextHolder.resetRequestAttributes(); RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); - final Map spConfig = new HashMap<>(); + spConfig = new HashMap<>(); spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true"); - oaParam = new DummySpConfiguration(spConfig, basicConfig); - + oaParam = new ServiceProviderConfiguration(spConfig, basicConfig); + oaParam.setBpkTargetIdentifier("urn:publicid:gv.at:cdid+XX"); + pendingReq = new TestRequestImpl(); pendingReq.setAuthUrl("https://localhost/ms_connector"); pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); @@ -119,6 +128,260 @@ public class AuthenticationDataBuilderTest { } + @Test + public void eidasProxyModeWithJurMandate() throws EaafAuthenticationException, EaafStorageException { + // initialize state + injectRepresentativeInfosIntoSession(); + + String commonMandate = RandomStringUtils.randomAlphabetic(10); + + // set constant country-code and sourcePin to check hashed eIDAS identifier + String sourcePinMandate = "asfdsadfsadfsafsdafsadfasr"; + spConfig.put("target", EaafConstants.URN_PREFIX_EIDAS + "AT+EE"); + + // set nat. person mandate information + pendingReq.getSessionData(AuthProcessDataWrapper.class).setUseMandates(true); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, commonMandate); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, sourcePinMandate); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, + EaafConstants.URN_PREFIX_BASEID + "+XFN"); + + oaParam.setRequestedAttributes(Sets.newHashSet( + PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, + PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, + PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME)); + + // execute test + IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); + + + // validate state + Assert.assertNotNull("AuthData null", authData); + assertTrue("mandate flag", ((EidAuthenticationData)authData).isUseMandate()); + + //check mandate informations + checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, commonMandate); + checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, sourcePinMandate); + + } + + @Test + public void eidasProxyModeWithJurMandateMissingAttribute() throws EaafAuthenticationException, EaafStorageException { + // initialize state + injectRepresentativeInfosIntoSession(); + + // set constant country-code and sourcePin to check hashed eIDAS identifier + String sourcePinMandate = "asfdsadfsadfsafsdafsadfasr"; + spConfig.put("target", EaafConstants.URN_PREFIX_EIDAS + "AT+EE"); + + // set nat. person mandate information + pendingReq.getSessionData(AuthProcessDataWrapper.class).setUseMandates(true); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, sourcePinMandate); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, + EaafConstants.URN_PREFIX_BASEID + "+XFN"); + + // execute test + // execute test + EaafAuthenticationException error = assertThrows(EaafAuthenticationException.class, + () -> authenticationDataBuilder.buildAuthenticationData(pendingReq)); + Assert.assertEquals("wrong errorId", "builder.11", error.getErrorId()); + + } + + @Test + public void eidasProxyModeWithNatMandate() throws EaafAuthenticationException, EaafStorageException { + // initialize state + injectRepresentativeInfosIntoSession(); + + String givenNameMandate = RandomStringUtils.randomAlphabetic(10); + String familyNameMandate = RandomStringUtils.randomAlphabetic(10); + String dateOfBirthMandate = "1957-09-15"; + String bpkMandate = RandomStringUtils.randomAlphanumeric(10); + + // set nat. person mandate information + pendingReq.getSessionData(AuthProcessDataWrapper.class).setUseMandates(true); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, givenNameMandate); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, familyNameMandate); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, dateOfBirthMandate); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, "AT+XX:" + bpkMandate); + + oaParam.setRequestedAttributes(Sets.newHashSet( + PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, + PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, + PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, + PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME)); + + // execute test + IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); + + + // validate state + Assert.assertNotNull("AuthData null", authData); + assertTrue("mandate flag", ((EidAuthenticationData)authData).isUseMandate()); + + //check mandate informations + checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, givenNameMandate); + checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, familyNameMandate); + checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, "1957-09-15"); + checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, "AT+XX:" + bpkMandate); + + } + + @Test + public void eidasProxyModeWithNatMandateWrongBpkFormat() throws EaafAuthenticationException, EaafStorageException { + // initialize state + injectRepresentativeInfosIntoSession(); + + String givenNameMandate = RandomStringUtils.randomAlphabetic(10); + String familyNameMandate = RandomStringUtils.randomAlphabetic(10); + String dateOfBirthMandate = "1957-09-15"; + String bpkMandate = RandomStringUtils.randomAlphanumeric(10); + + // set nat. person mandate information + pendingReq.getSessionData(AuthProcessDataWrapper.class).setUseMandates(true); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, givenNameMandate); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, familyNameMandate); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, dateOfBirthMandate); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, bpkMandate); + + oaParam.setRequestedAttributes(Sets.newHashSet( + PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, + PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, + PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, + PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME)); + + // execute test + IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); + + + // validate state + Assert.assertNotNull("AuthData null", authData); + assertTrue("mandate flag", ((EidAuthenticationData)authData).isUseMandate()); + + //check mandate informations + checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, givenNameMandate); + checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, familyNameMandate); + checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, "1957-09-15"); + checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, bpkMandate); + + } + + @Test + public void eidasProxyModeWithNatMandateMissingAttribute() throws EaafAuthenticationException, EaafStorageException { + // initialize state + injectRepresentativeInfosIntoSession(); + + String familyNameMandate = RandomStringUtils.randomAlphabetic(10); + String dateOfBirthMandate = "1957-09-15"; + String bpkMandate = RandomStringUtils.randomAlphanumeric(10); + + // set nat. person mandate information + pendingReq.getSessionData(AuthProcessDataWrapper.class).setUseMandates(true); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, familyNameMandate); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, dateOfBirthMandate); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, bpkMandate); + + // execute test + EaafAuthenticationException error = assertThrows(EaafAuthenticationException.class, + () -> authenticationDataBuilder.buildAuthenticationData(pendingReq)); + Assert.assertEquals("wrong errorId", "builder.11", error.getErrorId()); + + } + + + + @Test + @SneakyThrows + public void eidasProxyMode() throws EaafAuthenticationException { + // initialize state + pendingReq = new TestRequestImpl(); + pendingReq.setAuthUrl("https://localhost/ms_connector"); + pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); + pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); + pendingReq.setSpConfig(oaParam); + boolean isTestIdentity = RandomUtils.nextBoolean(); + + pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setForeigner(false); + + String bpk = RandomStringUtils.randomAlphanumeric(10); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + PvpAttributeDefinitions.BPK_NAME, "eidas+AT+XX:" + bpk); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + PvpAttributeDefinitions.GIVEN_NAME_NAME, "Max"); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, "Mustermann"); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + PvpAttributeDefinitions.BIRTHDATE_NAME, "1940-01-01"); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, + "http://eidas.europa.eu/LoA/high"); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, + RandomStringUtils.randomAlphabetic(2)); + + String randAttr = RandomStringUtils.randomAlphabetic(10); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + randAttr, RandomStringUtils.randomAlphabetic(10)); + + oaParam.setRequestedAttributes(Sets.newHashSet(randAttr, + PvpAttributeDefinitions.BPK_NAME, + PvpAttributeDefinitions.GIVEN_NAME_NAME, + PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, + PvpAttributeDefinitions.BIRTHDATE_NAME, + PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, + PvpAttributeDefinitions.EID_ISSUING_NATION_NAME)); + + + // execute + IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); + + // validate state + Assert.assertNotNull("AuthData null", authData); + Assert.assertNull("authBlock null", authData.getGenericData(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class)); + Assert.assertNull("eidasBind null", authData.getGenericData(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class)); + Assert.assertNotNull("LoA null", authData.getEidasQaaLevel()); + + Assert.assertEquals("FamilyName", "Mustermann", authData.getFamilyName()); + Assert.assertEquals("GivenName", "Max", authData.getGivenName()); + Assert.assertEquals("DateOfBirth", "1940-01-01", authData.getDateOfBirth()); + + Assert.assertEquals("LoA", "http://eidas.europa.eu/LoA/high", authData.getEidasQaaLevel()); + Assert.assertEquals("EID-ISSUING-NATION", + pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession( + PvpAttributeDefinitions.EID_ISSUING_NATION_NAME), + authData.getCiticenCountryCode()); + + checkGenericAttribute(authData, PvpAttributeDefinitions.BPK_NAME, "eidas+AT+XX:" + bpk); + checkGenericAttribute(authData, PvpAttributeDefinitions.GIVEN_NAME_NAME, "Max"); + checkGenericAttribute(authData, PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, "Mustermann"); + checkGenericAttribute(authData, PvpAttributeDefinitions.BIRTHDATE_NAME, "1940-01-01"); + + Assert.assertEquals("random optional attr.", + pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession( + randAttr), + authData.getGenericData(randAttr, String.class)); + + } + + + @Test public void eidMode() throws EaafAuthenticationException { // initialize state @@ -207,10 +470,48 @@ public class AuthenticationDataBuilderTest { authData.getBpk()); Assert.assertEquals("bPKType", EaafConstants.URN_PREFIX_CDID + "XX", authData.getBpkType()); Assert.assertNotNull("IDL", authData.getIdentityLink()); + + } + + private void injectRepresentativeInfosIntoSession() throws EaafStorageException { + boolean isTestIdentity = RandomUtils.nextBoolean(); + pendingReq.getSessionData(EidAuthProcessDataWrapper.class).setTestIdentity(isTestIdentity); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true); + String givenName = RandomStringUtils.randomAlphabetic(10); + String familyName = RandomStringUtils.randomAlphabetic(10); + String dateOfBirth = "1956-12-08"; + String bpk = RandomStringUtils.randomAlphanumeric(10); + String cc = pendingReq.getSessionData(AuthProcessDataWrapper.class) + .getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class); + String spC = RandomStringUtils.randomAlphabetic(2).toUpperCase(); + spConfig.put("target", EaafConstants.URN_PREFIX_EIDAS + cc + "+" + spC); + + pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setForeigner(false); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.GIVEN_NAME_NAME, givenName); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, familyName); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.BIRTHDATE_NAME, dateOfBirth); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.BPK_NAME, bpk); + + //set LoA level attribute instead of explicit session-data + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, + pendingReq.getSessionData(AuthProcessDataWrapper.class).getQaaLevel()); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setQaaLevel(null); } + + private void checkGenericAttribute(IAuthData authData, String attrName, String expected) { + assertEquals("Wrong: " + attrName, expected, authData.getGenericData(attrName, String.class)); + + } + private IIdentityLink buildDummyIdl() { return new IIdentityLink() { diff --git a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/dto/attributes/Type.java b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/dto/attributes/Type.java index 86ca49fa..f66bb799 100644 --- a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/dto/attributes/Type.java +++ b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/dto/attributes/Type.java @@ -15,6 +15,7 @@ import lombok.Data; @JsonInclude(JsonInclude.Include.NON_NULL) @JsonPropertyOrder({ "mds", + "autoIncludeWithMandates", "mandator" }) @Data @@ -27,6 +28,12 @@ public class Type { @JsonProperty("mds") private Boolean mds; + /** + * true if that attribute has to be included into eIDAS response in case of mandates. + */ + @JsonProperty("autoIncludeWithMandates") + private Boolean autoIncludeWithMandates; + /** * Classifie that attribute to specific mandate modes. */ diff --git a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java index 92165412..bf1c5e5f 100644 --- a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java +++ b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java @@ -1,6 +1,7 @@ package at.asitplus.eidas.specific.modules.msproxyservice.protocol; import java.io.IOException; +import java.util.Optional; import java.util.UUID; import javax.annotation.PostConstruct; @@ -15,12 +16,11 @@ import org.springframework.context.ApplicationContext; import org.springframework.core.io.ResourceLoader; import org.springframework.web.util.UriComponentsBuilder; -import at.asitplus.eidas.specific.core.MsEidasNodeConstants; import at.asitplus.eidas.specific.core.gui.StaticGuiBuilderConfiguration; import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants; -import at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry; import at.asitplus.eidas.specific.modules.msproxyservice.MsProxyServiceConstants; import at.asitplus.eidas.specific.modules.msproxyservice.exception.EidasProxyServiceException; +import at.asitplus.eidas.specific.modules.msproxyservice.service.ProxyEidasAttributeRegistry; import at.asitplus.eidas.specific.modules.msproxyservice.utils.EidasProxyServiceUtils; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; @@ -69,35 +69,35 @@ public class ProxyServiceAuthenticationAction implements IAction { @Autowired ISpringMvcGuiFormBuilder guiBuilder; @Autowired - EidasAttributeRegistry attrRegistry; + ProxyEidasAttributeRegistry attrRegistry; @Override public SloInformationInterface processRequest(IRequest pendingReq, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData) throws EaafException { if (pendingReq instanceof ProxyServicePendingRequest) { - try { - ILightRequest eidasReq = ((ProxyServicePendingRequest) pendingReq).getEidasRequest(); - - //build eIDAS response - Builder lightRespBuilder = LightResponse.builder(); + try { + final ILightRequest eidasReq = ((ProxyServicePendingRequest) pendingReq).getEidasRequest(); + + // build eIDAS response + final Builder lightRespBuilder = LightResponse.builder(); lightRespBuilder.id(UUID.randomUUID().toString()); lightRespBuilder.inResponseToId(eidasReq.getId()); lightRespBuilder.relayState(eidasReq.getRelayState()); - + lightRespBuilder.status(ResponseStatus.builder() .statusCode(EidasConstants.SUCCESS_URI) .build()); - - //TODO: check if we can use transient subjectNameIds + + // TODO: check if we can use transient subjectNameIds lightRespBuilder.subject(UUID.randomUUID().toString()); lightRespBuilder.subjectNameIdFormat(NameIDType.TRANSIENT); - - //TODO: + + // TODO: lightRespBuilder.issuer(basicConfig.getBasicConfiguration( MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_NODE_ENTITYID)); - lightRespBuilder.levelOfAssurance(authData.getEidasQaaLevel()); + lightRespBuilder.levelOfAssurance(authData.getEidasQaaLevel()); lightRespBuilder.attributes(buildAttributesFromAuthData(authData, eidasReq)); - + // set SLO response object of EAAF framework final SloInformationImpl sloInformation = new SloInformationImpl(); sloInformation.setProtocolType(pendingReq.requestedModule()); @@ -121,7 +121,7 @@ public class ProxyServiceAuthenticationAction implements IAction { } } - + @Override public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { return true; @@ -133,28 +133,29 @@ public class ProxyServiceAuthenticationAction implements IAction { return PROXYSERVICE_AUTH_ACTION_NAME; } - /** * Forward eIDAS Light response to eIDAS node. - * - * @param pendingReq Current pending request. - * @param httpReq Current HTTP request - * @param httpResp Current HTTP response + * + * @param pendingReq Current pending request. + * @param httpReq Current HTTP request + * @param httpResp Current HTTP response * @param lightResponse eIDAS LightResponse * @throws EaafConfigurationException In case of a configuration error - * @throws IOException In case of a general error - * @throws GuiBuildException In case of a GUI rendering error, if http POST binding is used - * @throws ServletException In case of a general error + * @throws IOException In case of a general error + * @throws GuiBuildException In case of a GUI rendering error, if http + * POST binding is used + * @throws ServletException In case of a general error */ public void forwardToEidasProxy(IRequest pendingReq, HttpServletRequest httpReq, - HttpServletResponse httpResp, LightResponse lightResponse) throws EaafConfigurationException, IOException, + HttpServletResponse httpResp, LightResponse lightResponse) throws EaafConfigurationException, + IOException, GuiBuildException, ServletException { // put request into shared cache final BinaryLightToken token = putResponseInCommunicationCache(lightResponse); final String tokenBase64 = BinaryLightTokenHelper.encodeBinaryLightTokenBase64(token); - + // select forward URL regarding the selected environment final String forwardUrl = basicConfig.getBasicConfiguration( MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_NODE_FORWARD_URL); @@ -196,148 +197,80 @@ public class ProxyServiceAuthenticationAction implements IAction { } } - - @PostConstruct + + @PostConstruct private void checkConfiguration() { - //TODO: validate configuration on start-up - + // TODO: validate configuration on start-up + } - - - private ImmutableAttributeMap buildAttributesFromAuthData(IAuthData authData, + + private ImmutableAttributeMap buildAttributesFromAuthData(IAuthData authData, ILightRequest eidasReq) { - IEidAuthData eidAuthData = (IEidAuthData) authData; + final IEidAuthData eidAuthData = (IEidAuthData) authData; + final ImmutableAttributeMap.Builder attributeMap = ImmutableAttributeMap.builder(); + + // inject all requested attributres + injectRequestedAttributes(attributeMap, eidasReq, eidAuthData); + if (eidAuthData.isUseMandate()) { log.debug("Building eIDAS Proxy-Service response with mandate ... "); - final ImmutableAttributeMap.Builder attributeMap = ImmutableAttributeMap.builder(); - injectRepesentativeInformation(attributeMap, eidAuthData); - injectMandatorInformation(attributeMap, eidAuthData); - - // work-around that injects nat. person subject to bypass validation on eIDAS Node + injectMdsRepesentativeInformation(attributeMap, eidAuthData, eidasReq.getRequestedAttributes()); + + // work-around that injects nat. person subject to bypass validation on eIDAS + // Node injectJurPersonWorkaroundIfRequired(attributeMap, eidasReq, authData); - - return attributeMap.build(); - - } else { - log.debug("Building eIDAS Proxy-Service response without mandates ... "); - return buildAttributesWithoutMandate(eidAuthData); - - } - } - - private void injectMandatorInformation( - ImmutableAttributeMap.Builder attributeMap, IEidAuthData eidAuthData) { - String natMandatorId = eidAuthData.getGenericData( - MsEidasNodeConstants.ATTR_EIDAS_NAT_MANDATOR_PERSONAL_IDENTIFIER, String.class); - - if (StringUtils.isNotEmpty(natMandatorId)) { - log.debug("Injecting natural mandator informations ... "); - final AttributeDefinition attrDefPersonalId = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first(); - final AttributeDefinition attrDefFamilyName = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME).first(); - final AttributeDefinition attrDefGivenName = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME).first(); - final AttributeDefinition attrDefDateOfBirth = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - EidasConstants.eIDAS_ATTR_DATEOFBIRTH).first(); - - attributeMap.put(attrDefPersonalId, natMandatorId); - attributeMap.put(attrDefFamilyName, eidAuthData.getGenericData( - PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, String.class)); - attributeMap.put(attrDefGivenName, eidAuthData.getGenericData( - PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, String.class)); - attributeMap.put(attrDefDateOfBirth, eidAuthData.getGenericData( - PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, String.class)); - - } else { - log.debug("Injecting legal mandator informations ... "); - final AttributeDefinition commonName = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - EidasConstants.eIDAS_ATTR_LEGALNAME).first(); - final AttributeDefinition legalPersonId = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first(); - - attributeMap.put(commonName, eidAuthData.getGenericData( - PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, String.class)); - attributeMap.put(legalPersonId, eidAuthData.getGenericData( - MsEidasNodeConstants.ATTR_EIDAS_JUR_MANDATOR_PERSONAL_IDENTIFIER, String.class)); - - } - } - private void injectRepesentativeInformation( - ImmutableAttributeMap.Builder attributeMap, IEidAuthData eidAuthData) { - final AttributeDefinition attrDefPersonalId = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - EidasConstants.eIDAS_ATTR_REPRESENTATIVE_PERSONALIDENTIFIER).first(); - final AttributeDefinition attrDefFamilyName = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTFAMILYNAME).first(); - final AttributeDefinition attrDefGivenName = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTGIVENNAME).first(); - final AttributeDefinition attrDefDateOfBirth = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - EidasConstants.eIDAS_ATTR_REPRESENTATIVE_DATEOFBIRTH).first(); - - attributeMap.put(attrDefPersonalId, - eidAuthData.getGenericData(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, String.class)); - attributeMap.put(attrDefFamilyName, eidAuthData.getFamilyName()); - attributeMap.put(attrDefGivenName, eidAuthData.getGivenName()); - - //TODO: throw an error in case of SZR Date with month or day = "00" - attributeMap.put(attrDefDateOfBirth, eidAuthData.getDateOfBirth()); - + } + + return attributeMap.build(); + } - /** - * Work-around to inject representative information as nat. person subject to bypass eIDAS Node validation. - * - *

Injection will only be done if this work-around is enabled by configuration, - * the mandator is a legal person, and both legal and natural person subject's is requested.

- * - * @param attributeMap Attribute set for eIDAS response - * @param eidasReq Incoming eIDAS request - * @param authData Authentication data - */ - private void injectJurPersonWorkaroundIfRequired( - ImmutableAttributeMap.Builder attributeMap, ILightRequest eidasReq, IAuthData authData) { - if (isLegalPersonWorkaroundActive() && isLegalPersonMandateAvailable(authData) - && EidasProxyServiceUtils.isNaturalPersonRequested(eidasReq) - && EidasProxyServiceUtils.isLegalPersonRequested(eidasReq)) { - log.debug("Injecting representative information as nat. person subject to bypass eIDAS Node validation"); - attributeMap.putAll(buildAttributesWithoutMandate(authData)); - - } + private void injectRequestedAttributes(ImmutableAttributeMap.Builder attributeMap, ILightRequest eidasReq, + IEidAuthData eidAuthData) { + eidasReq.getRequestedAttributes().getAttributeMap().keySet().stream() + .forEach(el -> injectEidasAttribute(attributeMap, eidAuthData, + el.getNameUri().toString(), eidAuthData.isUseMandate())); + } - - private ImmutableAttributeMap buildAttributesWithoutMandate(IAuthData eidAuthData) { - //TODO: throw an error in case of SZR Date with month or day = "00" - return buildAttributesWithoutMandate( - eidAuthData.getGenericData(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, String.class), - eidAuthData.getFamilyName(), - eidAuthData.getGivenName(), - eidAuthData.getDateOfBirth()); - + + private void injectMdsRepesentativeInformation( + ImmutableAttributeMap.Builder attributeMap, IEidAuthData eidAuthData, + ImmutableAttributeMap requestedAttributes) { + attrRegistry.getRepresentativeAttributesToAddByDefault() + .filter(el -> requestedAttributes.getAttributeValuesByNameUri(el) == null) + .forEach(el -> injectEidasAttribute(attributeMap, eidAuthData, el, true)); + } - private ImmutableAttributeMap buildAttributesWithoutMandate(String personalIdentifier, String familyName, - String givenName, String dateOfBirth) { - final AttributeDefinition attrDefPersonalId = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first(); - final AttributeDefinition attrDefFamilyName = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME).first(); - final AttributeDefinition attrDefGivenName = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME).first(); - final AttributeDefinition attrDefDateOfBirth = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - EidasConstants.eIDAS_ATTR_DATEOFBIRTH).first(); - - final ImmutableAttributeMap.Builder attributeMap = - ImmutableAttributeMap.builder() - .put(attrDefPersonalId, personalIdentifier) - .put(attrDefFamilyName, familyName) - .put(attrDefGivenName, givenName) - .put(attrDefDateOfBirth, dateOfBirth); - - return attributeMap.build(); - + private void injectEidasAttribute(ImmutableAttributeMap.Builder attributeMap, IEidAuthData eidAuthData, + String eidasAttrName, boolean mandatesUsed) { + final Optional releatedIdaAttribute = + attrRegistry.mapEidasAttributeToSpecificIdaAttribute(eidasAttrName, mandatesUsed); + if (releatedIdaAttribute.isPresent()) { + log.trace("Mapping IDA attribute: {} to eIDAS attribute: {}", releatedIdaAttribute.get(), + eidasAttrName); + final String idaAttrValue = eidAuthData.getGenericData(releatedIdaAttribute.get(), String.class); + if (StringUtils.isNotEmpty(idaAttrValue)) { + log.debug("Build eIDAS attribute: {} from IDA attribute: {}", eidasAttrName, releatedIdaAttribute + .get()); + attributeMap.put( + attrRegistry.getCoreRegistry().getCoreAttributeRegistry().getByName(eidasAttrName), + idaAttrValue); + + } else { + log.info("No IDA attribute: {}, eIDAS attribute: {} will be ignored", releatedIdaAttribute.get(), + eidasAttrName); + + } + + } else { + log.warn("Can not build eIDAS attribute: {}, because there is not corresponding IDA attribute defined", + eidasAttrName); + + } } - + private BinaryLightToken putResponseInCommunicationCache(ILightResponse lightResponse) throws ServletException { final BinaryLightToken binaryLightToken; @@ -358,17 +291,61 @@ public class ProxyServiceAuthenticationAction implements IAction { return binaryLightToken; } + /** + * Work-around to inject representative information as nat. person subject to + * bypass eIDAS Node validation. + * + *

+ * Injection will only be done if this work-around is enabled by + * configuration, the mandator is a legal person, and both legal and natural + * person subject's is requested. + *

+ * + * @param attributeMap Attribute set for eIDAS response + * @param eidasReq Incoming eIDAS request + * @param authData Authentication data + */ + private void injectJurPersonWorkaroundIfRequired( + ImmutableAttributeMap.Builder attributeMap, ILightRequest eidasReq, IAuthData authData) { + if (isLegalPersonWorkaroundActive() && isLegalPersonMandateAvailable(authData) + && EidasProxyServiceUtils.isNaturalPersonRequested(eidasReq) + && EidasProxyServiceUtils.isLegalPersonRequested(eidasReq)) { + log.debug( + "Injecting representative information as nat. person subject to bypass eIDAS Node validation"); + + final AttributeDefinition attrDefPersonalId = + attrRegistry.getCoreRegistry().getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first(); + final AttributeDefinition attrDefFamilyName = + attrRegistry.getCoreRegistry().getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME).first(); + final AttributeDefinition attrDefGivenName = + attrRegistry.getCoreRegistry().getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME).first(); + final AttributeDefinition attrDefDateOfBirth = + attrRegistry.getCoreRegistry().getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_DATEOFBIRTH).first(); + + attributeMap.put(attrDefPersonalId, authData.getGenericData(PvpAttributeDefinitions.BPK_NAME, + String.class)); + attributeMap.put(attrDefFamilyName, authData.getFamilyName()); + attributeMap.put(attrDefGivenName, authData.getGivenName()); + attributeMap.put(attrDefDateOfBirth, authData.getDateOfBirth()); + + } + } + private boolean isLegalPersonWorkaroundActive() { return basicConfig.getBasicConfigurationBoolean( - MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_WORKAROUND_MANDATES_LEGAL_PERSON, + MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_WORKAROUND_MANDATES_LEGAL_PERSON, false); - + } - + private boolean isLegalPersonMandateAvailable(IAuthData authData) { return StringUtils.isNoneEmpty(authData.getGenericData( - MsEidasNodeConstants.ATTR_EIDAS_JUR_MANDATOR_PERSONAL_IDENTIFIER, String.class)); - + PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, String.class)); + } } diff --git a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/service/ProxyEidasAttributeRegistry.java b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/service/ProxyEidasAttributeRegistry.java index b9e0c488..a6a50100 100644 --- a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/service/ProxyEidasAttributeRegistry.java +++ b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/service/ProxyEidasAttributeRegistry.java @@ -7,6 +7,7 @@ import java.util.Collection; import java.util.Collections; import java.util.List; import java.util.Objects; +import java.util.Optional; import java.util.Set; import java.util.stream.Collectors; import java.util.stream.Stream; @@ -76,6 +77,19 @@ public class ProxyEidasAttributeRegistry { } + /** + * Get all eIDAS attributes that are added by default in case of mandates. + * + * @return {@link Stream} of eIDAS attributes + */ + @NonNull + public Stream getRepresentativeAttributesToAddByDefault() { + return attributeConfiguration.stream() + .filter(el -> el.getType() != null && el.getType().getAutoIncludeWithMandates()) + .map(el -> el.getEidasAttributeName()); + + } + /** * Get IDA attributes for a specific eIDAS attribute. * @@ -95,8 +109,24 @@ public class ProxyEidasAttributeRegistry { .collect(Collectors.toSet()); } - - + + /** + * Get eIDAS related IDA attribute. + * + * @param eidasAttributeName Name of the eIDAS attribute. + * @param withMandates true if mandates are supported, otherwise false + * @return Name of the related IDA attribute if available + */ + public Optional mapEidasAttributeToSpecificIdaAttribute( + String eidasAttributeName, boolean withMandates) { + return attributeConfiguration.stream() + .filter(el -> el.getEidasAttributeName().equals(eidasAttributeName)) + .findFirst() + .map(el -> withMandates ? el.getIdaAttribute().getWithMandates() : el.getIdaAttribute().getBasic()) + .filter(el -> StringUtils.isNotEmpty(el)); + + } + @PostConstruct private void initialize() throws EaafConfigurationException { final String attrConfPath = basicConfig.getBasicConfiguration( diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java index c41d6c99..d44ffc2d 100644 --- a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java +++ b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java @@ -12,7 +12,6 @@ import java.net.URISyntaxException; import java.net.URLDecoder; import java.time.Instant; import java.util.Arrays; -import java.util.Collections; import java.util.HashMap; import java.util.Map; import java.util.UUID; @@ -35,7 +34,6 @@ import org.springframework.web.context.request.ServletRequestAttributes; import com.google.common.collect.ImmutableSortedSet; -import at.asitplus.eidas.specific.core.MsEidasNodeConstants; import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap; import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummySpConfiguration; import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants; @@ -132,7 +130,7 @@ public class ProxyServiceAuthenticationActionTest { @Test public void missingForwardUrl() { Map attr = new HashMap<>(); - attr.put(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, + attr.put(PvpAttributeDefinitions.BPK_NAME, "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", false); @@ -147,8 +145,7 @@ public class ProxyServiceAuthenticationActionTest { @Test public void responseWithoutMandate() throws EaafException, SpecificCommunicationException { Map attr = new HashMap<>(); - attr.put(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, - "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); + attr.put(PvpAttributeDefinitions.BPK_NAME, RandomStringUtils.randomAlphanumeric(10)); IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", false); @@ -161,7 +158,7 @@ public class ProxyServiceAuthenticationActionTest { ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); assertEquals("wrong attr. size", 4, respAttr.size()); checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER, - (String) attr.get(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER)); + (String) attr.get(PvpAttributeDefinitions.BPK_NAME)); checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, authData.getFamilyName()); checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME, authData.getGivenName()); checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH, @@ -170,12 +167,89 @@ public class ProxyServiceAuthenticationActionTest { } @Test - public void responseWithNatMandate() throws EaafException, SpecificCommunicationException { + public void responseWithoutMandateAndOptionalAttributesExist() throws EaafException, SpecificCommunicationException { + LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest(); + eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_DATEOFBIRTH).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByName("http://eidas.europa.eu/attributes/naturalperson/BirthName")) + .build()); + pendingReq.setEidasRequest(eidasRequestBuilder.build()); + + Map attr = new HashMap<>(); - attr.put(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, - "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); + attr.put(PvpAttributeDefinitions.BPK_NAME, + "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); + attr.put("ida_birthname", RandomStringUtils.randomAlphanumeric(10)); + + IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, + RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", false); + + //perform test + SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData); + + //validate state + Assert.assertNotNull("Result should be not null", result); + + ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); + assertEquals("wrong attr. size", 5, respAttr.size()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER, + (String) attr.get(PvpAttributeDefinitions.BPK_NAME)); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, authData.getFamilyName()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME, authData.getGivenName()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH, + authData.getDateOfBirth()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_BIRTHNAME, + (String) attr.get("ida_birthname")); + + } + + @Test + public void responseWithoutMandateAndOptionalAttributesNotExist() throws EaafException, SpecificCommunicationException { + LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest(); + eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_DATEOFBIRTH).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByName("http://eidas.europa.eu/attributes/naturalperson/BirthName")) + .build()); + pendingReq.setEidasRequest(eidasRequestBuilder.build()); + + + Map attr = new HashMap<>(); + attr.put(PvpAttributeDefinitions.BPK_NAME, + "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); + + IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, + RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", false); + + //perform test + SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData); + + //validate state + Assert.assertNotNull("Result should be not null", result); - attr.put(MsEidasNodeConstants.ATTR_EIDAS_NAT_MANDATOR_PERSONAL_IDENTIFIER, + ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); + assertEquals("wrong attr. size", 4, respAttr.size()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER, + (String) attr.get(PvpAttributeDefinitions.BPK_NAME)); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, authData.getFamilyName()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME, authData.getGivenName()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH, + authData.getDateOfBirth()); + + } + + + @Test + public void responseWithNatMandate() throws EaafException, SpecificCommunicationException { + Map attr = new HashMap<>(); + attr.put(PvpAttributeDefinitions.BPK_NAME, + "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); + attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, RandomStringUtils.randomAlphabetic(10)); attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, RandomStringUtils.randomAlphabetic(10)); @@ -197,13 +271,13 @@ public class ProxyServiceAuthenticationActionTest { ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); assertEquals("wrong attr. size", 8, respAttr.size()); checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_PERSONALIDENTIFIER, - (String) attr.get(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER)); + (String) attr.get(PvpAttributeDefinitions.BPK_NAME)); checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTFAMILYNAME, authData.getFamilyName()); checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTGIVENNAME, authData.getGivenName()); checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_DATEOFBIRTH, authData.getDateOfBirth()); checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER, - (String) attr.get(MsEidasNodeConstants.ATTR_EIDAS_NAT_MANDATOR_PERSONAL_IDENTIFIER)); + (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME)); checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME)); checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME, @@ -213,19 +287,86 @@ public class ProxyServiceAuthenticationActionTest { } + @Test + public void responseWithNatMandateOptionalAttribute() throws EaafException, SpecificCommunicationException { + LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest(); + eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_DATEOFBIRTH).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByName("http://eidas.europa.eu/attributes/naturalperson/BirthName")) + .build()); + pendingReq.setEidasRequest(eidasRequestBuilder.build()); + + Map attr = new HashMap<>(); + attr.put(PvpAttributeDefinitions.BPK_NAME, + "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); + attr.put("ida_birthName_mandator", RandomStringUtils.randomAlphanumeric(10)); + attr.put("ida_birthName", RandomStringUtils.randomAlphanumeric(10)); + + attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, + "1985-11-15"); + + + IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, + RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); + + //perform test + SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData); + + //validate state + Assert.assertNotNull("Result should be not null", result); + + ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); + assertEquals("wrong attr. size", 9, respAttr.size()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_PERSONALIDENTIFIER, + (String) attr.get(PvpAttributeDefinitions.BPK_NAME)); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTFAMILYNAME, authData.getFamilyName()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTGIVENNAME, authData.getGivenName()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_DATEOFBIRTH, authData.getDateOfBirth()); + + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER, + (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME)); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, + (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME)); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME, + (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME)); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH, + (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME)); + + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_BIRTHNAME, + (String) attr.get("ida_birthName_mandator")); + + } + @Test public void responseWithJurMandate() throws EaafException, SpecificCommunicationException { Map attr = new HashMap<>(); - attr.put(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, + attr.put(PvpAttributeDefinitions.BPK_NAME, "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); - attr.put(MsEidasNodeConstants.ATTR_EIDAS_JUR_MANDATOR_PERSONAL_IDENTIFIER, + attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, RandomStringUtils.randomAlphabetic(10)); attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, RandomStringUtils.randomAlphabetic(10)); + LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest(); + eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first()) + .build()); + pendingReq.setEidasRequest(eidasRequestBuilder.build()); + + //perform test SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData); @@ -235,13 +376,13 @@ public class ProxyServiceAuthenticationActionTest { ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); assertEquals("wrong attr. size", 6, respAttr.size()); checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_PERSONALIDENTIFIER, - (String) attr.get(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER)); + (String) attr.get(PvpAttributeDefinitions.BPK_NAME)); checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTFAMILYNAME, authData.getFamilyName()); checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTGIVENNAME, authData.getGivenName()); checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_DATEOFBIRTH, authData.getDateOfBirth()); checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER, - (String) attr.get(MsEidasNodeConstants.ATTR_EIDAS_JUR_MANDATOR_PERSONAL_IDENTIFIER)); + (String) attr.get(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME)); checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_LEGALNAME, (String) attr.get(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME)); @@ -260,19 +401,12 @@ public class ProxyServiceAuthenticationActionTest { public void responseWithNatMandateWithWorkAround() throws EaafException, SpecificCommunicationException { basicConfig.putConfigValue("auth.eIDAS.proxy.workaround.mandates.legalperson", "true"); - - //request natural person subject only - LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest(); - eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder().put( - attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build()); - pendingReq.setEidasRequest(eidasRequestBuilder.build()); - - + Map attr = new HashMap<>(); - attr.put(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, + attr.put(PvpAttributeDefinitions.BPK_NAME, "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); - attr.put(MsEidasNodeConstants.ATTR_EIDAS_NAT_MANDATOR_PERSONAL_IDENTIFIER, + attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, RandomStringUtils.randomAlphabetic(10)); attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, RandomStringUtils.randomAlphabetic(10)); @@ -306,16 +440,17 @@ public class ProxyServiceAuthenticationActionTest { eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder() .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()) .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first()) .build()); pendingReq.setEidasRequest(eidasRequestBuilder.build()); Map attr = new HashMap<>(); - attr.put(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, + attr.put(PvpAttributeDefinitions.BPK_NAME, "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); - attr.put(MsEidasNodeConstants.ATTR_EIDAS_JUR_MANDATOR_PERSONAL_IDENTIFIER, + attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, RandomStringUtils.randomAlphabetic(10)); attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, RandomStringUtils.randomAlphabetic(10)); @@ -329,7 +464,7 @@ public class ProxyServiceAuthenticationActionTest { ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); assertEquals("wrong attr. size", 10, respAttr.size()); checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER, - (String) attr.get(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER)); + (String) attr.get(PvpAttributeDefinitions.BPK_NAME)); checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, authData.getFamilyName()); checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME, authData.getGivenName()); checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH, authData.getDateOfBirth()); @@ -344,18 +479,18 @@ public class ProxyServiceAuthenticationActionTest { //request natural person subject only LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest(); eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder() - .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first()) .build()); pendingReq.setEidasRequest(eidasRequestBuilder.build()); Map attr = new HashMap<>(); - attr.put(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, + attr.put(PvpAttributeDefinitions.BPK_NAME, "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); - attr.put(MsEidasNodeConstants.ATTR_EIDAS_JUR_MANDATOR_PERSONAL_IDENTIFIER, + attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, RandomStringUtils.randomAlphabetic(10)); attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, RandomStringUtils.randomAlphabetic(10)); @@ -390,7 +525,7 @@ public class ProxyServiceAuthenticationActionTest { } private IAuthData generateDummyAuthData() { - return generateDummyAuthData(Collections.emptyMap(), EaafConstants.EIDAS_LOA_LOW, + return generateDummyAuthData(new HashMap<>(), EaafConstants.EIDAS_LOA_LOW, RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1940-01-01", false); } @@ -445,12 +580,22 @@ public class ProxyServiceAuthenticationActionTest { .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) .spType("public") .requesterId(RandomStringUtils.randomAlphanumeric(10)) - .providerName(RandomStringUtils.randomAlphanumeric(10)); - + .providerName(RandomStringUtils.randomAlphanumeric(10)) + .requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_DATEOFBIRTH).first()) + .build() + ); } private IAuthData generateDummyAuthData(Map attrs, String loa, String familyName, String givenName, String dateOfBirth, boolean useMandates) { + attrs.put(PvpAttributeDefinitions.BIRTHDATE_NAME, dateOfBirth); + attrs.put(PvpAttributeDefinitions.GIVEN_NAME_NAME, givenName); + attrs.put(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, familyName); + return new IEidAuthData() { @Override diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/services/ProxyEidasAttributeRegistryTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/services/ProxyEidasAttributeRegistryTest.java index d3e787bb..8d417c1a 100644 --- a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/services/ProxyEidasAttributeRegistryTest.java +++ b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/services/ProxyEidasAttributeRegistryTest.java @@ -1,11 +1,13 @@ package at.asitplus.eidas.specific.modules.msproxyservice.test.services; import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; import java.util.Arrays; import java.util.Collections; import java.util.List; +import java.util.Optional; import java.util.Set; import org.apache.commons.lang3.RandomStringUtils; @@ -92,6 +94,39 @@ public class ProxyEidasAttributeRegistryTest { } + @Test + public void attributeResponseMapping() { + assertFalse("find wrong IDA mapping", attrRegistry.mapEidasAttributeToSpecificIdaAttribute( + "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth", false).isPresent()); + assertFalse("find wrong IDA mapping", attrRegistry.mapEidasAttributeToSpecificIdaAttribute( + "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth", true).isPresent()); + + + Optional attr1 = attrRegistry.mapEidasAttributeToSpecificIdaAttribute( + "http://eidas.europa.eu/attributes/naturalperson/BirthName", false); + assertTrue("find wrong IDA mapping", attr1.isPresent()); + assertEquals("find wrong IDA mapping value", "ida_birthname", attr1.get()); + + Optional attr2 = attrRegistry.mapEidasAttributeToSpecificIdaAttribute( + "http://eidas.europa.eu/attributes/naturalperson/BirthName", true); + assertTrue("find wrong IDA mapping", attr2.isPresent()); + assertEquals("find wrong IDA mapping value", "ida_birthName_mandator", attr2.get()); + + + assertTrue("find wrong IDA mapping", attrRegistry.mapEidasAttributeToSpecificIdaAttribute( + "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", false).isPresent()); + assertTrue("find wrong IDA mapping", attrRegistry.mapEidasAttributeToSpecificIdaAttribute( + "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", true).isPresent()); + + } + + @Test + public void defaultRepresentativeAttributes() { + assertEquals("wrong number of rep. attributes", 4, + attrRegistry.getRepresentativeAttributesToAddByDefault().count()); + + } + private void checkAttributeMapping(String eidasAttr, boolean withMandates, List idaAttributes) { @NonNull Set idaAttrResult = attrRegistry.getIdaAttributesForEidasAttribute(eidasAttr, withMandates); diff --git a/modules/eidas_proxy-sevice/src/test/resources/config/idaAttributeMapping.json b/modules/eidas_proxy-sevice/src/test/resources/config/idaAttributeMapping.json index 2d375acb..7e41d8f6 100644 --- a/modules/eidas_proxy-sevice/src/test/resources/config/idaAttributeMapping.json +++ b/modules/eidas_proxy-sevice/src/test/resources/config/idaAttributeMapping.json @@ -6,7 +6,8 @@ "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.98" }, "type": { - "mds": true + "mds": true, + "autoIncludeWithMandates": false } }, { @@ -16,7 +17,8 @@ "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.78" }, "type": { - "mds": true + "mds": true, + "autoIncludeWithMandates": false } }, { @@ -26,7 +28,8 @@ "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.80" }, "type": { - "mds": true + "mds": true, + "autoIncludeWithMandates": false } }, { @@ -36,21 +39,27 @@ "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.82" }, "type": { - "mds": true + "mds": true, + "autoIncludeWithMandates": false } }, { "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth", "idaAttribute": {}, "type": { - "mds": false + "mds": false, + "autoIncludeWithMandates": false } }, { "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/BirthName", - "idaAttribute": {}, + "idaAttribute": { + "basic": "ida_birthname", + "withMandates": "ida_birthName_mandator" + }, "type": { - "mds": false + "mds": false, + "autoIncludeWithMandates": false } }, { @@ -65,7 +74,8 @@ "urn:oid:1.2.40.0.10.2.1.1.55" ], "type": { - "mds": true + "mds": true, + "autoIncludeWithMandates": false } }, { @@ -74,7 +84,8 @@ "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.84" }, "type": { - "mds": true + "mds": true, + "autoIncludeWithMandates": false } }, { @@ -83,7 +94,8 @@ "withMandates": "urn:oid:1.2.40.0.10.2.1.1.149" }, "type": { - "mds": true + "mds": true, + "autoIncludeWithMandates": true } }, { @@ -92,7 +104,8 @@ "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.20" }, "type": { - "mds": true + "mds": true, + "autoIncludeWithMandates": true } }, { @@ -101,7 +114,8 @@ "withMandates": "urn:oid:2.5.4.42" }, "type": { - "mds": true + "mds": true, + "autoIncludeWithMandates": true } }, { @@ -110,7 +124,8 @@ "withMandates": "urn:oid:1.2.40.0.10.2.1.1.55" }, "type": { - "mds": true + "mds": true, + "autoIncludeWithMandates": true } }, { @@ -120,7 +135,8 @@ "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.32" }, "type": { - "mds": false + "mds": false, + "autoIncludeWithMandates": false } }, { @@ -130,7 +146,8 @@ "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.108" }, "type": { - "mds": false + "mds": false, + "autoIncludeWithMandates": false } }, { @@ -139,7 +156,8 @@ "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.68" }, "type": { - "mds": false + "mds": false, + "autoIncludeWithMandates": false } }, { @@ -148,7 +166,8 @@ "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.106" }, "type": { - "mds": false + "mds": false, + "autoIncludeWithMandates": false } }, { @@ -157,7 +176,8 @@ "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.106" }, "type": { - "mds": false + "mds": false, + "autoIncludeWithMandates": false } } ] \ No newline at end of file diff --git a/ms_specific_connector/src/main/resources/specific_eIDAS_connector.beans.xml b/ms_specific_connector/src/main/resources/specific_eIDAS_connector.beans.xml index 9861a7c6..0757327a 100644 --- a/ms_specific_connector/src/main/resources/specific_eIDAS_connector.beans.xml +++ b/ms_specific_connector/src/main/resources/specific_eIDAS_connector.beans.xml @@ -14,6 +14,9 @@ + + diff --git a/ms_specific_proxyservice/src/main/java/at/asitplus/eidas/specific/proxy/builder/ProxyAuthenticationDataBuilder.java b/ms_specific_proxyservice/src/main/java/at/asitplus/eidas/specific/proxy/builder/ProxyAuthenticationDataBuilder.java new file mode 100644 index 00000000..bc7f88d4 --- /dev/null +++ b/ms_specific_proxyservice/src/main/java/at/asitplus/eidas/specific/proxy/builder/ProxyAuthenticationDataBuilder.java @@ -0,0 +1,38 @@ +package at.asitplus.eidas.specific.proxy.builder; + +import at.asitplus.eidas.specific.core.builder.AuthenticationDataBuilder; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import lombok.extern.slf4j.Slf4j; + +/** + * eIDAS Proxy-Service specific authentication-data builder. + * + * @author tlenz + * + */ +@Slf4j +public class ProxyAuthenticationDataBuilder extends AuthenticationDataBuilder { + + private static final String PLUS = "+"; + + @Override + protected String customizeLegalPersonSourcePin(String sourcePin, String sourcePinType) { + String sectorType = sourcePinType.substring((EaafConstants.URN_PREFIX_BASEID + PLUS).length()); + return sectorType + PLUS + sourcePin; + + } + + @Override + protected String customizeBpkAttribute(String pvpBpkAttrValue) { + final String[] split = pvpBpkAttrValue.split(":", 2); + if (split.length == 2) { + log.debug("Remove prefix from bPK attribute to transform it into eIDAS-Node format"); + return split[1]; + + } else { + log.warn("PVP bPK attribute: {} has wrong format. Use it as it is.", pvpBpkAttrValue); + return pvpBpkAttrValue; + + } + } +} diff --git a/ms_specific_proxyservice/src/main/resources/specific_eIDAS_proxy.beans.xml b/ms_specific_proxyservice/src/main/resources/specific_eIDAS_proxy.beans.xml index 5633cb0e..cc4c904e 100644 --- a/ms_specific_proxyservice/src/main/resources/specific_eIDAS_proxy.beans.xml +++ b/ms_specific_proxyservice/src/main/resources/specific_eIDAS_proxy.beans.xml @@ -13,6 +13,9 @@ + + diff --git a/ms_specific_proxyservice/src/test/java/at/asitplus/eidas/specific/proxy/test/builder/ProxyAuthenticationDataBuilderTest.java b/ms_specific_proxyservice/src/test/java/at/asitplus/eidas/specific/proxy/test/builder/ProxyAuthenticationDataBuilderTest.java new file mode 100644 index 00000000..ee2c8d8c --- /dev/null +++ b/ms_specific_proxyservice/src/test/java/at/asitplus/eidas/specific/proxy/test/builder/ProxyAuthenticationDataBuilderTest.java @@ -0,0 +1,395 @@ +package at.asitplus.eidas.specific.proxy.test.builder; + +import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; + +import java.lang.reflect.Field; +import java.util.HashMap; +import java.util.Map; + +import org.apache.commons.lang3.RandomStringUtils; +import org.apache.commons.lang3.RandomUtils; +import org.apache.ignite.Ignition; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.opensaml.core.config.InitializationException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.context.i18n.LocaleContextHolder; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ActiveProfiles; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.TestPropertySource; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; + +import com.google.common.collect.Sets; + +import at.asitplus.eidas.specific.core.MsEidasNodeConstants; +import at.asitplus.eidas.specific.core.builder.AuthenticationDataBuilder; +import at.asitplus.eidas.specific.core.config.ServiceProviderConfiguration; +import at.gv.egiz.components.spring.api.SpringBootApplicationContextInitializer; +import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; +import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; +import at.gv.egiz.eaaf.core.impl.idp.EidAuthenticationData; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; +import eu.eidas.auth.cache.IgniteInstanceInitializerSpecificCommunication; +import lombok.SneakyThrows; +import net.shibboleth.utilities.java.support.component.ComponentInitializationException; + +@RunWith(SpringJUnit4ClassRunner.class) +@SpringBootTest +@ContextConfiguration(initializers = { + org.springframework.boot.context.config.DelegatingApplicationContextInitializer.class, + SpringBootApplicationContextInitializer.class + }) +@TestPropertySource(locations = { "file:src/test/resources/config/junit_config_1_springboot.properties" }) +@DirtiesContext(classMode = ClassMode.AFTER_CLASS) +@ActiveProfiles(profiles = {"JUNIT", "jUnitTestMode"}) +public class ProxyAuthenticationDataBuilderTest { + + + @Autowired + private AuthenticationDataBuilder authenticationDataBuilder; + + @Autowired(required = true) + private IConfiguration basicConfig; + + private MockHttpServletRequest httpReq; + private MockHttpServletResponse httpResp; + private TestRequestImpl pendingReq; + + private Map spConfig; + private ServiceProviderConfiguration oaParam; + + private String eidasBind; + private String authBlock; + + @BeforeClass + public static void classInitializer() throws InitializationException, ComponentInitializationException { + final String current = new java.io.File(".").toURI().toString(); + System.setProperty("eidas.ms.configuration", current + + "src/test/resources/config/junit_config_3.properties"); + + //eIDAS Ref. Impl. properties + System.setProperty("EIDAS_CONFIG_REPOSITORY", current.substring("file:".length()) + + "../basicConfig/eIDAS/"); + System.setProperty("SPECIFIC_CONNECTOR_CONFIG_REPOSITORY", current.substring("file:".length()) + + "../basicConfig/eIDAS/"); + System.setProperty("SPECIFIC_PROXY_SERVICE_CONFIG_REPOSITORY", current.substring("file:".length()) + + "../basicConfig/eIDAS/"); + + EaafOpenSaml3xInitializer.eaafInitialize(); + } + + /** + * Test shut-down. + * + * @throws Exception In case of an error + */ + @AfterClass + @SneakyThrows + public static void closeIgniteNode() { + System.out.println("Closiong Ignite Node ... "); + Ignition.stopAll(true); + + //set Ignite-node holder to 'null' because static holders are shared between different tests + final Field field = IgniteInstanceInitializerSpecificCommunication.class.getDeclaredField("instance"); + field.setAccessible(true); + field.set(null, null); + + } + + @Before + @SneakyThrows + public void initialize() throws EaafStorageException { + httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + spConfig = new HashMap<>(); + spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); + spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); + spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true"); + oaParam = new ServiceProviderConfiguration(spConfig, basicConfig); + oaParam.setBpkTargetIdentifier("urn:publicid:gv.at:cdid+XX"); + + pendingReq = new TestRequestImpl(); + pendingReq.setAuthUrl("https://localhost/ms_connector"); + pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); + pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); + pendingReq.setSpConfig(oaParam); + authBlock = RandomStringUtils.randomAlphanumeric(20); + eidasBind = RandomStringUtils.randomAlphanumeric(20); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, authBlock); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, eidasBind); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setQaaLevel(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5)); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, + RandomStringUtils.randomAlphabetic(2)); + + LocaleContextHolder.resetLocaleContext(); + + } + + @Test + @SneakyThrows + public void eidasProxyModeSimple() throws EaafAuthenticationException { + // initialize state + pendingReq = new TestRequestImpl(); + pendingReq.setAuthUrl("https://localhost/ms_connector"); + pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); + pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); + pendingReq.setSpConfig(oaParam); + boolean isTestIdentity = RandomUtils.nextBoolean(); + + pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setForeigner(false); + + String bpk = RandomStringUtils.randomAlphanumeric(10); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + PvpAttributeDefinitions.BPK_NAME, "eidas+AT+XX:" + bpk); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + PvpAttributeDefinitions.GIVEN_NAME_NAME, "Max"); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, "Mustermann"); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + PvpAttributeDefinitions.BIRTHDATE_NAME, "1940-01-01"); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, + "http://eidas.europa.eu/LoA/high"); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, + RandomStringUtils.randomAlphabetic(2)); + + String randAttr = RandomStringUtils.randomAlphabetic(10); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + randAttr, RandomStringUtils.randomAlphabetic(10)); + + oaParam.setRequestedAttributes(Sets.newHashSet(randAttr, + PvpAttributeDefinitions.BPK_NAME, + PvpAttributeDefinitions.GIVEN_NAME_NAME, + PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, + PvpAttributeDefinitions.BIRTHDATE_NAME, + PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, + PvpAttributeDefinitions.EID_ISSUING_NATION_NAME)); + + + // execute + IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); + + // validate state + Assert.assertNotNull("AuthData null", authData); + Assert.assertNull("authBlock null", authData.getGenericData(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class)); + Assert.assertNull("eidasBind null", authData.getGenericData(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class)); + Assert.assertNotNull("LoA null", authData.getEidasQaaLevel()); + + Assert.assertEquals("FamilyName", "Mustermann", authData.getFamilyName()); + Assert.assertEquals("GivenName", "Max", authData.getGivenName()); + Assert.assertEquals("DateOfBirth", "1940-01-01", authData.getDateOfBirth()); + + Assert.assertEquals("LoA", "http://eidas.europa.eu/LoA/high", authData.getEidasQaaLevel()); + Assert.assertEquals("EID-ISSUING-NATION", + pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession( + PvpAttributeDefinitions.EID_ISSUING_NATION_NAME), + authData.getCiticenCountryCode()); + + checkGenericAttribute(authData, PvpAttributeDefinitions.BPK_NAME, bpk); + checkGenericAttribute(authData, PvpAttributeDefinitions.GIVEN_NAME_NAME, "Max"); + checkGenericAttribute(authData, PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, "Mustermann"); + checkGenericAttribute(authData, PvpAttributeDefinitions.BIRTHDATE_NAME, "1940-01-01"); + + Assert.assertEquals("random optional attr.", + pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession( + randAttr), + authData.getGenericData(randAttr, String.class)); + + } + + + @Test + public void eidasProxyModeWithNatMandate() throws EaafAuthenticationException, EaafStorageException { + // initialize state + injectRepresentativeInfosIntoSession(); + + String givenNameMandate = RandomStringUtils.randomAlphabetic(10); + String familyNameMandate = RandomStringUtils.randomAlphabetic(10); + String dateOfBirthMandate = "1957-09-15"; + String bpkMandate = RandomStringUtils.randomAlphanumeric(10); + + // set nat. person mandate information + pendingReq.getSessionData(AuthProcessDataWrapper.class).setUseMandates(true); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, givenNameMandate); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, familyNameMandate); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, dateOfBirthMandate); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, "AT+XX:" + bpkMandate); + + oaParam.setRequestedAttributes(Sets.newHashSet( + PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, + PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, + PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, + PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME)); + + // execute test + IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); + + + // validate state + Assert.assertNotNull("AuthData null", authData); + assertTrue("mandate flag", ((EidAuthenticationData)authData).isUseMandate()); + + //check mandate informations + checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, givenNameMandate); + checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, familyNameMandate); + checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, "1957-09-15"); + checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, bpkMandate); + + } + + @Test + public void eidasProxyModeWithNatMandateWrongBpkFormat() throws EaafAuthenticationException, EaafStorageException { + // initialize state + injectRepresentativeInfosIntoSession(); + + String givenNameMandate = RandomStringUtils.randomAlphabetic(10); + String familyNameMandate = RandomStringUtils.randomAlphabetic(10); + String dateOfBirthMandate = "1957-09-15"; + String bpkMandate = RandomStringUtils.randomAlphanumeric(10); + + // set nat. person mandate information + pendingReq.getSessionData(AuthProcessDataWrapper.class).setUseMandates(true); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, givenNameMandate); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, familyNameMandate); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, dateOfBirthMandate); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, bpkMandate); + + oaParam.setRequestedAttributes(Sets.newHashSet( + PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, + PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, + PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, + PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME)); + + // execute test + IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); + + + // validate state + Assert.assertNotNull("AuthData null", authData); + assertTrue("mandate flag", ((EidAuthenticationData)authData).isUseMandate()); + + //check mandate informations + checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, givenNameMandate); + checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, familyNameMandate); + checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, "1957-09-15"); + checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, bpkMandate); + + } + + @Test + public void eidasProxyModeWithJurMandate() throws EaafAuthenticationException, EaafStorageException { + // initialize state + injectRepresentativeInfosIntoSession(); + + String commonMandate = RandomStringUtils.randomAlphabetic(10); + + // set constant country-code and sourcePin to check hashed eIDAS identifier + String sourcePinMandate = "asfdsadfsadfsafsdafsadfasr"; + spConfig.put("target", EaafConstants.URN_PREFIX_EIDAS + "AT+EE"); + + // set nat. person mandate information + pendingReq.getSessionData(AuthProcessDataWrapper.class).setUseMandates(true); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, commonMandate); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, sourcePinMandate); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, + EaafConstants.URN_PREFIX_BASEID + "+XFN"); + + oaParam.setRequestedAttributes(Sets.newHashSet( + PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, + PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, + PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME)); + + // execute test + IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); + + + // validate state + Assert.assertNotNull("AuthData null", authData); + assertTrue("mandate flag", ((EidAuthenticationData)authData).isUseMandate()); + + //check mandate informations + checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, commonMandate); + checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, "XFN+" + sourcePinMandate); + + } + + private void injectRepresentativeInfosIntoSession() throws EaafStorageException { + boolean isTestIdentity = RandomUtils.nextBoolean(); + pendingReq.getSessionData(EidAuthProcessDataWrapper.class).setTestIdentity(isTestIdentity); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true); + + String givenName = RandomStringUtils.randomAlphabetic(10); + String familyName = RandomStringUtils.randomAlphabetic(10); + String dateOfBirth = "1956-12-08"; + String bpk = RandomStringUtils.randomAlphanumeric(10); + String cc = pendingReq.getSessionData(AuthProcessDataWrapper.class) + .getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class); + String spC = RandomStringUtils.randomAlphabetic(2).toUpperCase(); + spConfig.put("target", EaafConstants.URN_PREFIX_EIDAS + cc + "+" + spC); + + pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setForeigner(false); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.GIVEN_NAME_NAME, givenName); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, familyName); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.BIRTHDATE_NAME, dateOfBirth); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.BPK_NAME, bpk); + + //set LoA level attribute instead of explicit session-data + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, + pendingReq.getSessionData(AuthProcessDataWrapper.class).getQaaLevel()); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setQaaLevel(null); + + } + + private void checkGenericAttribute(IAuthData authData, String attrName, String expected) { + assertEquals("Wrong: " + attrName, expected, authData.getGenericData(attrName, String.class)); + + } + +} diff --git a/ms_specific_proxyservice/src/test/resources/config/junit_config_1_springboot.properties b/ms_specific_proxyservice/src/test/resources/config/junit_config_1_springboot.properties index 8cd77046..47d50191 100644 --- a/ms_specific_proxyservice/src/test/resources/config/junit_config_1_springboot.properties +++ b/ms_specific_proxyservice/src/test/resources/config/junit_config_1_springboot.properties @@ -69,7 +69,7 @@ eidas.ms.configuration.pvp.enable.entitycategories=false ############################################################################# ## MS-speccific eIDAS-Proxy-Service configuration - +eidas.ms.auth.eIDAS.proxy.attribute.mapping.config=./../../../../../basicConfig/ms-proxyservice/misc/idaAttributeMapping.json #### eIDAS ms-specific Proxy-Service configuration eidas.ms.auth.eIDAS.node_v2.proxy.entityId=ownSpecificProxy diff --git a/pom.xml b/pom.xml index 309fab68..e469f680 100644 --- a/pom.xml +++ b/pom.xml @@ -22,7 +22,7 @@

0.3

0.4 - 1.3.2 + 1.3.3-SNAPSHOT

2.5.13

2.5.6 -- cgit v1.2.3 From d2f112a0b969ac8e1ffbb2e03a84e20371d0ba99 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Thu, 9 Jun 2022 09:08:06 +0200 Subject: chore(core): add missing attribute into idaAttributeMapping configuration - legalPersonSourcePinType has to be requested in case of mandates with legal persons --- basicConfig/ms-proxyservice/misc/idaAttributeMapping.json | 1 + 1 file changed, 1 insertion(+) (limited to 'basicConfig') diff --git a/basicConfig/ms-proxyservice/misc/idaAttributeMapping.json b/basicConfig/ms-proxyservice/misc/idaAttributeMapping.json index 7c44b48a..e5495547 100644 --- a/basicConfig/ms-proxyservice/misc/idaAttributeMapping.json +++ b/basicConfig/ms-proxyservice/misc/idaAttributeMapping.json @@ -65,6 +65,7 @@ "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.100" }, "addionalRequiredAttributes" : [ + "urn:oid:1.2.40.0.10.2.1.1.261.76", "urn:oid:1.2.40.0.10.2.1.1.149", "urn:oid:2.5.4.42", "urn:oid:1.2.40.0.10.2.1.1.261.20", -- cgit v1.2.3 From 0687ce53c97ecdfc7bceb9524afff2ac95230162 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Thu, 9 Jun 2022 09:15:05 +0200 Subject: chore(gui): add default error-templates --- basicConfig/ms-connector/templates/error.html | 60 ++++++++++++++++++++++++ basicConfig/ms-proxyservice/templates/error.html | 60 ++++++++++++++++++++++++ 2 files changed, 120 insertions(+) create mode 100644 basicConfig/ms-connector/templates/error.html create mode 100644 basicConfig/ms-proxyservice/templates/error.html (limited to 'basicConfig') diff --git a/basicConfig/ms-connector/templates/error.html b/basicConfig/ms-connector/templates/error.html new file mode 100644 index 00000000..0d8d2d4e --- /dev/null +++ b/basicConfig/ms-connector/templates/error.html @@ -0,0 +1,60 @@ + + + + + + + An error arise ... + + + + + +

Error Header

+ +

Error Information

+
+ + + + +

Code:

+ +

Msg:

+ +

fullError

+ +

+ + + + diff --git a/basicConfig/ms-proxyservice/templates/error.html b/basicConfig/ms-proxyservice/templates/error.html new file mode 100644 index 00000000..0d8d2d4e --- /dev/null +++ b/basicConfig/ms-proxyservice/templates/error.html @@ -0,0 +1,60 @@ + + + + + + + An error arise ... + + + + + +

Error Header

+ +

Error Information

+
+ + + + +

Code:

+ +

Msg:

+ +

fullError

+ +

+ + + + -- cgit v1.2.3 From 0ae0c83da2f970bb8987f116286857e07b0c02b1 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Tue, 16 Aug 2022 10:54:19 +0200 Subject: chore(eidas): add sector-specific attributes for BORIS project to eIDAS configuration add two eIDAS attributes: - http://e-justice.europa.eu/attributes/naturalperson/eJusticeNaturalPersonRole - http://e-justice.europa.eu/attributes/legalperson/eJusticeLegalPersonRole --- basicConfig/eIDAS/additional-attributes.xml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'basicConfig') diff --git a/basicConfig/eIDAS/additional-attributes.xml b/basicConfig/eIDAS/additional-attributes.xml index 6510546e..823f8db0 100644 --- a/basicConfig/eIDAS/additional-attributes.xml +++ b/basicConfig/eIDAS/additional-attributes.xml @@ -16,10 +16,10 @@ - Dynamic attributes + Justice and Consumers Financial Stability, Financial Services and Capital Markets Union Sector Specific Attributes - http://eidas.europa.eu/attributes/naturalperson/AdditionalAttribute - AdditionalAttribute + http://e-justice.europa.eu/attributes/naturalperson/eJusticeNaturalPersonRole + eJusticeNaturalPersonRole NaturalPerson false http://www.w3.org/2001/XMLSchema @@ -27,13 +27,13 @@ xs eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller - http://eidas.europa.eu/attributes/legalperson/LegalAdditionalAttribute - LegalAdditionalAttribute + http://e-justice.europa.eu/attributes/legalperson/eJusticeLegalPersonRole + eJusticeLegalPersonRole LegalPerson false http://www.w3.org/2001/XMLSchema string xs eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller - + -- cgit v1.2.3 From ca50cb8dda0a24b5a4589db126bfab8d0d885b00 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Tue, 16 Aug 2022 10:56:54 +0200 Subject: feat(proxy): add support for custom eIDAS attribute-handler into ProxyEidasAttributeRegistry This allow more sopisticated attribute-processing than simple mapping to IDA attributes --- .../ms-proxyservice/misc/idaAttributeMapping.json | 16 +++++++++++++++ .../dto/attributes/AttrMappingElement.java | 6 ++++++ .../service/ProxyEidasAttributeRegistry.java | 18 +++++++++++++++- .../services/ProxyEidasAttributeRegistryTest.java | 20 ++++++++++++++++++ .../resources/config/additional-attributes.xml | 19 +++++++++++++++++ .../test/resources/config/idaAttributeMapping.json | 24 ++++++++++++++++++++++ 6 files changed, 102 insertions(+), 1 deletion(-) (limited to 'basicConfig') diff --git a/basicConfig/ms-proxyservice/misc/idaAttributeMapping.json b/basicConfig/ms-proxyservice/misc/idaAttributeMapping.json index e5495547..3de4b8a9 100644 --- a/basicConfig/ms-proxyservice/misc/idaAttributeMapping.json +++ b/basicConfig/ms-proxyservice/misc/idaAttributeMapping.json @@ -126,6 +126,22 @@ "autoIncludeWithMandates": true } }, + { + "eidasAttribute": "http://e-justice.europa.eu/attributes/naturalperson/eJusticeNaturalPersonRole", + "specificAttributeHandlerClass": "at.asitplus.eidas.specific.modules.msproxyservice.handler.EJusticePersonRoleHandler", + "type": { + "mds": false, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "http://e-justice.europa.eu/attributes/legalperson/eJusticeLegalPersonRole", + "specificAttributeHandlerClass": "at.asitplus.eidas.specific.modules.msproxyservice.handler.EJusticePersonRoleHandler", + "type": { + "mds": false, + "autoIncludeWithMandates": false + } + }, { "eidasAttribute": "*", "idaAttribute": { diff --git a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/dto/attributes/AttrMappingElement.java b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/dto/attributes/AttrMappingElement.java index cf106bad..2dffbc2d 100644 --- a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/dto/attributes/AttrMappingElement.java +++ b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/dto/attributes/AttrMappingElement.java @@ -13,6 +13,8 @@ import lombok.Data; @JsonPropertyOrder({ "eidasAttribute", "idaAttribute", + "addionalRequiredAttributes", + "specificAttributeHandlerClass", "type" }) @Data @@ -34,6 +36,10 @@ public class AttrMappingElement { @JsonProperty("addionalRequiredAttributes") private List addionalRequiredAttributes; + + @JsonProperty("specificAttributeHandlerClass") + private String specificAttributeHandlerClass; + /** * attribute characteristics. */ diff --git a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/service/ProxyEidasAttributeRegistry.java b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/service/ProxyEidasAttributeRegistry.java index a6a50100..a0c99019 100644 --- a/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/service/ProxyEidasAttributeRegistry.java +++ b/modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/service/ProxyEidasAttributeRegistry.java @@ -111,7 +111,7 @@ public class ProxyEidasAttributeRegistry { } /** - * Get eIDAS related IDA attribute. + * Get eIDAS related IDA attribute for a specific mode-operation. * * @param eidasAttributeName Name of the eIDAS attribute. * @param withMandates true if mandates are supported, otherwise false @@ -127,6 +127,22 @@ public class ProxyEidasAttributeRegistry { } + /** + * Get eIDAS related custom attribute-handler. + * + * @param eidasAttributeName Name of the eIDAS attribute. + * @return full classname of the handler implementation if available + */ + public Optional mapEidasAttributeToAttributeHandler(String eidasAttributeName) { + return attributeConfiguration.stream() + .filter(el -> el.getEidasAttributeName().equals(eidasAttributeName)) + .filter(el -> StringUtils.isNotEmpty(el.getSpecificAttributeHandlerClass())) + .findFirst() + .map(el -> el.getSpecificAttributeHandlerClass()); + + } + + @PostConstruct private void initialize() throws EaafConfigurationException { final String attrConfPath = basicConfig.getBasicConfiguration( diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/services/ProxyEidasAttributeRegistryTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/services/ProxyEidasAttributeRegistryTest.java index 8d417c1a..fb7d257e 100644 --- a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/services/ProxyEidasAttributeRegistryTest.java +++ b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/services/ProxyEidasAttributeRegistryTest.java @@ -127,6 +127,26 @@ public class ProxyEidasAttributeRegistryTest { } + @Test + public void specificAttributeHandler() { + assertFalse("find wrong attribute", + attrRegistry.mapEidasAttributeToAttributeHandler( + "http://eidas.europa.eu/attributes/jUnit/no/custom/handler").isPresent()); + + assertFalse("find wrong attribute", + attrRegistry.mapEidasAttributeToAttributeHandler( + "http://eidas.europa.eu/attributes/naturalperson/representative/DateOfBirth").isPresent()); + + + Optional attr2 = attrRegistry.mapEidasAttributeToAttributeHandler( + "http://e-justice.europa.eu/attributes/naturalperson/eJusticeNaturalPersonRole"); + assertTrue("find wrong IDA mapping", attr2.isPresent()); + assertEquals("find wrong specific attribute-handler", + "at.asitplus.eidas.specific.modules.msproxyservice.handler.EJusticePersonRoleHandler", attr2.get()); + + } + + private void checkAttributeMapping(String eidasAttr, boolean withMandates, List idaAttributes) { @NonNull Set idaAttrResult = attrRegistry.getIdaAttributesForEidasAttribute(eidasAttr, withMandates); diff --git a/modules/eidas_proxy-sevice/src/test/resources/config/additional-attributes.xml b/modules/eidas_proxy-sevice/src/test/resources/config/additional-attributes.xml index 6510546e..e40ebdc4 100644 --- a/modules/eidas_proxy-sevice/src/test/resources/config/additional-attributes.xml +++ b/modules/eidas_proxy-sevice/src/test/resources/config/additional-attributes.xml @@ -36,4 +36,23 @@ xs eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller + http://e-justice.europa.eu/attributes/naturalperson/eJusticeNaturalPersonRole + eJusticeNaturalPersonRole + NaturalPerson + false + http://www.w3.org/2001/XMLSchema + string + xs + eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller + + http://e-justice.europa.eu/attributes/legalperson/eJusticeLegalPersonRole + eJusticeLegalPersonRole + LegalPerson + false + http://www.w3.org/2001/XMLSchema + string + xs + eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller + + diff --git a/modules/eidas_proxy-sevice/src/test/resources/config/idaAttributeMapping.json b/modules/eidas_proxy-sevice/src/test/resources/config/idaAttributeMapping.json index 7e41d8f6..daaaa37d 100644 --- a/modules/eidas_proxy-sevice/src/test/resources/config/idaAttributeMapping.json +++ b/modules/eidas_proxy-sevice/src/test/resources/config/idaAttributeMapping.json @@ -128,6 +128,22 @@ "autoIncludeWithMandates": true } }, + { + "eidasAttribute": "http://e-justice.europa.eu/attributes/naturalperson/eJusticeNaturalPersonRole", + "specificAttributeHandlerClass": "at.asitplus.eidas.specific.modules.msproxyservice.handler.EJusticePersonRoleHandler", + "type": { + "mds": false, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "http://e-justice.europa.eu/attributes/legalperson/eJusticeLegalPersonRole", + "specificAttributeHandlerClass": "at.asitplus.eidas.specific.modules.msproxyservice.handler.EJusticePersonRoleHandler", + "type": { + "mds": false, + "autoIncludeWithMandates": false + } + }, { "eidasAttribute": "*", "idaAttribute": { @@ -179,5 +195,13 @@ "mds": false, "autoIncludeWithMandates": false } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/jUnit/no/custom/handler", + "specificAttributeHandlerClass": "", + "type": { + "mds": false, + "autoIncludeWithMandates": false + } } ] \ No newline at end of file -- cgit v1.2.3