From 3734d910935f34427632a36206aa3b6b0822c9bf Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 11 Dec 2019 12:45:58 +0100 Subject: fix LoA level validation error in AuthnRequestValidator.java --- .../connector/verification/AuthnRequestValidator.java | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'connector/src/main/java/at/asitplus') diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java index 0230521c..87c23dee 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java @@ -103,12 +103,13 @@ public class AuthnRequestValidator implements IAuthnRequestValidator { if (StringUtils.isEmpty(providerName)) { log.info("Authn. request contains NO SP friendlyName"); } else { - pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_PROVIDERNAME, spEntityId); + pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_PROVIDERNAME, providerName); } // post-process requested LoA final List reqLoA = extractLoA(authnReq); - + log.trace("SP requests LoA with: {}", String.join(", ",reqLoA)); + LevelOfAssurance minimumLoAFromConfig = LevelOfAssurance.fromString(basicConfig.getBasicConfiguration( MsEidasNodeConstants.PROP_EIDAS_REQUEST_LOA_MINIMUM_LEVEL, EaafConstants.EIDAS_LOA_HIGH)); @@ -118,21 +119,21 @@ public class AuthnRequestValidator implements IAuthnRequestValidator { minimumLoAFromConfig = LevelOfAssurance.HIGH; } - + log.trace("Validate requested LoA to connector configuration minimum LoA: {} ...", - minimumLoAFromConfig); + minimumLoAFromConfig); final List allowedLoA = new ArrayList<>(); for (final String loa : reqLoA) { try { final LevelOfAssurance intLoa = LevelOfAssurance.fromString(loa); String selectedLoA = EaafConstants.EIDAS_LOA_HIGH; if (intLoa != null - && intLoa.numericValue() >= minimumLoAFromConfig.numericValue()) { + && intLoa.numericValue() <= minimumLoAFromConfig.numericValue()) { log.info("Client: {} requested LoA: {} will be upgraded to: {}", pendingReq.getServiceProviderConfiguration().getUniqueIdentifier(), loa, minimumLoAFromConfig); - selectedLoA = intLoa.getValue(); + selectedLoA = minimumLoAFromConfig.getValue(); } -- cgit v1.2.3