From 58b3c1c2d7a27775af8c0b7c9d12dea08aa575fa Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Tue, 19 Jan 2021 10:37:45 +0100
Subject: build 'requesterId' for private-sector SP's based on hashed unique
 AppIds set 'requesterId' and 'providerName' to static value for any type of
 SP

---
 connector/src/main/resources/application.properties | 21 +++++++++++++++++++--
 1 file changed, 19 insertions(+), 2 deletions(-)

(limited to 'connector/src/main/resources')

diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties
index b13b6c18..b92102ed 100644
--- a/connector/src/main/resources/application.properties
+++ b/connector/src/main/resources/application.properties
@@ -51,10 +51,23 @@ eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector
 #eidas.ms.auth.eIDAS.node_v2.forward.endpoint=
 eidas.ms.auth.eIDAS.node_v2.forward.method=POST
 eidas.ms.auth.eIDAS.node_v2.countrycode=AT
+#eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=urn:publicid:gv.at:cdid\+.*
 eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.*
-eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true
+
+## use SAML2 requestId as transactionIdentifier to mitigate problems with SAML2 relaystate
 eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true
-eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true
+
+## use hashed version of unique SP-Identifier as requesterId
+eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm=true
+
+## user static requesterId for all SP's in case of LU
+eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll=true
+
+ 
+## set provider name for all public SPs
+eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=false
+
+
 
 eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high
 
@@ -92,6 +105,10 @@ eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true
 eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=false
 eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=false
 
+
+
+
+
 ##without mandates
 eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true
 eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true
-- 
cgit v1.2.3


From 2fabf6cfdc78fceac1302d45c88d08214fe4e9e3 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Wed, 20 Jan 2021 14:32:37 +0100
Subject: add README.md, release and update informations, and full handbook

---
 connector/src/main/resources/application.properties | 20 +++++++-------------
 1 file changed, 7 insertions(+), 13 deletions(-)

(limited to 'connector/src/main/resources')

diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties
index b92102ed..9a4ae54f 100644
--- a/connector/src/main/resources/application.properties
+++ b/connector/src/main/resources/application.properties
@@ -17,9 +17,9 @@ spring.boot.admin.client.enabled=false
 
 #############################################################################
 ## MS-speccific eIDAS-Connector configuration
-#proxy.context.url.prefix=
+#eidas.ms.context.url.prefix=
 eidas.ms.context.url.request.validation=false
-#proxy.configRootDir=file:/.../config/
+#eidas.ms.configRootDir=file:/.../config/
 eidas.ms.context.use.clustermode=true
 eidas.ms.core.logging.level.info.errorcodes=auth.21
 
@@ -51,8 +51,7 @@ eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector
 #eidas.ms.auth.eIDAS.node_v2.forward.endpoint=
 eidas.ms.auth.eIDAS.node_v2.forward.method=POST
 eidas.ms.auth.eIDAS.node_v2.countrycode=AT
-#eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=urn:publicid:gv.at:cdid\+.*
-eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.*
+eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=urn:publicid:gv.at:cdid\+.*
 
 ## use SAML2 requestId as transactionIdentifier to mitigate problems with SAML2 relaystate
 eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true
@@ -106,9 +105,6 @@ eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=false
 eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=false
 
 
-
-
-
 ##without mandates
 eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true
 eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true
@@ -137,7 +133,7 @@ eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true
 #eidas.ms.pvp2.key.metadata.password=password
 #eidas.ms.pvp2.key.signing.alias=sig
 #eidas.ms.pvp2.key.signing.password=password
-#eidas.ms.pvp2.metadata.validity=24
+eidas.ms.pvp2.metadata.validity=24
 
 #eidas.ms.pvp2.metadata.organisation.name=JUnit
 #eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit
@@ -158,8 +154,6 @@ eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true
 
 
 ##only for advanced config
-eidas.ms.configuration.sp.disableRegistrationRequirement=
-#eidas.ms.configuration.restrictions.baseID.spTransmission=
-eidas.ms.configuration.auth.default.countrycode=
-eidas.ms.configuration.pvp.scheme.validation=
-eidas.ms.configuration.pvp.enable.entitycategories=
\ No newline at end of file
+eidas.ms.configuration.sp.disableRegistrationRequirement=false
+eidas.ms.configuration.pvp.scheme.validation=true
+eidas.ms.configuration.pvp.enable.entitycategories=false
\ No newline at end of file
-- 
cgit v1.2.3


From c5c6344931f67ccaba335ffa476b5e8117948020 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Wed, 10 Mar 2021 12:25:10 +0100
Subject: switch to EAAF-components 1.1.13-SNAPSHOT to add
 EID-IDENTITY-STATUS-LEVEL attribute into SAML2 response

---
 connector/src/main/resources/application.properties             | 2 ++
 connector/src/main/resources/specific_eIDAS_connector.beans.xml | 6 ++++++
 2 files changed, 8 insertions(+)

(limited to 'connector/src/main/resources')

diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties
index 9a4ae54f..2411fde3 100644
--- a/connector/src/main/resources/application.properties
+++ b/connector/src/main/resources/application.properties
@@ -48,6 +48,8 @@ eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256
 
 ## eIDAS Ref. Implementation connector ###
 eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector
+eidas.ms.auth.eIDAS.eid.testidentity.default=false
+
 #eidas.ms.auth.eIDAS.node_v2.forward.endpoint=
 eidas.ms.auth.eIDAS.node_v2.forward.method=POST
 eidas.ms.auth.eIDAS.node_v2.countrycode=AT
diff --git a/connector/src/main/resources/specific_eIDAS_connector.beans.xml b/connector/src/main/resources/specific_eIDAS_connector.beans.xml
index f6fdeefe..0f8511d5 100644
--- a/connector/src/main/resources/specific_eIDAS_connector.beans.xml
+++ b/connector/src/main/resources/specific_eIDAS_connector.beans.xml
@@ -49,6 +49,9 @@
     <property name="pvpIdpCredentials">
       <ref bean="PVPEndPointCredentialProvider" />
     </property>
+    <property name="metadataProvider">
+      <ref bean="PVPMetadataProvider" />
+    </property>   
   </bean>
 
   <bean id="AuthnRequestValidator"
@@ -69,6 +72,9 @@
     <property name="pvpIdpCredentials">
       <ref bean="PVPEndPointCredentialProvider" />
     </property>
+    <property name="metadataProvider">
+      <ref bean="PVPMetadataProvider" />
+    </property>     
   </bean>
 
   <bean id="eaafProtocolAuthenticationService"
-- 
cgit v1.2.3


From 291905eed9c187444c83657241b589d31d825149 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Wed, 12 May 2021 12:46:07 +0200
Subject: update third-party libs to latest versions

---
 connector/src/main/resources/logback.xml           | 107 +--------------------
 .../resources/specific_eIDAS_connector.beans.xml   |   3 +
 2 files changed, 6 insertions(+), 104 deletions(-)

(limited to 'connector/src/main/resources')

diff --git a/connector/src/main/resources/logback.xml b/connector/src/main/resources/logback.xml
index 7aa2d0cc..9679d9e4 100644
--- a/connector/src/main/resources/logback.xml
+++ b/connector/src/main/resources/logback.xml
@@ -8,96 +8,6 @@
 <!-- http://www.qos.ch/shop/products/professionalSupport -->
 <!-- -->
 <configuration>
-  <appender name="msnode"
-    class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender -->
-    <File>logs/eidas-ms-specific.log</File>
-    <encoder>
-      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n</pattern>
-    </encoder>
-    <rollingPolicy
-      class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
-      <maxIndex>9999</maxIndex>
-      <FileNamePattern>logs/eidas-ms-specific.log.%i
-      </FileNamePattern>
-    </rollingPolicy>
-    <triggeringPolicy
-      class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
-      <MaxFileSize>10000KB</MaxFileSize>
-    </triggeringPolicy>
-  </appender>
-  <appender name="EIDASNODE"
-    class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender -->
-    <File>logs/eIDAS_node.log</File>
-    <encoder>
-      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n</pattern>
-    </encoder>
-    <rollingPolicy
-      class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
-      <maxIndex>9999</maxIndex>
-      <FileNamePattern>logs/eIDAS_node.log.%i
-      </FileNamePattern>
-    </rollingPolicy>
-    <triggeringPolicy
-      class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
-      <MaxFileSize>10000KB</MaxFileSize>
-    </triggeringPolicy>
-  </appender>
-  <appender name="reversion"
-    class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender -->
-    <File>logs/eidas-ms-reversion.log</File>
-    <encoder>
-      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n</pattern>
-    </encoder>
-    <rollingPolicy
-      class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
-      <maxIndex>9999</maxIndex>
-      <FileNamePattern>logs/eidas-ms-reversion.log.%i
-      </FileNamePattern>
-    </rollingPolicy>
-    <triggeringPolicy
-      class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
-      <MaxFileSize>10000KB</MaxFileSize>
-    </triggeringPolicy>
-  </appender>
-  <appender name="statistic"
-    class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender -->
-    <File>logs/eidas-ms-statistic.log</File>
-    <encoder>
-      <pattern>%m%n</pattern>
-    </encoder>
-    <rollingPolicy
-      class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
-      <maxIndex>9999</maxIndex>
-      <FileNamePattern>logs/eidas-ms-statistic.log.%i
-      </FileNamePattern>
-    </rollingPolicy>
-    <triggeringPolicy
-      class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
-      <MaxFileSize>10000KB</MaxFileSize>
-    </triggeringPolicy>
-  </appender>
-  <appender name="stdout"
-    class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender -->
-    <File>logs/console.log</File>
-    <encoder>
-      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n</pattern>
-    </encoder>
-    <rollingPolicy
-      class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
-      <maxIndex>9999</maxIndex>
-      <FileNamePattern>logs/console.log.%i
-      </FileNamePattern>
-    </rollingPolicy>
-    <triggeringPolicy
-      class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
-      <MaxFileSize>10000KB</MaxFileSize>
-    </triggeringPolicy>
-  </appender>
   <appender name="console"
     class="ch.qos.logback.core.ConsoleAppender">
     <encoder>
@@ -105,27 +15,16 @@
     </encoder>
   </appender>
   <logger name="at.gv.egiz.eaaf" level="info">
-    <appender-ref ref="msnode" />
+    <appender-ref ref="console" />
   </logger>
   <logger name="eu.eidas" additivity="false" level="info">
-    <appender-ref ref="EIDASNODE" />
+    <appender-ref ref="console" />
   </logger>
   <logger name="at.gv.egiz.eidas.specific" additivity="false"
     level="info">
-    <appender-ref ref="msnode" />
-  </logger>
-  <logger
-    name="at.gv.egiz.eidas.specific.connector.logger.RevisionLogger"
-    additivity="false" level="info">
-    <appender-ref ref="reversion" />
-  </logger>
-  <logger
-    name="at.gv.egiz.eidas.specific.connector.logger.StatisticLogger"
-    additivity="false" level="info">
-    <appender-ref ref="statistic" />
+    <appender-ref ref="console" />
   </logger>
   <root level="info">
-    <appender-ref ref="stdout" />
     <appender-ref ref="console" />
   </root>
 </configuration>
diff --git a/connector/src/main/resources/specific_eIDAS_connector.beans.xml b/connector/src/main/resources/specific_eIDAS_connector.beans.xml
index 0f8511d5..df2a9aa4 100644
--- a/connector/src/main/resources/specific_eIDAS_connector.beans.xml
+++ b/connector/src/main/resources/specific_eIDAS_connector.beans.xml
@@ -82,6 +82,9 @@
     <property name="guiBuilder" ref="mvcGUIBuilderImpl" />
   </bean>
 
+  <bean id="defaultErrorHandler"
+        class="at.gv.egiz.eaaf.core.impl.idp.auth.services.DefaultErrorService"/>
+
   <bean id="securePendingRequestIdGeneration"
     class="at.gv.egiz.eaaf.core.impl.utils.SecurePendingRequestIdGenerationStrategy" />
 
-- 
cgit v1.2.3


From af013acbb41d98b39d5ede56dbd5227858688e33 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Fri, 25 Jun 2021 10:26:17 +0200
Subject: fix bug in combination with EidasNode v2.5 and DE Middleware

# Conflicts:
#	connector/src/main/resources/application.properties
---
 connector/src/main/resources/application.properties | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'connector/src/main/resources')

diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties
index 2411fde3..73a83c13 100644
--- a/connector/src/main/resources/application.properties
+++ b/connector/src/main/resources/application.properties
@@ -69,7 +69,7 @@ eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll=true
 eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=false
 
 
-
+#eidas.ms.auth.eIDAS.node_v2.requested.nameIdFormat=
 eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high
 
 #eidas.ms.auth.eIDAS.szrclient.useTestService=true
-- 
cgit v1.2.3