From 6bd9903633452f01531e9830db0242e9bf081242 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Thu, 31 Oct 2019 09:48:29 +0100
Subject: add country specific pre-processing to build country specific eIDAS
 requests

---
 .../tasks/GenerateAuthnRequestTask.java            | 81 ++--------------------
 1 file changed, 6 insertions(+), 75 deletions(-)

(limited to 'eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTask.java')

diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTask.java
index f49ed203..a522feb6 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/GenerateAuthnRequestTask.java
@@ -24,10 +24,7 @@
  *******************************************************************************/
 package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.tasks;
 
-import java.util.Map;
 import java.util.UUID;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
@@ -41,14 +38,12 @@ import org.springframework.context.ApplicationContext;
 import org.springframework.stereotype.Component;
 import org.springframework.web.util.UriComponentsBuilder;
 
-import com.google.common.collect.ImmutableSortedSet;
-
 import at.asitplus.eidas.specific.connector.MSConnectorEventCodes;
 import at.asitplus.eidas.specific.connector.MSeIDASNodeConstants;
 import at.asitplus.eidas.specific.connector.gui.StaticGuiBuilderConfiguration;
 import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
 import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAuthenticationException;
-import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.eIDASAttributeRegistry;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.ICCSpecificEIDProcessingService;
 import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
 import at.gv.egiz.eaaf.core.api.gui.ISpringMVCGUIFormBuilder;
 import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
@@ -59,11 +54,8 @@ import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
 import eu.eidas.auth.commons.EidasParameterKeys;
-import eu.eidas.auth.commons.attribute.AttributeDefinition;
-import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
 import eu.eidas.auth.commons.light.ILightRequest;
 import eu.eidas.auth.commons.light.impl.LightRequest;
-import eu.eidas.auth.commons.protocol.eidas.SpType;
 import eu.eidas.auth.commons.tx.BinaryLightToken;
 import eu.eidas.specificcommunication.BinaryLightTokenHelper;
 import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames;
@@ -79,10 +71,10 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
 	private static final Logger log = LoggerFactory.getLogger(GenerateAuthnRequestTask.class);
 	
 	@Autowired IConfiguration basicConfig;
-	@Autowired eIDASAttributeRegistry attrRegistry;
 	@Autowired ApplicationContext context;
 	@Autowired ITransactionStorage transactionStore; 
 	@Autowired ISpringMVCGUIFormBuilder guiBuilder;
+	@Autowired ICCSpecificEIDProcessingService ccSpecificProcessing;
 	 
 	@Override
 	public void execute(ExecutionContext executionContext,
@@ -142,49 +134,7 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
 						
 			log.debug("Request eIdAS node with LoA: " + loa);
 			authnRequestBuilder.levelOfAssurance(loa);
-			
-			//set correct SPType for requested target sector				
-			String publicSectorTargetSelector = basicConfig.getBasicConfiguration(
-					Constants.CONIG_PROPS_EIDAS_NODE_PUBLICSECTOR_TARGETS, 
-					Constants.POLICY_DEFAULT_ALLOWED_TARGETS);		
-			Pattern p = Pattern.compile(publicSectorTargetSelector);
-			Matcher m = p.matcher(spConfig.getAreaSpecificTargetIdentifier());
-			if (m.matches()) {
-				log.debug("Map " + spConfig.getAreaSpecificTargetIdentifier() + " to 'PublicSector'");
-				authnRequestBuilder.spType(SpType.PUBLIC.getValue());
-
-				if ( basicConfig.getBasicConfigurationBoolean(
-						Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_USE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, 
-						false) ) {
-					authnRequestBuilder.providerName(basicConfig.getBasicConfiguration(
-							Constants.CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, 
-							Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP));
-					
-				} else {				
-					//TODO: only for eIDAS ref. node 2.0 and 2.1 because it need 'Providername' for any SPType				 
-					String providerName = pendingReq.getRawData(Constants.DATA_PROVIDERNAME, String.class);
-					if ( StringUtils.isNotEmpty(providerName) 
-							&& basicConfig.getBasicConfigurationBoolean(
-									Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_ADD_ALWAYS_PROVIDERNAME, 
-									false)
-						) {
-						authnRequestBuilder.providerName(providerName);
-					
-					}
-				}
-				
-			} else {
-				log.debug("Map " + spConfig.getAreaSpecificTargetIdentifier() + " to 'PrivateSector'");
-				authnRequestBuilder.spType(SpType.PRIVATE.getValue());
-			
-				//TODO: switch to RequesterId in further version
-				//set provider name for private sector applications
-				String providerName = pendingReq.getRawData(Constants.DATA_PROVIDERNAME, String.class);
-				if (StringUtils.isNotEmpty(providerName))
-					authnRequestBuilder.providerName(providerName);
-			
-			}
-			
+						
 			//set nameIDFormat
 			authnRequestBuilder.nameIdFormat(Constants.eIDAS_REQ_NAMEID_FORMAT);
 			
@@ -196,11 +146,10 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
 			 * eIDASNode implements limit on size for RelayState (80characaters)
 			 */
 			//authnRequestBuilder.relayState(pendingReq.getPendingRequestId());
+							
+			//Add country-specific informations into eIDAS request
+			ccSpecificProcessing.preProcess(citizenCountryCode, pendingReq, authnRequestBuilder);
 			
-			//build and add requested attribute set								
-			ImmutableAttributeMap reqAttrMap = translateToEidasAttributes(attrRegistry.getAttributeSetFromConfiguration());						
-			authnRequestBuilder.requestedAttributes(reqAttrMap);
-						
 			//build request
 			LightRequest lightAuthnReq = authnRequestBuilder.build();
 			
@@ -305,24 +254,6 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
     	return null;
 		
 	}
-
-	private ImmutableAttributeMap translateToEidasAttributes(final Map<String, Boolean> requiredAttributes) {
-        ImmutableAttributeMap.Builder builder = ImmutableAttributeMap.builder();
-        for (Map.Entry<String,Boolean> attribute : requiredAttributes.entrySet()) {
-            final String name = attribute.getKey();
-            final ImmutableSortedSet<AttributeDefinition<?>> byFriendlyName = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(name);            
-            if (!byFriendlyName.isEmpty()) {
-                final AttributeDefinition<?> attributeDefinition = byFriendlyName.first();
-                builder.put(AttributeDefinition.builder(attributeDefinition).required(attribute.getValue()).build());
-                                
-            } else
-            	log.warn("Can NOT request UNKNOWN attribute: " + attribute.getKey() + " Ignore it!");
-            	
-        }
-
-        return builder.build();
-        
-    }
 	
     private BinaryLightToken putRequestInCommunicationCache(ILightRequest iLightRequest) throws ServletException {
         final BinaryLightToken binaryLightToken;
-- 
cgit v1.2.3