From cfb4a314b65e4c0af5cb1be297e131155a2571c9 Mon Sep 17 00:00:00 2001 From: Alexander Marsalek Date: Tue, 9 Feb 2021 21:09:48 +0100 Subject: extract qaa & IssueInstant --- .../idaustriaclient/IdAustriaClientAuthConstants.java | 8 ++++---- ...PhoneSignatureResponseAndSearchInRegistersTask.java | 18 +++++++++++------- 2 files changed, 15 insertions(+), 11 deletions(-) (limited to 'eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus') diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IdAustriaClientAuthConstants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IdAustriaClientAuthConstants.java index 38b50a0a..186deaee 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IdAustriaClientAuthConstants.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IdAustriaClientAuthConstants.java @@ -99,12 +99,12 @@ public class IdAustriaClientAuthConstants { // entity eID information // add(Triple.newInstance(ExtendedPvpAttributeDefinitions.EID_EIDBIND_NAME, // ExtendedPvpAttributeDefinitions.EID_EIDBIND_FRIENDLY_NAME, true)); - add(Triple.newInstance(ExtendedPvpAttributeDefinitions.EID_AUTHBLOCK_SIGNED_NAME, - ExtendedPvpAttributeDefinitions.EID_AUTHBLOCK_SIGNED_FRIENDLY_NAME, true)); +// add(Triple.newInstance(ExtendedPvpAttributeDefinitions.EID_AUTHBLOCK_SIGNED_NAME, +// ExtendedPvpAttributeDefinitions.EID_AUTHBLOCK_SIGNED_FRIENDLY_NAME, true)); //request pII transactionId from MS-Connector - add(Triple.newInstance(ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, - ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_FRIENDLY_NAME, false)); +// add(Triple.newInstance(ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, +// ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_FRIENDLY_NAME, false)); } }); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask.java index 8b58f2e1..d919d229 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask.java @@ -188,11 +188,12 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends } + // initialize Attribute extractor final AssertionAttributeExtractor extractor = new AssertionAttributeExtractor(processedMsg.getFirst().getResponse()); - String bpkzp = getAuthDataFromInterfederation(extractor); + String bpkzp = getAuthDataFromInterfederation(extractor, authProcessData); MergedRegisterSearchResult result = searchInZmrAndErnp(bpkzp); if (result.getResultCount() == 0) { @@ -240,6 +241,7 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends new Object[]{IdAustriaClientAuthConstants.MODULE_NAME_FOR_LOGGING}, e)); } catch (final Exception e) { + e.printStackTrace(); log.debug("PVP response validation FAILED. Msg:" + e.getMessage(), e); throw new TaskExecutionException(pendingReq, ERROR_MSG_03, new AuthnResponseValidationException(ERROR_PVP_12, @@ -305,16 +307,15 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends return null; } - private String getAuthDataFromInterfederation(AssertionAttributeExtractor extractor) + private String getAuthDataFromInterfederation(AssertionAttributeExtractor extractor, + AuthProcessDataWrapper authProcessData) throws EaafBuilderException { - List requiredEidasNodeAttributes = IdAustriaClientAuthConstants.DEFAULT_REQUIRED_PVP_ATTRIBUTE_NAMES; + List requiredAttributes = IdAustriaClientAuthConstants.DEFAULT_REQUIRED_PVP_ATTRIBUTE_NAMES; String bpk = null; try { // check if all attributes are include - if (!extractor.containsAllRequiredAttributes() - || !extractor.containsAllRequiredAttributes( - requiredEidasNodeAttributes)) { + if (!extractor.containsAllRequiredAttributes(requiredAttributes)) { log.warn("PVP Response from 'ID Austria node' contains not all requested attributes."); throw new AssertionValidationExeption(ERROR_PVP_06, new Object[]{ IdAustriaClientAuthConstants.MODULE_NAME_FOR_LOGGING}); @@ -329,6 +330,9 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends if (PvpAttributeDefinitions.BPK_NAME.equals(attrName)) { bpk = extractor.getSingleAttributeValue(attrName); } + if (PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME.equals(attrName)) { + authProcessData.setQaaLevel(extractor.getSingleAttributeValue(attrName)); + } //injectAuthInfosIntoSession(session, attrName, // extractor.getSingleAttributeValue(attrName)); @@ -350,7 +354,7 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends // session.setForeigner(true); // set IssuerInstant from Assertion - // session.setIssueInstant(extractor.getAssertionIssuingDate()); + authProcessData.setIssueInstant(extractor.getAssertionIssuingDate()); // set CCE URL //if (extractor.getFullAssertion().getIssuer() != null -- cgit v1.2.3