From dcba52858a8815a99628e1198505b6a3e9369e85 Mon Sep 17 00:00:00 2001
From: Christian Kollmann <christian.kollmann@a-sit.at>
Date: Tue, 30 Nov 2021 15:34:19 +0100
Subject: Remove unused constant

Fixes #10
---
 .../specific/modules/auth/eidas/v2/Constants.java  | 29 ++++----
 .../auth/eidas/v2/tasks/AlternativeSearchTask.java | 79 +++++++++++-----------
 .../eidas/v2/tasks/CreateIdentityLinkTask.java     | 58 ++++++++--------
 .../auth/eidas/v2/tasks/InitialSearchTask.java     |  7 +-
 .../ReceiveAustrianResidenceGuiResponseTask.java   | 70 +++++++++----------
 .../ReceiveMobilePhoneSignatureResponseTask.java   | 58 ++++++++--------
 .../ReceiveOtherLoginMethodGuiResponseTask.java    | 31 ++++-----
 7 files changed, 161 insertions(+), 171 deletions(-)

(limited to 'eidas_modules/authmodule-eIDAS-v2/src/main/java')

diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
index ee9b00f7..bfb82474 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
@@ -39,11 +39,6 @@ public class Constants {
   public static final String DATA_FULL_EIDAS_RESPONSE = "resp_fulleIDASResponse";
   public static final String DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE = "resp_fulleIDASResponseAlternative";
 
-  /**
-   * Stored when one match from register was found.
-   */
-  public static final String DATA_RESULT_MATCHING_BPK = "matching_result_bpk";
-
   /**
    * Stored before Step 2 from Matching Concept, input from user eIDAS authn.
    */
@@ -67,7 +62,7 @@ public class Constants {
 
   // configuration properties
   public static final String CONIG_PROPS_EIDAS_PREFIX = "auth.eIDAS";
-  public static final String CONIG_PROPS_EIDAS_IS_TEST_IDENTITY = CONIG_PROPS_EIDAS_PREFIX 
+  public static final String CONIG_PROPS_EIDAS_IS_TEST_IDENTITY = CONIG_PROPS_EIDAS_PREFIX
       + ".eid.testidentity.default";
   public static final String CONIG_PROPS_EIDAS_NODE = CONIG_PROPS_EIDAS_PREFIX + ".node_v2";
   public static final String CONIG_PROPS_EIDAS_NODE_COUNTRYCODE = CONIG_PROPS_EIDAS_NODE + ".countrycode";
@@ -84,20 +79,20 @@ public class Constants {
       CONIG_PROPS_EIDAS_NODE + ".attributes.requested.{0}.onlynatural";
   public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_REPRESENTATION =
       CONIG_PROPS_EIDAS_NODE + ".attributes.requested.representation";
-  
+
   public static final String CONIG_PROPS_EIDAS_NODE_REQUESTERID_USE_HASHED_VERSION =
       CONIG_PROPS_EIDAS_NODE + ".requesterId.useHashedForm";
   public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USE_STATIC_REQUESTERID_FOR_LUX =
       CONIG_PROPS_EIDAS_NODE + ".requesterId.lu.useStaticRequesterForAll";
-  
+
   public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_ADD_ALWAYS_PROVIDERNAME =
-      CONIG_PROPS_EIDAS_NODE + ".workarounds.addAlwaysProviderName";  
+      CONIG_PROPS_EIDAS_NODE + ".workarounds.addAlwaysProviderName";
   public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USEREQUESTIDASTRANSACTIONIDENTIFIER =
       CONIG_PROPS_EIDAS_NODE + ".workarounds.useRequestIdAsTransactionIdentifier";
-  
-  public static final String CONFIG_PROP_EIDAS_NODE_NAMEIDFORMAT = 
+
+  public static final String CONFIG_PROP_EIDAS_NODE_NAMEIDFORMAT =
       CONIG_PROPS_EIDAS_NODE + ".requested.nameIdFormat";
-  
+
   public static final String CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = CONIG_PROPS_EIDAS_NODE
       + ".staticProviderNameForPublicSPs";
   public static final String DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = "Austria";
@@ -279,14 +274,14 @@ public class Constants {
   public static final String COUNTRY_CODE_DE = "DE";
   public static final String COUNTRY_CODE_IT = "IT";
 
-  
+
   // UI options
   public static final String HTML_FORM_ADVANCED_MATCHING_FAILED = "advancedMatchingFailed";
-  
-  
+
+
   // ProcessEngine context
   public static final String CONTEXT_FLAG_ADVANCED_MATCHING_FAILED = HTML_FORM_ADVANCED_MATCHING_FAILED;
-    
+
   /**
    * {@link at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateNewErnpEntryTask}.
    */
@@ -315,7 +310,7 @@ public class Constants {
    */
   public static final String TRANSITION_TO_GENERATE_EIDAS_LOGIN = "TASK_GenerateAlternativeEidasAuthn";
 
-  
+
   /**
    * Stores login selection from user.
    */
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/AlternativeSearchTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/AlternativeSearchTask.java
index e0273d10..f021fae9 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/AlternativeSearchTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/AlternativeSearchTask.java
@@ -62,7 +62,6 @@ import lombok.extern.slf4j.Slf4j;
  * Output:
  * <ul>
  *     <li>{@link Constants#DATA_PERSON_MATCH_RESULT} results after second search in registers with MDS</li>
- *     <li>{@link Constants#DATA_RESULT_MATCHING_BPK} if one register result found</li>
  * </ul>
  * Transitions:
  * <ul>
@@ -98,123 +97,123 @@ public class AlternativeSearchTask extends AbstractAuthServletTask {
   public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
       throws TaskExecutionException {
     try {
-      final SimpleEidasData altEidasData = convertEidasAttrToSimpleData();            
+      final SimpleEidasData altEidasData = convertEidasAttrToSimpleData();
       final SimpleEidasData initialEidasData = MatchingTaskUtils.getInitialEidasData(pendingReq);
-      final RegisterStatusResults intermediateMatchingState = 
+      final RegisterStatusResults intermediateMatchingState =
           MatchingTaskUtils.getIntermediateMatchingResult(pendingReq);
-            
+
       //pre-validation of eIDAS data
       preVerifyAlternativeEidasData(altEidasData, initialEidasData, intermediateMatchingState);
-            
+
       //perform register search operation based on alterantive eIDAS data
-      step11RegisterSearchWithPersonIdentifier(executionContext, altEidasData, 
+      step11RegisterSearchWithPersonIdentifier(executionContext, altEidasData,
           intermediateMatchingState, initialEidasData);
-      
+
     } catch (WorkflowException e) {
       throw new TaskExecutionException(pendingReq, "Initial search failed", e);
-      
+
     } catch (final Exception e) {
       log.error("Initial search failed", e);
       throw new TaskExecutionException(pendingReq, "Initial search failed with a generic error", e);
-      
+
     }
   }
 
   /**
    * Pre-validation of eIDAS information.
-   * 
+   *
    * <p>Check if country-code and MDS (givenName, familyName, dateOfBirth) matches.</p>
-   * 
+   *
    * @param altEidasData eIDAS data from alternative authentication
    * @param initialEidasData eIDAS data from initial authentication
    * @param intermediateMatchingState Intermediate matching result
    * @throws WorkflowException In case of a validation error
    */
-  private void preVerifyAlternativeEidasData(SimpleEidasData altEidasData, SimpleEidasData initialEidasData, 
+  private void preVerifyAlternativeEidasData(SimpleEidasData altEidasData, SimpleEidasData initialEidasData,
       RegisterStatusResults intermediateMatchingState) throws WorkflowException {
     if (initialEidasData == null) {
       throw new WorkflowException("step11", "No initial eIDAS authn data", true);
-      
+
     }
-    
+
     if (intermediateMatchingState == null) {
       throw new WorkflowException("step11", "No intermediate matching-state", true);
-      
+
     }
-    
+
     if (!Objects.equals(altEidasData.getCitizenCountryCode(), initialEidasData.getCitizenCountryCode())) {
       throw new WorkflowException("step11", "Country Code of alternative eIDAS authn not matching", true);
-      
+
     }
-    
+
     if (!altEidasData.equalsMds(initialEidasData)) {
       throw new WorkflowException("step11", "MDS of alternative eIDAS authn does not match initial authn", true);
-      
+
     }
   }
 
   private void step11RegisterSearchWithPersonIdentifier(
-      ExecutionContext executionContext, SimpleEidasData altEidasData, 
+      ExecutionContext executionContext, SimpleEidasData altEidasData,
       RegisterStatusResults intermediateMatchingState, SimpleEidasData initialEidasData)
       throws WorkflowException, EaafStorageException {
     try {
       log.trace("Starting step11RegisterSearchWithPersonIdentifier");
       RegisterStatusResults altSearchResult = registerSearchService.searchWithPersonIdentifier(
           intermediateMatchingState.getOperationStatus(), altEidasData);
-      
+
       int resultCount = altSearchResult.getResultCount();
       if (resultCount == 0) {
-        step12CountrySpecificSearch(executionContext, intermediateMatchingState, initialEidasData, 
+        step12CountrySpecificSearch(executionContext, intermediateMatchingState, initialEidasData,
             altSearchResult.getOperationStatus(), altEidasData);
-        
+
       } else if (resultCount == 1) {
         log.debug("step11RegisterSearchWithPersonIdentifier find single result. Starting KITT operation ... ");
         RegisterStatusResults matchtedResult = registerSearchService.step7bKittProcess(
             intermediateMatchingState, initialEidasData, altSearchResult, altEidasData);
-        
+
         log.debug("KITT operation finished. Finalize matching process ... ");
         foundMatchFinalizeTask(matchtedResult, altEidasData);
-        
+
       } else {
         throw new WorkflowException("step11RegisterSearchWithPersonIdentifier",
             "More than one entry with unique personal-identifier", true);
-        
+
       }
     } catch (WorkflowException e) {
       log.warn("Workflow error during matching step: {}. Reason: {}", e.getProcessStepName(), e.getErrorReason());
       throw e;
-      
+
     }
   }
 
   private void step12CountrySpecificSearch(ExecutionContext executionContext,
-                                           RegisterStatusResults intermediateMatchingState, 
+                                           RegisterStatusResults intermediateMatchingState,
                                            SimpleEidasData initialEidasData,
                                            RegisterOperationStatus registerOperationStatus,
                                            SimpleEidasData altEidasData)
       throws EaafStorageException, WorkflowException {
-    log.trace("Starting 'step12CountrySpecificSearch' ... ");    
+    log.trace("Starting 'step12CountrySpecificSearch' ... ");
     RegisterStatusResults ccAltSearchResult = registerSearchService.searchWithCountrySpecifics(
         registerOperationStatus, altEidasData);
-        
+
     if (ccAltSearchResult.getResultCount() == 0) {
       log.trace("'step12CountrySpecificSearch' ends with no result. Forward to GUI based matching step ... ");
       log.debug("Forward to GUI based matching steps ... ");
       executionContext.put(TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK, true);
-      
-    } else if (ccAltSearchResult.getResultCount() == 1) {      
-      log.debug("'step12CountrySpecificSearch' find single result. Starting KITT operation ... ");      
+
+    } else if (ccAltSearchResult.getResultCount() == 1) {
+      log.debug("'step12CountrySpecificSearch' find single result. Starting KITT operation ... ");
       RegisterStatusResults matchtedResult = registerSearchService.step7bKittProcess(
           intermediateMatchingState, initialEidasData, ccAltSearchResult, altEidasData);
-      
-      log.debug("KITT operation finished. Finalize matching process ... ");            
+
+      log.debug("KITT operation finished. Finalize matching process ... ");
       foundMatchFinalizeTask(matchtedResult, altEidasData);
-      
+
     } else {
       throw new WorkflowException("step12CountrySpecificSearch",
           "More than one entry with unique country-specific information", true);
-      
-    }    
+
+    }
   }
 
   private void foundMatchFinalizeTask(RegisterStatusResults searchResult, SimpleEidasData eidasData)
@@ -222,10 +221,10 @@ public class AlternativeSearchTask extends AbstractAuthServletTask {
     MatchedPersonResult result = MatchedPersonResult.generateFormMatchingResult(
         searchResult.getResult(), eidasData.getCitizenCountryCode());
     MatchingTaskUtils.storeFinalMatchingResult(pendingReq, result);
-    
+
     //remove intermediate matching-state
     MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, null);
-    
+
   }
 
   @NotNull
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
index 35717ae0..c95c275e 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
@@ -71,11 +71,11 @@ import lombok.extern.slf4j.Slf4j;
 import szrservices.IdentityLinkType;
 
 /**
- * Task that creates the IdentityLink for an eIDAS authenticated person. 
+ * Task that creates the IdentityLink for an eIDAS authenticated person.
  * Input:
  * <ul>
  *     <li>{@link Constants#DATA_SIMPLE_EIDAS} initial login data from user</li>
- *     <li>{@link Constants#DATA_RESULT_MATCHING_BPK} the BPK of the matched entry in a register</li>
+ *     <li>{@link Constants#DATA_PERSON_MATCH_RESULT} the data of the matched entry in a register</li>
  * </ul>
  * Output:
  * <ul>
@@ -116,47 +116,47 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
   @Override
   public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
       throws TaskExecutionException {
-    try {      
-      
+    try {
+
       /*TODO: needs more re-factoring if we finalize CreateNewErnpEntryTask and we know how add entries into ERnP
-       *      Maybe, we can fully replace eidData by matchedPersonData, 
+       *      Maybe, we can fully replace eidData by matchedPersonData,
        *      because matchedPersonData holds the result after a successful matching process.
-       *      
+       *
        *      Currently, we only add a work-around to operate without new ERnP implementation.
        */
-      final SimpleEidasData eidData = MatchingTaskUtils.getInitialEidasData(pendingReq);      
+      final SimpleEidasData eidData = MatchingTaskUtils.getInitialEidasData(pendingReq);
       MatchedPersonResult matchedPersonData = MatchingTaskUtils.getFinalMatchingResult(pendingReq);
-      
+
       writeMdsLogInformation(eidData);
 
       if (basicConfig.getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USEDUMMY, false)) {
         buildDummyIdentityLink(eidData);
-        
+
       } else {
         //request SZR based on IDL or E-ID mode
         if (pendingReq.getServiceProviderConfiguration()
             .isConfigurationValue(MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE, false)) {
           executeEidMode(eidData, matchedPersonData);
-          
+
         } else {
           executeIdlMode(eidData, matchedPersonData);
-          
-        }        
+
+        }
       }
-      
+
       storeGenericInfoToSession(eidData);
       requestStoreage.storePendingRequest(pendingReq);
-      
+
     } catch (final EidasAttributeException e) {
       throw new TaskExecutionException(pendingReq, "Minimum required eIDAS attributeset not found.", e);
-      
+
     } catch (final EaafException e) {
       throw new TaskExecutionException(pendingReq, "IdentityLink generation for foreign person FAILED.", e);
-      
+
     } catch (final Exception e) {
       log.error("IdentityLink generation for foreign person FAILED.", e);
       throw new TaskExecutionException(pendingReq, "IdentityLink generation for foreign person FAILED.", e);
-      
+
     }
   }
 
@@ -191,18 +191,18 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
 
   private void executeEidMode(SimpleEidasData eidData, MatchedPersonResult matchedPersonData)
       throws JsonProcessingException, EaafException, JoseException {
-    // get encrypted baseId        
+    // get encrypted baseId
     String vsz;
     if (matchedPersonData != null) {
       log.debug("Requesting encrypted baseId by already matched person information ... ");
       vsz = szrClient.getEncryptedStammzahl(matchedPersonData);
-      
+
     } else {
       log.debug("Requesting encrypted baseId by using eIDAS information directly ... ");
-      vsz = szrClient.createNewErnpEntry(eidData);  
-      
+      vsz = szrClient.createNewErnpEntry(eidData);
+
     }
-    
+
     //write revision-Log entry and extended infos personal-identifier mapping
     revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_VSZ_RECEIVED);
     writeExtendedRevisionLogEntry(eidData, eidData.getPersonalIdentifier());
@@ -221,7 +221,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
 
     //inject personal-data into session
     authProcessDataWrapper.setEidProcess(true);
-    
+
   }
 
   private void buildDummyIdentityLink(SimpleEidasData eidData)
@@ -249,7 +249,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
     }
   }
 
-  private SzrResultHolder requestSzrForIdentityLink(SimpleEidasData eidData, 
+  private SzrResultHolder requestSzrForIdentityLink(SimpleEidasData eidData,
       MatchedPersonResult matchedPersonData) throws EaafException {
     //request IdentityLink from SZR
     IdentityLinkType result;
@@ -257,14 +257,14 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
     if (matchedPersonData != null) {
       log.debug("Requesting encrypted baseId by already matched person information ... ");
       result = szrClient.getIdentityLinkInRawMode(matchedPersonData);
-      
+
     } else {
       log.debug("Requesting encrypted baseId by using eIDAS information directly ... ");
       result = szrClient.getIdentityLinkInRawMode(eidData);
-      
+
     }
-    
-    
+
+
     final Element idlFromSzr = (Element) result.getAssertion();
     final IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSzr).parseIdentityLink();
 
@@ -336,7 +336,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
     }
   }
 
- 
+
   /**
    * write MDS into technical log and revision log.
    */
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java
index b9769bc4..6b0f336e 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java
@@ -65,7 +65,6 @@ import lombok.extern.slf4j.Slf4j;
  *     <li>{@link Constants#DATA_INTERMEDIATE_RESULT} results from first search in registers with
  *     PersonIdentifier</li>
  *     <li>{@link Constants#DATA_PERSON_MATCH_RESULT} results after second search in registers with MDS</li>
- *     <li>{@link Constants#DATA_RESULT_MATCHING_BPK} if one register result found</li>
  * </ul>
  * Transitions:
  * <ul>
@@ -122,14 +121,14 @@ public class InitialSearchTask extends AbstractAuthServletTask {
       int resultCount = searchResult.getResultCount();
       if (resultCount == 0) {
         step6CountrySpecificSearch(executionContext, searchResult.getOperationStatus(), eidasData);
-        
+
       } else if (resultCount == 1) {
         foundMatchFinalizeTask(searchResult, eidasData);
-        
+
       } else {
         throw new WorkflowException("step2RegisterSearchWithPersonIdentifier",
             "More than one entry with unique personal-identifier", true);
-        
+
       }
     } catch (WorkflowException e) {
       //TODO: what we do in case of a workflow error and manual matching are necessary??
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
index 83fdf771..53485b03 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
@@ -61,7 +61,7 @@ import lombok.extern.slf4j.Slf4j;
  * </ul>
  * Output:
  * <ul>
- *   <li>{@link Constants#DATA_RESULT_MATCHING_BPK} if one register result found</li>
+ *   <li>{@link Constants#DATA_PERSON_MATCH_RESULT} if one register result found</li>
  * </ul>
  * Transitions:
  * <ul>
@@ -102,89 +102,89 @@ public class ReceiveAustrianResidenceGuiResponseTask extends AbstractAuthServlet
   public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
       throws TaskExecutionException {
     log.trace("Starting ReceiveAustrianResidenceGuiResponseTask");
-        
-    UserInput input = parseHtmlInput(request);    
+
+    UserInput input = parseHtmlInput(request);
     if (!input.isFormerResidenceAvailable()) {
       moveToNextTask(executionContext);
       return;
-      
+
     }
-        
+
     //TODO: Here, we need an error handling an can not stop full process if form input was invalid
     //TODO: check minimum form elements
-    /*TODO: maybe we can switch to custom controller and use WebMVC form-binding feature. 
+    /*TODO: maybe we can switch to custom controller and use WebMVC form-binding feature.
      *      Binding element can be add as attribute to this request
      */
     if (input.getStreet().isEmpty() || input.getCity().isEmpty() || input.getZipcode().isEmpty()) {
       // HTML form should ensure that mandatory fields are set => this should never happen
-      throw new TaskExecutionException(pendingReq, "Invalid user input", 
+      throw new TaskExecutionException(pendingReq, "Invalid user input",
           new InvalidUserInputException("module.eidasauth.matching.06"));
-      
+
     }
-    
-    
-        
+
+
+
     try {
       SimpleEidasData eidasData = MatchingTaskUtils.getInitialEidasData(pendingReq);
       RegisterStatusResults initialSearchResult = MatchingTaskUtils.getIntermediateMatchingResult(pendingReq);
-      
-      RegisterStatusResults residencyResult = 
-          registerSearchService.searchWithResidence(initialSearchResult.getOperationStatus(), 
+
+      RegisterStatusResults residencyResult =
+          registerSearchService.searchWithResidence(initialSearchResult.getOperationStatus(),
               eidasData, input.zipcode, input.city, input.street);
       if (residencyResult.getResultCount() == 0) {
         //TODO: her we should add a GUI step of result is zero to inform user an forward process by click
         moveToNextTask(executionContext);
-        
+
       } else if (residencyResult.getResultCount() == 1) {
         compareSearchResultWithInitialData(executionContext, residencyResult, eidasData);
-        
+
       } else {
-        /*TODO: align with form generation task and to better error handling in case of more-than-one result. 
+        /*TODO: align with form generation task and to better error handling in case of more-than-one result.
          *      Maybe the user has to provide more information.
          */
         throw new TaskExecutionException(pendingReq,
             "Manual Fix necessary", new ManualFixNecessaryException(eidasData));
-        
+
       }
-      
+
     } catch (EaafStorageException e) {
       log.error("Search with residency data failed", e);
       throw new TaskExecutionException(pendingReq, "Search with residency data failed", e);
-      
+
     }
   }
 
-  private void compareSearchResultWithInitialData(ExecutionContext executionContext, 
+  private void compareSearchResultWithInitialData(ExecutionContext executionContext,
       RegisterStatusResults residencyResult, SimpleEidasData eidasData)
       throws TaskExecutionException, EaafStorageException {
-    try {            
+    try {
       /*TODO: check 'equalsRegisterData' because this method maybe this method evaluate to an invalid result.
        *      See TODO in methods body
-       */      
+       */
       if (eidasData.equalsRegisterData(residencyResult.getResult())) {
         // update register information
         registerSearchService.step7aKittProcess(residencyResult, eidasData);
-                                
+
         // store search result to re-used in CreateIdentityLink step, because there we need bPK and MDS
-        MatchingTaskUtils.storeFinalMatchingResult(pendingReq, 
+        MatchingTaskUtils.storeFinalMatchingResult(pendingReq,
             MatchedPersonResult.generateFormMatchingResult(
                 residencyResult.getResult(), eidasData.getCitizenCountryCode()));
-        
+
       } else {
         moveToNextTask(executionContext);
-        
+
       }
-      
+
     } catch (WorkflowException e) {
       throw new TaskExecutionException(pendingReq, "Search failed", new ManualFixNecessaryException(eidasData));
-      
+
     }
   }
 
   private void moveToNextTask(ExecutionContext executionContext) {
     // Later on, this should transition to Step 20
     executionContext.put(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK, true);
-    
+
   }
 
   private @NotNull UserInput parseHtmlInput(HttpServletRequest request) {
@@ -195,20 +195,20 @@ public class ReceiveAustrianResidenceGuiResponseTask extends AbstractAuthServlet
       String escaped = StringEscapeUtils.escapeHtml(request.getParameter(paramName));
       if (PARAM_FORMER_RESIDENCE_AVAILABLE.equalsIgnoreCase(paramName)) {
         result.setFormerResidenceAvailable(Boolean.parseBoolean(escaped));
-        
+
       } else if (PARAM_STREET.equalsIgnoreCase(paramName)) {
         result.setStreet(escaped);
-        
+
       } else if (PARAM_CITY.equalsIgnoreCase(paramName)) {
         result.setCity(escaped);
-        
+
       } else if (PARAM_ZIPCODE.equalsIgnoreCase(paramName)) {
         result.setZipcode(escaped);
-        
+
       }
     }
     return result;
-    
+
   }
 
 }
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java
index d43a175f..03cf5858 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java
@@ -91,7 +91,7 @@ import lombok.extern.slf4j.Slf4j;
  * </ul>
  * Output:
  * <ul>
- *     <li>{@link Constants#DATA_RESULT_MATCHING_BPK} if one register result found</li>
+ *     <li>{@link Constants#DATA_PERSON_MATCH_RESULT} if one register result found</li>
  * </ul>
  * Transitions:
  * <ul>
@@ -150,83 +150,83 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet
       Pair<PvpSProfileResponse, Boolean> processedMsg = validateAssertion((PvpSProfileResponse) inboundMessage);
       if (processedMsg.getSecond()) {
         // forward to next matching step in case of ID Autria authentication was stopped by user
-        executionContext.put(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK, true);        
+        executionContext.put(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK, true);
         return;
-        
+
       }
 
       // validate SAML2 response
       validateEntityId(inboundMessage);
       log.info("Receive a valid assertion from IDP " + inboundMessage.getEntityID());
-            
+
       // load already existing information from session
       SimpleEidasData eidasData = MatchingTaskUtils.getInitialEidasData(pendingReq);
       RegisterStatusResults initialSearchResult = MatchingTaskUtils.getIntermediateMatchingResult(pendingReq);
-      
+
       // extract user information from ID Austria authentication
       AssertionAttributeExtractor extractor = new AssertionAttributeExtractor(processedMsg.getFirst().getResponse());
       SimpleMobileSignatureData simpleMobileSignatureData = getAuthDataFromInterfederation(extractor);
-      
-      // check if MDS from ID Austria authentication matchs to eIDAS authentication  
+
+      // check if MDS from ID Austria authentication matchs to eIDAS authentication
       if (!simpleMobileSignatureData.equalsSimpleEidasData(eidasData)) {
         // user has cheated!?
-        throw new InvalidUserInputException("module.eidasauth.matching.05"); 
-               
+        throw new InvalidUserInputException("module.eidasauth.matching.05");
+
       }
-            
+
       // search entry in initial search result from steps before and build new RegisterSearchResult
       RegisterStatusResults registerResult = new RegisterStatusResults(initialSearchResult.getOperationStatus(),
           extractEntriesByBpk(initialSearchResult.getResultsZmr().stream(), simpleMobileSignatureData.getBpk()),
           extractEntriesByBpk(initialSearchResult.getResultsErnp().stream(), simpleMobileSignatureData.getBpk()));
-          
+
       if (registerResult.getResultCount() != 1) {
         throw new WorkflowException("matchWithIDAustriaAuthentication",
             "Suspect state detected. MDS matches to eIDAS authentication "
-                + "but register search-result with MDS contains #" + registerResult.getResultCount() 
-                + " entry with bPK from ID Austria authentication", false);  
-        
+                + "but register search-result with MDS contains #" + registerResult.getResultCount()
+                + " entry with bPK from ID Austria authentication", false);
+
       } else {
         // perform kit operation
         registerSearchService.step7aKittProcess(registerResult, eidasData);
-        
-        // store search result to re-used in CreateIdentityLink step, because there we need bPK and MDS        
-        MatchingTaskUtils.storeFinalMatchingResult(pendingReq, 
-            MatchedPersonResult.generateFormMatchingResult(registerResult.getResult(), 
+
+        // store search result to re-used in CreateIdentityLink step, because there we need bPK and MDS
+        MatchingTaskUtils.storeFinalMatchingResult(pendingReq,
+            MatchedPersonResult.generateFormMatchingResult(registerResult.getResult(),
                 eidasData.getCitizenCountryCode()));
-        
-      }            
-      
+
+      }
+
     } catch (final AuthnResponseValidationException e) {
       throw new TaskExecutionException(pendingReq, ERROR_MSG_03, e);
-      
+
     } catch (MessageDecodingException | SecurityException | SamlSigningException e) {
       //final String samlRequest = request.getParameter("SAMLRequest");
       //log.debug("Receive INVALID PVP Response from 'ms-specific eIDAS node': {}",
       //    samlRequest, null, e);
       throw new TaskExecutionException(pendingReq, ERROR_MSG_00,
           new AuthnResponseValidationException(ERROR_PVP_11, new Object[]{MODULE_NAME_FOR_LOGGING}, e));
-      
+
     } catch (IOException | MarshallingException | TransformerException e) {
       log.debug("Processing PVP response from 'ms-specific eIDAS node' FAILED.", e);
       throw new TaskExecutionException(pendingReq, ERROR_MSG_01,
           new AuthnResponseValidationException(ERROR_PVP_12, new Object[]{MODULE_NAME_FOR_LOGGING, e.getMessage()}, e));
-      
+
     } catch (final CredentialsNotAvailableException e) {
       log.debug("PVP response decryption FAILED. No credential found.", e);
       throw new TaskExecutionException(pendingReq, ERROR_MSG_02,
           new AuthnResponseValidationException(ERROR_PVP_10, new Object[]{MODULE_NAME_FOR_LOGGING}, e));
-      
+
     } catch (final Exception e) {
       // todo catch ManualFixNecessaryException in any other way?
       log.debug("PVP response validation FAILED. Msg:" + e.getMessage(), e);
       throw new TaskExecutionException(pendingReq, ERROR_MSG_03,
           new AuthnResponseValidationException(ERROR_PVP_12, new Object[]{MODULE_NAME_FOR_LOGGING, e.getMessage()}, e));
-      
+
     }
   }
 
   private List<RegisterResult> extractEntriesByBpk(Stream<RegisterResult> stream, String bpk) {
-    return stream.filter(el -> bpk.equals(el.getBpk())).collect(Collectors.toList());       
+    return stream.filter(el -> bpk.equals(el.getBpk())).collect(Collectors.toList());
 
   }
 
@@ -354,7 +354,7 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet
       }
       if (PvpAttributeDefinitions.BIRTHDATE_NAME.equals(attrName)) {
         builder.dateOfBirth(extractor.getSingleAttributeValue(attrName));
-      }      
+      }
       if (PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME.equals(attrName)) {
         MatchingTaskUtils.getAuthProcessDataWrapper(pendingReq).setQaaLevel(
             extractor.getSingleAttributeValue(attrName));
@@ -362,7 +362,7 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet
     }
     MatchingTaskUtils.getAuthProcessDataWrapper(pendingReq).setIssueInstant(extractor.getAssertionIssuingDate());
     return builder.build();
-    
+
   }
 
 
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java
index c2c1a351..812e534c 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java
@@ -47,14 +47,11 @@ import lombok.extern.slf4j.Slf4j;
  *     <li>{@link Constants#DATA_SIMPLE_EIDAS} initial login data from user</li>
  *     <li>{@link Constants#DATA_INTERMEDIATE_RESULT} results from search in registers with personIdentifier</li>
  * </ul>
- * Output:
- * <ul>
- *     <li>{@link Constants#DATA_RESULT_MATCHING_BPK} if one register result found</li>
- * </ul>
  * Transitions:
  * <ul>
  *     <li>{@link GenerateMobilePhoneSignatureRequestTask} if selected by user</li>
  *     <li>{@link GenerateAustrianResidenceGuiTask} if selected by user</li>
+ *     <li>{@link GenerateAuthnRequestTask} if selected by user</li>
  * </ul>
  *
  * @author amarsalek
@@ -65,23 +62,23 @@ import lombok.extern.slf4j.Slf4j;
 public class ReceiveOtherLoginMethodGuiResponseTask extends AbstractLocaleAuthServletTask {
 
   @Override
-  public void executeWithLocale(ExecutionContext executionContext, HttpServletRequest request, 
+  public void executeWithLocale(ExecutionContext executionContext, HttpServletRequest request,
       HttpServletResponse response) throws TaskExecutionException {
     try {
       SelectedLoginMethod selection = SelectedLoginMethod.valueOf(extractUserSelection(request));
       executionContext.put(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER, selection);
       executionContext.remove(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED);
       transitionToNextTask(executionContext, selection);
-      
+
     } catch (final IllegalArgumentException e) {
       log.error("Parsing selected login method FAILED.", e);
       throw new TaskExecutionException(pendingReq, "Parsing selected login method FAILED.",
           new InvalidUserInputException("module.eidasauth.matching.98"));
-      
+
     } catch (final Exception e) {
       log.error("Parsing selected login method FAILED.", e);
       throw new TaskExecutionException(pendingReq, "Parsing selected login method FAILED.", e);
-      
+
     }
   }
 
@@ -91,12 +88,12 @@ public class ReceiveOtherLoginMethodGuiResponseTask extends AbstractLocaleAuthSe
       String paramName = paramNames.nextElement();
       if (Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER.equalsIgnoreCase(paramName)) {
         return StringEscapeUtils.escapeHtml(request.getParameter(paramName));
-        
+
       }
     }
-    
+
     throw new InvalidUserInputException("module.eidasauth.matching.98");
-    
+
   }
 
   private void transitionToNextTask(ExecutionContext executionContext, SelectedLoginMethod selection)
@@ -105,22 +102,22 @@ public class ReceiveOtherLoginMethodGuiResponseTask extends AbstractLocaleAuthSe
       case EIDAS_LOGIN:
         executionContext.put(Constants.TRANSITION_TO_GENERATE_EIDAS_LOGIN, true);
         return;
-      
+
       case MOBILE_PHONE_SIGNATURE_LOGIN:
         executionContext.put(Constants.TRANSITION_TO_GENERATE_MOBILE_PHONE_SIGNATURE_REQUEST_TASK, true);
         return;
-      
+
       case NO_OTHER_LOGIN:
         executionContext.put(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK, true);
         return;
-        
+
       case ADD_ME_AS_NEW:
         executionContext.put(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK, true);
-        return;        
-        
+        return;
+
       default:
         throw new InvalidUserInputException("module.eidasauth.matching.98");
-        
+
     }
   }
 
-- 
cgit v1.2.3


From 38c46d567ea517bbdea07b922c34cb2add6eccf3 Mon Sep 17 00:00:00 2001
From: Christian Kollmann <christian.kollmann@a-sit.at>
Date: Tue, 30 Nov 2021 15:40:53 +0100
Subject: Fix comparison of data sets

Fixes #16
---
 .../modules/auth/eidas/v2/dao/SimpleEidasData.java | 23 ++++++----------------
 .../auth/eidas/v2/tasks/InitialSearchTask.java     |  2 +-
 .../ReceiveAustrianResidenceGuiResponseTask.java   |  3 ---
 3 files changed, 7 insertions(+), 21 deletions(-)

(limited to 'eidas_modules/authmodule-eIDAS-v2/src/main/java')

diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java
index 35f353f4..5ad92507 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java
@@ -23,12 +23,10 @@
 
 package at.asitplus.eidas.specific.modules.auth.eidas.v2.dao;
 
-import org.apache.commons.lang3.builder.EqualsBuilder;
-
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException;
 import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType;
 import lombok.Builder;
 import lombok.Data;
+import org.apache.commons.lang3.builder.EqualsBuilder;
 
 @Data
 @Builder
@@ -60,27 +58,18 @@ public class SimpleEidasData {
   private final String taxNumber;
 
   /**
-   * Compares the register result with the eidas data.
+   * Compares the register result with the EIDAS data (given name, family name, date of birth, personal identifier).
    *
    * @param result The register data to use for comparison
-   * @return true or false depending of the data matches
-   * @throws WorkflowException if multiple results have been found
+   * @return whether the data (given name, family name, date of birth, personal identifier) match
    */
-  public boolean equalsRegisterData(RegisterResult result) throws WorkflowException {
-    /*TODO: maybe this is check is not valid, because only the minimum data-set (personalIdentifer, givenName,
-     *      familyName, dateOfBirth) has to be always available. Any other attributes are optional.
-     *      This check will always evaluate to false if register has more information as current eIDAS process!!!
-     */
-
+  public boolean equalsRegisterData(RegisterResult result) {
     return new EqualsBuilder()
         .append(result.getGivenName(), givenName)
         .append(result.getFamilyName(), familyName)
         .append(result.getDateOfBirth(), dateOfBirth)
-        .append(result.getPlaceOfBirth(), placeOfBirth)
-        .append(result.getBirthName(), birthName)
-        .append(result.getTaxNumber(), taxNumber)
-        .isEquals() && result.getPseudonym().stream()
-            .anyMatch(el -> el.equals(pseudonym));
+        .isEquals()
+        && result.getPseudonym().stream().anyMatch(el -> el.equals(pseudonym));
   }
 
   /**
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java
index 6b0f336e..f295d66b 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java
@@ -181,7 +181,7 @@ public class InitialSearchTask extends AbstractAuthServletTask {
   }
 
   private RegisterResult step3CheckRegisterUpdateNecessary(RegisterResult searchResult,
-                                                           SimpleEidasData eidasData) throws WorkflowException {
+                                                           SimpleEidasData eidasData) {
     log.trace("Starting step3CheckRegisterUpdateNecessary");
     if (!eidasData.equalsRegisterData(searchResult)) {
       log.info("Skipping update-register-information step, because it's not supported yet");
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
index 53485b03..b9a55df4 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
@@ -158,9 +158,6 @@ public class ReceiveAustrianResidenceGuiResponseTask extends AbstractAuthServlet
       RegisterStatusResults residencyResult, SimpleEidasData eidasData)
       throws TaskExecutionException, EaafStorageException {
     try {
-      /*TODO: check 'equalsRegisterData' because this method maybe this method evaluate to an invalid result.
-       *      See TODO in methods body
-       */
       if (eidasData.equalsRegisterData(residencyResult.getResult())) {
         // update register information
         registerSearchService.step7aKittProcess(residencyResult, eidasData);
-- 
cgit v1.2.3


From 6d1b4d942fdf1c6bcfd673149026cc0d2391064b Mon Sep 17 00:00:00 2001
From: Christian Kollmann <christian.kollmann@a-sit.at>
Date: Tue, 30 Nov 2021 16:15:56 +0100
Subject: Display invalid user input instead of terminating the process

Fixes #18
---
 .../v2/exception/InvalidUserInputException.java    | 34 -----------------
 .../ReceiveAustrianResidenceGuiResponseTask.java   | 17 ++++-----
 .../ReceiveMobilePhoneSignatureResponseTask.java   |  9 +++--
 .../ReceiveOtherLoginMethodGuiResponseTask.java    | 43 ++++++++--------------
 4 files changed, 29 insertions(+), 74 deletions(-)
 delete mode 100644 eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/InvalidUserInputException.java

(limited to 'eidas_modules/authmodule-eIDAS-v2/src/main/java')

diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/InvalidUserInputException.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/InvalidUserInputException.java
deleted file mode 100644
index c7df56d0..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/InvalidUserInputException.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/*
- * Copyright 2020 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.exception;
-
-public class InvalidUserInputException extends EidasSAuthenticationException {
-  private static final long serialVersionUID = 1L;
-
-  public InvalidUserInputException(String errorCode) {
-    super(errorCode, null);
-    
-  }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
index b9a55df4..acf469d3 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
@@ -35,7 +35,6 @@ import org.springframework.stereotype.Component;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.InvalidUserInputException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ManualFixNecessaryException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService;
@@ -50,6 +49,9 @@ import lombok.Data;
 import lombok.NoArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 
+import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED;
+import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK;
+
 
 /**
  * Task receives the response of {@link GenerateAustrianResidenceGuiTask} and handles it.
@@ -68,6 +70,7 @@ import lombok.extern.slf4j.Slf4j;
  *   <li>{@link CreateNewErnpEntryTask} if no results from search with residency data in registers</li>
  *   <li>{@link CreateIdentityLinkTask} if one exact match between initial register search (with MDS) and results
  *   from search with residency data in registers exists</li>
+ *   <li>{@link GenerateOtherLoginMethodGuiTask} if a user input error has happened</li>
  * </ul>
  *
  * @author amarsalek
@@ -110,20 +113,14 @@ public class ReceiveAustrianResidenceGuiResponseTask extends AbstractAuthServlet
 
     }
 
-    //TODO: Here, we need an error handling an can not stop full process if form input was invalid
-    //TODO: check minimum form elements
-    /*TODO: maybe we can switch to custom controller and use WebMVC form-binding feature.
-     *      Binding element can be add as attribute to this request
-     */
     if (input.getStreet().isEmpty() || input.getCity().isEmpty() || input.getZipcode().isEmpty()) {
       // HTML form should ensure that mandatory fields are set => this should never happen
-      throw new TaskExecutionException(pendingReq, "Invalid user input",
-          new InvalidUserInputException("module.eidasauth.matching.06"));
+      executionContext.put(CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true);
+      executionContext.put(TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK, true);
+      return;
 
     }
 
-
-
     try {
       SimpleEidasData eidasData = MatchingTaskUtils.getInitialEidasData(pendingReq);
       RegisterStatusResults initialSearchResult = MatchingTaskUtils.getIntermediateMatchingResult(pendingReq);
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java
index 03cf5858..4655d7ab 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java
@@ -23,6 +23,8 @@
 
 package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks;
 
+import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED;
+import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK;
 import static at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants.MODULE_NAME_FOR_LOGGING;
 
 import java.io.IOException;
@@ -49,7 +51,6 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleMobileSignatureData;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.InvalidUserInputException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthEventConstants;
@@ -98,6 +99,7 @@ import lombok.extern.slf4j.Slf4j;
  *     <li>{@link GenerateAustrianResidenceGuiTask} if no results in registers were found</li>
  *     <li>{@link CreateIdentityLinkTask} if one exact match between initial register search (with MDS) data and
  *     register search with MPS data exists</li>
+ *     <li>{@link GenerateOtherLoginMethodGuiTask} if a user input error has happened</li>
  * </ul>
  *
  * @author tlenz
@@ -169,8 +171,9 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet
 
       // check if MDS from ID Austria authentication matchs to eIDAS authentication
       if (!simpleMobileSignatureData.equalsSimpleEidasData(eidasData)) {
-        // user has cheated!?
-        throw new InvalidUserInputException("module.eidasauth.matching.05");
+        executionContext.put(CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true);
+        executionContext.put(TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK, true);
+        return;
 
       }
 
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java
index 812e534c..f4419c1c 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java
@@ -23,21 +23,17 @@
 
 package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks;
 
-import java.util.Enumeration;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.lang.StringEscapeUtils;
-import org.springframework.stereotype.Component;
-
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SelectedLoginMethod;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.InvalidUserInputException;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
-import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
 import at.gv.egiz.eaaf.core.impl.idp.controller.tasks.AbstractLocaleAuthServletTask;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang.StringEscapeUtils;
+import org.springframework.stereotype.Component;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.Enumeration;
 
 /**
  * Handles user's selection from {@link GenerateOtherLoginMethodGuiTask}.
@@ -52,6 +48,7 @@ import lombok.extern.slf4j.Slf4j;
  *     <li>{@link GenerateMobilePhoneSignatureRequestTask} if selected by user</li>
  *     <li>{@link GenerateAustrianResidenceGuiTask} if selected by user</li>
  *     <li>{@link GenerateAuthnRequestTask} if selected by user</li>
+ *     <li>{@link GenerateOtherLoginMethodGuiTask} if a user input error has happened</li>
  * </ul>
  *
  * @author amarsalek
@@ -63,41 +60,32 @@ public class ReceiveOtherLoginMethodGuiResponseTask extends AbstractLocaleAuthSe
 
   @Override
   public void executeWithLocale(ExecutionContext executionContext, HttpServletRequest request,
-      HttpServletResponse response) throws TaskExecutionException {
+                                HttpServletResponse response) {
     try {
       SelectedLoginMethod selection = SelectedLoginMethod.valueOf(extractUserSelection(request));
       executionContext.put(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER, selection);
       executionContext.remove(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED);
       transitionToNextTask(executionContext, selection);
 
-    } catch (final IllegalArgumentException e) {
-      log.error("Parsing selected login method FAILED.", e);
-      throw new TaskExecutionException(pendingReq, "Parsing selected login method FAILED.",
-          new InvalidUserInputException("module.eidasauth.matching.98"));
-
     } catch (final Exception e) {
       log.error("Parsing selected login method FAILED.", e);
-      throw new TaskExecutionException(pendingReq, "Parsing selected login method FAILED.", e);
-
+      executionContext.put(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true);
+      executionContext.put(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK, true);
     }
   }
 
-  private String extractUserSelection(HttpServletRequest request) throws InvalidUserInputException {
+  private String extractUserSelection(HttpServletRequest request) {
     Enumeration<String> paramNames = request.getParameterNames();
     while (paramNames.hasMoreElements()) {
       String paramName = paramNames.nextElement();
       if (Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER.equalsIgnoreCase(paramName)) {
         return StringEscapeUtils.escapeHtml(request.getParameter(paramName));
-
       }
     }
-
-    throw new InvalidUserInputException("module.eidasauth.matching.98");
-
+    return null;
   }
 
-  private void transitionToNextTask(ExecutionContext executionContext, SelectedLoginMethod selection)
-      throws InvalidUserInputException {
+  private void transitionToNextTask(ExecutionContext executionContext, SelectedLoginMethod selection) {
     switch (selection) {
       case EIDAS_LOGIN:
         executionContext.put(Constants.TRANSITION_TO_GENERATE_EIDAS_LOGIN, true);
@@ -116,8 +104,9 @@ public class ReceiveOtherLoginMethodGuiResponseTask extends AbstractLocaleAuthSe
         return;
 
       default:
-        throw new InvalidUserInputException("module.eidasauth.matching.98");
-
+        executionContext.put(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true);
+        executionContext.put(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK, true);
+        return;
     }
   }
 
-- 
cgit v1.2.3