From e2ae59bd6ef577796a4c5232fe6d7c7a720ad995 Mon Sep 17 00:00:00 2001 From: Christian Kollmann Date: Thu, 4 Mar 2021 16:48:55 +0100 Subject: Move creating ERnP entry to SZRClient --- .../auth/eidas/v2/ernp/DummyErnpClient.java | 6 -- .../modules/auth/eidas/v2/ernp/IErnpClient.java | 3 +- .../modules/auth/eidas/v2/szr/SzrClient.java | 86 ++++++++++++++++++++-- .../eidas/v2/tasks/CreateIdentityLinkTask.java | 15 ++++ .../eidas/v2/tasks/CreateNewErnpEntryTask.java | 18 ++--- 5 files changed, 105 insertions(+), 23 deletions(-) (limited to 'eidas_modules/authmodule-eIDAS-v2/src/main') diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernp/DummyErnpClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernp/DummyErnpClient.java index 77411dd1..3536b0dc 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernp/DummyErnpClient.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernp/DummyErnpClient.java @@ -62,12 +62,6 @@ public class DummyErnpClient implements IErnpClient { //TODO } - @Override - public boolean createNewEntry(SimpleEidasData simpleEidasData) { - //TODO - return false; - } - @Override public List searchWithBpkZp(String bpkzp) { //TODO diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernp/IErnpClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernp/IErnpClient.java index 0c994f69..218a9f41 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernp/IErnpClient.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernp/IErnpClient.java @@ -41,7 +41,6 @@ public interface IErnpClient { void update(RegisterResult registerResult, SimpleEidasData eidData); - boolean createNewEntry(SimpleEidasData simpleEidasData); - List searchWithBpkZp(String bpkzp); + } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java index 5bad738b..6040e0b3 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java @@ -60,6 +60,11 @@ import javax.xml.ws.BindingProvider; import javax.xml.ws.Dispatch; import javax.xml.ws.handler.Handler; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnpEidData; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; +import at.gv.e_government.reference.namespace.persondata._20020228.AlternativeNameType; +import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType; +import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType; import org.apache.commons.lang3.StringUtils; import org.apache.cxf.configuration.jsse.TLSClientParameters; import org.apache.cxf.endpoint.Client; @@ -79,7 +84,6 @@ import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnpEidData; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.LoggingHandler; import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; @@ -101,6 +105,7 @@ import szrservices.SZRException_Exception; import szrservices.SignContent; import szrservices.SignContentEntry; import szrservices.SignContentResponseType; +import szrservices.TravelDocumentType; @Service("SZRClientForeIDAS") @@ -220,12 +225,33 @@ public class SzrClient { } + /** + * Creates a new ERnP entry. + * + * TODO Is this correct? Ask BMI. + * + * @param eidasData Minimum dataset of person + * @return encrypted baseId + * @throws SzrCommunicationException In case of a SZR error + */ + public String createNewErnpEntry(final SimpleEidasData eidasData) throws SzrCommunicationException { + final String resp; + try { + resp = this.szr.getStammzahlEncrypted(generateSzrRequest(eidasData), true); + } catch (SZRException_Exception e) { + throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e); + } + if (StringUtils.isEmpty(resp)) { + throw new SzrCommunicationException("ernb.01", new Object[]{"Stammzahl response empty"}); // TODO error handling + } + return resp; + } + /** * Request a encrypted baseId from SZR. * * Note: Previously, this method did create a new ERnP entry, if it did not exist. This is - * not the case any more. See - * {@link at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateNewErnpEntryTask} for that functionality. + * not the case any more. See {@link #createNewErnpEntry(SimpleEidasData)} for that functionality. * * @param personInfo Minimum dataset of person * @return encrypted baseId @@ -233,7 +259,6 @@ public class SzrClient { */ public String getEncryptedStammzahl(final PersonInfoType personInfo) throws SzrCommunicationException { - final String resp; try { resp = this.szr.getStammzahlEncrypted(personInfo, false); @@ -301,6 +326,57 @@ public class SzrClient { } } + private PersonInfoType generateSzrRequest(SimpleEidasData eidData) { + String documentType = basicConfig + .getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE, + Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE); + boolean setBirthName = basicConfig + .getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETBIRTHNAMEIFAVAILABLE, true); + boolean setPlaceOfBirth = basicConfig + .getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETPLACEOFBIRTHIFAVAILABLE, true); + log.debug("Starting connecting SZR Gateway"); + final PersonInfoType personInfo = new PersonInfoType(); + final PersonNameType personName = new PersonNameType(); + final PhysicalPersonType naturalPerson = new PhysicalPersonType(); + final TravelDocumentType eDocument = new TravelDocumentType(); + + naturalPerson.setName(personName); + personInfo.setPerson(naturalPerson); + personInfo.setTravelDocument(eDocument); + + // person information + personName.setFamilyName(eidData.getFamilyName()); + personName.setGivenName(eidData.getGivenName()); + naturalPerson.setDateOfBirth(eidData.getDateOfBirth()); + eDocument.setIssuingCountry(eidData.getCitizenCountryCode()); + eDocument.setDocumentNumber(eidData.getPseudonym()); + + // eID document information + eDocument.setDocumentType(documentType); + + // set PlaceOfBirth if available + if (eidData.getPlaceOfBirth() != null) { + log.trace("Find 'PlaceOfBirth' attribute: " + eidData.getPlaceOfBirth()); + if (setPlaceOfBirth) { + naturalPerson.setPlaceOfBirth(eidData.getPlaceOfBirth()); + log.trace("Adding 'PlaceOfBirth' to ERnB request ... "); + } + } + + // set BirthName if available + if (eidData.getBirthName() != null) { + log.trace("Find 'BirthName' attribute: " + eidData.getBirthName()); + if (setBirthName) { + final AlternativeNameType alternativeName = new AlternativeNameType(); + naturalPerson.setAlternativeName(alternativeName); + alternativeName.setFamilyName(eidData.getBirthName()); + log.trace("Adding 'BirthName' to ERnB request ... "); + } + } + + return personInfo; + } + @PostConstruct private void initialize() { log.info("Starting SZR-Client initialization .... "); @@ -503,7 +579,7 @@ public class SzrClient { final Map mds = new HashMap<>(); mds.put(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, eidData.getFamilyName()); mds.put(PvpAttributeDefinitions.GIVEN_NAME_NAME, eidData.getGivenName()); - mds.put(PvpAttributeDefinitions.BIRTHDATE_NAME, eidData.getFormatedDateOfBirth()); + mds.put(PvpAttributeDefinitions.BIRTHDATE_NAME, eidData.getDateOfBirth()); eidsaBindMap.put(ATTR_NAME_MDS, mds); } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java index ab9c49da..d9d45752 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java @@ -90,6 +90,21 @@ import java.util.Objects; * * @author tlenz *

+ *

+ * Input: + *

    + *
  • {@link Constants#DATA_SIMPLE_EIDAS} initial login data from user
  • + *
  • {@link Constants#DATA_RESULT_MATCHING_BPK} the BPK of the matched entry in a register
  • + *
+ * Output: + *
    + *
  • {@link Constants#EIDAS_BIND} the binding block
  • + *
  • {@link Constants#SZR_AUTHBLOCK} the auth block
  • + *
+ * Transitions: + *
    + *
  • {@link at.gv.egiz.eaaf.core.impl.idp.controller.tasks.FinalizeAuthenticationTask}
  • + *
* TODO Take Constants#DATA_SIMPLE_EIDAS and Constants#DATA_RESULT_MATCHING_BPK * TODO Only do VSZ Erstellung and eidasBind -- this is always the end of the whole process * TODO Move Eintragung to separate Task, as it does not happen every time diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateNewErnpEntryTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateNewErnpEntryTask.java index b89af3a0..15d62a7a 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateNewErnpEntryTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateNewErnpEntryTask.java @@ -25,7 +25,7 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.ernp.IErnpClient; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; @@ -49,9 +49,6 @@ import javax.servlet.http.HttpServletResponse; *
  • TODO MDS, BPK of new entry
  • * * - * TODO Import code from CreateIdentityLinkTask - * TODO Nicht mit BMI abgestimmt: ERnP Eintrag über SZR anzulegen? - * * @author amarsalek * @author ckollmann */ @@ -59,14 +56,14 @@ import javax.servlet.http.HttpServletResponse; @Component("CreateNewErnbEntryTask") public class CreateNewErnpEntryTask extends AbstractAuthServletTask { - private final IErnpClient ernpClient; + private final SzrClient szrClient; /** * Constructor. - * @param ernpClient ErnP client + * @param szrClient SZR client for creating a new ERnP entry */ - public CreateNewErnpEntryTask(IErnpClient ernpClient) { - this.ernpClient = ernpClient; + public CreateNewErnpEntryTask(SzrClient szrClient) { + this.szrClient = szrClient; } @Override @@ -74,8 +71,9 @@ public class CreateNewErnpEntryTask extends AbstractAuthServletTask { throws TaskExecutionException { try { SimpleEidasData simpleEidasData = getInitialEidasData(); - //TODO Does this return the BPK? - ernpClient.createNewEntry(simpleEidasData); + // TODO When to do eidPostProcessor.postProcess on the eidas attributes? + String vsz = szrClient.createNewErnpEntry(simpleEidasData); + // TODO what to do with the VSZ now } catch (final Exception e) { log.error("Initial search FAILED.", e); throw new TaskExecutionException(pendingReq, "Initial search FAILED.", e); -- cgit v1.2.3