From 2daed784e006d449de5b6151f6e109ab2a829749 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Tue, 30 Mar 2021 15:08:07 +0200
Subject: add mandate functionality into eIDAS out-going process

---
 .../tasks/RequestIdAustriaSystemTask.java          | 68 +++++++++-------------
 1 file changed, 29 insertions(+), 39 deletions(-)

(limited to 'eidas_modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java')

diff --git a/eidas_modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java b/eidas_modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java
index fc46ac8b..8151b429 100644
--- a/eidas_modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java
+++ b/eidas_modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java
@@ -14,6 +14,7 @@ import org.opensaml.saml.saml2.core.Attribute;
 import org.opensaml.saml.saml2.metadata.EntityDescriptor;
 import org.springframework.beans.factory.annotation.Autowired;
 
+import at.asitplus.eidas.specific.connector.config.ServiceProviderConfiguration;
 import at.asitplus.eidas.specific.modules.auth.idaustria.IdAustriaAuthConstants;
 import at.asitplus.eidas.specific.modules.auth.idaustria.config.IdAustriaAuthRequestBuilderConfiguration;
 import at.asitplus.eidas.specific.modules.auth.idaustria.utils.IdAustriaAuthCredentialProvider;
@@ -147,63 +148,52 @@ public class RequestIdAustriaSystemTask extends AbstractAuthServletTask {
     final List<EaafRequestedAttribute> attributs = new ArrayList<>();
     
     //build attribute that contains the unique identifier of the eIDAS-Connector
-    final Attribute attrEidasConnectorId = PvpAttributeBuilder.buildEmptyAttribute(
-        ExtendedPvpAttributeDefinitions.EIDAS_CONNECTOR_UNIQUEID_NAME);
-    final EaafRequestedAttribute attrEidasConnectorIdReqAttr = Saml2Utils.generateReqAuthnAttributeSimple(
-        attrEidasConnectorId,
-        true,
+    injectAttribute(attributs, ExtendedPvpAttributeDefinitions.EIDAS_CONNECTOR_UNIQUEID_NAME, 
         pendingReq.getServiceProviderConfiguration().getUniqueIdentifier());
-    attributs.add(attrEidasConnectorIdReqAttr);    
-    
-    
+        
     // build EID sector for identification attribute
-    final Attribute attr = PvpAttributeBuilder.buildEmptyAttribute(
-        PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME);
-    final EaafRequestedAttribute bpkTargetReqAttr = Saml2Utils.generateReqAuthnAttributeSimple(
-        attr,
-        true,
+    injectAttribute(attributs, PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME,
         pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier());
-    attributs.add(bpkTargetReqAttr);
-
 
     // set requested LoA as attribute 
-    final Attribute loaAttr = PvpAttributeBuilder.buildEmptyAttribute(
-        PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME);
-    final EaafRequestedAttribute loaReqAttr = Saml2Utils.generateReqAuthnAttributeSimple(
-        loaAttr,
-        true,
+    injectAttribute(attributs, PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME,
         selectHighestLoa(pendingReq.getServiceProviderConfiguration().getRequiredLoA()));
-    attributs.add(loaReqAttr);
-    
-    
+        
     //set ProviderName if available
     String providerName = ((ProxyServicePendingRequest)pendingReq).getEidasRequest().getProviderName();
     if (StringUtils.isNotEmpty(providerName)) {
-      final Attribute providerNameAttr = PvpAttributeBuilder.buildEmptyAttribute(
-          ExtendedPvpAttributeDefinitions.SP_FRIENDLYNAME_NAME);
-      final EaafRequestedAttribute providerNameReqAttr = Saml2Utils.generateReqAuthnAttributeSimple(
-          providerNameAttr,
-          true,
-          providerName);
-      attributs.add(providerNameReqAttr);
+      injectAttribute(attributs, ExtendedPvpAttributeDefinitions.SP_FRIENDLYNAME_NAME, providerName);
             
     }
-    
-    
+        
     //set ProviderName if available
     String requesterId = ((ProxyServicePendingRequest)pendingReq).getEidasRequest().getRequesterId();
     if (StringUtils.isNotEmpty(requesterId)) {
-      final Attribute requesterIdAttr = PvpAttributeBuilder.buildEmptyAttribute(
-          ExtendedPvpAttributeDefinitions.SP_UNIQUEID_NAME);
-      final EaafRequestedAttribute requesterIdReqAttr = Saml2Utils.generateReqAuthnAttributeSimple(
-          requesterIdAttr,
-          true,
-          requesterId);
-      attributs.add(requesterIdReqAttr);
+      injectAttribute(attributs, ExtendedPvpAttributeDefinitions.SP_UNIQUEID_NAME, requesterId);
             
     }
 
+    //set mandate profiles
+    List<String> mandateProfiles = 
+        pendingReq.getServiceProviderConfiguration(ServiceProviderConfiguration.class).getMandateProfiles();
+    if (mandateProfiles != null && !mandateProfiles.isEmpty()) {
+      log.debug("Set mandate-profiles attribute into ID-Austria request");
+      injectAttribute(attributs, ExtendedPvpAttributeDefinitions.SP_USED_MANDATE_PROFILES_NAME, 
+          StringUtils.join(mandateProfiles, ","));
+      
+    }
+        
     return attributs;
   }
 
+  private void injectAttribute(List<EaafRequestedAttribute> attributs, String attributeName, String attributeValue) {
+    final Attribute requesterIdAttr = PvpAttributeBuilder.buildEmptyAttribute(attributeName);
+    final EaafRequestedAttribute requesterIdReqAttr = Saml2Utils.generateReqAuthnAttributeSimple(
+        requesterIdAttr,
+        true,
+        attributeValue);
+    attributs.add(requesterIdReqAttr);
+    
+  }
+  
 }
-- 
cgit v1.2.3