From dd3630f7409e80dbf20c08731ca244705a023114 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Fri, 9 Jul 2021 15:58:17 +0200
Subject: set mandate-mode to 'none' if no mandate-profiles are set for this
 requesttype

---
 .../protocol/EidasProxyServiceController.java      | 14 ++++++---
 .../protocol/EidasProxyServiceControllerTest.java  | 35 ++++++++++++++++++++++
 2 files changed, 45 insertions(+), 4 deletions(-)

(limited to 'eidas_modules/eidas_proxy-sevice')

diff --git a/eidas_modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/EidasProxyServiceController.java b/eidas_modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/EidasProxyServiceController.java
index 4b699bae..606dbb39 100644
--- a/eidas_modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/EidasProxyServiceController.java
+++ b/eidas_modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/EidasProxyServiceController.java
@@ -402,14 +402,20 @@ public class EidasProxyServiceController extends AbstractController implements I
       spConfig.setMandateMode(SpMandateModes.NATURAL);
       
     }
-
-    log.debug("Set mandate-profiles: {} to request from issuer: {}",
-        spConfig.getMandateProfiles(), spConfig.getUniqueIdentifier());
-
     
     if (isLegalPersonRequested && spConfig.getMandateProfiles().isEmpty()) {
       throw new EidasProxyServiceException(ERROR_10, null);
       
+    } else if (spConfig.getMandateProfiles().isEmpty()) {
+      log.debug("No mandate-profiles for issure: {}. Set mandate-mode to 'none'",  
+          spConfig.getUniqueIdentifier());
+      spConfig.setMandateMode(SpMandateModes.NONE);
+      
+    } else {
+      log.debug("Set mandate-profiles: {} to request from issuer: {}",
+          spConfig.getMandateProfiles(), spConfig.getUniqueIdentifier());
+
+      
     }
     
   }
diff --git a/eidas_modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java b/eidas_modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java
index 86357123..24b69ef4 100644
--- a/eidas_modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java
+++ b/eidas_modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java
@@ -452,6 +452,41 @@ public class EidasProxyServiceControllerTest {
         
   }
   
+  @Test
+  public void validAuthnRequestWithMandatesDefaultNoNatProfiles() throws IOException, EaafException {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
+    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    LightRequest.Builder authnReqBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(spCountryCode)
+        .spType("public")
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build());
+    
+    
+    proxyService.setiLightRequest(authnReqBuilder.build());
+    
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, ""); 
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, "");
+    
+    //execute
+    controller.receiveEidasAuthnRequest(httpReq, httpResp);
+    
+    //validate state
+    ServiceProviderConfiguration spConfig = 
+        authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
+    assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
+    assertTrue("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
+    assertEquals("MandateMode", SpMandateModes.NONE, spConfig.getMandateMode());
+        
+  }
+  
   @Test
   public void validAuthnRequestIssueSpecificNoMandates() throws IOException, EaafException {       
     //initialize state
-- 
cgit v1.2.3