From 6e1a69773284177a0f6c7233c4bcdf7f4bd96681 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Tue, 15 Jun 2021 18:15:19 +0200
Subject: further optimizations and bug fixing in matching code
---
.../specific/modules/auth/eidas/v2/Constants.java | 10 +-
.../auth/eidas/v2/clients/szr/SzrClient.java | 157 ++++++--
.../auth/eidas/v2/clients/zmr/IZmrClient.java | 5 +-
.../auth/eidas/v2/clients/zmr/ZmrSoapClient.java | 15 +-
.../auth/eidas/v2/dao/MatchedPersonResult.java | 41 +++
.../modules/auth/eidas/v2/dao/RegisterResult.java | 2 +-
.../modules/auth/eidas/v2/dao/SimpleEidasData.java | 17 +-
.../handler/DeSpecificDetailSearchProcessor.java | 20 +-
.../eidas/v2/service/RegisterSearchService.java | 19 +-
.../eidas/v2/tasks/CreateIdentityLinkTask.java | 165 +++------
.../eidas/v2/tasks/CreateNewErnpEntryTask.java | 39 +-
.../auth/eidas/v2/tasks/InitialSearchTask.java | 33 +-
.../ReceiveAustrianResidenceGuiResponseTask.java | 12 +-
.../ReceiveMobilePhoneSignatureResponseTask.java | 12 +-
.../ReceiveOtherLoginMethodGuiResponseTask.java | 2 +-
.../auth/eidas/v2/utils/MatchingTaskUtils.java | 45 ++-
.../modules/auth/eidas/v2/zmr/DummyZmrClient.java | 3 +-
.../modules/auth/eidas/v2/test/dummy/DummyOA.java | 18 +-
.../DeSpecificDetailSearchProcessorTest.java | 105 ++++++
.../ItSpecificDetailSearchProcessorTes.java | 84 +++++
.../tasks/CreateIdentityLinkTaskEidNewTest.java | 165 ++++++++-
.../v2/test/tasks/CreateIdentityLinkTaskTest.java | 138 ++++++-
.../eidas/v2/test/tasks/InitialSearchTaskTest.java | 409 ++++++++++++++-------
...eceiveAustrianResidenceGuiResponseTaskTest.java | 8 +-
...eceiveMobilePhoneSignatureResponseTaskTest.java | 4 +-
25 files changed, 1130 insertions(+), 398 deletions(-)
create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MatchedPersonResult.java
create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/DeSpecificDetailSearchProcessorTest.java
create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/ItSpecificDetailSearchProcessorTes.java
(limited to 'eidas_modules')
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
index 3e20a132..48c114a8 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
@@ -49,14 +49,14 @@ public class Constants {
public static final String DATA_SIMPLE_EIDAS = "matching_simple_eidas_data";
/**
- * Stored after Step 2 from Matching Concept, first results from search with Person Identifier.
+ * Stored intermediate mathing results where matching is still on-going.
*/
- public static final String DATA_INITIAL_REGISTER_RESULT = "matching_initial_register_result";
+ public static final String DATA_INTERMEDIATE_RESULT = "matching_intermediate_result";
/**
* Stored after Step 8 from Matching Concept, results from search in registers with MDS.
*/
- public static final String DATA_FURTHER_REGISTER_RESULT = "matching_further_register_result";
+ public static final String DATA_PERSON_MATCH_RESULT = "matching_result";
// templates for post-binding forwarding
public static final String TEMPLATE_POST_FORWARD_NAME = "eidas_node_forward.html";
@@ -224,6 +224,10 @@ public class Constants {
public static final String eIDAS_ATTRURN_PERSONALIDENTIFIER =
eIDAS_ATTRURN_PREFIX_NATURAL + eIDAS_ATTR_PERSONALIDENTIFIER;
+ public static final String eIDAS_ATTRURN_PLACEOFBIRTH =
+ eIDAS_ATTRURN_PREFIX_NATURAL + eIDAS_ATTR_PLACEOFBIRTH;
+ public static final String eIDAS_ATTRURN_BIRTHNAME =
+ eIDAS_ATTRURN_PREFIX_NATURAL + eIDAS_ATTR_BIRTHNAME;
public static final String eIDAS_REQ_PARAM_SECTOR_PUBLIC = "public";
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java
index 2230f30a..397cbe46 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java
@@ -60,11 +60,14 @@ import com.fasterxml.jackson.databind.ObjectMapper;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.AbstractSoapClient;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.AbstractSoapClient.HttpClientConfig.HttpClientConfigBuilder;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
import at.gv.e_government.reference.namespace.persondata._20020228.AlternativeNameType;
+import at.gv.e_government.reference.namespace.persondata._20020228.IdentificationType;
import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType;
import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
import at.gv.egiz.eaaf.core.api.data.XmlNamespaceConstants;
import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
@@ -122,55 +125,38 @@ public class SzrClient extends AbstractSoapClient {
final GetIdentityLinkEidas getIdl = new GetIdentityLinkEidas();
getIdl.setPersonInfo(generateSzrRequest(eidData));
- final JAXBContext jaxbContext = JAXBContext.newInstance(ObjectFactory.class);
- final Marshaller jaxbMarshaller = jaxbContext.createMarshaller();
+ return getIdentityLinkGeneric(getIdl);
- final ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
- jaxbMarshaller.marshal(getIdl, outputStream);
- outputStream.flush();
-
- final Source source = new StreamSource(new ByteArrayInputStream(outputStream.toByteArray()));
- outputStream.close();
-
- log.trace("Requesting SZR ... ");
- final Source response = dispatch.invoke(source);
- log.trace("Receive RAW response from SZR");
-
- final byte[] szrResponse = sourceToByteArray(response);
- final GetIdentityLinkEidasResponse jaxbElement = (GetIdentityLinkEidasResponse) jaxbContext
- .createUnmarshaller().unmarshal(new ByteArrayInputStream(szrResponse));
-
- // build response
- log.trace(new String(szrResponse, StandardCharsets.UTF_8));
-
- // ok, we have success
- final Document doc = DomUtils.parseDocument(
- new ByteArrayInputStream(szrResponse),
- true,
- XmlNamespaceConstants.ALL_SCHEMA_LOCATIONS + " " + Constants.SZR_SCHEMA_LOCATIONS,
- null, null);
- final String xpathExpression = "//saml:Assertion";
- final Element nsNode = doc.createElementNS("urn:oasis:names:tc:SAML:1.0:assertion", "saml:NSNode");
+ } catch (final Exception e) {
+ log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e);
+ throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e);
- log.trace("Selecting signed doc " + xpathExpression);
- final Element documentNode = (Element) XPathAPI.selectSingleNode(doc,
- xpathExpression, nsNode);
- log.trace("Signed document: " + DomUtils.serializeNode(documentNode));
+ }
+ }
- final IdentityLinkType idl = new IdentityLinkType();
- idl.setAssertion(documentNode);
- idl.setPersonInfo(jaxbElement.getGetIdentityLinkReturn().getPersonInfo());
+ /**
+ * Get IdentityLink of a person.
+ *
+ *
+ * @param matchedPersonData eID information of an already matched person.
+ * @return IdentityLink
+ * @throws SzrCommunicationException In case of a SZR error
+ */
+ public IdentityLinkType getIdentityLinkInRawMode(MatchedPersonResult matchedPersonData)
+ throws SzrCommunicationException {
+ try {
+ final GetIdentityLinkEidas getIdl = new GetIdentityLinkEidas();
+ getIdl.setPersonInfo(generateSzrRequest(matchedPersonData));
- return idl;
+ return getIdentityLinkGeneric(getIdl);
} catch (final Exception e) {
log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e);
throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e);
}
-
}
-
+
/**
* Get bPK of person.
*
@@ -247,7 +233,33 @@ public class SzrClient extends AbstractSoapClient {
return resp;
}
+
+ /**
+ * Request a encrypted baseId from SZR.
+ *
+ * @param matchedPersonData eID information of an already matched person.
+ * @return encrypted baseId
+ * @throws SzrCommunicationException In case of a SZR error
+ */
+ public String getEncryptedStammzahl(MatchedPersonResult matchedPersonData) throws SzrCommunicationException {
+ final String resp;
+ try {
+ resp = this.szr.getStammzahlEncrypted(generateSzrRequest(matchedPersonData), false);
+
+ } catch (SZRException_Exception e) {
+ throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e);
+
+ }
+
+ if (StringUtils.isEmpty(resp)) {
+ throw new SzrCommunicationException("ernb.01", new Object[]{"Stammzahl response empty"}); // TODO error handling
+
+ }
+ return resp;
+
+ }
+
/**
* Sign an eidasBind data-structure that combines vsz with user's pubKey and E-ID status.
*
@@ -300,8 +312,29 @@ public class SzrClient extends AbstractSoapClient {
}
}
+ private PersonInfoType generateSzrRequest(MatchedPersonResult matchedPersonData) {
+ log.trace("Starting connecting SZR Gateway");
+ final PersonInfoType personInfo = new PersonInfoType();
+ final PersonNameType personName = new PersonNameType();
+ final PhysicalPersonType naturalPerson = new PhysicalPersonType();
+ IdentificationType bpk = new IdentificationType();
+
+ naturalPerson.setName(personName);
+ personInfo.setPerson(naturalPerson);
+ naturalPerson.setIdentification(bpk);
+
+ // person information
+ personName.setFamilyName(matchedPersonData.getFamilyName());
+ personName.setGivenName(matchedPersonData.getGivenName());
+ naturalPerson.setDateOfBirth(matchedPersonData.getDateOfBirth());
+ bpk.setValue(matchedPersonData.getBpk());
+ bpk.setType(EaafConstants.URN_PREFIX_CDID + "ZP");
+
+ return personInfo;
+ }
+
private PersonInfoType generateSzrRequest(SimpleEidasData eidData) {
- log.debug("Starting connecting SZR Gateway");
+ log.trace("Starting connecting SZR Gateway");
final PersonInfoType personInfo = new PersonInfoType();
final PersonNameType personName = new PersonNameType();
final PhysicalPersonType naturalPerson = new PhysicalPersonType();
@@ -315,6 +348,8 @@ public class SzrClient extends AbstractSoapClient {
personName.setFamilyName(eidData.getFamilyName());
personName.setGivenName(eidData.getGivenName());
naturalPerson.setDateOfBirth(eidData.getDateOfBirth());
+
+ //TODO: need to be updated to new eIDAS document interface!!!!
eDocument.setIssuingCountry(eidData.getCitizenCountryCode());
eDocument.setDocumentNumber(eidData.getPseudonym());
@@ -351,6 +386,50 @@ public class SzrClient extends AbstractSoapClient {
return personInfo;
}
+ private IdentityLinkType getIdentityLinkGeneric(GetIdentityLinkEidas getIdl) throws Exception {
+ final JAXBContext jaxbContext = JAXBContext.newInstance(ObjectFactory.class);
+ final Marshaller jaxbMarshaller = jaxbContext.createMarshaller();
+
+ final ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
+ jaxbMarshaller.marshal(getIdl, outputStream);
+ outputStream.flush();
+
+ final Source source = new StreamSource(new ByteArrayInputStream(outputStream.toByteArray()));
+ outputStream.close();
+
+ log.trace("Requesting SZR ... ");
+ final Source response = dispatch.invoke(source);
+ log.trace("Receive RAW response from SZR");
+
+ final byte[] szrResponse = sourceToByteArray(response);
+ final GetIdentityLinkEidasResponse jaxbElement = (GetIdentityLinkEidasResponse) jaxbContext
+ .createUnmarshaller().unmarshal(new ByteArrayInputStream(szrResponse));
+
+ // build response
+ log.trace(new String(szrResponse, StandardCharsets.UTF_8));
+
+ // ok, we have success
+ final Document doc = DomUtils.parseDocument(
+ new ByteArrayInputStream(szrResponse),
+ true,
+ XmlNamespaceConstants.ALL_SCHEMA_LOCATIONS + " " + Constants.SZR_SCHEMA_LOCATIONS,
+ null, null);
+ final String xpathExpression = "//saml:Assertion";
+ final Element nsNode = doc.createElementNS("urn:oasis:names:tc:SAML:1.0:assertion", "saml:NSNode");
+
+ log.trace("Selecting signed doc " + xpathExpression);
+ final Element documentNode = (Element) XPathAPI.selectSingleNode(doc,
+ xpathExpression, nsNode);
+ log.trace("Signed document: " + DomUtils.serializeNode(documentNode));
+
+ final IdentityLinkType idl = new IdentityLinkType();
+ idl.setAssertion(documentNode);
+ idl.setPersonInfo(jaxbElement.getGetIdentityLinkReturn().getPersonInfo());
+
+ return idl;
+
+ }
+
@PostConstruct
private void initialize() throws EaafConfigurationException {
log.info("Starting SZR-Client initialization .... ");
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/IZmrClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/IZmrClient.java
index 18bcbacc..e98573d4 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/IZmrClient.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/IZmrClient.java
@@ -41,12 +41,13 @@ public interface IZmrClient {
*
* @param zmrProzessId ProcessId from ZMR or null if no processId exists
* @param personIdentifier Full eIDAS personal identifier with prefix
+ * @param citizenCountryCode CountryCode of the eIDAS proxy-service
* @return Search result but never null
* @throws EidasSAuthenticationException In case of a communication error
*/
@Nonnull
- ZmrRegisterResult searchWithPersonIdentifier(@Nullable BigInteger zmrProzessId, @Nonnull String personIdentifier)
- throws EidasSAuthenticationException;
+ ZmrRegisterResult searchWithPersonIdentifier(@Nullable BigInteger zmrProzessId, @Nonnull String personIdentifier,
+ @Nonnull String citizenCountryCode) throws EidasSAuthenticationException;
/**
* Search person based on eIDSA MDS information.
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/ZmrSoapClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/ZmrSoapClient.java
index 014d202b..60e88dca 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/ZmrSoapClient.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/ZmrSoapClient.java
@@ -24,7 +24,6 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ZmrCommunicationException;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.VersionHolder;
import at.gv.bmi.namespace.zmr_su.base._20040201.ClientInfoType;
import at.gv.bmi.namespace.zmr_su.base._20040201.Organisation;
@@ -100,8 +99,8 @@ public class ZmrSoapClient extends AbstractSoapClient implements IZmrClient {
}
@Override
- public ZmrRegisterResult searchWithPersonIdentifier(BigInteger zmrProzessId, String personIdentifier)
- throws EidasSAuthenticationException {
+ public ZmrRegisterResult searchWithPersonIdentifier(BigInteger zmrProzessId, String personPseudonym,
+ String citizenCountryCode) throws EidasSAuthenticationException {
try {
// build search request
@@ -113,7 +112,7 @@ public class ZmrSoapClient extends AbstractSoapClient implements IZmrClient {
final EidasSuchdatenType eidasInfos = new EidasSuchdatenType();
searchPersonReq.setEidasSuchdaten(eidasInfos);
eidasInfos.setEidasArt(Constants.eIDAS_ATTRURN_PERSONALIDENTIFIER);
- eidasInfos.setEidasNummer(personIdentifier);
+ eidasInfos.setEidasNummer(personPseudonym);
// set work-flow client information
req.setWorkflowInfoClient(generateWorkFlowInfos(PROCESS_SEARCH_PERSONAL_IDENTIFIER, null));
@@ -127,9 +126,7 @@ public class ZmrSoapClient extends AbstractSoapClient implements IZmrClient {
final ResponseType resp = zmrClient.service(req, null);
// parse ZMR response
- return processZmrResponse(resp, EidasResponseUtils.parseEidasPersonalIdentifier(personIdentifier)
- .getFirst(),
- true, PROCESS_SEARCH_PERSONAL_IDENTIFIER);
+ return processZmrResponse(resp, citizenCountryCode, true, PROCESS_SEARCH_PERSONAL_IDENTIFIER);
} catch (final ServiceFault e) {
final String errorMsg = extractReasonFromError(e);
@@ -496,9 +493,9 @@ public class ZmrSoapClient extends AbstractSoapClient implements IZmrClient {
.dateOfBirth(person.getNatuerlichePerson().getGeburtsdatum())
.bpk(extractBpkZp(person.getNatuerlichePerson()))
.placeOfBirth(selectSingleEidasDocument(person, citizenCountryCode,
- Constants.eIDAS_ATTRURN_PERSONALIDENTIFIER))
+ Constants.eIDAS_ATTRURN_PLACEOFBIRTH))
.birthName(selectSingleEidasDocument(person, citizenCountryCode,
- Constants.eIDAS_ATTRURN_PERSONALIDENTIFIER))
+ Constants.eIDAS_ATTRURN_BIRTHNAME))
.build();
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MatchedPersonResult.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MatchedPersonResult.java
new file mode 100644
index 00000000..1e8fcecf
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MatchedPersonResult.java
@@ -0,0 +1,41 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.dao;
+
+import lombok.Builder;
+import lombok.Getter;
+
+/**
+ * Information about a natural person that is already matched.
+ *
+ * @author tlenz
+ *
+ */
+@Getter
+@Builder
+public class MatchedPersonResult {
+
+ /**
+ * Matched person result from matching result.
+ *
+ * @param matchingResult Result of the matching process
+ * @param citizenCountryCode Country-Code of the eIDAS Proxy-Service
+ */
+ public static MatchedPersonResult generateFormMatchingResult(RegisterResult matchingResult,
+ String citizenCountryCode) {
+ return MatchedPersonResult.builder()
+ .familyName(matchingResult.getFamilyName())
+ .givenName(matchingResult.getGivenName())
+ .dateOfBirth(matchingResult.getDateOfBirth())
+ .bpk(matchingResult.getBpk())
+ .countryCode(citizenCountryCode)
+ .build();
+ }
+
+ private final String countryCode;
+ private final String givenName;
+ private final String familyName;
+ private final String dateOfBirth;
+ private final String bpk;
+
+ private String vsz;
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java
index 4959d72f..aa82d806 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java
@@ -32,7 +32,7 @@ import lombok.Getter;
@Builder
@Getter
public class RegisterResult {
-
+
// MDS
private final List pseudonym;
private final String givenName;
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java
index ab84a45f..cedf01e3 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java
@@ -26,7 +26,6 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.dao;
import org.apache.commons.lang3.builder.EqualsBuilder;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterSearchResult;
import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType;
import lombok.Builder;
import lombok.Data;
@@ -67,20 +66,20 @@ public class SimpleEidasData {
* @return true or false depending of the data matches
* @throws WorkflowException if multiple results have been found
*/
- public boolean equalsRegisterData(RegisterSearchResult result) throws WorkflowException {
+ public boolean equalsRegisterData(RegisterResult result) throws WorkflowException {
/*TODO: maybe this is check is not valid, because only the minimum data-set (personalIdentifer, givenName,
* familyName, dateOfBirth) has to be always available. Any other attributes are optional.
* This check will always evaluate to false if register has more information as current eIDAS process!!!
*/
return new EqualsBuilder()
- .append(result.getResult().getGivenName(), givenName)
- .append(result.getResult().getFamilyName(), familyName)
- .append(result.getResult().getDateOfBirth(), dateOfBirth)
- .append(result.getResult().getPlaceOfBirth(), placeOfBirth)
- .append(result.getResult().getBirthName(), birthName)
- .append(result.getResult().getTaxNumber(), taxNumber)
- .isEquals() && result.getResult().getPseudonym().stream()
+ .append(result.getGivenName(), givenName)
+ .append(result.getFamilyName(), familyName)
+ .append(result.getDateOfBirth(), dateOfBirth)
+ .append(result.getPlaceOfBirth(), placeOfBirth)
+ .append(result.getBirthName(), birthName)
+ .append(result.getTaxNumber(), taxNumber)
+ .isEquals() && result.getPseudonym().stream()
.filter(el -> el.equals(pseudonym))
.findFirst()
.isPresent();
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeSpecificDetailSearchProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeSpecificDetailSearchProcessor.java
index 802fde14..471cb115 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeSpecificDetailSearchProcessor.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeSpecificDetailSearchProcessor.java
@@ -29,6 +29,8 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
import at.gv.bmi.namespace.zmr_su.zmr._20040201.EidasSuchdatenType;
import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest;
+import at.gv.e_government.reference.namespace.persondata.de._20040201.NatuerlichePersonTyp;
+import at.gv.e_government.reference.namespace.persondata.de._20040201.PersonenNameTyp;
public class DeSpecificDetailSearchProcessor implements CountrySpecificDetailSearchProcessor {
@@ -46,15 +48,23 @@ public class DeSpecificDetailSearchProcessor implements CountrySpecificDetailSea
}
@Override
- public PersonSuchenRequest generateSearchRequest(SimpleEidasData eidData) {
-
+ public PersonSuchenRequest generateSearchRequest(SimpleEidasData eidData) {
PersonSuchenRequest req = new PersonSuchenRequest();
- EidasSuchdatenType eidasInfos = new EidasSuchdatenType();
- req.setEidasSuchdaten(eidasInfos);
+
+ //set basic MDS information
+ final NatuerlichePersonTyp searchNatPerson = new NatuerlichePersonTyp();
+ req.setNatuerlichePerson(searchNatPerson);
+ final PersonenNameTyp searchNatPersonName = new PersonenNameTyp();
+ searchNatPerson.setPersonenName(searchNatPersonName);
+ searchNatPersonName.setFamilienname(eidData.getFamilyName());
+ searchNatPersonName.setVorname(eidData.getGivenName());
+ searchNatPerson.setGeburtsdatum(eidData.getDateOfBirth());
//TODO: how we can search for more than one eIDAS attribute as a Set
-
+ EidasSuchdatenType eidasInfos = new EidasSuchdatenType();
+ req.setEidasSuchdaten(eidasInfos);
+
return req;
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/RegisterSearchService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/RegisterSearchService.java
index 166ffafb..bcee0f0f 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/RegisterSearchService.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/RegisterSearchService.java
@@ -21,7 +21,6 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.CountrySpecificD
import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.RequiredArgsConstructor;
-import lombok.Setter;
import lombok.extern.slf4j.Slf4j;
@Slf4j
@@ -60,7 +59,7 @@ public class RegisterSearchService {
throws WorkflowException {
try {
final ZmrRegisterResult resultsZmr = zmrClient.searchWithPersonIdentifier(
- null, eidasData.getPersonalIdentifier());
+ null, eidasData.getPseudonym(), eidasData.getCitizenCountryCode());
final List resultsErnp = ernpClient.searchWithPersonIdentifier(
eidasData.getPersonalIdentifier());
@@ -235,14 +234,7 @@ public class RegisterSearchService {
*/
@Getter
@RequiredArgsConstructor
- public static class RegisterSearchResult {
-
- /**
- * Mark the register result finished.
- */
- @Setter
- private boolean matchingFinished = false;
-
+ public static class RegisterSearchResult {
/**
* Operation status for this result.
*/
@@ -272,12 +264,11 @@ public class RegisterSearchService {
* Verifies that there is only one match and returns the bpk.
*
* @return bpk bpk of the match
- * @throws WorkflowException if multiple results have been found or matching is not marked as finished
+ * @throws WorkflowException if multiple results have been found
*/
public String getBpk() throws WorkflowException {
- if (getResultCount() != 1 || !matchingFinished) {
- throw new WorkflowException("readRegisterResults",
- matchingFinished ? "getResultCount() != 1" : "matching prozess not finished yet");
+ if (getResultCount() != 1) {
+ throw new WorkflowException("readRegisterResults", "getResultCount() != 1");
}
return getResult().getBpk();
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
index 41bf4409..35717ae0 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
@@ -25,18 +25,13 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks;
import java.io.IOException;
import java.io.InputStream;
-import java.util.HashMap;
import java.util.List;
-import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.parsers.ParserConfigurationException;
-import org.apache.commons.lang3.StringUtils;
-import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
-import org.joda.time.DateTime;
import org.jose4j.lang.JoseException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
@@ -45,19 +40,17 @@ import org.w3c.dom.Node;
import org.xml.sax.SAXException;
import com.fasterxml.jackson.core.JsonProcessingException;
-import com.google.common.collect.ImmutableMap;
-import com.google.common.collect.ImmutableSet;
import at.asitplus.eidas.specific.connector.MsConnectorEventCodes;
import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.szr.SzrClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.AuthBlockSigningService;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
@@ -66,17 +59,13 @@ import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.builder.BpkBuilder;
import at.gv.egiz.eaaf.core.impl.data.Pair;
-import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder;
import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
import at.gv.egiz.eaaf.core.impl.utils.XPathUtils;
-import eu.eidas.auth.commons.attribute.AttributeDefinition;
-import eu.eidas.auth.commons.attribute.AttributeValue;
-import eu.eidas.auth.commons.light.ILightResponse;
-import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
import lombok.Data;
import lombok.extern.slf4j.Slf4j;
import szrservices.IdentityLinkType;
@@ -112,8 +101,6 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
@Autowired
private SzrClient szrClient;
@Autowired
- private ICcSpecificEidProcessingService eidPostProcessor;
- @Autowired
private AuthBlockSigningService authBlockSigner;
private static final String EID_STATUS = "urn:eidgvat:eid.status.eidas";
@@ -129,63 +116,68 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
throws TaskExecutionException {
- try {
+ try {
- /*TODO: needs refactoring because we has to be operate on national identifiers
- * because matching and insert ERnP was already done!!
+ /*TODO: needs more re-factoring if we finalize CreateNewErnpEntryTask and we know how add entries into ERnP
+ * Maybe, we can fully replace eidData by matchedPersonData,
+ * because matchedPersonData holds the result after a successful matching process.
+ *
+ * Currently, we only add a work-around to operate without new ERnP implementation.
*/
- final ILightResponse eidasResponse = getAuthProcessDataWrapper()
- .getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE, ILightResponse.class);
- final Map eidasAttributes = convertEidasAttrToSimpleMap(
- eidasResponse.getAttributes().getAttributeMap());
- final SimpleEidasData eidData = eidPostProcessor.postProcess(eidasAttributes);
- //final SimpleEidasData eidData =
- // getAuthProcessDataWrapper().getGenericDataFromSession(Constants.DATA_SIMPLE_EIDAS, SimpleEidasData.class);
- final String personalIdentifier = (String) eidasAttributes.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+ final SimpleEidasData eidData = MatchingTaskUtils.getInitialEidasData(pendingReq);
+ MatchedPersonResult matchedPersonData = MatchingTaskUtils.getFinalMatchingResult(pendingReq);
+
writeMdsLogInformation(eidData);
if (basicConfig.getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USEDUMMY, false)) {
buildDummyIdentityLink(eidData);
+
} else {
//request SZR based on IDL or E-ID mode
if (pendingReq.getServiceProviderConfiguration()
.isConfigurationValue(MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE, false)) {
- executeEidMode(eidData, personalIdentifier);
+ executeEidMode(eidData, matchedPersonData);
+
} else {
- executeIdlMode(eidData, personalIdentifier);
- }
+ executeIdlMode(eidData, matchedPersonData);
+
+ }
}
+
storeGenericInfoToSession(eidData);
requestStoreage.storePendingRequest(pendingReq);
+
} catch (final EidasAttributeException e) {
throw new TaskExecutionException(pendingReq, "Minimum required eIDAS attributeset not found.", e);
+
} catch (final EaafException e) {
throw new TaskExecutionException(pendingReq, "IdentityLink generation for foreign person FAILED.", e);
+
} catch (final Exception e) {
log.error("IdentityLink generation for foreign person FAILED.", e);
throw new TaskExecutionException(pendingReq, "IdentityLink generation for foreign person FAILED.", e);
+
}
}
private void storeGenericInfoToSession(SimpleEidasData eidData) throws EaafStorageException {
- AuthProcessDataWrapper authProcessData = getAuthProcessDataWrapper();
+ AuthProcessDataWrapper authProcessData = MatchingTaskUtils.getAuthProcessDataWrapper(pendingReq);
authProcessData.setForeigner(true);
authProcessData.setGenericDataToSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME,
eidData.getCitizenCountryCode());
}
- private void executeIdlMode(SimpleEidasData eidData, String personalIdentifier) throws EaafException {
+ private void executeIdlMode(SimpleEidasData eidData, MatchedPersonResult matchedPersonData) throws EaafException {
//request SZR
- SzrResultHolder idlResult = requestSzrForIdentityLink(eidData);
+ SzrResultHolder idlResult = requestSzrForIdentityLink(eidData, matchedPersonData);
//write revision-Log entry for personal-identifier mapping
- writeExtendedRevisionLogEntry(eidData, personalIdentifier);
-
+ writeExtendedRevisionLogEntry(eidData, eidData.getPersonalIdentifier());
//check result-data and write revision-log based on current state
checkStateAndWriteRevisionLog(idlResult);
//inject personal-data into session
- AuthProcessDataWrapper authProcessDataWrapper = getAuthProcessDataWrapper();
+ AuthProcessDataWrapper authProcessDataWrapper = MatchingTaskUtils.getAuthProcessDataWrapper(pendingReq);
authProcessDataWrapper.setIdentityLink(idlResult.getIdentityLink());
authProcessDataWrapper.setEidProcess(false);
@@ -197,20 +189,29 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
.getAreaSpecificTargetIdentifier());
}
- private void executeEidMode(SimpleEidasData eidData, String personalIdentifier)
+ private void executeEidMode(SimpleEidasData eidData, MatchedPersonResult matchedPersonData)
throws JsonProcessingException, EaafException, JoseException {
// get encrypted baseId
- String vsz = szrClient.getEncryptedStammzahl(eidData);
-
+ String vsz;
+ if (matchedPersonData != null) {
+ log.debug("Requesting encrypted baseId by already matched person information ... ");
+ vsz = szrClient.getEncryptedStammzahl(matchedPersonData);
+
+ } else {
+ log.debug("Requesting encrypted baseId by using eIDAS information directly ... ");
+ vsz = szrClient.createNewErnpEntry(eidData);
+
+ }
+
//write revision-Log entry and extended infos personal-identifier mapping
revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_VSZ_RECEIVED);
- writeExtendedRevisionLogEntry(eidData, personalIdentifier);
+ writeExtendedRevisionLogEntry(eidData, eidData.getPersonalIdentifier());
// get eIDAS bind
String signedEidasBind = szrClient
.getEidasBind(vsz, authBlockSigner.getBase64EncodedPublicKey(), EID_STATUS, eidData);
revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_EIDASBIND_RECEIVED);
- AuthProcessDataWrapper authProcessDataWrapper = getAuthProcessDataWrapper();
+ AuthProcessDataWrapper authProcessDataWrapper = MatchingTaskUtils.getAuthProcessDataWrapper(pendingReq);
authProcessDataWrapper.setGenericDataToSession(Constants.EIDAS_BIND, signedEidasBind);
//get signed AuthBlock
@@ -220,11 +221,12 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
//inject personal-data into session
authProcessDataWrapper.setEidProcess(true);
+
}
private void buildDummyIdentityLink(SimpleEidasData eidData)
throws ParserConfigurationException, SAXException, IOException, EaafException {
- AuthProcessDataWrapper authProcessDataWrapper = getAuthProcessDataWrapper();
+ AuthProcessDataWrapper authProcessDataWrapper = MatchingTaskUtils.getAuthProcessDataWrapper(pendingReq);
SzrResultHolder idlResult = createDummyIdentityLinkForTestDeployment(eidData);
//inject personal-data into session
authProcessDataWrapper.setIdentityLink(idlResult.getIdentityLink());
@@ -247,10 +249,22 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
}
}
- private SzrResultHolder requestSzrForIdentityLink(SimpleEidasData eidData) throws EaafException {
+ private SzrResultHolder requestSzrForIdentityLink(SimpleEidasData eidData,
+ MatchedPersonResult matchedPersonData) throws EaafException {
//request IdentityLink from SZR
- final IdentityLinkType result = szrClient.getIdentityLinkInRawMode(eidData);
+ IdentityLinkType result;
+ if (matchedPersonData != null) {
+ log.debug("Requesting encrypted baseId by already matched person information ... ");
+ result = szrClient.getIdentityLinkInRawMode(matchedPersonData);
+
+ } else {
+ log.debug("Requesting encrypted baseId by using eIDAS information directly ... ");
+ result = szrClient.getIdentityLinkInRawMode(eidData);
+
+ }
+
+
final Element idlFromSzr = (Element) result.getAssertion();
final IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSzr).parseIdentityLink();
@@ -322,68 +336,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
}
}
- private Map convertEidasAttrToSimpleMap(
- ImmutableMap, ImmutableSet>> attributeMap) {
- final Map result = new HashMap<>();
- for (final AttributeDefinition el : attributeMap.keySet()) {
- final Class parameterizedType = el.getParameterizedType();
- if (DateTime.class.equals(parameterizedType)) {
- convertDateTime(attributeMap, result, el);
- } else if (PostalAddress.class.equals(parameterizedType)) {
- convertPostalAddress(attributeMap, result, el);
- } else {
- convertString(attributeMap, result, el);
- }
- }
-
- log.debug("Receive #" + result.size() + " attributes with names: " + result.keySet().toString());
- return result;
- }
-
- private void convertString(ImmutableMap,
- ImmutableSet>> attributeMap,
- Map result, AttributeDefinition el) {
- final List natPersonIdObj = EidasResponseUtils
- .translateStringListAttribute(el, attributeMap.get(el));
- final String stringAttr = natPersonIdObj.get(0);
- if (StringUtils.isNotEmpty(stringAttr)) {
- result.put(el.getFriendlyName(), stringAttr);
- log.trace("Find attr '" + el.getFriendlyName() + "' with value: " + stringAttr);
- } else {
- log.info("Ignore empty 'String' attribute");
- }
- }
-
- private void convertPostalAddress(ImmutableMap,
- ImmutableSet>> attributeMap,
- Map result, AttributeDefinition el) {
- final PostalAddress addressAttribute = EidasResponseUtils
- .translateAddressAttribute(el, attributeMap.get(el).asList());
- if (addressAttribute != null) {
- result.put(el.getFriendlyName(), addressAttribute);
- log.trace("Find attr '" + el.getFriendlyName() + "' with value: " + addressAttribute.toString());
- } else {
- log.info("Ignore empty 'PostalAddress' attribute");
- }
- }
-
- private void convertDateTime(ImmutableMap,
- ImmutableSet>> attributeMap,
- Map result, AttributeDefinition el) {
- final DateTime attribute = EidasResponseUtils.translateDateAttribute(el, attributeMap.get(el).asList());
- if (attribute != null) {
- result.put(el.getFriendlyName(), attribute);
- log.trace("Find attr '" + el.getFriendlyName() + "' with value: " + attribute.toString());
- } else {
- log.info("Ignore empty 'DateTime' attribute");
- }
- }
-
- @NotNull
- private AuthProcessDataWrapper getAuthProcessDataWrapper() {
- return pendingReq.getSessionData(AuthProcessDataWrapper.class);
- }
-
+
/**
* write MDS into technical log and revision log.
*/
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateNewErnpEntryTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateNewErnpEntryTask.java
index 69b127d8..6fc6d499 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateNewErnpEntryTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateNewErnpEntryTask.java
@@ -29,9 +29,6 @@ import javax.servlet.http.HttpServletResponse;
import org.springframework.stereotype.Component;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.szr.SzrClient;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
@@ -56,27 +53,37 @@ import lombok.extern.slf4j.Slf4j;
@Component("CreateNewErnbEntryTask")
public class CreateNewErnpEntryTask extends AbstractAuthServletTask {
- private final SzrClient szrClient;
+ //private final SzrClient szrClient;
- /**
- * Constructor.
- * @param szrClient SZR client for creating a new ERnP entry
- */
- public CreateNewErnpEntryTask(SzrClient szrClient) {
- this.szrClient = szrClient;
- }
+ ///**
+ // * Constructor.
+ // * @param szrClient SZR client for creating a new ERnP entry
+ // */
+ //public CreateNewErnpEntryTask(SzrClient szrClient) {
+ // this.szrClient = szrClient;
+ //}
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
throws TaskExecutionException {
try {
- SimpleEidasData simpleEidasData = MatchingTaskUtils.getInitialEidasData(pendingReq);
+ //SimpleEidasData simpleEidasData = MatchingTaskUtils.getInitialEidasData(pendingReq);
- // TODO When to do eidPostProcessor.postProcess on the eidas attributes?
- String vsz = szrClient.createNewErnpEntry(simpleEidasData);
+ // insert person into ERnP
+ //TODO: should we insert it directly into ERnP?
+ //TODO: has to updated to new eIDAS document model in ERnP
+ //String vsz = szrClient.createNewErnpEntry(simpleEidasData);
+
+ // finish matching process, because new user-entry uniquly matches
+ //log.info("User successfully registerred into ERnP and matching tasks are finished ");
+ //MatchingTaskUtils.storeFinalMatchingResult(pendingReq,
+ // MatchedPersonResult.builder()
+ // .vsz(vsz)
+ // .build());
+
+ log.warn("Skipping new insert ERnP task, because it's currently unknown who we should it");
+
- // TODO what to do with the VSZ now
- log.info("VSZ: {}", vsz);
} catch (final Exception e) {
log.error("Initial search FAILED.", e);
throw new TaskExecutionException(pendingReq, "Initial search FAILED.", e);
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java
index 1563d6df..01497f8d 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java
@@ -42,6 +42,8 @@ import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
@@ -71,9 +73,9 @@ import lombok.extern.slf4j.Slf4j;
* Output:
*
* - {@link Constants#DATA_SIMPLE_EIDAS} converted from Full eIDAS Response
- * - {@link Constants#DATA_INITIAL_REGISTER_RESULT} results from first search in registers with
+ *
- {@link Constants#DATA_INTERMEDIATE_RESULT} results from first search in registers with
* PersonIdentifier
- * - {@link Constants#DATA_FURTHER_REGISTER_RESULT} results after second search in registers with MDS
+ * - {@link Constants#DATA_PERSON_MATCH_RESULT} results after second search in registers with MDS
* - {@link Constants#DATA_RESULT_MATCHING_BPK} if one register result found
*
* Transitions:
@@ -135,8 +137,7 @@ public class InitialSearchTask extends AbstractAuthServletTask {
step6CountrySpecificSearch(executionContext, initialSearchResult.getOperationStatus(), eidasData);
} else if (resultCount == 1) {
- // find person by PersonalIdentifier --> finalize first matching task
- initialSearchResult.setMatchingFinished(true);
+ // find person by PersonalIdentifier --> finalize first matching task
foundMatchFinializeTask(initialSearchResult, eidasData);
} else {
@@ -169,8 +170,7 @@ public class InitialSearchTask extends AbstractAuthServletTask {
log.trace("'step6CountrySpecificSearch' finds a person. Forward to 'step7aKittProcess' step ... ");
registerSearchService.step7aKittProcess(countrySpecificResult, eidasData);
- // find person by country-specific information --> finalize first matching task
- countrySpecificResult.setMatchingFinished(true);
+ // find person by country-specific information --> finalize first matching task
foundMatchFinializeTask(countrySpecificResult, eidasData);
} else {
@@ -194,7 +194,7 @@ public class InitialSearchTask extends AbstractAuthServletTask {
log.debug("Matching step: 'step8RegisterSearchWithMds' has #{} results. "
+ "Forward to GUI based matching steps ... ", registerData.getResultCount());
- MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerData);
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerData);
executionContext.put(TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK, true);
}
@@ -205,22 +205,26 @@ public class InitialSearchTask extends AbstractAuthServletTask {
private void foundMatchFinializeTask(RegisterSearchResult searchResult, SimpleEidasData eidasData)
throws WorkflowException, EaafStorageException {
// check if register update is required
- step3CheckRegisterUpdateNecessary(searchResult, eidasData);
-
+ RegisterResult updatedResult = step3CheckRegisterUpdateNecessary(searchResult.getResult(), eidasData);
+
// store search result
- MatchingTaskUtils.storeInitialRegisterResult(pendingReq, searchResult);
+ MatchingTaskUtils.storeFinalMatchingResult(pendingReq,
+ MatchedPersonResult.generateFormMatchingResult(updatedResult, eidasData.getCitizenCountryCode()));
}
- private void step3CheckRegisterUpdateNecessary(RegisterSearchResult initialSearchResult,
+ private RegisterResult step3CheckRegisterUpdateNecessary(RegisterResult searchResult,
SimpleEidasData eidasData) throws WorkflowException {
log.trace("Starting step3CheckRegisterUpdateNecessary");
- if (!eidasData.equalsRegisterData(initialSearchResult)) {
- // TODO Update "initialSearchResult" in register with "eidasData" from login not possible for now
+ if (!eidasData.equalsRegisterData(searchResult)) {
log.info("Skipping update-register-information step, because it's not supported yet");
+
+ //TODO: return updated search result if updates are allowed
+ return searchResult;
} else {
- log.debug("Register information match to eIDAS information. No update requird");
+ log.debug("Register information match to eIDAS information. No update requird");
+ return searchResult;
}
@@ -233,6 +237,7 @@ public class InitialSearchTask extends AbstractAuthServletTask {
.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE, ILightResponse.class);
Map simpleMap = convertEidasAttrToSimpleMap(eidasResponse.getAttributes().getAttributeMap());
return eidPostProcessor.postProcess(simpleMap);
+
}
private Map convertEidasAttrToSimpleMap(
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
index b18104fa..b71d86c8 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
@@ -33,6 +33,7 @@ import org.jetbrains.annotations.NotNull;
import org.springframework.stereotype.Component;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.InvalidUserInputException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ManualFixNecessaryException;
@@ -56,7 +57,7 @@ import lombok.extern.slf4j.Slf4j;
* Input:
*
* - {@link Constants#DATA_SIMPLE_EIDAS} initial login data from user
- * - {@link Constants#DATA_INITIAL_REGISTER_RESULT} results from search in registers with personIdentifier
+ * - {@link Constants#DATA_INTERMEDIATE_RESULT} results from search in registers with personIdentifier
*
* Output:
*
@@ -125,7 +126,7 @@ public class ReceiveAustrianResidenceGuiResponseTask extends AbstractAuthServlet
try {
SimpleEidasData eidasData = MatchingTaskUtils.getInitialEidasData(pendingReq);
- RegisterSearchResult initialSearchResult = MatchingTaskUtils.getInitialRegisterResult(pendingReq);
+ RegisterSearchResult initialSearchResult = MatchingTaskUtils.getIntermediateMatchingResult(pendingReq);
RegisterSearchResult residencyResult =
registerSearchService.searchWithResidence(initialSearchResult.getOperationStatus(),
@@ -160,13 +161,14 @@ public class ReceiveAustrianResidenceGuiResponseTask extends AbstractAuthServlet
/*TODO: check 'equalsRegisterData' because this method maybe this method evaluate to an invalid result.
* See TODO in methods body
*/
- if (eidasData.equalsRegisterData(residencyResult)) {
+ if (eidasData.equalsRegisterData(residencyResult.getResult())) {
// update register information
registerSearchService.step7aKittProcess(residencyResult, eidasData);
// store search result to re-used in CreateIdentityLink step, because there we need bPK and MDS
- residencyResult.setMatchingFinished(true);
- MatchingTaskUtils.storeInitialRegisterResult(pendingReq, residencyResult);
+ MatchingTaskUtils.storeFinalMatchingResult(pendingReq,
+ MatchedPersonResult.generateFormMatchingResult(
+ residencyResult.getResult(), eidasData.getCitizenCountryCode()));
} else {
moveToNextTask(executionContext);
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java
index fd469f49..e0b05892 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java
@@ -45,6 +45,7 @@ import org.opensaml.saml.saml2.metadata.IDPSSODescriptor;
import org.springframework.stereotype.Component;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleMobileSignatureData;
@@ -86,7 +87,7 @@ import lombok.extern.slf4j.Slf4j;
* Input:
*
* - {@link Constants#DATA_SIMPLE_EIDAS} initial login data from user
- * - {@link Constants#DATA_INITIAL_REGISTER_RESULT} results from search in registers with personIdentifier
+ * - {@link Constants#DATA_INTERMEDIATE_RESULT} results from search in registers with personIdentifier
*
* Output:
*
@@ -160,7 +161,7 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet
// load already existing information from session
SimpleEidasData eidasData = MatchingTaskUtils.getInitialEidasData(pendingReq);
- RegisterSearchResult initialSearchResult = MatchingTaskUtils.getInitialRegisterResult(pendingReq);
+ RegisterSearchResult initialSearchResult = MatchingTaskUtils.getIntermediateMatchingResult(pendingReq);
// extract user information from ID Austria authentication
AssertionAttributeExtractor extractor = new AssertionAttributeExtractor(processedMsg.getFirst().getResponse());
@@ -188,9 +189,10 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet
// perform kit operation
registerSearchService.step7aKittProcess(registerResult, eidasData);
- // store search result to re-used in CreateIdentityLink step, because there we need bPK and MDS
- registerResult.setMatchingFinished(true);
- MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerResult);
+ // store search result to re-used in CreateIdentityLink step, because there we need bPK and MDS
+ MatchingTaskUtils.storeFinalMatchingResult(pendingReq,
+ MatchedPersonResult.generateFormMatchingResult(registerResult.getResult(),
+ eidasData.getCitizenCountryCode()));
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java
index 59a6886a..0eb56d0b 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java
@@ -45,7 +45,7 @@ import lombok.extern.slf4j.Slf4j;
* Input:
*
* - {@link Constants#DATA_SIMPLE_EIDAS} initial login data from user
- * - {@link Constants#DATA_INITIAL_REGISTER_RESULT} results from search in registers with personIdentifier
+ * - {@link Constants#DATA_INTERMEDIATE_RESULT} results from search in registers with personIdentifier
*
* Output:
*
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java
index 5625a30d..ae4dfb30 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java
@@ -5,6 +5,7 @@ import javax.annotation.Nullable;
import org.springframework.lang.NonNull;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterSearchResult;
import at.gv.egiz.eaaf.core.api.IRequest;
@@ -41,33 +42,61 @@ public class MatchingTaskUtils {
}
/**
- * Get Matching result from session.
+ * Get intermediate matching result from session.
*
* @param pendingReq Current pendingRequest
- * @return Matching result or null if not exist
+ * @return Intermediate matching result or null if not exist
*/
@Nullable
- public static RegisterSearchResult getInitialRegisterResult(IRequest pendingReq) {
- return getAuthProcessDataWrapper(pendingReq).getGenericDataFromSession(Constants.DATA_INITIAL_REGISTER_RESULT,
+ public static RegisterSearchResult getIntermediateMatchingResult(IRequest pendingReq) {
+ return getAuthProcessDataWrapper(pendingReq).getGenericDataFromSession(Constants.DATA_INTERMEDIATE_RESULT,
RegisterSearchResult.class);
}
/**
- * Store matching result into session.
+ * Store intermediate matching result into session.
*
* @param pendingReq Current pendingRequest
- * @param registerData Matching result information
+ * @param registerData Intermediate matching result information
* @throws EaafStorageException In case of data can not be add into session
*/
@Nullable
- public static void storeInitialRegisterResult(IRequest pendingReq, RegisterSearchResult registerData)
+ public static void storeIntermediateMatchingResult(IRequest pendingReq, RegisterSearchResult registerData)
throws EaafStorageException {
getAuthProcessDataWrapper(pendingReq).setGenericDataToSession(
- Constants.DATA_INITIAL_REGISTER_RESULT, registerData);
+ Constants.DATA_INTERMEDIATE_RESULT, registerData);
}
+ /**
+ * Get intermediate matching result from session.
+ *
+ * @param pendingReq Current pendingRequest
+ * @return Intermediate matching result or null if not exist
+ */
+ @Nullable
+ public static MatchedPersonResult getFinalMatchingResult(IRequest pendingReq) {
+ return getAuthProcessDataWrapper(pendingReq).getGenericDataFromSession(Constants.DATA_PERSON_MATCH_RESULT,
+ MatchedPersonResult.class);
+
+ }
+
+ /**
+ * Store intermediate matching result into session.
+ *
+ * @param pendingReq Current pendingRequest
+ * @param personInfos Person information after a successful match
+ * @throws EaafStorageException In case of data can not be add into session
+ */
+ @Nullable
+ public static void storeFinalMatchingResult(IRequest pendingReq, MatchedPersonResult personInfos)
+ throws EaafStorageException {
+ getAuthProcessDataWrapper(pendingReq).setGenericDataToSession(
+ Constants.DATA_PERSON_MATCH_RESULT, personInfos);
+
+ }
+
/**
* Get holder for authentication information for the current process.
*
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/zmr/DummyZmrClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/zmr/DummyZmrClient.java
index 30a801a4..b39281c2 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/zmr/DummyZmrClient.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/zmr/DummyZmrClient.java
@@ -39,7 +39,8 @@ import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest;
public class DummyZmrClient implements IZmrClient {
@Override
- public ZmrRegisterResult searchWithPersonIdentifier(BigInteger zmrProzessId, String personIdentifier) {
+ public ZmrRegisterResult searchWithPersonIdentifier(BigInteger zmrProzessId, String personIdentifier,
+ String citizenCountryCode) {
return new ZmrRegisterResult(Collections.emptyList(), null);
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyOA.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyOA.java
index 2f7782ae..074dd0bb 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyOA.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyOA.java
@@ -1,13 +1,19 @@
package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import org.apache.commons.lang3.StringUtils;
+
+import at.gv.egiz.eaaf.core.impl.builder.BpkBuilder;
import at.gv.egiz.eaaf.core.impl.data.Pair;
-import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder;
import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
import lombok.Getter;
import lombok.Setter;
-import org.apache.commons.lang3.StringUtils;
-
-import java.util.*;
public class DummyOA implements IAhSpConfiguration {
@@ -115,13 +121,13 @@ public class DummyOA implements IAhSpConfiguration {
}
@Override
- public List getTargetsWithNoBaseIdInternalProcessingRestriction() {
+ public Set getTargetsWithNoBaseIdInternalProcessingRestriction() {
// TODO Auto-generated method stub
return null;
}
@Override
- public List getTargetsWithNoBaseIdTransferRestriction() {
+ public Set getTargetsWithNoBaseIdTransferRestriction() {
// TODO Auto-generated method stub
return null;
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/DeSpecificDetailSearchProcessorTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/DeSpecificDetailSearchProcessorTest.java
new file mode 100644
index 00000000..21c9fd80
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/DeSpecificDetailSearchProcessorTest.java
@@ -0,0 +1,105 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.handler;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.DeSpecificDetailSearchProcessor;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest;
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class DeSpecificDetailSearchProcessorTest {
+
+ private DeSpecificDetailSearchProcessor handler = new DeSpecificDetailSearchProcessor();
+
+ @Test
+ public void checkName() {
+ assertEquals("wrong handler name", "DeSpecificDetailSearchProcessor", handler.getName());
+
+ }
+
+ @Test
+ public void canHandlerCheck_1() {
+ SimpleEidasData eidData = SimpleEidasData.builder()
+ .birthName(RandomStringUtils.randomAlphabetic(5))
+ .placeOfBirth(RandomStringUtils.randomAlphabetic(5))
+ .build();
+ assertFalse("wrong 'canHandle' flag", handler.canHandle("XX", eidData));
+
+ }
+
+ @Test
+ public void canHandlerCheck_2() {
+ SimpleEidasData eidData = SimpleEidasData.builder()
+ .birthName(RandomStringUtils.randomAlphabetic(5))
+ .placeOfBirth(RandomStringUtils.randomAlphabetic(5))
+ .build();
+ assertTrue("wrong 'canHandle' flag", handler.canHandle("DE", eidData));
+
+ }
+
+ @Test
+ public void canHandlerCheck_3() {
+ SimpleEidasData eidData = SimpleEidasData.builder()
+ .birthName(RandomStringUtils.randomAlphabetic(5))
+ .placeOfBirth(RandomStringUtils.randomAlphabetic(5))
+ .build();
+ assertTrue("wrong 'canHandle' flag", handler.canHandle("de", eidData));
+
+ }
+
+ @Test
+ public void canHandlerCheck_4() {
+ SimpleEidasData eidData = SimpleEidasData.builder()
+ .birthName(null)
+ .placeOfBirth(RandomStringUtils.randomAlphabetic(5))
+ .build();
+ assertFalse("wrong 'canHandle' flag", handler.canHandle("DE", eidData));
+
+ }
+
+ @Test
+ public void canHandlerCheck_5() {
+ SimpleEidasData eidData = SimpleEidasData.builder()
+ .birthName(RandomStringUtils.randomAlphabetic(5))
+ .placeOfBirth(null)
+ .build();
+ assertFalse("wrong 'canHandle' flag", handler.canHandle("DE", eidData));
+
+ }
+
+ @Test
+ public void generateZmrSearchRequest() {
+ SimpleEidasData eidData = SimpleEidasData.builder()
+ .citizenCountryCode("DE")
+ .givenName(RandomStringUtils.randomAlphabetic(5))
+ .familyName(RandomStringUtils.randomAlphabetic(5))
+ .dateOfBirth(RandomStringUtils.randomAlphabetic(5))
+ .birthName(RandomStringUtils.randomAlphabetic(5))
+ .placeOfBirth(RandomStringUtils.randomAlphabetic(5))
+ .build();
+
+ // perform operation
+ PersonSuchenRequest req = handler.generateSearchRequest(eidData);
+
+ //validate response
+ assertNotNull("no search request", req);
+ assertNotNull("no MDS", req.getNatuerlichePerson());
+ assertNotNull("no MDS PersonName", req.getNatuerlichePerson().getPersonenName());
+ assertEquals("familyName", eidData.getFamilyName(), req.getNatuerlichePerson().getPersonenName().getFamilienname());
+ assertEquals("givenName", eidData.getGivenName(), req.getNatuerlichePerson().getPersonenName().getVorname());
+ assertEquals("birthday", eidData.getDateOfBirth(), req.getNatuerlichePerson().getGeburtsdatum());
+
+ assertNotNull("no eIDAS documenst", req.getEidasSuchdaten());
+ //TODO: add validation if we can add more than one eIDAS document
+
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/ItSpecificDetailSearchProcessorTes.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/ItSpecificDetailSearchProcessorTes.java
new file mode 100644
index 00000000..9b638ee5
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/ItSpecificDetailSearchProcessorTes.java
@@ -0,0 +1,84 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.handler;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.ItSpecificDetailSearchProcessor;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest;
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class ItSpecificDetailSearchProcessorTes {
+
+ private ItSpecificDetailSearchProcessor handler = new ItSpecificDetailSearchProcessor();
+
+ @Test
+ public void checkName() {
+ assertEquals("wrong handler name", "ItSpecificDetailSearchProcessor", handler.getName());
+
+ }
+
+ @Test
+ public void canHandlerCheck_1() {
+ SimpleEidasData eidData = SimpleEidasData.builder()
+ .taxNumber(RandomStringUtils.randomAlphabetic(5))
+ .build();
+ assertFalse("wrong 'canHandle' flag", handler.canHandle("XX", eidData));
+
+ }
+
+ @Test
+ public void canHandlerCheck_2() {
+ SimpleEidasData eidData = SimpleEidasData.builder()
+ .taxNumber(RandomStringUtils.randomAlphabetic(5))
+ .build();
+ assertTrue("wrong 'canHandle' flag", handler.canHandle("IT", eidData));
+
+ }
+
+ @Test
+ public void canHandlerCheck_3() {
+ SimpleEidasData eidData = SimpleEidasData.builder()
+ .taxNumber(RandomStringUtils.randomAlphabetic(5))
+ .build();
+ assertTrue("wrong 'canHandle' flag", handler.canHandle("it", eidData));
+
+ }
+
+ @Test
+ public void canHandlerCheck_4() {
+ SimpleEidasData eidData = SimpleEidasData.builder()
+ .taxNumber("")
+ .build();
+ assertFalse("wrong 'canHandle' flag", handler.canHandle("IT", eidData));
+
+ }
+
+ @Test
+ public void generateZmrSearchRequest() {
+ SimpleEidasData eidData = SimpleEidasData.builder()
+ .citizenCountryCode("IT")
+ .givenName(RandomStringUtils.randomAlphabetic(5))
+ .familyName(RandomStringUtils.randomAlphabetic(5))
+ .dateOfBirth(RandomStringUtils.randomAlphabetic(5))
+ .taxNumber(RandomStringUtils.randomAlphabetic(5))
+ .build();
+
+ // perform operation
+ PersonSuchenRequest req = handler.generateSearchRequest(eidData);
+
+ //validate response
+ assertNotNull("no search request", req);
+
+ //TODO: add validation if we can add more information about taxNumber from Italy
+
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
index 248b71d9..7af9706e 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
@@ -18,7 +18,9 @@ import java.util.List;
import java.util.Map;
import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
import org.jetbrains.annotations.NotNull;
+import org.joda.time.DateTime;
import org.jose4j.jwa.AlgorithmConstraints;
import org.jose4j.jwa.AlgorithmConstraints.ConstraintType;
import org.jose4j.jws.AlgorithmIdentifiers;
@@ -39,16 +41,25 @@ import org.springframework.web.context.request.ServletRequestAttributes;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
+import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.ImmutableSet;
import com.skjolberg.mockito.soap.SoapServiceRule;
import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils.JwsResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.IRequestStorage;
import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
@@ -68,8 +79,10 @@ import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
import at.gv.egiz.eaaf.core.impl.utils.Random;
import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.AttributeValue;
import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
import eu.eidas.auth.commons.attribute.ImmutableAttributeMap.Builder;
+import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
import lombok.val;
import szrservices.JwsHeaderParam;
@@ -96,6 +109,9 @@ public class CreateIdentityLinkTaskEidNewTest {
@Autowired
EaafKeyStoreFactory keyStoreFactory;
+ @Autowired
+ ICcSpecificEidProcessingService eidPostProcessor;
+
@Autowired
private IRequestStorage requestStorage;
@@ -123,9 +139,11 @@ public class CreateIdentityLinkTaskEidNewTest {
/**
* jUnit test set-up.
+ * @throws EidasAttributeException
+ * @throws EidPostProcessingException
*/
@Before
- public void setUp() throws EaafStorageException, URISyntaxException {
+ public void setUp() throws EaafStorageException, URISyntaxException, EidPostProcessingException, EidasAttributeException {
httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
httpResp = new MockHttpServletResponse();
@@ -144,8 +162,14 @@ public class CreateIdentityLinkTaskEidNewTest {
response = buildDummyAuthResponse(false);
pendingReq.getSessionData(AuthProcessDataWrapper.class)
.setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
-
-
+
+ final Map eidasAttributes = convertEidasAttrToSimpleMap(
+ response.getAttributes().getAttributeMap());
+ final SimpleEidasData eidData = eidPostProcessor.postProcess(eidasAttributes);
+ MatchingTaskUtils.storeInitialEidasData(pendingReq, eidData);
+
+ MatchingTaskUtils.storeFinalMatchingResult(pendingReq, null);
+
pendingReq.setSpConfig(oaParam);
pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
pendingReq.setAuthUrl("http://test.com/");
@@ -163,8 +187,10 @@ public class CreateIdentityLinkTaskEidNewTest {
//initialize test
response = buildDummyAuthResponse(true);
pendingReq.getSessionData(AuthProcessDataWrapper.class)
- .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
-
+ .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+ MatchingTaskUtils.storeInitialEidasData(pendingReq, eidPostProcessor.postProcess(
+ convertEidasAttrToSimpleMap(response.getAttributes().getAttributeMap())));
+
String vsz = RandomStringUtils.randomNumeric(10);
when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(vsz);
val signContentResp = new SignContentResponseType();
@@ -223,7 +249,7 @@ public class CreateIdentityLinkTaskEidNewTest {
verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture());
Boolean param5 = argument5.getValue();
- Assert.assertFalse("insertERnP flag", param5);
+ Assert.assertTrue("insertERnP flag", param5);
PersonInfoType person = argument4.getValue();
Assert.assertEquals("FamilyName",
response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue(
@@ -296,6 +322,82 @@ public class CreateIdentityLinkTaskEidNewTest {
}
+ @Test
+ public void successfulProcessWithDataFromMatching() throws Exception {
+ //initialize test
+ String vsz = RandomStringUtils.randomNumeric(10);
+ when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(vsz);
+ val signContentResp = new SignContentResponseType();
+ final SignContentEntry signContentEntry = new SignContentEntry();
+ signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10));
+ signContentResp.getOut().add(signContentEntry);
+ when(szrMock.signContent(any(), any(), any())).thenReturn(signContentResp);
+
+ String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+
+ MatchedPersonResult matchingInfos = MatchedPersonResult.builder()
+ .bpk(RandomStringUtils.randomAlphabetic(5))
+ .givenName(RandomStringUtils.randomAlphabetic(5))
+ .familyName(RandomStringUtils.randomAlphabetic(5))
+ .dateOfBirth(RandomStringUtils.randomAlphabetic(5))
+ .countryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+ .build();
+
+ MatchingTaskUtils.storeFinalMatchingResult(pendingReq, matchingInfos);
+
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+
+ //validate state
+ // check if pendingRequest was stored
+ IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+
+ //check data in session
+ final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+ Assert.assertNotNull("AuthProcessData", authProcessData);
+ Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class));
+
+ String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);
+ Assert.assertNotNull("AuthBlock", authBlock);
+
+ Assert.assertTrue("EID process", authProcessData.isEidProcess());
+ Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+ Assert.assertEquals("EID-ISSUING_NATION", "LU",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+
+ // check vsz request
+ ArgumentCaptor argument4 = ArgumentCaptor.forClass(PersonInfoType.class);
+ ArgumentCaptor argument5 = ArgumentCaptor.forClass(Boolean.class);
+ verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture());
+
+ Boolean param5 = argument5.getValue();
+ Assert.assertFalse("insertERnP flag", param5);
+ PersonInfoType person = argument4.getValue();
+ Assert.assertEquals("FamilyName",
+ matchingInfos.getFamilyName(),
+ person.getPerson().getName().getFamilyName());
+ Assert.assertEquals("GivenName",
+ matchingInfos.getGivenName(),
+ person.getPerson().getName().getGivenName());
+ Assert.assertEquals("DateOfBirth",
+ matchingInfos.getDateOfBirth(),
+ person.getPerson().getDateOfBirth());
+ Assert.assertEquals("bPK",
+ matchingInfos.getBpk(),
+ person.getPerson().getIdentification().getValue());
+ Assert.assertEquals("bPKType",
+ EaafConstants.URN_PREFIX_CDID + "ZP",
+ person.getPerson().getIdentification().getType());
+
+
+ Assert.assertNull("PlaceOfBirth", person.getPerson().getPlaceOfBirth());
+ Assert.assertNull("BirthName", person.getPerson().getAlternativeName());
+
+ }
+
@Test
public void successfulProcessWithStandardInfos() throws Exception {
//initialize test
@@ -337,7 +439,7 @@ public class CreateIdentityLinkTaskEidNewTest {
verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture());
Boolean param5 = argument5.getValue();
- Assert.assertFalse("insertERnP flag", param5);
+ Assert.assertTrue("insertERnP flag", param5);
PersonInfoType person = argument4.getValue();
Assert.assertEquals("FamilyName",
response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue(
@@ -456,4 +558,53 @@ public class CreateIdentityLinkTaskEidNewTest {
.attributes(attributeMap.build())
.build();
}
+
+ private Map convertEidasAttrToSimpleMap(
+ ImmutableMap, ImmutableSet>> attributeMap) {
+ final Map result = new HashMap<>();
+ for (final AttributeDefinition el : attributeMap.keySet()) {
+ final Class parameterizedType = el.getParameterizedType();
+ if (DateTime.class.equals(parameterizedType)) {
+ convertDateTime(attributeMap, result, el);
+ } else if (PostalAddress.class.equals(parameterizedType)) {
+ convertPostalAddress(attributeMap, result, el);
+ } else {
+ convertString(attributeMap, result, el);
+ }
+ }
+ return result;
+ }
+
+ private void convertString(ImmutableMap,
+ ImmutableSet>> attributeMap,
+ Map result, AttributeDefinition el) {
+ final List natPersonIdObj = EidasResponseUtils
+ .translateStringListAttribute(el, attributeMap.get(el));
+ final String stringAttr = natPersonIdObj.get(0);
+ if (StringUtils.isNotEmpty(stringAttr)) {
+ result.put(el.getFriendlyName(), stringAttr);
+
+ }
+ }
+
+ private void convertPostalAddress(ImmutableMap,
+ ImmutableSet>> attributeMap,
+ Map result, AttributeDefinition el) {
+ final PostalAddress addressAttribute = EidasResponseUtils
+ .translateAddressAttribute(el, attributeMap.get(el).asList());
+ if (addressAttribute != null) {
+ result.put(el.getFriendlyName(), addressAttribute);
+
+ }
+ }
+
+ private void convertDateTime(ImmutableMap,
+ ImmutableSet>> attributeMap,
+ Map result, AttributeDefinition el) {
+ final DateTime attribute = EidasResponseUtils.translateDateAttribute(el, attributeMap.get(el).asList());
+ if (attribute != null) {
+ result.put(el.getFriendlyName(), attribute);
+
+ }
+ }
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
index 556bd2eb..0a2d4271 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
@@ -5,6 +5,7 @@ import static org.mockito.ArgumentMatchers.any;
import java.net.URISyntaxException;
import java.util.HashMap;
+import java.util.List;
import java.util.Map;
import javax.xml.bind.JAXBContext;
@@ -12,7 +13,9 @@ import javax.xml.bind.JAXBException;
import javax.xml.bind.Unmarshaller;
import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
import org.jetbrains.annotations.NotNull;
+import org.joda.time.DateTime;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Rule;
@@ -27,13 +30,22 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
+import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.ImmutableSet;
import com.skjolberg.mockito.soap.SoapServiceRule;
import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.IRequestStorage;
import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
@@ -50,7 +62,9 @@ import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
import at.gv.egiz.eaaf.core.impl.utils.Random;
import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.AttributeValue;
import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
import lombok.val;
import szrservices.GetBPK;
@@ -79,7 +93,10 @@ public class CreateIdentityLinkTaskTest {
EaafKeyStoreFactory keyStoreFactory;
@Autowired
- private IRequestStorage requestStorage;
+ ICcSpecificEidProcessingService eidPostProcessor;
+
+ @Autowired
+ IRequestStorage requestStorage;
final ExecutionContext executionContext = new ExecutionContextImpl();
private MockHttpServletRequest httpReq;
@@ -96,9 +113,11 @@ public class CreateIdentityLinkTaskTest {
/**
* jUnit test set-up.
+ * @throws EidasAttributeException
+ * @throws EidPostProcessingException
*/
@Before
- public void setUp() throws EaafStorageException, URISyntaxException {
+ public void setUp() throws EaafStorageException, URISyntaxException, EidPostProcessingException, EidasAttributeException {
httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
httpResp = new MockHttpServletResponse();
@@ -117,9 +136,15 @@ public class CreateIdentityLinkTaskTest {
pendingReq = new TestRequestImpl();
response = buildDummyAuthResponse();
-
+ final Map eidasAttributes = convertEidasAttrToSimpleMap(
+ response.getAttributes().getAttributeMap());
+ final SimpleEidasData eidData = eidPostProcessor.postProcess(eidasAttributes);
+ MatchingTaskUtils.storeInitialEidasData(pendingReq, eidData);
pendingReq.getSessionData(AuthProcessDataWrapper.class)
.setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+
+ MatchingTaskUtils.storeFinalMatchingResult(pendingReq, null);
+
pendingReq.setSpConfig(oaParam);
pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
pendingReq.setAuthUrl("http://test.com/");
@@ -181,6 +206,63 @@ public class CreateIdentityLinkTaskTest {
}
+ @Test
+ public void successfulProcessWithDataFromMatching() throws Exception {
+ //initialize test
+ setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+
+ String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+
+ MatchedPersonResult matchingInfos = MatchedPersonResult.builder()
+ .bpk(RandomStringUtils.randomAlphabetic(5))
+ .givenName(RandomStringUtils.randomAlphabetic(5))
+ .familyName(RandomStringUtils.randomAlphabetic(5))
+ .dateOfBirth(RandomStringUtils.randomAlphabetic(5))
+ .countryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+ .build();
+
+ MatchingTaskUtils.storeFinalMatchingResult(pendingReq, matchingInfos);
+
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+
+ //validate state
+ // check if pendingRequest was stored
+ IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+
+ //check data in session
+ final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+ Assert.assertNotNull("AuthProcessData", authProcessData);
+ Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class));
+
+ String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);
+ Assert.assertNull("AuthBlock", authBlock);
+
+ Assert.assertFalse("EID process", authProcessData.isEidProcess());
+ Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+ Assert.assertEquals("EID-ISSUING_NATION", "LU",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+
+ Assert.assertNotNull("IDL", authProcessData.getIdentityLink());
+ checkElement("Mustermann", authProcessData.getIdentityLink().getFamilyName());
+ checkElement("Hans", authProcessData.getIdentityLink().getGivenName());
+ checkElement("1989-05-05", authProcessData.getIdentityLink().getDateOfBirth());
+ checkElement("urn:publicid:gv.at:baseid", authProcessData.getIdentityLink().getIdentificationType());
+ checkElement("k+zDM1BVpN1WJO4x7ZQ3ng==", authProcessData.getIdentityLink().getIdentificationValue());
+ Assert.assertNotNull(authProcessData.getIdentityLink().getSerializedSamlAssertion());
+ Assert.assertNotNull(authProcessData.getIdentityLink().getSamlAssertion());
+
+ Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+ Assert.assertEquals("wrong bPK", "XX:FkXtOaSSeR3elyL9KLLvijIYDMU=",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+
+ }
+
@Test
public void buildIdentityLinkWithWbpk() throws Exception {
//initialize test
@@ -444,4 +526,54 @@ public class CreateIdentityLinkTaskTest {
.attributes(attributeMap)
.build();
}
+
+ private Map convertEidasAttrToSimpleMap(
+ ImmutableMap, ImmutableSet>> attributeMap) {
+ final Map result = new HashMap<>();
+ for (final AttributeDefinition el : attributeMap.keySet()) {
+ final Class parameterizedType = el.getParameterizedType();
+ if (DateTime.class.equals(parameterizedType)) {
+ convertDateTime(attributeMap, result, el);
+ } else if (PostalAddress.class.equals(parameterizedType)) {
+ convertPostalAddress(attributeMap, result, el);
+ } else {
+ convertString(attributeMap, result, el);
+ }
+ }
+ return result;
+ }
+
+ private void convertString(ImmutableMap,
+ ImmutableSet>> attributeMap,
+ Map result, AttributeDefinition el) {
+ final List natPersonIdObj = EidasResponseUtils
+ .translateStringListAttribute(el, attributeMap.get(el));
+ final String stringAttr = natPersonIdObj.get(0);
+ if (StringUtils.isNotEmpty(stringAttr)) {
+ result.put(el.getFriendlyName(), stringAttr);
+
+ }
+ }
+
+ private void convertPostalAddress(ImmutableMap,
+ ImmutableSet>> attributeMap,
+ Map result, AttributeDefinition el) {
+ final PostalAddress addressAttribute = EidasResponseUtils
+ .translateAddressAttribute(el, attributeMap.get(el).asList());
+ if (addressAttribute != null) {
+ result.put(el.getFriendlyName(), addressAttribute);
+
+ }
+ }
+
+ private void convertDateTime(ImmutableMap,
+ ImmutableSet>> attributeMap,
+ Map result, AttributeDefinition el) {
+ final DateTime attribute = EidasResponseUtils.translateDateAttribute(el, attributeMap.get(el).asList());
+ if (attribute != null) {
+ result.put(el.getFriendlyName(), attribute);
+
+ }
+ }
+
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java
index 34bca782..bb732f1c 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java
@@ -24,14 +24,18 @@
package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
import static org.apache.commons.lang3.RandomStringUtils.randomAlphabetic;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.eq;
import java.math.BigInteger;
import java.net.URI;
import java.net.URISyntaxException;
-import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
@@ -44,6 +48,7 @@ import org.apache.commons.lang3.RandomStringUtils;
import org.jetbrains.annotations.NotNull;
import org.junit.Assert;
import org.junit.Before;
+import org.junit.Ignore;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mock;
@@ -62,6 +67,7 @@ import org.springframework.web.context.request.ServletRequestAttributes;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.IZmrClient;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.ZmrSoapClient.ZmrRegisterResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.ernp.IErnpClient;
@@ -69,10 +75,12 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcess
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ZmrCommunicationException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.CountrySpecificDetailSearchProcessor;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.GenericEidProcessor;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterSearchResult;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.InitialSearchTask;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest;
@@ -100,11 +108,9 @@ public class InitialSearchTaskTest {
private static final String EE = "EE";
private static final String DE = "DE";
- private static final String IT = "IT";
private static final String EE_ST = EE + "/ST/";
private static final String DE_ST = DE + "/ST/";
- private static final String IT_ST = IT + "/ST/";
@Mock
private IZmrClient zmrClient;
@@ -173,130 +179,215 @@ public class InitialSearchTaskTest {
*/
@Test
@DirtiesContext
- public void testNode100_UserIdentifiedUpdateNecessary_a() throws Exception {
- String newFirstName = randomAlphabetic(10);
- Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn(
+ public void singlePersonalIdMatchUpdateNecessary_Zmr() throws Exception {
+ String oldGivenName = randomAlphabetic(10);
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn(
new ZmrRegisterResult(Collections.singletonList(
RegisterResult.builder()
.bpk(randomBpk)
.pseudonym(Arrays.asList(randomPsydonym))
- .givenName(newFirstName)
+ .givenName(oldGivenName)
.familyName(randomFamilyName)
.dateOfBirth(randomBirthDate)
.build()),
generateRandomProcessId()));
+
+ Mockito.when(zmrClient.searchCountrySpecific(any(), any(), any())).thenThrow(
+ new IllegalStateException("CountrySpecific search search should not be neccessary"));
+ Mockito.when(zmrClient.searchWithMds(any(), any(), any(), any(), any())).thenThrow(
+ new IllegalStateException("MDS search should not be neccessary"));
+
+ // execute test
task.execute(pendingReq, executionContext);
- String bPk = readBpkFromSessionData(pendingReq);
-
- Assert.assertEquals("Wrong bpk", randomBpk, bPk);
+
+ // validate state
+ //INFO: has to be the old givenName because ZMR allows no update of MDS information
+ checkMatchingSuccessState(pendingReq, randomBpk, randomFamilyName, oldGivenName, randomBirthDate, DE);
+
}
+
/**
- * One match, but register update needed
+ * TODO: include again if ERnP update is implementet. Maybe we can update MDS based on ERnP.
+ *
+ * One match, but register update needed.
* @throws EidasSAuthenticationException
*/
+ @Ignore
@Test
@DirtiesContext
- public void testNode100_UserIdentifiedUpdateNecessary_b() throws TaskExecutionException, EidasSAuthenticationException {
- Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn(
+ public void singlePersonalIdMatchUpdateNecessary_Ernp() throws TaskExecutionException, EidasSAuthenticationException {
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn(
new ZmrRegisterResult(Collections.emptyList(), generateRandomProcessId()));
- String newRandomGivenName = randomAlphabetic(10);
+ String oldRandomGivenName = randomAlphabetic(10);
Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.singletonList(
RegisterResult.builder()
.bpk(randomBpk)
.pseudonym(Arrays.asList(randomPsydonym))
- .givenName(newRandomGivenName)
+ .givenName(oldRandomGivenName)
.familyName(randomFamilyName)
.dateOfBirth(randomBirthDate)
.build()));
+ // execute test
task.execute(pendingReq, executionContext);
- String bPk = readBpkFromSessionData(pendingReq);
-
- Assert.assertEquals("Wrong bpk", randomBpk, bPk);
+
+ // validate state
+ checkMatchingSuccessState(pendingReq, randomBpk, randomFamilyName, randomGivenName, randomBirthDate, DE);
}
/**
- * Two matches found in ZMR
+ * Two matches by PersonalId found in ZMR
* @throws EidasSAuthenticationException
*/
@Test
@DirtiesContext
- public void testNode101_ManualFixNecessary_a() throws EidasSAuthenticationException {
- ArrayList zmrResult = new ArrayList<>();
- zmrResult.add(
- RegisterResult.builder()
- .bpk(randomBpk)
- .pseudonym(Arrays.asList(randomPsydonym))
- .givenName(randomGivenName)
- .familyName(randomFamilyName)
- .dateOfBirth(randomBirthDate)
- .build());
- String newRandomGivenName = randomGivenName + randomAlphabetic(2);
- zmrResult.add(
- RegisterResult.builder()
- .bpk(randomBpk)
- .pseudonym(Arrays.asList(randomPsydonym))
- .givenName(newRandomGivenName)
- .familyName(randomFamilyName)
- .dateOfBirth(randomBirthDate)
- .build());
- Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn(
- new ZmrRegisterResult(zmrResult, generateRandomProcessId()));
- Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList());
+ public void multiPersonalIdMatch_Zmr() throws EidasSAuthenticationException {
+ String newRandomGivenName = randomAlphabetic(10);
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn(
+ new ZmrRegisterResult(Arrays.asList(
+ RegisterResult.builder()
+ .bpk(randomBpk)
+ .pseudonym(Arrays.asList(randomPsydonym))
+ .givenName(randomGivenName)
+ .familyName(randomFamilyName)
+ .dateOfBirth(randomBirthDate)
+ .build(),
+ RegisterResult.builder()
+ .bpk(randomBpk)
+ .pseudonym(Arrays.asList(randomPsydonym))
+ .givenName(newRandomGivenName)
+ .familyName(randomFamilyName)
+ .dateOfBirth(randomBirthDate)
+ .build()
+ ),
+ generateRandomProcessId()));
+ Mockito.when(ernpClient.searchWithPersonIdentifier(
+ randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList());
+ // execute task
TaskExecutionException exception = assertThrows(TaskExecutionException.class,
() -> task.execute(pendingReq, executionContext));
- Throwable origE = exception.getOriginalException();
- Assert.assertTrue("Wrong exception", (origE instanceof WorkflowException));
+
+ // validate state
+ assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+ assertTrue("Wrong flag 'manualFixNeeded'",
+ ((WorkflowException)exception.getOriginalException()).isRequiresManualFix());
+
}
-
/**
- * Two matches found in ErnP
+ * Two matches by PersonalId found in ZMR
* @throws EidasSAuthenticationException
*/
@Test
@DirtiesContext
- public void testNode101_ManualFixNecessary_b() throws EidasSAuthenticationException {
- Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn(
- new ZmrRegisterResult(Collections.emptyList(), generateRandomProcessId()));
- ArrayList ernpResult = new ArrayList<>();
- ernpResult.add(
- RegisterResult.builder()
- .bpk(randomBpk)
- .pseudonym(Arrays.asList(randomPsydonym))
- .givenName(randomGivenName)
- .familyName(randomFamilyName)
- .dateOfBirth(randomBirthDate)
- .build());
- String newRandomGivenName = randomGivenName + randomAlphabetic(2);
- ernpResult.add(
- RegisterResult.builder()
- .bpk(randomBpk)
- .pseudonym(Arrays.asList(randomPsydonym))
- .givenName(newRandomGivenName)
- .familyName(randomFamilyName)
- .dateOfBirth(randomBirthDate)
- .build());
- Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(ernpResult);
+ public void withErrorFromZmr() throws EidasSAuthenticationException {
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenThrow(
+ new ZmrCommunicationException("jUnit ZMR error", null));
+ Mockito.when(ernpClient.searchWithPersonIdentifier(
+ randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList());
+ // execute task
TaskExecutionException exception = assertThrows(TaskExecutionException.class,
() -> task.execute(pendingReq, executionContext));
- Throwable origE = exception.getOriginalException();
- Assert.assertTrue("Wrong exception", (origE instanceof WorkflowException));
+
+ // validate state
+ assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+ assertFalse("Wrong flag 'manualFixNeeded'",
+ ((WorkflowException)exception.getOriginalException()).isRequiresManualFix());
+
}
/**
- * One match, no register update needed
+ * Two matches by PersonalId found in ErnP
+ * @throws EidasSAuthenticationException
*/
@Test
@DirtiesContext
- public void testNode102_UserIdentified_a() throws Exception {
- Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn(
+ public void multiPersonalIdMatch_Ernp() throws EidasSAuthenticationException {
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn(
+ new ZmrRegisterResult(Collections.emptyList(), generateRandomProcessId()));
+ String newRandomGivenName = randomAlphabetic(10);
+ Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(
+ Arrays.asList(
+ RegisterResult.builder()
+ .bpk(randomBpk)
+ .pseudonym(Arrays.asList(randomPsydonym))
+ .givenName(randomGivenName)
+ .familyName(randomFamilyName)
+ .dateOfBirth(randomBirthDate)
+ .build(),
+ RegisterResult.builder()
+ .bpk(randomBpk)
+ .pseudonym(Arrays.asList(randomPsydonym))
+ .givenName(newRandomGivenName)
+ .familyName(randomFamilyName)
+ .dateOfBirth(randomBirthDate)
+ .build()
+ ));
+
+ // execute task
+ TaskExecutionException exception = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ // validate state
+ assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+ assertTrue("Wrong flag 'manualFixNeeded'",
+ ((WorkflowException)exception.getOriginalException()).isRequiresManualFix());
+
+ }
+
+ /**
+ * Two matches by PersonalId
+ * @throws EidasSAuthenticationException
+ */
+ @Test
+ @DirtiesContext
+ public void multiPersonalIdMatch_ErnpAndZmr() throws EidasSAuthenticationException {
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn(
+ new ZmrRegisterResult(Arrays.asList(
+ RegisterResult.builder()
+ .bpk(randomBpk)
+ .pseudonym(Arrays.asList(randomPsydonym))
+ .givenName(randomGivenName)
+ .familyName(randomFamilyName)
+ .dateOfBirth(randomBirthDate)
+ .build()
+ ), generateRandomProcessId()));
+ String newRandomGivenName = randomAlphabetic(10);
+ Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(
+ Arrays.asList(
+ RegisterResult.builder()
+ .bpk(randomBpk)
+ .pseudonym(Arrays.asList(randomPsydonym))
+ .givenName(randomGivenName)
+ .familyName(randomFamilyName)
+ .dateOfBirth(randomBirthDate)
+ .build()
+ ));
+
+ // execute task
+ TaskExecutionException exception = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ // validate state
+ assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+ assertTrue("Wrong flag 'manualFixNeeded'",
+ ((WorkflowException)exception.getOriginalException()).isRequiresManualFix());
+
+ }
+
+ /**
+ * One match by PersonalId, no register update needed
+ */
+ @Test
+ @DirtiesContext
+ public void singlePersonalIdMatchNoUpdate_Ernp() throws Exception {
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn(
new ZmrRegisterResult(Collections.emptyList(), generateRandomProcessId()));
Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.singletonList(
RegisterResult.builder()
@@ -307,18 +398,20 @@ public class InitialSearchTaskTest {
.dateOfBirth(randomBirthDate)
.build()));
+ // execute test
task.execute(pendingReq, executionContext);
- String bPk = readBpkFromSessionData(pendingReq);
- Assert.assertEquals("Wrong bpk", randomBpk, bPk);
+
+ // validate state
+ checkMatchingSuccessState(pendingReq, randomBpk, randomFamilyName, randomGivenName, randomBirthDate, DE);
}
/**
- * One match, no register update needed
+ * One match by PersonalId, no register update needed
*/
@Test
@DirtiesContext
- public void testNode102_UserIdentified_b() throws Exception {
- Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn(
+ public void singlePersonalIdMatchNoUpdate_Zmr() throws Exception {
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn(
new ZmrRegisterResult(Collections.singletonList(
RegisterResult.builder()
.bpk(randomBpk)
@@ -330,27 +423,27 @@ public class InitialSearchTaskTest {
generateRandomProcessId()));
Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList());
+ // execute test
task.execute(pendingReq, executionContext);
-
- String bPk = readBpkFromSessionData(pendingReq);
- Assert.assertEquals("Wrong bpk", randomBpk, bPk);
+
+ // validate state
+ checkMatchingSuccessState(pendingReq, randomBpk, randomFamilyName, randomGivenName, randomBirthDate, DE);
}
/**
- * Multiple matches found in ZMR and ErnP with detail search
+ * Find single person in ZMR by country specifics.
*/
@Test
@DirtiesContext
- public void testNode103_UserIdentified_DE() throws Exception {
+ public void singlePersonFindWithCountySpecifics_Zmr() throws Exception {
final AuthenticationResponse response = buildDummyAuthResponseDE(randomGivenName, randomFamilyName,
- randomPersonalIdentifier_DE,
- randomBirthDate, randomPlaceOfBirth, randomBirthName);
+ randomPersonalIdentifier_DE, randomBirthDate, randomPlaceOfBirth, randomBirthName);
TestRequestImpl pendingReq1 = new TestRequestImpl();
pendingReq1.getSessionData(AuthProcessDataWrapper.class)
.setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
BigInteger zmrProcessId = generateRandomProcessId();
- Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn(
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn(
new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
Mockito.when(zmrClient.searchCountrySpecific(eq(zmrProcessId), any(PersonSuchenRequest.class), eq(DE))).thenReturn(
new ZmrRegisterResult(Collections.singletonList(
@@ -364,23 +457,25 @@ public class InitialSearchTaskTest {
.birthName(randomBirthName)
.build())
,zmrProcessId));
+ Mockito.when(zmrClient.searchWithMds(any(), any(), any(), any(), any())).thenThrow(
+ new IllegalStateException("MDS search should not be neccessary"));
+
Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList());
// execute test
task.execute(pendingReq1, executionContext);
-
+
// validate state
- String resultBpk = readBpkFromSessionData(pendingReq1);
- Assert.assertEquals("Wrong bpk", randomBpk, resultBpk);
+ checkMatchingSuccessState(pendingReq1, randomBpk, randomFamilyName, randomGivenName, randomBirthDate, DE);
}
/**
- * Multiple matches found in ZMR and ErnP with detail search
+ * Multiple matches found in ZMR by country specifics.
*/
@Test
@DirtiesContext
- public void testNode104_ManualFixNecessary_DE() throws Exception {
+ public void multiplePersonFindWithCountySpecifics_Zmr() throws Exception {
String newRandomPseudonym = randomPersonalIdentifier_DE + RandomStringUtils.randomNumeric(2);
String newRandomBpk = randomBpk + RandomStringUtils.randomNumeric(6);
final AuthenticationResponse response = buildDummyAuthResponseDE(randomGivenName, randomFamilyName,
@@ -391,9 +486,8 @@ public class InitialSearchTaskTest {
.setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
BigInteger zmrProcessId = generateRandomProcessId();
- Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn(
- new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
- Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList());
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn(
+ new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
Mockito.when(zmrClient.searchCountrySpecific(eq(zmrProcessId), any(PersonSuchenRequest.class), eq(DE))).thenReturn(
new ZmrRegisterResult(Arrays.asList(
RegisterResult.builder()
@@ -416,14 +510,17 @@ public class InitialSearchTaskTest {
.build())
,zmrProcessId));
+ Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList());
- // execute test
+ // execute task
TaskExecutionException exception = assertThrows(TaskExecutionException.class,
() -> task.execute(pendingReq1, executionContext));
-
- // check error
- Throwable origE = exception.getOriginalException();
- Assert.assertTrue("Wrong exception", (origE instanceof WorkflowException));
+
+ // validate state
+ assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+ assertTrue("Wrong flag 'manualFixNeeded'",
+ ((WorkflowException)exception.getOriginalException()).isRequiresManualFix());
+
}
/**
@@ -434,44 +531,51 @@ public class InitialSearchTaskTest {
*/
@Test
@DirtiesContext
- public void testNode505_TransitionToInsertErnbTask() throws TaskExecutionException, EidasSAuthenticationException, URISyntaxException, EaafStorageException {
+ public void noResultByAnySearch() throws TaskExecutionException, EidasSAuthenticationException, URISyntaxException, EaafStorageException {
BigInteger zmrProcessId = generateRandomProcessId();
pendingReq.getSessionData(AuthProcessDataWrapper.class)
.setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE,
buildDummyAuthResponse(randomGivenName, randomFamilyName, randomPersonalIdentifier_EE, randomBirthDate));
- Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_EE)).thenReturn(
+
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, EE)).thenReturn(
new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
Mockito.when(zmrClient.searchWithMds(zmrProcessId, randomGivenName, randomFamilyName, randomBirthDate, EE)).thenReturn(
new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_EE)).thenReturn(Collections.emptyList());
+
+ // execute task
task.execute(pendingReq, executionContext);
- String bPk = readBpkFromSessionData(pendingReq);
- Assert.assertNull("Wrong bpk", bPk);
+
+ // validate state
+ assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq));
+
+ assertNull("Find intermediate matching data but matching should be finished",
+ MatchingTaskUtils.getIntermediateMatchingResult(pendingReq));
+ assertNull("Find final matching data but no match sould be found",
+ MatchingTaskUtils.getFinalMatchingResult(pendingReq));
Boolean transitionGUI = (Boolean) executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK);
Assert.assertNull("Wrong transition", transitionGUI);
Boolean transitionErnb = (Boolean) executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK);
Assert.assertTrue("Wrong transition", transitionErnb);
+
}
/**
- * NO match found in ZMR and ErnP with Initial search, one match with MDS search in Ernb
- * @throws EidasSAuthenticationException
- * @throws URISyntaxException
- * @throws EaafStorageException
+ * Find one match with MDS search in ERnP.
*/
@Test
@DirtiesContext
- public void testNode505_TransitionToGUI_Ernb() throws TaskExecutionException, EidasSAuthenticationException, URISyntaxException, EaafStorageException {
+ public void resultByMdsSearch_Ernb() throws TaskExecutionException, EidasSAuthenticationException, URISyntaxException, EaafStorageException {
BigInteger zmrProcessId = generateRandomProcessId();
pendingReq.getSessionData(AuthProcessDataWrapper.class)
.setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE,
buildDummyAuthResponse(randomGivenName, randomFamilyName, randomPersonalIdentifier_EE, randomBirthDate));
- Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_EE)).thenReturn(
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, EE)).thenReturn(
new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
Mockito.when(zmrClient.searchWithMds(zmrProcessId, randomGivenName, randomFamilyName, randomBirthDate, EE)).thenReturn(
new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
@@ -487,24 +591,22 @@ public class InitialSearchTaskTest {
.dateOfBirth(randomBirthDate)
.build()));
+ // execute test
task.execute(pendingReq, executionContext);
- assertThrows(WorkflowException.class, () -> readBpkFromSessionData(pendingReq));
- Boolean transitionGUI = (Boolean) executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK);
- Assert.assertTrue("Wrong transition", transitionGUI);
- Boolean transitionErnb = (Boolean) executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK);
- Assert.assertNull("Wrong transition", transitionErnb);
+ // validate state
+ checkIntermediateResult(1);
+
}
/**
- * NO match found in ZMR and ErnP with Initial search, one match with MDS search in ZMR
- * @throws EidasSAuthenticationException
+ * Find one match with MDS search in ZMR.
*/
@Test
@DirtiesContext
- public void testNode505_TransitionToGUI_Zmr() throws TaskExecutionException, EidasSAuthenticationException {
+ public void resultByMdsSearch_Zmr() throws TaskExecutionException, EidasSAuthenticationException {
BigInteger zmrProcessId = generateRandomProcessId();
- Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn(
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn(
new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList());
@@ -518,29 +620,35 @@ public class InitialSearchTaskTest {
.build()),
zmrProcessId));
+ // execute test
task.execute(pendingReq, executionContext);
- assertThrows(WorkflowException.class, () -> readBpkFromSessionData(pendingReq));
- Boolean transitionGUI = (Boolean) executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK);
- Assert.assertTrue("Wrong transition", transitionGUI);
- Boolean transitionErnb = (Boolean) executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK);
- Assert.assertNull("Wrong transition", transitionErnb);
+ // validate state
+ checkIntermediateResult(1);
+
}
/**
- * NO match found in ZMR and ErnP with Initial search, multiple matches found with MDS search
- * @throws EidasSAuthenticationException
+ * resultByMdsSearch
*/
@Test
@DirtiesContext
- public void testNode505_TransitionToGUI_Ernb_multi() throws TaskExecutionException, EidasSAuthenticationException {
+ public void multipleResultsByMdsSearch() throws TaskExecutionException, EidasSAuthenticationException {
BigInteger zmrProcessId = generateRandomProcessId();
- Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn(
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn(
new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
Mockito.when(zmrClient.searchCountrySpecific(eq(zmrProcessId), any(PersonSuchenRequest.class), any(String.class))).thenReturn(
new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
Mockito.when(zmrClient.searchWithMds(zmrProcessId, randomGivenName, randomFamilyName, randomBirthDate, DE)).thenReturn(
- new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
+ new ZmrRegisterResult(Arrays.asList(
+ RegisterResult.builder()
+ .bpk(randomBpk + "2")
+ .pseudonym(Arrays.asList(randomPsydonym))
+ .givenName(randomGivenName)
+ .familyName(randomFamilyName)
+ .dateOfBirth(randomBirthDate)
+ .build()),
+ zmrProcessId));
Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList());
Mockito.when(ernpClient.searchWithMds(randomGivenName, randomFamilyName, randomBirthDate)).thenReturn(
@@ -560,13 +668,12 @@ public class InitialSearchTaskTest {
.dateOfBirth(randomBirthDate)
.build()));
+ // execute test
task.execute(pendingReq, executionContext);
- assertThrows(WorkflowException.class, () -> readBpkFromSessionData(pendingReq));
- Boolean transitionGUI = (Boolean) executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK);
- Assert.assertTrue("Wrong transition", transitionGUI);
- Boolean transitionErnb = (Boolean) executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK);
- Assert.assertNull("Wrong transition", transitionErnb);
+ // validate state
+ checkIntermediateResult(3);
+
}
@NotNull
@@ -579,6 +686,38 @@ public class InitialSearchTaskTest {
}
+ private void checkMatchingSuccessState(IRequest pendingReq, String bpk, String familyName, String givenName,
+ String birhday, String countryCode) {
+ assertNull("Find intermediate matching data but matching should be finished",
+ MatchingTaskUtils.getIntermediateMatchingResult(pendingReq));
+ assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq));
+
+ MatchedPersonResult personInfo = MatchingTaskUtils.getFinalMatchingResult(pendingReq);
+ assertNotNull("no final matching result", personInfo);
+ assertEquals("wrong bpk", bpk, personInfo.getBpk());
+ assertEquals("wrong givenName", givenName, personInfo.getGivenName());
+ assertEquals("wrong familyName", familyName, personInfo.getFamilyName());
+ assertEquals("wrong dateOfBirth", birhday, personInfo.getDateOfBirth());
+ assertEquals("wrong countryCode", countryCode, personInfo.getCountryCode());
+
+ }
+
+ private void checkIntermediateResult(int resultSize) {
+ Boolean transitionGUI = (Boolean) executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK);
+ Assert.assertTrue("Wrong transition", transitionGUI);
+ Boolean transitionErnb = (Boolean) executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK);
+ Assert.assertNull("Wrong transition", transitionErnb);
+
+ assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq));
+ assertNull("Find final matching data but no match sould be found",
+ MatchingTaskUtils.getFinalMatchingResult(pendingReq));
+
+ RegisterSearchResult result = MatchingTaskUtils.getIntermediateMatchingResult(pendingReq);
+ assertNotNull("Find no intermediate matching data", result);
+ assertEquals("wrong intermediate result size", resultSize, result.getResultCount());
+
+ }
+
@NotNull
private AuthenticationResponse buildDummyAuthResponse(String givenName, String familyName, String identifier,
String dateOfBirth) throws URISyntaxException {
@@ -646,10 +785,4 @@ public class InitialSearchTaskTest {
.attributeValueMarshaller(marshaller).build();
}
- private String readBpkFromSessionData(TestRequestImpl pendingReq) throws WorkflowException {
- return MatchingTaskUtils.getInitialRegisterResult(pendingReq) != null
- ? MatchingTaskUtils.getInitialRegisterResult(pendingReq).getBpk()
- : null;
-
- }
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java
index 281be36f..77c49bb4 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java
@@ -101,7 +101,7 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest {
SimpleEidasData eidasData = setupEidasData();
RegisterSearchResult registerSearchResult = buildEmptyResult();
mockRegisterSearch(userInput, registerSearchResult, eidasData);
- MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerSearchResult);
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
task.execute(pendingReq, executionContext);
@@ -113,7 +113,7 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest {
UserInput userInput = setupUserInput();
SimpleEidasData eidasData = setupEidasData();
RegisterSearchResult registerSearchResult = buildResultWithOneMatch(buildMatchingRegisterResult(eidasData));
- MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerSearchResult);
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
mockRegisterSearch(userInput, registerSearchResult, eidasData);
task.execute(pendingReq, executionContext);
@@ -128,7 +128,7 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest {
UserInput userInput = setupUserInput();
SimpleEidasData eidasData = setupEidasData();
RegisterSearchResult registerSearchResult = buildResultWithOneMatch(buildNotMatchingRegisterResult(eidasData));
- MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerSearchResult);
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
mockRegisterSearch(userInput, registerSearchResult, eidasData);
task.execute(pendingReq, executionContext);
@@ -141,7 +141,7 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest {
UserInput userInput = setupUserInput();
SimpleEidasData eidasData = setupEidasData();
RegisterSearchResult registerSearchResult = buildResultWithTwoMatches();
- MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerSearchResult);
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
mockRegisterSearch(userInput, registerSearchResult, eidasData);
TaskExecutionException e = assertThrows(TaskExecutionException.class,
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java
index 8c137bb2..51077e96 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java
@@ -344,7 +344,7 @@ public class ReceiveMobilePhoneSignatureResponseTaskTest {
authProcessData.setGenericDataToSession(Constants.DATA_SIMPLE_EIDAS, eidData);
RegisterSearchResult registerSearchResult = new RegisterSearchResult(new RegisterOperationStatus(generateRandomProcessId()),
Collections.emptyList(), Collections.emptyList());
- MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerSearchResult);
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
task.execute(pendingReq, executionContext);
@@ -363,7 +363,7 @@ public class ReceiveMobilePhoneSignatureResponseTaskTest {
SimpleEidasData eidData = createEidasDataMatchingToSamlResponse().build();
authProcessData.setGenericDataToSession(Constants.DATA_SIMPLE_EIDAS, eidData);
RegisterSearchResult registerSearchResult = buildResultWithOneMatch();
- MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerSearchResult);
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
task.execute(pendingReq, executionContext);
--
cgit v1.2.3