From ea372a857b53b67cb6f7be7f5a1285066aadc9da Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 11 Sep 2018 13:35:52 +0200 Subject: some more updates --- .../modules/authmodule_eIDASv2/Constants.java | 14 +- .../authmodule_eIDASv2/DAO/ERnBeIDData.java | 85 ++++ .../DAO/eIDASPersonalIdStoreDAO.java | 1 + .../exception/eIDPostProcessingException.java | 17 + .../handler/AbstracteIDPostProcessor.java | 194 +++++++++ .../handler/DEeIDPostProcessor.java | 79 ++++ .../handler/GenericeIDPostProcessor.java | 31 ++ .../handler/INationaleIDPostProcessor.java | 46 +++ .../service/EIDPostProcessingService.java | 88 +++++ .../service/IeIDPostProcessingService.java | 22 ++ .../authmodule_eIDASv2/service/eIDASDataStore.java | 1 + .../tasks/CreateIdentityLinkTask.java | 164 +++----- .../src/main/resources/eidas_v2_auth.beans.xml | 17 +- .../eIDASAttributePostProcessingTest.java | 432 +++++++++++++++++++++ .../authmodule_eIDASv2/eIDASDataStoreTest.java | 174 ++++----- .../resources/SpringTest-context_basic_test.xml | 17 +- 16 files changed, 1168 insertions(+), 214 deletions(-) create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/ERnBeIDData.java create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/eIDPostProcessingException.java create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDPostProcessor.java create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDPostProcessor.java create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDPostProcessor.java create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDPostProcessor.java create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/EIDPostProcessingService.java create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/IeIDPostProcessingService.java create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASAttributePostProcessingTest.java (limited to 'eidas_modules') diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java index 24d1f1ea..4d80965e 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java @@ -62,10 +62,13 @@ public class Constants { public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_KEYS_USEDUMMY= CONIG_PROPS_EIDAS_SZRCLIENT + ".params.usedummykeys"; public static final String CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USESRZFORBPKGENERATION= CONIG_PROPS_EIDAS_SZRCLIENT + ".params.useSZRForbPKCalculation"; public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETPLACEOFBIRTHIFAVAILABLE= CONIG_PROPS_EIDAS_SZRCLIENT + ".params.setPlaceOfBirthIfAvailable"; + public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETBIRTHNAMEIFAVAILABLE = CONIG_PROPS_EIDAS_SZRCLIENT + ".params.setBirthNameIfAvailable"; - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_ACTIVE = CONIG_PROPS_EIDAS_SZRCLIENT + ".workarounds.datastore.sqlite.active"; - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_REVISIONLOGDATASTORE_ACTIVE = CONIG_PROPS_EIDAS_SZRCLIENT + ".workarounds.datastore.revisionlog.active"; - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_URL = CONIG_PROPS_EIDAS_SZRCLIENT + ".workarounds.datastore.sqlite.url"; + public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_REVISIONLOGDATASTORE_ACTIVE = CONIG_PROPS_EIDAS_SZRCLIENT + ".revisionlog.eidmapping.active"; + + + @Deprecated public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_URL = CONIG_PROPS_EIDAS_SZRCLIENT + ".workarounds.datastore.sqlite.url"; + @Deprecated public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_ACTIVE = CONIG_PROPS_EIDAS_SZRCLIENT + ".workarounds.datastore.sqlite.active"; //http endpoint descriptions @@ -83,6 +86,9 @@ public class Constants { public static final String eIDAS_ATTR_CURRENTGIVENNAME = "FirstName"; public static final String eIDAS_ATTR_CURRENTFAMILYNAME = "FamilyName"; public static final String eIDAS_ATTR_PLACEOFBIRTH = "PlaceOfBirth"; + public static final String eIDAS_ATTR_BIRTHNAME = "BirthName"; + public static final String eIDAS_ATTR_CURRENTADDRESS = "CurrentAddress"; + public static final String eIDAS_ATTR_LEGALPERSONIDENTIFIER = "LegalPersonIdentifier"; public static final String eIDAS_ATTR_LEGALNAME = "LegalName"; @@ -118,5 +124,7 @@ public class Constants { public static final String SZR_CONSTANTS_DEFAULT_ISSUING_AUTHORITY = "ms-specific eIDAS-Node for AT"; public static final String SZR_CONSTANTS_DEFAULT_PUBKEY_EXPONENT = "AQAB"; public static final String SZR_CONSTANTS_DEFAULT_PUBKEY_MODULUS = "AJZyj/+sdCMDRq9RkvbFcgSTVn/OfS8EUE81ddwP8MNuJ1kd1SWBUJPaQX2JLJHrL54mkOhrkhH2M/zcuOTu8nW9TOEgXGjrRB/0HpiYKpV+VDJViyyc/GacNLxN4Anw4pima6gHYaJIw9hQkL/nuO2hyh8PGJd7rxeFXJmbLy+X"; + + } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/ERnBeIDData.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/ERnBeIDData.java new file mode 100644 index 00000000..4f7465ce --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/ERnBeIDData.java @@ -0,0 +1,85 @@ +package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO; + +import java.text.SimpleDateFormat; + +import org.joda.time.DateTime; + +import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType; + +public class ERnBeIDData { + + private String citizenCountryCode = null; + + //MDS + private String pseudonym = null; + private String givenName = null; + private String familyName = null; + private DateTime dateOfBirth = null; + + //additional attributes + private String placeOfBirth = null; + private String birthName = null; + private PostalAddressType address = null; + + + + + + public String getCitizenCountryCode() { + return citizenCountryCode; + } + public void setCitizenCountryCode(String citizenCountryCode) { + this.citizenCountryCode = citizenCountryCode; + } + public String getPseudonym() { + return pseudonym; + } + public void setPseudonym(String pseudonym) { + this.pseudonym = pseudonym; + } + public String getGivenName() { + return givenName; + } + public void setGivenName(String givenName) { + this.givenName = givenName; + } + public String getFamilyName() { + return familyName; + } + public void setFamilyName(String familyName) { + this.familyName = familyName; + } + public DateTime getDateOfBirth() { + return dateOfBirth; + } + public void setDateOfBirth(DateTime dateOfBirth) { + this.dateOfBirth = dateOfBirth; + } + public String getPlaceOfBirth() { + return placeOfBirth; + } + public void setPlaceOfBirth(String placeOfBirth) { + this.placeOfBirth = placeOfBirth; + } + public String getBirthName() { + return birthName; + } + public void setBirthName(String birthName) { + this.birthName = birthName; + } + public PostalAddressType getAddress() { + return address; + } + public void setAddress(PostalAddressType address) { + this.address = address; + } + + public String getFormatedDateOfBirth() { + return new SimpleDateFormat("yyyy-MM-dd").format(dateOfBirth.toDate()); + } + + + + + +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/eIDASPersonalIdStoreDAO.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/eIDASPersonalIdStoreDAO.java index b0f957a5..f9f8db6e 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/eIDASPersonalIdStoreDAO.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/DAO/eIDASPersonalIdStoreDAO.java @@ -6,6 +6,7 @@ import java.util.List; import at.gv.egiz.eaaf.core.impl.data.Pair; +@Deprecated public class eIDASPersonalIdStoreDAO { public static final String NAME = "foreigneIDMap"; diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/eIDPostProcessingException.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/eIDPostProcessingException.java new file mode 100644 index 00000000..3d7c821a --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/exception/eIDPostProcessingException.java @@ -0,0 +1,17 @@ +package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception; + +public class eIDPostProcessingException extends eIDASAuthenticationException { + + private static final long serialVersionUID = 6780652273831172456L; + + public eIDPostProcessingException(String internalMsgId, Object[] params) { + super(internalMsgId, params); + + } + + public eIDPostProcessingException(String internalMsgId, Object[] params, Throwable e) { + super(internalMsgId, params, e); + + } + +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDPostProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDPostProcessor.java new file mode 100644 index 00000000..db5dafd7 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/AbstracteIDPostProcessor.java @@ -0,0 +1,194 @@ +package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler; + +import java.util.Map; + +import org.joda.time.DateTime; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils; +import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType; +import at.gv.egiz.eaaf.core.impl.data.Trible; +import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress; + +public abstract class AbstracteIDPostProcessor implements INationaleIDPostProcessor { + private static final Logger log = LoggerFactory.getLogger(AbstracteIDPostProcessor.class); + + + @Override + public ERnBeIDData postProcess(Map eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException{ + ERnBeIDData result = new ERnBeIDData(); + + //MDS attributes + result.setPseudonym(processPseudonym(eIDASAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER))); + result.setFamilyName(processFamilyName(eIDASAttrMap.get(Constants.eIDAS_ATTR_CURRENTFAMILYNAME))); + result.setGivenName(processGivenName(eIDASAttrMap.get(Constants.eIDAS_ATTR_CURRENTGIVENNAME))); + result.setDateOfBirth(processDateOfBirth(eIDASAttrMap.get(Constants.eIDAS_ATTR_DATEOFBIRTH))); + + //additional attributes + result.setPlaceOfBirth(processPlaceOfBirth(eIDASAttrMap.get(Constants.eIDAS_ATTR_PLACEOFBIRTH))); + result.setBirthName(processBirthName(eIDASAttrMap.get(Constants.eIDAS_ATTR_BIRTHNAME))); + result.setAddress(processAddress(eIDASAttrMap.get(Constants.eIDAS_ATTR_CURRENTADDRESS))); + + return result; + + } + + /** + * Post-Process the eIDAS CurrentAddress attribute + * + * @param currentAddressObj + * @return current address or null if no attribute is available + * @throws eIDPostProcessingException if post-processing fails + * @throws eIDASAttributeException if eIDAS attribute is of a wrong type + */ + protected PostalAddressType processAddress(Object currentAddressObj) throws eIDPostProcessingException, eIDASAttributeException { + + if (currentAddressObj != null) { + if ((currentAddressObj instanceof PostalAddress)) { + PostalAddressType result = new PostalAddressType(); + result.setPostalCode(((PostalAddress)currentAddressObj).getPostCode()); + result.setMunicipality(((PostalAddress)currentAddressObj).getPostName()); + + //TODO: add more mappings + + } else { + log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_CURRENTADDRESS + " is of WRONG type"); + throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTADDRESS); + + } + + } else + log.debug("NO '" + Constants.eIDAS_ATTR_CURRENTADDRESS + "' attribute. Post-Processing skipped ... "); + + return null; + + } + + /** + * Post-Process the eIDAS BirthName attribute + * + * @param birthNameObj + * @return birthName or null if no attribute is available + * @throws eIDPostProcessingException if post-processing fails + * @throws eIDASAttributeException if eIDAS attribute is of a wrong type + */ + protected String processBirthName(Object birthNameObj) throws eIDPostProcessingException, eIDASAttributeException { + if (birthNameObj != null) { + if ((birthNameObj instanceof String)) { + return (String)birthNameObj; + + } else { + log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_BIRTHNAME + " is of WRONG type"); + throw new eIDASAttributeException(Constants.eIDAS_ATTR_BIRTHNAME); + + } + + } else + log.debug("NO '" + Constants.eIDAS_ATTR_BIRTHNAME + "' attribute. Post-Processing skipped ... "); + + + return null; + + } + + /** + * Post-Process the eIDAS PlaceOfBirth attribute + * + * @param placeOfBirthObj + * @return place of Birth or null if no attribute is available + * @throws eIDPostProcessingException if post-processing fails + * @throws eIDASAttributeException if eIDAS attribute is of a wrong type + */ + protected String processPlaceOfBirth(Object placeOfBirthObj) throws eIDPostProcessingException, eIDASAttributeException { + if (placeOfBirthObj != null) { + if ((placeOfBirthObj instanceof String)) { + return (String)placeOfBirthObj; + + } else { + log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_PLACEOFBIRTH + " is of WRONG type"); + throw new eIDASAttributeException(Constants.eIDAS_ATTR_PLACEOFBIRTH); + + } + + } else + log.debug("NO '" + Constants.eIDAS_ATTR_PLACEOFBIRTH + "' attribute. Post-Processing skipped ... "); + + + return null; + + } + + /** + * Post-Process the eIDAS DateOfBirth attribute + * + * @param dateOfBirthObj + * @return + * @throws eIDASAttributeException if NO attribute is available + * @throws eIDPostProcessingException if post-processing fails + */ + protected DateTime processDateOfBirth(Object dateOfBirthObj) throws eIDPostProcessingException, eIDASAttributeException { + if (dateOfBirthObj == null || !(dateOfBirthObj instanceof DateTime)) + throw new eIDASAttributeException(Constants.eIDAS_ATTR_DATEOFBIRTH); + + return (DateTime)dateOfBirthObj; + + } + + /** + * Post-Process the eIDAS GivenName attribute + * + * @param givenNameObj + * @return + * @throws eIDASAttributeException if NO attribute is available + * @throws eIDPostProcessingException if post-processing fails + */ + protected String processGivenName(Object givenNameObj) throws eIDPostProcessingException, eIDASAttributeException { + if (givenNameObj == null || !(givenNameObj instanceof String)) + throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTGIVENNAME); + + return (String)givenNameObj; + + } + + /** + * Post-Process the eIDAS FamilyName attribute + * + * @param familyNameObj + * @return + * @throws eIDASAttributeException if NO attribute is available + * @throws eIDPostProcessingException if post-processing fails + */ + protected String processFamilyName(Object familyNameObj) throws eIDPostProcessingException, eIDASAttributeException { + if (familyNameObj == null || !(familyNameObj instanceof String)) + throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTFAMILYNAME); + + return (String) familyNameObj; + + } + + /** + * Post-Process the eIDAS pseudonym to ERnB unique identifier + * + * @param eIdentifierObj eIDAS PersonalIdentifierAttribute + * @return + * @throws eIDPostProcessingException + * @throws eIDASAttributeException if NO attribute is available + * @throws eIDPostProcessingException if post-processing fails + */ + protected String processPseudonym(Object eIdentifierObj) throws eIDPostProcessingException, eIDASAttributeException { + if (eIdentifierObj == null || !(eIdentifierObj instanceof String)) + throw new eIDASAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER); + + Trible eIdentifier = + eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIdentifierObj); + + return eIdentifier.getThird(); + + } + +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDPostProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDPostProcessor.java new file mode 100644 index 00000000..90562f86 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/DEeIDPostProcessor.java @@ -0,0 +1,79 @@ +package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler; + +import java.util.Base64; + +import org.apache.commons.codec.DecoderException; +import org.apache.commons.codec.binary.Hex; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils; +import at.gv.egiz.eaaf.core.impl.data.Trible; + +public class DEeIDPostProcessor extends AbstracteIDPostProcessor { + private static final Logger log = LoggerFactory.getLogger(DEeIDPostProcessor.class); + private static final String canHandleCC = "DE"; + + private int priority = 1; + + @Override + public int getPriority() { + return priority; + } + + @Override + public boolean canHandle(String countryCode) { + return countryCode != null && countryCode.equalsIgnoreCase(canHandleCC); + + } + + + public void setPriority(int priority) { + this.priority = priority; + } + + @Override + public String getName() { + return "DE-PostProcessor"; + + } + + @Override + protected String processPseudonym(Object eIdentifierObj) throws eIDPostProcessingException, eIDASAttributeException { + if (eIdentifierObj == null || !(eIdentifierObj instanceof String)) + throw new eIDASAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER); + + Trible eIdentifier = + eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIdentifierObj); + + log.trace(getName() + " starts processing of attribute: " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER); + String result = convertDEIdentifier(eIdentifier.getThird()); + log.debug(getName() + " finished processing of attribute: " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER); + + return result; + + + } + + private String convertDEIdentifier(String hexEncodedDEIdentifier) throws eIDPostProcessingException + { + if(hexEncodedDEIdentifier.length() != 64) + throw new eIDPostProcessingException("ernb.03", new Object[] {"Input has wrong length, expected 64 chars"}); + + byte[] data; + try { + data = Hex.decodeHex(hexEncodedDEIdentifier); + + } catch (DecoderException e) { + throw new eIDPostProcessingException("ernb.03", null, e); + + } + + byte[] encoded = Base64.getEncoder().encode(data); + return new String(encoded); + } + +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDPostProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDPostProcessor.java new file mode 100644 index 00000000..f6e0aba2 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/GenericeIDPostProcessor.java @@ -0,0 +1,31 @@ +package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler; + +public class GenericeIDPostProcessor extends AbstracteIDPostProcessor { + + private int priority = 0; + + @Override + public int getPriority() { + return priority; + + } + + @Override + public boolean canHandle(String countryCode) { + return true; + + } + + public void setPriority(int priority) { + this.priority = priority; + } + + @Override + public String getName() { + return "Default-PostProcessor"; + + } + + + +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDPostProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDPostProcessor.java new file mode 100644 index 00000000..2335ca6d --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/handler/INationaleIDPostProcessor.java @@ -0,0 +1,46 @@ +package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler; + +import java.util.Map; + +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException; + +public interface INationaleIDPostProcessor { + + /** + * Get a friendlyName of this post-processor implementation + * + * @return + */ + public String getName(); + + /** + * Get the priority of this eID Post-Processor + *
+ * If more than one Post-Processor implementations can handle the eID data, the post-processor with the highest priority are selected. + * The Default-Processor has priority '0' + * + * @return Priority of this handler + */ + public int getPriority(); + + /** + * Check if this postProcessor is sensitive for a specific country + * + * @param countryCode of the eID data that should be processed + * @return true if this implementation can handle the country, otherwise false + * + */ + public boolean canHandle(String countryCode); + + + /** + * Post-Process eIDAS eID data into national format + * @param eIDASAttrMap Map of eIDAS attributes in format friendlyName and attribute + * @throws eIDPostProcessingException + * @throws eIDASAttributeException + * + */ + public ERnBeIDData postProcess(Map eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException; +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/EIDPostProcessingService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/EIDPostProcessingService.java new file mode 100644 index 00000000..4f94414c --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/EIDPostProcessingService.java @@ -0,0 +1,88 @@ +package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.Comparator; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; + +import javax.annotation.PostConstruct; + +import org.apache.commons.lang3.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; +import org.springframework.stereotype.Service; + +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.handler.INationaleIDPostProcessor; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils; +import at.gv.egiz.eaaf.core.impl.data.Trible; + +@Service +public class EIDPostProcessingService implements IeIDPostProcessingService{ + private static final Logger log = LoggerFactory.getLogger(EIDPostProcessingService.class); + + @Autowired private ApplicationContext context; + + private List handlers = new ArrayList(); + + @PostConstruct + private void initialize() { + log.debug("Initialize eID PostProcessing-Service ... "); + Map postProcessors = context.getBeansOfType(INationaleIDPostProcessor.class); + Iterator> iterator = postProcessors.entrySet().iterator(); + while (iterator.hasNext()) { + Entry el = iterator.next(); + log.debug("Find eID-PostProcessor with name: " + el.getKey()); + handlers.add(el.getValue()); + + } + + log.trace("Sorting eID-PostProcessors on priority ... "); + Collections.sort(handlers, new Comparator() { + @Override + public int compare(INationaleIDPostProcessor thisAuthModule, INationaleIDPostProcessor otherAuthModule) { + int thisOrder = thisAuthModule.getPriority(); + int otherOrder = otherAuthModule.getPriority(); + return (thisOrder < otherOrder ? 1 : (thisOrder == otherOrder ? 0 : -1)); + } + }); + + log.info("# " + handlers.size() + " eID PostProcessing services are registrated"); + + } + + @Override + public ERnBeIDData postProcess(Map eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException { + //extract citizen country from eIDAS unique identifier + Object eIdentifierObj = eIDASAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER); + if (eIdentifierObj == null || !(eIdentifierObj instanceof String)) + throw new eIDASAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER); + + Trible eIdentifier = + eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIdentifierObj); + String citizenCountry = eIdentifier.getFirst(); + + if (StringUtils.isEmpty(citizenCountry)) + log.info("No CountryCode for eID PostProcessor. Default-PostProcessor will be used"); + + for (INationaleIDPostProcessor el : handlers) { + if (el.canHandle(citizenCountry)) { + log.debug("Post-Process eIDAS eID from " + citizenCountry + " by using: " + el.getName()); + return el.postProcess(eIDASAttrMap); + + } + } + + log.error("NO eID PostProcessor FOUND. Looks like a depentency problem!"); + throw new eIDPostProcessingException("internal.00", null); + } + +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/IeIDPostProcessingService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/IeIDPostProcessingService.java new file mode 100644 index 00000000..fb564cd0 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/IeIDPostProcessingService.java @@ -0,0 +1,22 @@ +package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service; + +import java.util.Map; + +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDPostProcessingException; + +public interface IeIDPostProcessingService { + + /** + * Post-process eIDAS eID attributes into national format + * + * @param eIDASAttrMap Map of eIDAS attributes in format friendlyName and attribute + * + * @return eID attributes for SZR request + * @throws eIDPostProcessingException + * @throws eIDASAttributeException + */ + public ERnBeIDData postProcess(Map eIDASAttrMap) throws eIDPostProcessingException, eIDASAttributeException; + +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASDataStore.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASDataStore.java index 1eed19aa..cb5d6212 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASDataStore.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/service/eIDASDataStore.java @@ -30,6 +30,7 @@ import at.gv.egiz.eaaf.core.impl.data.Pair; import at.gv.egiz.eaaf.core.impl.data.Trible; @Component +@Deprecated public class eIDASDataStore { private static final String SQLITE_JDBC_DRIVER_CLASS = "org.sqlite.JDBC"; diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java index fde56e7c..6e5b0be4 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java @@ -3,9 +3,6 @@ package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.tasks; import java.io.InputStream; -import java.security.MessageDigest; -import java.text.SimpleDateFormat; -import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -19,9 +16,6 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; -import org.springframework.util.Base64Utils; -import org.w3._2000._09.xmldsig.KeyValueType; -import org.w3._2000._09.xmldsig.RSAKeyValueType; import org.w3c.dom.Element; import org.w3c.dom.Node; @@ -30,12 +24,13 @@ import com.google.common.collect.ImmutableSet; import at.asitplus.eidas.specific.connector.MSConnectorEventCodes; import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.DAO.ERnBeIDData; import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.SZRCommunicationException; import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException; -import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAuthenticationException; -import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.eIDASDataStore; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.IeIDPostProcessingService; import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.szr.SZRClient; import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils; +import at.gv.e_government.reference.namespace.persondata._20020228.AlternativeNameType; import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType; import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType; import at.gv.egiz.eaaf.core.api.data.EAAFConstants; @@ -46,7 +41,6 @@ import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.data.Pair; -import at.gv.egiz.eaaf.core.impl.data.Trible; import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BPKBuilder; import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; @@ -69,11 +63,9 @@ import szrservices.TravelDocumentType; public class CreateIdentityLinkTask extends AbstractAuthServletTask { private static final Logger log = LoggerFactory.getLogger(CreateIdentityLinkTask.class); - //@Autowired private eIDASAttributeRegistry attrRegistry; @Autowired private IConfiguration basicConfig; - @Autowired private SZRClient szrClient; - @Autowired private eIDASDataStore personalIdStore; - + @Autowired private SZRClient szrClient; + @Autowired private IeIDPostProcessingService eIDPostProcessor; /* (non-Javadoc) * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) @@ -91,26 +83,9 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { IIdentityLink identityLink = null; String bPK = null; - //extract attributes - Object eIdentifierObj = simpleAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER); - Object familyNameObj = simpleAttrMap.get(Constants.eIDAS_ATTR_CURRENTFAMILYNAME); - Object givenNameObj = simpleAttrMap.get(Constants.eIDAS_ATTR_CURRENTGIVENNAME); - Object dateOfBirthObj = simpleAttrMap.get(Constants.eIDAS_ATTR_DATEOFBIRTH); - Object placeOfBirth = simpleAttrMap.get(Constants.eIDAS_ATTR_PLACEOFBIRTH); - - //check if availabe - if (eIdentifierObj == null || !(eIdentifierObj instanceof String)) - throw new eIDASAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER); - - if (familyNameObj == null || !(familyNameObj instanceof String)) - throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTFAMILYNAME); - - if (givenNameObj == null || !(givenNameObj instanceof String)) - throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTGIVENNAME); + //post-process eIDAS attributes + ERnBeIDData eIDData = eIDPostProcessor.postProcess(simpleAttrMap); - if (dateOfBirthObj == null || !(dateOfBirthObj instanceof DateTime)) - throw new eIDASAttributeException(Constants.eIDAS_ATTR_DATEOFBIRTH); - //connect SZR-Gateway if(basicConfig.getBasicMOAIDConfigurationBoolean( Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USEDUMMY, false)) { @@ -127,7 +102,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { // - set fake baseID; Node prIdentification = XPathUtils.selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH); - prIdentification.getFirstChild().setNodeValue((String) eIdentifierObj); + prIdentification.getFirstChild().setNodeValue(eIDData.getPseudonym()); //build personal identifier which looks like a baseID // String fakeBaseID = new BPKBuilder().buildBPK(eIdentifier, "baseID"); @@ -136,16 +111,16 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { // - set last name Node prFamilyName = XPathUtils.selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_FAMILY_NAME_XPATH); - prFamilyName.getFirstChild().setNodeValue((String) familyNameObj); + prFamilyName.getFirstChild().setNodeValue(eIDData.getFamilyName()); // - set first name Node prGivenName = XPathUtils.selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_GIVEN_NAME_XPATH); - prGivenName.getFirstChild().setNodeValue((String) givenNameObj); + prGivenName.getFirstChild().setNodeValue(eIDData.getGivenName()); // - set date of birth Node prDateOfBirth = XPathUtils.selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_DATE_OF_BIRTH_XPATH); - String formatedDateOfBirth = new SimpleDateFormat("yyyy-MM-dd").format(((DateTime)dateOfBirthObj).toDate()); - prDateOfBirth.getFirstChild().setNodeValue(formatedDateOfBirth); + + prDateOfBirth.getFirstChild().setNodeValue(eIDData.getFormatedDateOfBirth()); identityLink = new SimpleIdentityLinkAssertionParser(idlassertion).parseIdentityLink(); @@ -167,23 +142,13 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { naturalPerson.setName(personName ); personInfo.setPerson(naturalPerson ); personInfo.setTravelDocument(eDocument ); - - //parse some eID attributes - String dateOfBirth = new SimpleDateFormat("yyyy-MM-dd").format(((DateTime)dateOfBirthObj).toDate()); - Trible eIdentifier = - eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIdentifierObj); - String citizenCountry = eIdentifier.getFirst(); - - //hash unique identifier as work-around for uniqueId length restriction - String uniqueId = createHashFromUniqueId(eIdentifier.getThird()); - - + //person information - personName.setFamilyName((String)familyNameObj); - personName.setGivenName((String)givenNameObj); - naturalPerson.setDateOfBirth(dateOfBirth); - eDocument.setIssuingCountry(citizenCountry); - eDocument.setDocumentNumber(uniqueId); + personName.setFamilyName(eIDData.getFamilyName()); + personName.setGivenName(eIDData.getGivenName()); + naturalPerson.setDateOfBirth(eIDData.getFormatedDateOfBirth()); + eDocument.setIssuingCountry(eIDData.getCitizenCountryCode()); + eDocument.setDocumentNumber(eIDData.getPseudonym()); //eID document information eDocument.setDocumentType(basicConfig.getBasicConfiguration( @@ -191,30 +156,35 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE)); //set PlaceOfBirth if available - if (placeOfBirth != null && placeOfBirth instanceof String) { - log.trace("Find 'PlaceOfBirth' attribute: " + placeOfBirth); + if (eIDData.getPlaceOfBirth() != null) { + log.trace("Find 'PlaceOfBirth' attribute: " + eIDData.getPlaceOfBirth()); if (basicConfig.getBasicMOAIDConfigurationBoolean( Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETPLACEOFBIRTHIFAVAILABLE, - false)) { - naturalPerson.setPlaceOfBirth((String) placeOfBirth); + true)) { + naturalPerson.setPlaceOfBirth(eIDData.getPlaceOfBirth()); log.trace("Adding 'PlaceOfBirth' to ERnB request ... "); } } - + //set BirthName if available + if (eIDData.getBirthName() != null) { + log.trace("Find 'BirthName' attribute: " + eIDData.getBirthName()); + if (basicConfig.getBasicMOAIDConfigurationBoolean( + Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETBIRTHNAMEIFAVAILABLE, + true)) { + AlternativeNameType alternativeName = new AlternativeNameType(); + naturalPerson.setAlternativeName(alternativeName ); + alternativeName.setFamilyName(eIDData.getBirthName()); + log.trace("Adding 'BirthName' to ERnB request ... "); + + } + } - //TODO: that should be removed -// eDocument.setIssueDate(basicConfig.getBasicConfiguration( -// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_DATE)); -// eDocument.setIssuingAuthority(basicConfig.getBasicConfiguration( -// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_AUTHORITY)); - //List keyValue = dummyCodeForKeys(); - List keyValue = null; IdentityLinkType result = szrClient.getIdentityLinkInRawMode( personInfo, - keyValue, + null, basicConfig.getBasicMOAIDConfigurationBoolean( Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_INSERTERNB, true) @@ -222,25 +192,16 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { Element idlFromSZR = (Element)result.getAssertion(); identityLink = new SimpleIdentityLinkAssertionParser(idlFromSZR).parseIdentityLink(); - - //write ERnB inputdate into SQLite database - if (basicConfig.getBasicMOAIDConfigurationBoolean( - Constants.CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_ACTIVE, true)) { - personalIdStore.storeNationalId( - pendingReq.getUniqueTransactionIdentifier(), - eIdentifier, - uniqueId); - - } - + //write ERnB inputdata into revisionlog if (basicConfig.getBasicMOAIDConfigurationBoolean( - Constants.CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_ACTIVE, false)) { + Constants.CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_REVISIONLOGDATASTORE_ACTIVE, false)) { revisionsLogger.logEvent(pendingReq, - MSConnectorEventCodes.SZR_ERNB_EIDAS_RAW_ID, (String)eIdentifierObj); + MSConnectorEventCodes.SZR_ERNB_EIDAS_RAW_ID, + (String)simpleAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER)); revisionsLogger.logEvent(pendingReq, - MSConnectorEventCodes.SZR_ERNB_EIDAS_HASHED_ID, uniqueId); - + MSConnectorEventCodes.SZR_ERNB_EIDAS_ERNB_ID, eIDData.getPseudonym()); + } //get bPK from SZR @@ -270,7 +231,8 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { throw new SZRCommunicationException("ernb.00", null); } - revisionsLogger.logEvent(pendingReq, MSConnectorEventCodes.SZR_IDL_RECEIVED); + revisionsLogger.logEvent(pendingReq, MSConnectorEventCodes.SZR_IDL_RECEIVED, + identityLink.getSamlAssertion().getAttribute(SimpleIdentityLinkAssertionParser.ASSERTIONID)); if (bPK == null) { @@ -317,43 +279,6 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { } } - private String createHashFromUniqueId(String uniqueId) throws eIDASAuthenticationException { - try { - MessageDigest md = MessageDigest.getInstance("SHA-256"); - byte[] hash = md.digest(uniqueId.getBytes("UTF-8")); - String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", ""); - return hashBase64; - - } catch (Exception ex) { - throw new eIDASAuthenticationException("internal.03", new Object[]{}, ex); - - } - } - - private List dummyCodeForKeys() { - if (basicConfig.getBasicMOAIDConfigurationBoolean( - Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_KEYS_USEDUMMY, - false)) { - List keyvalueList = new ArrayList(); - - // set key values - RSAKeyValueType rsa = new RSAKeyValueType(); - rsa.setExponent(Constants.SZR_CONSTANTS_DEFAULT_PUBKEY_EXPONENT); - rsa.setModulus(Constants.SZR_CONSTANTS_DEFAULT_PUBKEY_MODULUS); - - KeyValueType key = new KeyValueType(); - key.setRSAKeyValue(rsa); - - keyvalueList.add(key); - - return keyvalueList; - - } - - return null; - - } - private String extendBPKbyPrefix(String bpk, String type) { String bPKType = null; @@ -379,7 +304,6 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { } - //TODO: update for complexe attributes private Map converteIDASAttrToSimpleMap( ImmutableMap, ImmutableSet>> attributeMap) { Map result = new HashMap(); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml index 12d23ebf..13283eea 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml @@ -44,8 +44,21 @@ - + + + + + + + + + + + generateInputData(String id, String familyName, String givenName, DateTime dateOfBirth, String placeOfBirth, String birthName) { + Map result = new HashMap(); + result.put(Constants.eIDAS_ATTR_PERSONALIDENTIFIER, id); + result.put(Constants.eIDAS_ATTR_CURRENTGIVENNAME, givenName); + result.put(Constants.eIDAS_ATTR_CURRENTFAMILYNAME, familyName); + result.put(Constants.eIDAS_ATTR_DATEOFBIRTH, dateOfBirth); + result.put(Constants.eIDAS_ATTR_PLACEOFBIRTH, placeOfBirth); + result.put(Constants.eIDAS_ATTR_BIRTHNAME, birthName); + return result; + + } + + private void validate(ERnBeIDData result, String id, String familyName, String givenName, DateTime dateOfBirth, String placeOfBirth, String birthName) { + if (!result.getPseudonym().equals(id)) + fail(result.getPseudonym() + "is not equal to " + id); + + if (!result.getFamilyName().equals(familyName)) + fail(result.getFamilyName() + "is not equal to " + familyName); + + if (!result.getGivenName().equals(givenName)) + fail(result.getGivenName() + "is not equal to " + givenName); + + if (!result.getDateOfBirth().equals(dateOfBirth)) + fail(result.getDateOfBirth() + "is not equal to " + dateOfBirth); + + if (!result.getFormatedDateOfBirth().equals(new SimpleDateFormat("yyyy-MM-dd").format(dateOfBirth.toDate()))) + fail(result.getDateOfBirth() + "is not equal to " + new SimpleDateFormat("yyyy-MM-dd").format(dateOfBirth.toDate())); + + if (!result.getPlaceOfBirth().equals(placeOfBirth)) + fail(result.getPlaceOfBirth() + "is not equal to " + placeOfBirth); + + if (!result.getBirthName().equals(birthName)) + fail(result.getBirthName() + "is not equal to " + birthName); + + } + +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASDataStoreTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASDataStoreTest.java index 16865b33..3233a47b 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASDataStoreTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASDataStoreTest.java @@ -1,87 +1,87 @@ -package at.asitplus.test.eidas.specific.modules.authmodule_eIDASv2; - -import java.security.MessageDigest; - -import org.apache.commons.lang3.StringUtils; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import org.springframework.util.Base64Utils; - -import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.SQLiteServiceException; -import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAuthenticationException; -import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.eIDASDataStore; -import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils; -import at.gv.egiz.eaaf.core.impl.data.Trible; - -@RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration("/SpringTest-context_basic_test.xml") -public class eIDASDataStoreTest { - - @Autowired private eIDASDataStore dataStore; - - private static final String P1_TRANSID = "123456789"; - private static final String P1_eIDASID = "DE/AT/121asdf1as5f1as6f1asd2f1asdf1asdf1asd23f1asdf1asdf4sd7fsdf1asdf1asd2f1asd56f7asdf4asdfasdf1"; - - private static final String P2_TRANSID = "987654321"; - private static final String P2_eIDASID = "EE/AT/asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd"; - - @Test - public void dummyTest() { - - } - - @Test - public void insertTestOne() throws SQLiteServiceException, eIDASAuthenticationException { - Trible eidasId = eIDASResponseUtils.parseEidasPersonalIdentifier(P1_eIDASID); - String ernbId = createHashFromUniqueId(eidasId.getThird()); - dataStore.storeNationalId( - P1_TRANSID, - eidasId, - ernbId); - - - if (StringUtils.isEmpty(dataStore.getEidasRawNationalId(ernbId)) - && dataStore.getEidasRawNationalId(ernbId).equals(eidasId.getThird())) - throw new SQLiteServiceException("No eIDAS RAW Id in SQLite DB", null); - - if (StringUtils.isEmpty(dataStore.getErnbNationalId(eidasId)) - && dataStore.getErnbNationalId(eidasId).equals(ernbId) ) - throw new SQLiteServiceException("No ERnB Id in SQLite DB", null); - - } - - @Test - public void insertTestTwo() throws SQLiteServiceException, eIDASAuthenticationException { - Trible eidasId = eIDASResponseUtils.parseEidasPersonalIdentifier(P2_eIDASID); - String ernbId = createHashFromUniqueId(eidasId.getThird()); - dataStore.storeNationalId( - P2_TRANSID, - eidasId, - ernbId); - - if (StringUtils.isEmpty(dataStore.getEidasRawNationalId(ernbId)) - && dataStore.getEidasRawNationalId(ernbId).equals(eidasId.getThird())) - throw new SQLiteServiceException("No eIDAS RAW Id in SQLite DB", null); - - if (StringUtils.isEmpty(dataStore.getErnbNationalId(eidasId)) - && dataStore.getErnbNationalId(eidasId).equals(ernbId)) - throw new SQLiteServiceException("No ERnB Id in SQLite DB", null); - - } - - private String createHashFromUniqueId(String uniqueId) throws eIDASAuthenticationException { - try { - MessageDigest md = MessageDigest.getInstance("SHA-256"); - byte[] hash = md.digest(uniqueId.getBytes("UTF-8")); - String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", ""); - return hashBase64; - - } catch (Exception ex) { - throw new eIDASAuthenticationException("internal.03", new Object[]{}, ex); - - } - } -} +//package at.asitplus.test.eidas.specific.modules.authmodule_eIDASv2; +// +//import java.security.MessageDigest; +// +//import org.apache.commons.lang3.StringUtils; +//import org.junit.Test; +//import org.junit.runner.RunWith; +//import org.springframework.beans.factory.annotation.Autowired; +//import org.springframework.test.context.ContextConfiguration; +//import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +//import org.springframework.util.Base64Utils; +// +//import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.SQLiteServiceException; +//import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAuthenticationException; +//import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.service.eIDASDataStore; +//import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils; +//import at.gv.egiz.eaaf.core.impl.data.Trible; +// +//@RunWith(SpringJUnit4ClassRunner.class) +//@ContextConfiguration("/SpringTest-context_basic_test.xml") +//public class eIDASDataStoreTest { +// +// @Autowired private eIDASDataStore dataStore; +// +// private static final String P1_TRANSID = "123456789"; +// private static final String P1_eIDASID = "DE/AT/121asdf1as5f1as6f1asd2f1asdf1asdf1asd23f1asdf1asdf4sd7fsdf1asdf1asd2f1asd56f7asdf4asdfasdf1"; +// +// private static final String P2_TRANSID = "987654321"; +// private static final String P2_eIDASID = "EE/AT/asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd"; +// +// @Test +// public void dummyTest() { +// +// } +// +// @Test +// public void insertTestOne() throws SQLiteServiceException, eIDASAuthenticationException { +// Trible eidasId = eIDASResponseUtils.parseEidasPersonalIdentifier(P1_eIDASID); +// String ernbId = createHashFromUniqueId(eidasId.getThird()); +// dataStore.storeNationalId( +// P1_TRANSID, +// eidasId, +// ernbId); +// +// +// if (StringUtils.isEmpty(dataStore.getEidasRawNationalId(ernbId)) +// && dataStore.getEidasRawNationalId(ernbId).equals(eidasId.getThird())) +// throw new SQLiteServiceException("No eIDAS RAW Id in SQLite DB", null); +// +// if (StringUtils.isEmpty(dataStore.getErnbNationalId(eidasId)) +// && dataStore.getErnbNationalId(eidasId).equals(ernbId) ) +// throw new SQLiteServiceException("No ERnB Id in SQLite DB", null); +// +// } +// +// @Test +// public void insertTestTwo() throws SQLiteServiceException, eIDASAuthenticationException { +// Trible eidasId = eIDASResponseUtils.parseEidasPersonalIdentifier(P2_eIDASID); +// String ernbId = createHashFromUniqueId(eidasId.getThird()); +// dataStore.storeNationalId( +// P2_TRANSID, +// eidasId, +// ernbId); +// +// if (StringUtils.isEmpty(dataStore.getEidasRawNationalId(ernbId)) +// && dataStore.getEidasRawNationalId(ernbId).equals(eidasId.getThird())) +// throw new SQLiteServiceException("No eIDAS RAW Id in SQLite DB", null); +// +// if (StringUtils.isEmpty(dataStore.getErnbNationalId(eidasId)) +// && dataStore.getErnbNationalId(eidasId).equals(ernbId)) +// throw new SQLiteServiceException("No ERnB Id in SQLite DB", null); +// +// } +// +// private String createHashFromUniqueId(String uniqueId) throws eIDASAuthenticationException { +// try { +// MessageDigest md = MessageDigest.getInstance("SHA-256"); +// byte[] hash = md.digest(uniqueId.getBytes("UTF-8")); +// String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", ""); +// return hashBase64; +// +// } catch (Exception ex) { +// throw new eIDASAuthenticationException("internal.03", new Object[]{}, ex); +// +// } +// } +//} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml index 33454871..7ca42662 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml @@ -12,8 +12,21 @@ - + + + + + + + + + + + -- cgit v1.2.3