From 6b4e59234163c449c0e66e82ee9ed87785e7702c Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Tue, 12 Jul 2022 21:18:41 +0200 Subject: refact(szr): only use alreadymatched eID data for SZR communication --- .../auth/eidas/v2/clients/szr/SzrClient.java | 68 ++-------------------- .../eidas/v2/tasks/CreateIdentityLinkTask.java | 9 ++- 2 files changed, 10 insertions(+), 67 deletions(-) (limited to 'modules/authmodule-eIDAS-v2/src/main/java') diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java index 8c294c97..c9c3a2fa 100644 --- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java +++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java @@ -59,9 +59,7 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.AbstractSoapClient; import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.AbstractSoapClient.HttpClientConfig.HttpClientConfigBuilder; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException; -import at.gv.e_government.reference.namespace.persondata._20020228.AlternativeNameType; import at.gv.e_government.reference.namespace.persondata._20020228.IdentificationType; import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType; import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType; @@ -84,7 +82,6 @@ import szrservices.SZRException_Exception; import szrservices.SignContent; import szrservices.SignContentEntry; import szrservices.SignContentResponseType; -import szrservices.TravelDocumentType; @Slf4j @@ -139,17 +136,17 @@ public class SzrClient extends AbstractSoapClient { * Get bPK of person. * * - * @param eidData Minimum dataset of person + * @param matchedPersonData Minimum dataset of person * @param target requested bPK target * @param vkz Verfahrenskennzeichen * @return bPK for this person * @throws SzrCommunicationException In case of a SZR error */ - public List getBpk(SimpleEidasData eidData, String target, String vkz) + public List getBpk(MatchedPersonResult matchedPersonData, String target, String vkz) throws SzrCommunicationException { try { final GetBPK parameters = new GetBPK(); - parameters.setPersonInfo(generateSzrRequest(eidData)); + parameters.setPersonInfo(generateSzrRequest(matchedPersonData)); parameters.getBereichsKennung().add(target); parameters.setVKZ(vkz); final GetBPKResponse result = this.szr.getBPK(parameters); @@ -201,13 +198,13 @@ public class SzrClient extends AbstractSoapClient { * @throws SzrCommunicationException In case of a SZR error */ public String getEidasBind(final String vsz, final String bindingPubKey, final String eidStatus, - SimpleEidasData eidData)throws SzrCommunicationException { + MatchedPersonResult eidData)throws SzrCommunicationException { final Map eidsaBindMap = new HashMap<>(); eidsaBindMap.put(ATTR_NAME_VSZ, vsz); eidsaBindMap.put(ATTR_NAME_STATUS, eidStatus); eidsaBindMap.put(ATTR_NAME_PUBKEYS, Collections.singletonList(bindingPubKey)); - eidsaBindMap.put(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, eidData.getCitizenCountryCode()); + eidsaBindMap.put(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, eidData.getCountryCode()); injectMdsIfAvailableAndActive(eidsaBindMap, eidData); try { @@ -264,59 +261,6 @@ public class SzrClient extends AbstractSoapClient { return personInfo; } - private PersonInfoType generateSzrRequest(SimpleEidasData eidData) { - log.trace("Starting connecting SZR Gateway"); - final PersonInfoType personInfo = new PersonInfoType(); - final PersonNameType personName = new PersonNameType(); - final PhysicalPersonType naturalPerson = new PhysicalPersonType(); - final TravelDocumentType eDocument = new TravelDocumentType(); - - naturalPerson.setName(personName); - personInfo.setPerson(naturalPerson); - personInfo.setTravelDocument(eDocument); - - // person information - personName.setFamilyName(eidData.getFamilyName()); - personName.setGivenName(eidData.getGivenName()); - naturalPerson.setDateOfBirth(eidData.getDateOfBirth()); - - //TODO: need to be updated to new eIDAS document interface!!!! - eDocument.setIssuingCountry(eidData.getCitizenCountryCode()); - eDocument.setDocumentNumber(eidData.getPseudonym()); - - // eID document information - String documentType = basicConfig - .getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE, - Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE); - eDocument.setDocumentType(documentType); - - // set PlaceOfBirth if available - if (eidData.getPlaceOfBirth() != null) { - log.trace("Find 'PlaceOfBirth' attribute: " + eidData.getPlaceOfBirth()); - boolean setPlaceOfBirth = basicConfig - .getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETPLACEOFBIRTHIFAVAILABLE, true); - if (setPlaceOfBirth) { - naturalPerson.setPlaceOfBirth(eidData.getPlaceOfBirth()); - log.trace("Adding 'PlaceOfBirth' to ERnB request ... "); - } - } - - // set BirthName if available - if (eidData.getBirthName() != null) { - log.trace("Find 'BirthName' attribute: " + eidData.getBirthName()); - boolean setBirthName = basicConfig - .getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETBIRTHNAMEIFAVAILABLE, true); - if (setBirthName) { - final AlternativeNameType alternativeName = new AlternativeNameType(); - naturalPerson.setAlternativeName(alternativeName); - alternativeName.setFamilyName(eidData.getBirthName()); - log.trace("Adding 'BirthName' to ERnB request ... "); - } - } - - return personInfo; - } - private IdentityLinkType getIdentityLinkGeneric(GetIdentityLinkEidas getIdl) throws Exception { final JAXBContext jaxbContext = JAXBContext.newInstance(ObjectFactory.class); final Marshaller jaxbMarshaller = jaxbContext.createMarshaller(); @@ -450,7 +394,7 @@ public class SzrClient extends AbstractSoapClient { log.info("SZR-Client initialization successfull"); } - private void injectMdsIfAvailableAndActive(Map eidsaBindMap, SimpleEidasData eidData) { + private void injectMdsIfAvailableAndActive(Map eidsaBindMap, MatchedPersonResult eidData) { if (basicConfig.getBasicConfigurationBoolean( Constants.CONIG_PROPS_EIDAS_SZRCLIENT_SET_MDS_TO_EIDASBIND, false)) { log.info("Injecting MDS into eidasBind ... "); diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java index 6d315b0a..f3e2adc4 100644 --- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java +++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java @@ -155,7 +155,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { private void executeIdlMode(SimpleEidasData eidData, MatchedPersonResult matchedPersonData) throws EaafException { //request SZR - SzrResultHolder idlResult = requestSzrForIdentityLink(eidData, matchedPersonData); + SzrResultHolder idlResult = requestSzrForIdentityLink(matchedPersonData); //write revision-Log entry for personal-identifier mapping writeExtendedRevisionLogEntry(eidData, eidData.getPersonalIdentifier()); @@ -187,7 +187,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { // get eIDAS bind String signedEidasBind = szrClient - .getEidasBind(vsz, authBlockSigner.getBase64EncodedPublicKey(), EID_STATUS, eidData); + .getEidasBind(vsz, authBlockSigner.getBase64EncodedPublicKey(), EID_STATUS, matchedPersonData); revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_EIDASBIND_RECEIVED); AuthProcessDataWrapper authProcessDataWrapper = MatchingTaskUtils.getAuthProcessDataWrapper(pendingReq); authProcessDataWrapper.setGenericDataToSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, signedEidasBind); @@ -212,8 +212,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { } } - private SzrResultHolder requestSzrForIdentityLink(SimpleEidasData eidData, - MatchedPersonResult matchedPersonData) throws EaafException { + private SzrResultHolder requestSzrForIdentityLink(MatchedPersonResult matchedPersonData) throws EaafException { //request IdentityLink from SZR log.debug("Requesting encrypted baseId by already matched person information ... "); IdentityLinkType result = szrClient.getIdentityLinkInRawMode(matchedPersonData); @@ -229,7 +228,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { if (debugUseSzrForBpk) { String vkz = basicConfig .getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ, "no VKZ defined"); - List bpkList = szrClient.getBpk(eidData, targetId, vkz); + List bpkList = szrClient.getBpk(matchedPersonData, targetId, vkz); if (!bpkList.isEmpty()) { bpk = bpkList.get(0); } -- cgit v1.2.3 From b32ad3b192e00b39b6a7dd61f46391fc6eb3fdc1 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Mon, 1 Aug 2022 13:40:11 +0200 Subject: fix(eidas): unset flag on execution-context that probibits create-new-ERnP-entry operation --- .../auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java | 1 + 1 file changed, 1 insertion(+) (limited to 'modules/authmodule-eIDAS-v2/src/main/java') diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java index 03414f9e..ec858116 100644 --- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java +++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java @@ -143,6 +143,7 @@ public class ReceiveOtherLoginMethodGuiResponseTask extends AbstractLocaleAuthSe case ADD_ME_AS_NEW: executionContext.put(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK, true); + executionContext.put(Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK, false); return; default: -- cgit v1.2.3