From fb04ef818546cf26ed1e623e5b565ac0961780fe Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Thu, 15 Dec 2022 17:56:49 +0100
Subject: feat(connector): add support for Ukraine eIDAS-ProxyService

Since Ukraine is not notified, we need a new configuration parameter to set not-notified LoA
---
 .../auth/eidas/v2/handler/UaEidProcessor.java      | 68 ++++++++++++++++++++++
 1 file changed, 68 insertions(+)
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/UaEidProcessor.java

(limited to 'modules/authmodule-eIDAS-v2/src/main/java')

diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/UaEidProcessor.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/UaEidProcessor.java
new file mode 100644
index 00000000..6be0a26b
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/UaEidProcessor.java
@@ -0,0 +1,68 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler;
+
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.extern.slf4j.Slf4j;
+
+/**
+ * Ulraine specific eIDAS AuthnRequest generation. 
+ * 
+ * @author tlenz
+ *
+ */
+@Slf4j
+public class UaEidProcessor extends AbstractEidProcessor {
+
+  private static final String CONFIG_PROP_UA_SPECIFIC_LOA = "auth.eIDAS.node_v2.loa.ua.requested";
+  
+  private static final String canHandleCC = "UA";
+
+  @Autowired IConfiguration config;
+  
+  @Getter
+  @Setter
+  private int priority = 1;
+  
+  @Override
+  public String getName() {
+    return "UA-PostProcessor";
+    
+  }
+
+  @Override
+  public boolean canHandle(String countryCode) {
+    return countryCode != null && countryCode.equalsIgnoreCase(canHandleCC);
+    
+  }
+    
+  @Override
+  protected Map<String, Boolean> getCountrySpecificRequestedAttributes() {
+    return new HashMap<>();
+    
+  }
+  
+  protected void buildLevelOfAssurance(ISpConfiguration spConfig, Builder authnRequestBuilder) {        
+    
+    // allow override of LoA, because UA maybe only support not-notified LoA levels    
+    String uaSpecificLoA = config.getBasicConfiguration(CONFIG_PROP_UA_SPECIFIC_LOA);
+    if (StringUtils.isNotEmpty(uaSpecificLoA)) {
+      authnRequestBuilder.levelsOfAssuranceValues(Arrays.asList(uaSpecificLoA));
+      log.info("Set UA specific LoA level to: {}", uaSpecificLoA);
+      
+    } else {
+      super.buildLevelOfAssurance(spConfig, authnRequestBuilder);
+      
+    }
+  }
+  
+}
-- 
cgit v1.2.3