From 72785de93272ba74a5b587403cd5097727674115 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Thu, 2 Mar 2023 11:09:43 +0100
Subject: feat(connector): make nameIdFormat configurable for earch citizen
 country

---
 .../auth/eidas/v2/handler/AbstractEidProcessor.java      | 16 ++++++++++++++++
 .../auth/eidas/v2/tasks/GenerateAuthnRequestTask.java    |  4 ----
 2 files changed, 16 insertions(+), 4 deletions(-)

(limited to 'modules/authmodule-eIDAS-v2/src/main')

diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java
index fa26e48f..80348f3d 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java
@@ -78,6 +78,7 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor {
     validateSelectionWithState(pendingReq, countryCode);
     
     // build country-specific authentication request
+    buildNameIdPolicy(authnRequestBuilder, countryCode);
     buildLevelOfAssurance(pendingReq.getServiceProviderConfiguration(), authnRequestBuilder);
     buildProviderNameAndRequesterIdAttribute(pendingReq, authnRequestBuilder);
     buildRequestedAttributes(authnRequestBuilder);
@@ -320,6 +321,21 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor {
     
   }
 
+  private void buildNameIdPolicy(Builder authnRequestBuilder, String countryCode) {
+    String ccSpecificPolicy = basicConfig.getBasicConfiguration(
+        Constants.CONFIG_PROP_EIDAS_NODE_NAMEIDFORMAT + "." + countryCode.toLowerCase());
+
+    if (StringUtils.isNotEmpty(ccSpecificPolicy)) {
+      log.debug("Using specific nameIdFormat:{} to request: {}", ccSpecificPolicy, countryCode);
+      authnRequestBuilder.nameIdFormat(ccSpecificPolicy);
+
+    } else {
+      log.trace("Using default nameIdFormat to request: {}", countryCode);
+      authnRequestBuilder.nameIdFormat(
+          basicConfig.getBasicConfiguration(Constants.CONFIG_PROP_EIDAS_NODE_NAMEIDFORMAT));
+
+    }
+  }
 
   private void buildRequestedAttributes(Builder authnRequestBuilder) {
     // build and add requested attribute set
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java
index cf6ecb8d..82489e25 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java
@@ -181,10 +181,6 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
     final LightRequest.Builder builder = LightRequest.builder();
     builder.id(UUID.randomUUID().toString());
     
-    // set nameIDFormat
-    builder.nameIdFormat(
-        authConfig.getBasicConfiguration(Constants.CONFIG_PROP_EIDAS_NODE_NAMEIDFORMAT));
-
     builder.citizenCountryCode(citizenCountryCode);
     builder.issuer(issuer);
     // Add country-specific information into eIDAS request
-- 
cgit v1.2.3