From 0ec26c52a362f5558a9cbb07132c32ac94418ec9 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Thu, 1 Dec 2022 08:27:29 +0100 Subject: fix(matching): change processing order in case of single entity selection and more than one ERnP results ERnP responses can include more than one results that are a mix of active and in-active persons. Therefore, we have to clear fist and check uniqueness afterwards --- .../auth/eidas/v2/clients/ernp/ErnpRestClient.java | 34 ++++----- .../eidas/v2/test/clients/ErnpRestClientTest.java | 50 +++++++++++++ ...h_with_personalId_closed_and_zmr_kitt_resp.json | 84 ++++++++++++++++++++++ ...h_with_personalId_zmr_kitt_and_closed_resp.json | 84 ++++++++++++++++++++++ 4 files changed, 235 insertions(+), 17 deletions(-) create mode 100644 modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_search_with_personalId_closed_and_zmr_kitt_resp.json create mode 100644 modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_search_with_personalId_zmr_kitt_and_closed_resp.json (limited to 'modules/authmodule-eIDAS-v2/src') diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/ernp/ErnpRestClient.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/ernp/ErnpRestClient.java index ce474793..8b34bbef 100644 --- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/ernp/ErnpRestClient.java +++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/ernp/ErnpRestClient.java @@ -398,15 +398,14 @@ public class ErnpRestClient implements IErnpClient { resp.getPerson(), citizenCountryCode, processStepFiendlyname); } else { - return processSearchPersonResponse( - resp.getPerson(), citizenCountryCode); + return new ErnpRegisterResult(processSearchPersonResponse(resp.getPerson(), citizenCountryCode)); } } } @Nonnull - private ErnpRegisterResult processSearchPersonResponse( + private List processSearchPersonResponse( @Nonnull List list, @Nonnull String citizenCountryCode) throws EaafAuthenticationException { final List ernpResult = list.stream() @@ -414,31 +413,32 @@ public class ErnpRestClient implements IErnpClient { .filter(Objects::nonNull) .collect(Collectors.toList()); log.info("Get #{} ERnP results after post-processing", ernpResult.size()); - return new ErnpRegisterResult(ernpResult); - + return ernpResult; + } @NonNull private ErnpRegisterResult processSearchPersonResponseSingleResult( @Nonnull List persons, @Nonnull String citizenCountryCode, String processStepFiendlyname) throws EaafAuthenticationException { - if (persons.size() > 1) { + + // process ERnP response and check state of entities + List activePersons = processSearchPersonResponse(persons, citizenCountryCode); + + // check final result + if (activePersons.isEmpty()) { + log.error("ERnP entry, which was selected by matching, looks already closed. " + + "Automated operations on closed entries not supported my matching"); + throw new WorkflowException(processStepFiendlyname, + "ERnP entry, which was selected by matching, is not active any more.", true); + + } else if (activePersons.size() > 1) { log.error("Find more-than-one ERnP entry with search criteria that has to be unique"); throw new WorkflowException(processStepFiendlyname, "Find more-than-one ERnP entry with search criteria that has to be unique", true); } else { - final ErnpPersonRegisterResult activeResult = - mapErnpResponseToRegisterResult(persons.get(0), citizenCountryCode); - if (activeResult == null) { - log.error("ERnP entry, which was selected by matching, looks already closed. " - + "Automated operations on closed entries not supported my matching"); - throw new WorkflowException(processStepFiendlyname, - "ERnP entry, which was selected by matching, is not active any more.", true); - - } - - return new ErnpRegisterResult(Arrays.asList(activeResult)); + return new ErnpRegisterResult(activePersons); } } diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ErnpRestClientTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ErnpRestClientTest.java index 82d89e3e..dcf0bc00 100644 --- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ErnpRestClientTest.java +++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ErnpRestClientTest.java @@ -461,6 +461,56 @@ public class ErnpRestClientTest { } + @Test + @SneakyThrows + public void searchWithPersonalIdZmrKittAndClosed() { + final String cc = "DE"; + final SimpleEidasData eidasDataFirst = generateRandomEidasData(cc); + + // set ERnP response + mockWebServer.enqueue(new MockResponse().setResponseCode(200) + .setBody(IOUtils.toString( + ErnpRestClientTest.class.getResourceAsStream( + "/data/ernp/1_search_with_personalId_zmr_kitt_and_closed_resp.json"), + "UTF-8")) + .setHeader("Content-Type", "application/json;charset=utf-8")); + + // execute operation + ErnpRegisterResult resp = client.searchWithPersonIdentifier(eidasDataFirst.getPseudonym(), cc); + + // validate state + mockWebServer.takeRequest(); + assertNotNull("no ERnP response", resp); + assertEquals("wrong resp size", 0, resp.getPersonResult().size()); + assertEquals("wrong resp size", 1, resp.getZmrPersonResult().size()); + + } + + @Test + @SneakyThrows + public void searchWithPersonalIdClosedAndZmrKitt() { + final String cc = "DE"; + final SimpleEidasData eidasDataFirst = generateRandomEidasData(cc); + + // set ERnP response + mockWebServer.enqueue(new MockResponse().setResponseCode(200) + .setBody(IOUtils.toString( + ErnpRestClientTest.class.getResourceAsStream( + "/data/ernp/1_search_with_personalId_closed_and_zmr_kitt_resp.json"), + "UTF-8")) + .setHeader("Content-Type", "application/json;charset=utf-8")); + + // execute operation + ErnpRegisterResult resp = client.searchWithPersonIdentifier(eidasDataFirst.getPseudonym(), cc); + + // validate state + mockWebServer.takeRequest(); + assertNotNull("no ERnP response", resp); + assertEquals("wrong resp size", 0, resp.getPersonResult().size()); + assertEquals("wrong resp size", 1, resp.getZmrPersonResult().size()); + + } + @Test @SneakyThrows public void searchWithPersonalIdSingleResult() { diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_search_with_personalId_closed_and_zmr_kitt_resp.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_search_with_personalId_closed_and_zmr_kitt_resp.json new file mode 100644 index 00000000..be90e2c6 --- /dev/null +++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_search_with_personalId_closed_and_zmr_kitt_resp.json @@ -0,0 +1,84 @@ +{ + "person": [ + { + "type": "Person", + "eidas": [ + { + "ablaufDatum": "9999-12-31T00:00:00.000+01:00", + "art": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", + "ausstellDatum": "9999-12-31T00:00:00.000+01:00", + "entityId": "47769100000077607", + "gueltigAb": "2022-10-06T08:01:18.117+02:00", + "gueltigBis": "2022-10-06T08:01:18.117+02:00", + "staatscode2": "XZ", + "wert": "eidasmatcherclosed19740404_01" + } + ], + "entityId": "47769100000077596", + "gueltigAb": "2022-10-06T08:01:18.117+02:00", + "gueltigBis": "2022-10-08T08:01:18.117+02:00", + "letzteOperation": { + "begruendung": "EIDAS Integrationstest", + "grund": "Person amtlich beenden", + "vorgang": "PersonAmtlichBeenden", + "zeitpunkt": "2022-10-06T08:01:18.117+02:00" + }, + "personendaten": { + "basiszahl": "000862899079", + "bpkZp": "mhnWeYYC8KfRY/MaYKdUDkzwD2w=", + "entityId": "47769100000077596", + "familienname": "EidasMatcher", + "geburtsdatum": { + "jahr": 1974, + "monat": 4, + "tag": 4 + }, + "geprueft": false, + "gueltigAb": "2022-10-06T08:01:18.117+02:00", + "gueltigBis": "2022-10-06T08:01:18.117+02:00", + "vorname": "Closed" + }, + "version": "2022-10-06T08:01:18.117+02:00" + }, + { + "type": "Person", + "eidas": [ + { + "ablaufDatum": "9999-12-31T00:00:00.000+01:00", + "art": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", + "ausstellDatum": "9999-12-31T00:00:00.000+01:00", + "entityId": "47769100000077607", + "gueltigAb": "2022-10-06T08:01:18.117+02:00", + "gueltigBis": "2022-10-06T08:01:18.117+02:00", + "staatscode2": "XZ", + "wert": "eidasmatcherclosed19740404_01" + } + ], + "entityId": "47769100000077596", + "gueltigAb": "2022-10-06T08:01:18.117+02:00", + "gueltigBis": "2045-10-06T08:01:18.117+02:00", + "letzteOperation": { + "begruendung": "EIDAS Integrationstest", + "grund": "Person amtlich beenden", + "vorgang": "PersonUebernehmen", + "zeitpunkt": "2022-10-06T08:01:18.117+02:00" + }, + "personendaten": { + "basiszahl": "000862899079", + "bpkZp": "mhnWeYYC8KfRY/MaYKdUDkzwD2w=", + "entityId": "47769100000077596", + "familienname": "EidasMatcher", + "geburtsdatum": { + "jahr": 1974, + "monat": 4, + "tag": 4 + }, + "geprueft": false, + "gueltigAb": "2022-10-06T08:01:18.117+02:00", + "gueltigBis": "2022-10-06T08:01:18.117+02:00", + "vorname": "Closed" + }, + "version": "2022-10-06T08:01:18.117+02:00" + } + ] +} \ No newline at end of file diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_search_with_personalId_zmr_kitt_and_closed_resp.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_search_with_personalId_zmr_kitt_and_closed_resp.json new file mode 100644 index 00000000..aa8da848 --- /dev/null +++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_search_with_personalId_zmr_kitt_and_closed_resp.json @@ -0,0 +1,84 @@ +{ + "person": [ + { + "type": "Person", + "eidas": [ + { + "ablaufDatum": "9999-12-31T00:00:00.000+01:00", + "art": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", + "ausstellDatum": "9999-12-31T00:00:00.000+01:00", + "entityId": "47769100000077607", + "gueltigAb": "2022-10-06T08:01:18.117+02:00", + "gueltigBis": "2022-10-06T08:01:18.117+02:00", + "staatscode2": "XZ", + "wert": "eidasmatcherclosed19740404_01" + } + ], + "entityId": "47769100000077596", + "gueltigAb": "2022-10-06T08:01:18.117+02:00", + "gueltigBis": "2045-10-06T08:01:18.117+02:00", + "letzteOperation": { + "begruendung": "EIDAS Integrationstest", + "grund": "Person amtlich beenden", + "vorgang": "PersonUebernehmen", + "zeitpunkt": "2022-10-06T08:01:18.117+02:00" + }, + "personendaten": { + "basiszahl": "000862899079", + "bpkZp": "mhnWeYYC8KfRY/MaYKdUDkzwD2w=", + "entityId": "47769100000077596", + "familienname": "EidasMatcher", + "geburtsdatum": { + "jahr": 1974, + "monat": 4, + "tag": 4 + }, + "geprueft": false, + "gueltigAb": "2022-10-06T08:01:18.117+02:00", + "gueltigBis": "2022-10-06T08:01:18.117+02:00", + "vorname": "Closed" + }, + "version": "2022-10-06T08:01:18.117+02:00" + }, + { + "type": "Person", + "eidas": [ + { + "ablaufDatum": "9999-12-31T00:00:00.000+01:00", + "art": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", + "ausstellDatum": "9999-12-31T00:00:00.000+01:00", + "entityId": "47769100000077607", + "gueltigAb": "2022-10-06T08:01:18.117+02:00", + "gueltigBis": "2022-10-06T08:01:18.117+02:00", + "staatscode2": "XZ", + "wert": "eidasmatcherclosed19740404_01" + } + ], + "entityId": "47769100000077596", + "gueltigAb": "2022-10-06T08:01:18.117+02:00", + "gueltigBis": "2022-10-08T08:01:18.117+02:00", + "letzteOperation": { + "begruendung": "EIDAS Integrationstest", + "grund": "Person amtlich beenden", + "vorgang": "PersonAmtlichBeenden", + "zeitpunkt": "2022-10-06T08:01:18.117+02:00" + }, + "personendaten": { + "basiszahl": "000862899079", + "bpkZp": "mhnWeYYC8KfRY/MaYKdUDkzwD2w=", + "entityId": "47769100000077596", + "familienname": "EidasMatcher", + "geburtsdatum": { + "jahr": 1974, + "monat": 4, + "tag": 4 + }, + "geprueft": false, + "gueltigAb": "2022-10-06T08:01:18.117+02:00", + "gueltigBis": "2022-10-06T08:01:18.117+02:00", + "vorname": "Closed" + }, + "version": "2022-10-06T08:01:18.117+02:00" + } + ] +} \ No newline at end of file -- cgit v1.2.3