From e8e75813ab549d03b0ac482fe0e1e86ee660b8b0 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Fri, 11 Mar 2022 11:49:05 +0100 Subject: chore(proxy): add module for stand-alone ms-specific proxy-service application --- .../src/main/resources/application.properties | 116 +++++++++++++++++++++ 1 file changed, 116 insertions(+) create mode 100644 ms_specific_proxyservice/src/main/resources/application.properties (limited to 'ms_specific_proxyservice/src/main/resources/application.properties') diff --git a/ms_specific_proxyservice/src/main/resources/application.properties b/ms_specific_proxyservice/src/main/resources/application.properties new file mode 100644 index 00000000..9f1b68e2 --- /dev/null +++ b/ms_specific_proxyservice/src/main/resources/application.properties @@ -0,0 +1,116 @@ +## Set Spring-Boot profile-configuration to 2.3 style +spring.config.use-legacy-processing=true + +## ApplicationServer configuration +server.servlet.contextPath=/ms_proxyservice +#server.port=7080 + +app.build.artifactId=ms_proxyservice + + + +############################################################################# +## SpringBoot Admin client +spring.boot.admin.client.enabled=false + +############################################################################# +## SpringBoot Actuator +management.endpoints.web.exposure.include=health,info + +############################################################################# +## Common parts of MS-speccific eIDAS application configuration + +#eidas.ms.context.url.prefix= +eidas.ms.context.url.request.validation=false +#eidas.ms.configRootDir=file:/.../config/ +eidas.ms.context.use.clustermode=true +eidas.ms.core.logging.level.info.errorcodes=auth.21 + +##Monitoring +eidas.ms.monitoring.eIDASNode.metadata.url= + + +##Specific logger configuration +eidas.ms.technicallog.write.MDS.into.techlog=true +eidas.ms.revisionlog.write.MDS.into.revisionlog=true +eidas.ms.revisionlog.logIPAddressOfUser=true + + +##Directory for static Web content +eidas.ms.webcontent.static.directory=webcontent/ +eidas.ms.webcontent.templates=templates/ +eidas.ms.webcontent.properties=properties/messages + + +## extended validation of pending-request Id's +eidas.ms.core.pendingrequestid.maxlifetime=300 +eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256 +#eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret + + +## HTTP-client defaults +eidas.ms.client.http.connection.timeout.socket=15 +eidas.ms.client.http.connection.timeout.connection=15 +eidas.ms.client.http.connection.timeout.request=15 + + +## Common PVP2 S-Profile (SAML2) configuration +#eidas.ms.pvp2.metadata.organisation.name=JUnit +#eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit +#eidas.ms.pvp2.metadata.organisation.url=http://junit.test +#eidas.ms.pvp2.metadata.contact.givenname=Max +#eidas.ms.pvp2.metadata.contact.surname=Mustermann +#eidas.ms.pvp2.metadata.contact.email=max@junit.test + +##only for advanced config +eidas.ms.configuration.pvp.scheme.validation=true +eidas.ms.configuration.pvp.enable.entitycategories=false + + +############################################################################# +## MS-speccific eIDAS-Proxy-Service configuration + +#### eIDAS ms-specific Proxy-Service configuration +eidas.ms.auth.eIDAS.node_v2.proxy.entityId=ownSpecificProxy +#eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint= + +# Mandate configuration +eidas.ms.auth.eIDAS.proxy.mandates.enabled=false +#eidas.ms.auth.eIDAS.proxy.mandates.profiles.natural.default= +#eidas.ms.auth.eIDAS.proxy.mandates.profiles.legal.default= + + +## special foreign eIDAS-Connector configuration +#eidas.ms.connector.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata +#eidas.ms.connector.0.countryCode=CC +#eidas.ms.connector.0.mandates.enabled=false +#eidas.ms.connector.0.mandates.natural= +#eidas.ms.connector.0.mandates.legal= +#eidas.ms.connector.0.auth.idaustria.entityId= + + +## PVP2 S-Profile communication with ID Austria System +# EntityId and optional metadata of ID Austria System +#eidas.ms.modules.idaustriaauth.idp.entityId= +#eidas.ms.modules.idaustriaauth.idp.metadataUrl= + +# SAML2 client configuration +eidas.ms.modules.idaustriaauth.keystore.type=jks +#eidas.ms.modules.idaustriaauth.keystore.name= +#eidas.ms.modules.idaustriaauth.keystore.path= +#eidas.ms.modules.idaustriaauth.keystore.password= +#eidas.ms.modules.idaustriaauth.metadata.sign.alias= +#eidas.ms.modules.idaustriaauth.metadata.sign.password= +#eidas.ms.modules.idaustriaauth.request.sign.alias= +#eidas.ms.modules.idaustriaauth.request.sign.password= +#eidas.ms.modules.idaustriaauth.response.encryption.alias= +#eidas.ms.modules.idaustriaauth.response.encryption.password= + +# TrustStore to validate SAML2 metadata from ID Austria +#eidas.ms.modules.idaustriaauth.truststore.type=jks +#eidas.ms.modules.idaustriaauth.truststore.name= +#eidas.ms.modules.idaustriaauth.truststore.path= +#eidas.ms.modules.idaustriaauth.truststore.password= + + + -- cgit v1.2.3 From 7f0a925a72dc9841280e66fcba1515af62b9efdf Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Fri, 3 Jun 2022 15:24:01 +0200 Subject: test(core): add smoke test with full eIDAS OutGoing login and error-handling --- ms_specific_proxyservice/src/main/resources/application.properties | 1 + 1 file changed, 1 insertion(+) (limited to 'ms_specific_proxyservice/src/main/resources/application.properties') diff --git a/ms_specific_proxyservice/src/main/resources/application.properties b/ms_specific_proxyservice/src/main/resources/application.properties index 9f1b68e2..7d8c199f 100644 --- a/ms_specific_proxyservice/src/main/resources/application.properties +++ b/ms_specific_proxyservice/src/main/resources/application.properties @@ -73,6 +73,7 @@ eidas.ms.configuration.pvp.enable.entitycategories=false #### eIDAS ms-specific Proxy-Service configuration eidas.ms.auth.eIDAS.node_v2.proxy.entityId=ownSpecificProxy #eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint= +eidas.ms.auth.eIDAS.node_v2.forward.method=POST # Mandate configuration eidas.ms.auth.eIDAS.proxy.mandates.enabled=false -- cgit v1.2.3 From 49a38fef1afad32d7e8c63e3884d854065fcf740 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Thu, 9 Jun 2022 09:08:53 +0200 Subject: chore(config): add attribute-mapping configuration-property into default config --- ms_specific_proxyservice/src/main/resources/application.properties | 1 + 1 file changed, 1 insertion(+) (limited to 'ms_specific_proxyservice/src/main/resources/application.properties') diff --git a/ms_specific_proxyservice/src/main/resources/application.properties b/ms_specific_proxyservice/src/main/resources/application.properties index 7d8c199f..8d66a7c0 100644 --- a/ms_specific_proxyservice/src/main/resources/application.properties +++ b/ms_specific_proxyservice/src/main/resources/application.properties @@ -69,6 +69,7 @@ eidas.ms.configuration.pvp.enable.entitycategories=false ############################################################################# ## MS-speccific eIDAS-Proxy-Service configuration +eidas.ms.auth.eIDAS.proxy.attribute.mapping.config=misc/idaAttributeMapping.json #### eIDAS ms-specific Proxy-Service configuration eidas.ms.auth.eIDAS.node_v2.proxy.entityId=ownSpecificProxy -- cgit v1.2.3 From 68c46a22406af910838b3ee6bbea5a4e9807ddaa Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Tue, 16 Aug 2022 13:20:02 +0200 Subject: feat(eidas): add advanced SP config post-processing based on requested attributes --- ms_specific_proxyservice/src/main/resources/application.properties | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'ms_specific_proxyservice/src/main/resources/application.properties') diff --git a/ms_specific_proxyservice/src/main/resources/application.properties b/ms_specific_proxyservice/src/main/resources/application.properties index 8d66a7c0..40587815 100644 --- a/ms_specific_proxyservice/src/main/resources/application.properties +++ b/ms_specific_proxyservice/src/main/resources/application.properties @@ -115,4 +115,11 @@ eidas.ms.modules.idaustriaauth.keystore.type=jks #eidas.ms.modules.idaustriaauth.truststore.password= +############################################################################# +## advanced eIDAS attribute processing + +# BORIS attribute for eJustice +eidas.ms.advanced.atributes.ejusticerole.mandate.profiles=MUST_BE_UPDATED +eidas.ms.advanced.atributes.ejusticerole.mandate.mode=legal + -- cgit v1.2.3 From d5cb2ae3d5bf3f04646cc23d7d59cd10822349c6 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Tue, 16 Aug 2022 15:09:07 +0200 Subject: feat(eidas): generate advanced attributes in response-processing too --- ms_specific_proxyservice/src/main/resources/application.properties | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'ms_specific_proxyservice/src/main/resources/application.properties') diff --git a/ms_specific_proxyservice/src/main/resources/application.properties b/ms_specific_proxyservice/src/main/resources/application.properties index 40587815..f7aca8a3 100644 --- a/ms_specific_proxyservice/src/main/resources/application.properties +++ b/ms_specific_proxyservice/src/main/resources/application.properties @@ -119,7 +119,8 @@ eidas.ms.modules.idaustriaauth.keystore.type=jks ## advanced eIDAS attribute processing # BORIS attribute for eJustice -eidas.ms.advanced.atributes.ejusticerole.mandate.profiles=MUST_BE_UPDATED +eidas.ms.advanced.atributes.ejusticerole.mandate.profiles.1=MUST_BE_UPDATED,SECOND eidas.ms.advanced.atributes.ejusticerole.mandate.mode=legal - +eidas.ms.advanced.atributes.ejusticerole.value.1=MUST_BE_UPDATED,VIP1 +eidas.ms.advanced.atributes.ejusticerole.value.2=SECOND,VIP2 -- cgit v1.2.3 From ee60dcbde9210e6ecf417af9fd7e4f13e8d95bbd Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Tue, 16 Aug 2022 15:46:31 +0200 Subject: style(eidas): fix typo in configuration properties --- ms_specific_proxyservice/src/main/resources/application.properties | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'ms_specific_proxyservice/src/main/resources/application.properties') diff --git a/ms_specific_proxyservice/src/main/resources/application.properties b/ms_specific_proxyservice/src/main/resources/application.properties index f7aca8a3..b8da2a10 100644 --- a/ms_specific_proxyservice/src/main/resources/application.properties +++ b/ms_specific_proxyservice/src/main/resources/application.properties @@ -119,8 +119,7 @@ eidas.ms.modules.idaustriaauth.keystore.type=jks ## advanced eIDAS attribute processing # BORIS attribute for eJustice -eidas.ms.advanced.atributes.ejusticerole.mandate.profiles.1=MUST_BE_UPDATED,SECOND -eidas.ms.advanced.atributes.ejusticerole.mandate.mode=legal -eidas.ms.advanced.atributes.ejusticerole.value.1=MUST_BE_UPDATED,VIP1 -eidas.ms.advanced.atributes.ejusticerole.value.2=SECOND,VIP2 +eidas.ms.advanced.attributes.ejusticerole.mandate.profiles=MUST_BE_UPDATED,SECOND +eidas.ms.advanced.attributes.ejusticerole.mandate.mode=legal +eidas.ms.advanced.attributes.ejusticerole.value.1=MUST_BE_UPDATED=VIP1 -- cgit v1.2.3 From 920d33465e5ab1a71d81cc280e41de10cd8b5247 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Wed, 17 Aug 2022 09:53:46 +0200 Subject: feat(eidas): extend EJusticePersonRoleHandler to include additional requested attributes --- ms_specific_proxyservice/src/main/resources/application.properties | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'ms_specific_proxyservice/src/main/resources/application.properties') diff --git a/ms_specific_proxyservice/src/main/resources/application.properties b/ms_specific_proxyservice/src/main/resources/application.properties index b8da2a10..c9d5e58f 100644 --- a/ms_specific_proxyservice/src/main/resources/application.properties +++ b/ms_specific_proxyservice/src/main/resources/application.properties @@ -120,6 +120,7 @@ eidas.ms.modules.idaustriaauth.keystore.type=jks # BORIS attribute for eJustice eidas.ms.advanced.attributes.ejusticerole.mandate.profiles=MUST_BE_UPDATED,SECOND -eidas.ms.advanced.attributes.ejusticerole.mandate.mode=legal +eidas.ms.advanced.attributes.ejusticerole.mandate.mode=forceLegal +eidas.ms.advanced.attributes.ejusticerole.additional.ida.attributes= eidas.ms.advanced.attributes.ejusticerole.value.1=MUST_BE_UPDATED=VIP1 -- cgit v1.2.3