diff options
author | Florian Reimair <florian.reimair@iaik.tugraz.at> | 2015-03-13 16:03:33 +0100 |
---|---|---|
committer | Florian Reimair <florian.reimair@iaik.tugraz.at> | 2015-03-13 16:03:33 +0100 |
commit | 9ac6c3342ba7afdd75838230d13ceda70614cedc (patch) | |
tree | 9a0bb360880e61b748ef1d843f530fde949a5c61 | |
parent | 12c3c34ea26ff20e39c9b67f698e9c8b99ef11ee (diff) | |
download | moa-id-spss-9ac6c3342ba7afdd75838230d13ceda70614cedc.tar.gz moa-id-spss-9ac6c3342ba7afdd75838230d13ceda70614cedc.tar.bz2 moa-id-spss-9ac6c3342ba7afdd75838230d13ceda70614cedc.zip |
added fakeidl no-signature option config
2 files changed, 16 insertions, 2 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java index c746c0888..d33a9ea92 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java @@ -1042,6 +1042,16 @@ public class AuthConfigurationProvider extends ConfigurationProvider { return null; } + /** + * Gets the countries for which it is configured to require no signature + * + * @return the stork no signature countries + */ + public List<String> getStorkNoSignatureCountries() { + String prop = props.getProperty("stork.fakeIdL.noSignatureCountries", ""); + return Arrays.asList(prop.replaceAll(" ", "").split(",")); + } + public boolean isMonitoringActive() { String prop = props.getProperty("configuration.monitoring.active", "false"); return Boolean.valueOf(prop); diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java index d233f88c4..3d787f371 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java @@ -326,9 +326,13 @@ public class PepsConnectorTask extends AbstractAuthServletTask { // ////////////////////////////////////////////////////////////////////////
+ AuthConfigurationProvider config = AuthConfigurationProvider.getInstance();
+ String citizenSignature = null;
+ if(config.isStorkFakeIdLActive() && config.getStorkNoSignatureCountries().contains(storkAuthnRequest.getCitizenCountryCode()) && config.getStorkFakeIdLCountries().contains(storkAuthnRequest.getCitizenCountryCode())) {
+ Logger.debug("signedDoc extraction skipped due to configuration");
+ } else {
Logger.debug("Starting extraction of signedDoc attribute");
// extract signed doc element and citizen signature
- String citizenSignature = null;
try {
if (authnResponse.getPersonalAttributeList().get("signedDoc") == null
@@ -409,6 +413,7 @@ public class PepsConnectorTask extends AbstractAuthServletTask { Logger.error("Could not extract citizen signature from C-PEPS", e);
throw new MOAIDException("stork.09", null);
}
+ }
Logger.debug("Foregin Citizen signature successfully extracted from STORK Assertion (signedDoc)");
Logger.debug("Citizen signature will be verified by SZR Gateway!");
@@ -441,7 +446,6 @@ public class PepsConnectorTask extends AbstractAuthServletTask { IdentityLink identityLink = null;
executionContext.put("identityLinkAvailable", false);
try {
- AuthConfigurationProvider config = AuthConfigurationProvider.getInstance();
if(config.isStorkFakeIdLActive() && config.getStorkFakeIdLCountries().contains(storkAuthnRequest.getCitizenCountryCode())) {
// create fake IdL
// - fetch IdL template from resources
|