diff options
| author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2019-02-19 11:30:59 +0100 |
|---|---|---|
| committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2019-02-19 11:30:59 +0100 |
| commit | 3e1aba668f76677ecd3923b039e52b5bb5348d96 (patch) | |
| tree | e039ff06930d85e6e17e02c1b8db4bd7e97bc886 | |
| parent | 1cd7a8508a61feadcebad0426609d3b45f6db6ad (diff) | |
| download | moa-id-spss-3e1aba668f76677ecd3923b039e52b5bb5348d96.tar.gz moa-id-spss-3e1aba668f76677ecd3923b039e52b5bb5348d96.tar.bz2 moa-id-spss-3e1aba668f76677ecd3923b039e52b5bb5348d96.zip | |
update eID4u attribute collection and add a jUnit test for TUG->eID4u attribute mapping
8 files changed, 598 insertions, 63 deletions
diff --git a/id/server/modules/moa-id-module-eIDAS/pom.xml b/id/server/modules/moa-id-module-eIDAS/pom.xml index 7e3aa1eef..5f4192645 100644 --- a/id/server/modules/moa-id-module-eIDAS/pom.xml +++ b/id/server/modules/moa-id-module-eIDAS/pom.xml @@ -82,17 +82,16 @@ <version>3.0.1</version> </dependency> - <dependency> - <groupId>org.springframework</groupId> - <artifactId>spring-test</artifactId> - <scope>test</scope> - </dependency> - - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <scope>test</scope> - </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-test</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> <!-- eidas Commons --> <dependency> diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eid4u/utils/AttributeScopeMapper.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eid4u/utils/AttributeScopeMapper.java new file mode 100644 index 000000000..69cc131ff --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eid4u/utils/AttributeScopeMapper.java @@ -0,0 +1,239 @@ +package at.gv.egovernment.moa.id.auth.modules.eidas.eid4u.utils; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; + +import org.apache.commons.lang3.StringUtils; + +import com.google.gson.JsonElement; +import com.google.gson.JsonObject; + +import at.gv.egiz.eid4u.api.attributes.Definitions; +import at.gv.egovernment.moaspss.logging.Logger; +import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress; + +public class AttributeScopeMapper { + + private static AttributeScopeMapper instance = null; + + public static final String Scope_Delimiter = " "; + + public static final String Citizenship = "ANY@tugraz.idm.attr.Citizenship"; + public static final String CityOfBirth = "ANY@tugraz.idm.attr.CityOfBirth"; + public static final String CountryOfBirth = "ANY@tugraz.idm.attr.CountryOfBirth"; + public static final String CurrentDegreeName = "ANY@tugraz.idm.attr.CurrentDegreeName"; + public static final String CurrentFieldOfStudy = "ANY@tugraz.idm.attr.CurrentFieldOfStudy"; + public static final String CurrentLevelOfStudy = "ANY@tugraz.idm.attr.CurrentLevelOfStudy"; + public static final String EmailStud = "ANY@tugraz.idm.attr.EmailStud"; + public static final String Gender = "ANY@tugraz.idm.attr.Gender"; + public static final String HomeInstitutionName = "ANY@tugraz.idm.attr.HomeInstitutionName"; + public static final String HomeInstitutionCountry = "ANY@tugraz.idm.attr.HomeInstitutionCountry"; + + public static final String HomeInstitutionAddressCountryCode = "ANY@tugraz.idm.attr.HomeInstitutionAddressCountryCode"; + public static final String HomeInstitutionAddressPostalCode = "ANY@tugraz.idm.attr.HomeInstitutionAddressPostalCode"; + public static final String HomeInstitutionAddressStreet = "ANY@tugraz.idm.attr.HomeInstitutionAddressStreet"; + public static final String HomeInstitutionAddressCity = "ANY@tugraz.idm.attr.HomeInstitutionAddressCity"; + + public static final String PermanentAddressCity = "ANY@tugraz.idm.attr.PermanentAddressCity"; + public static final String PermanentAddressCountryCode = "ANY@tugraz.idm.attr.PermanentAddressCountryCode"; + public static final String PermanentAddressPostalCode = "ANY@tugraz.idm.attr.PermanentAddressPostalCode"; + public static final String PermanentAddressStreet = "ANY@tugraz.idm.attr.PermanentAddressStreet"; + + public static final String StudyAddressCity = "ANY@tugraz.idm.attr.StudyAddressCity"; + public static final String StudyAddressCountryCode = "ANY@tugraz.idm.attr.StudyAddressCountryCode"; + public static final String StudyAddressPostalCode = "ANY@tugraz.idm.attr.StudyAddressPostalCode"; + public static final String StudyAddressStreet = "ANY@tugraz.idm.attr.StudyAddressStreet"; + + private static List<String> complexeScopes = new ArrayList<String>(); + + private static final Map<String, String> eIDASToScopes = Collections.unmodifiableMap(new HashMap<String,String>() { + private static final long serialVersionUID = 1L; + { + put(Definitions.CITIZENSHIP_NAME, Citizenship); + put(eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.PLACE_OF_BIRTH.getNameUri().toString(), + CityOfBirth); + put(Definitions.COUNTRYOFBIRTH_NAME, CountryOfBirth); + put(Definitions.CURRENTDEGREE_NAME, CurrentDegreeName); + put(Definitions.FIELDOFSTUDY_NAME, CurrentFieldOfStudy); + put(Definitions.CURRENTLEVELOFSTUDY_NAME, CurrentLevelOfStudy); + put(Definitions.EMAIL_NAME, EmailStud); + put(eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.GENDER.getNameUri().toString(), + Gender); + put(Definitions.HOMEINSTITUTIONNAME_NAME, HomeInstitutionName); + put(Definitions.HOMEINSTITUTIONCOUNTRY_NAME, HomeInstitutionCountry); + + put(Definitions.HOMEINSTITUTIONADDRESS_NAME, + HomeInstitutionAddressCountryCode + Scope_Delimiter + + HomeInstitutionAddressPostalCode + Scope_Delimiter + + HomeInstitutionAddressStreet + Scope_Delimiter + + HomeInstitutionAddressCity); + put(eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.CURRENT_ADDRESS.getNameUri().toString(), + PermanentAddressCity + Scope_Delimiter + + PermanentAddressCountryCode + Scope_Delimiter + + PermanentAddressPostalCode + Scope_Delimiter + + PermanentAddressStreet); + put(Definitions.TEMPORARYADDRESS_NAME, + StudyAddressCity + Scope_Delimiter + + StudyAddressCountryCode + Scope_Delimiter + + StudyAddressPostalCode + Scope_Delimiter + + StudyAddressStreet); + + } + }); + + private static Map<String, String> scopesToeIDAS = Collections.unmodifiableMap(new HashMap<String,String>() { + private static final long serialVersionUID = 1L; + { + Iterator<Entry<String, String>> it = eIDASToScopes.entrySet().iterator(); + while (it.hasNext()) { + Entry<String, String> el = it.next(); + String[] value = el.getValue().split(Scope_Delimiter); + if (value.length == 1) + put(el.getValue(), el.getKey()); + + else { + for (String i : value) { + put(i, el.getKey()); + complexeScopes.add(i); + + } + } + } + } + }); + + + + + public static AttributeScopeMapper getInstance() { + if (instance == null) { + instance = new AttributeScopeMapper(); + + } + + return instance; + } + + /** + * Map a eID4U attribute-name into a TUG Scope + * + * @param eID4UAttributeName eID4U attribute-name + * @return TUG Scope + */ + public String getTUGScopesForAttribute(String eID4UAttributeName) { + if (eIDASToScopes.containsKey(eID4UAttributeName)) + return eIDASToScopes.get(eID4UAttributeName); + + else { + Logger.info("eID4U attribute '" + eID4UAttributeName + "' CAN NOT provides from TUG"); + return StringUtils.EMPTY; + + } + + } + + /** + * Map a TUG Scope into an eID4u attribute-name + * + * @param scope TUG scope + * @return eID4u attribute name + */ + public String geteIDASAttrFromScope(String scope) { + return scopesToeIDAS.get(scope); + + } + + /** + * Check if an TUG scope is part of a complex eID4u attribute + * + * @param scope TUG scope + * @return true if scope is part of a complex attribute, otherwise false + */ + public boolean isComplexeScope(String scope) { + return complexeScopes.contains(scope); + + } + + /** + * Convert the TUG Attribute-provider response into a Map<attributeName, attributeValue> of eID4U attributes + * + * + * @param jsonObject TUG AP response + * @return Map of eID4U attributes, but never null + */ + public Map<String, Object> populateEid4uAttributesFromTugResponse(JsonObject jsonObject) { + Map<String, Object> result = new HashMap<String, Object>(); + Map<String, String> complexAttr = new HashMap<String, String>(); + + Iterator<Entry<String, JsonElement>> it = jsonObject.entrySet().iterator(); + while (it.hasNext()) { + Entry<String, JsonElement> el = it.next(); + String key = el.getKey(); + + Logger.trace("Starting TUG scrope mapping for: " + key + " ... "); + String eIDASAttr = AttributeScopeMapper.getInstance().geteIDASAttrFromScope(key); + if (StringUtils.isNotEmpty(eIDASAttr)) { + if (!AttributeScopeMapper.getInstance().isComplexeScope(key)) { + Logger.debug("Map simple TUG scope: " + key + " to eIDAS attribute: " + eIDASAttr); + result.put(eIDASAttr, el.getValue().getAsString()); + + } else { + Logger.trace("Find complex TUG scope: " + key); + complexAttr.put(eIDASAttr, null); + + } + + } else + Logger.info("Can NOT map TUG scope: " + key + " to any eID4U attribute"); + + } + + //TODO: can only Map address attributes + Iterator<String> complIt = complexAttr.keySet().iterator(); + while(complIt.hasNext()) { + String attr = complIt.next(); + + eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress.Builder address = PostalAddress.builder(); + if (Definitions.HOMEINSTITUTIONADDRESS_NAME.equals(attr)) { + address.postCode(jsonObject.get(AttributeScopeMapper.HomeInstitutionAddressPostalCode).getAsString()); + address.postName(jsonObject.get(AttributeScopeMapper.HomeInstitutionAddressCity).getAsString()); + address.cvAddressArea(jsonObject.get(AttributeScopeMapper.HomeInstitutionAddressStreet).getAsString()); + address.thoroughfare(jsonObject.get(AttributeScopeMapper.HomeInstitutionAddressStreet).getAsString()); + result.put(attr, address.build()); + + } else if (Definitions.TEMPORARYADDRESS_NAME.equals(attr)) { + address.postCode(jsonObject.get(AttributeScopeMapper.StudyAddressPostalCode).getAsString()); + address.postName(jsonObject.get(AttributeScopeMapper.StudyAddressCity).getAsString()); + address.cvAddressArea(jsonObject.get(AttributeScopeMapper.StudyAddressStreet).getAsString()); + address.thoroughfare(jsonObject.get(AttributeScopeMapper.StudyAddressStreet).getAsString()); + result.put(attr, address.build()); + + } else if (eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.CURRENT_ADDRESS.getNameUri().toString().equals(attr)) { + address.postCode(jsonObject.get(AttributeScopeMapper.PermanentAddressPostalCode).getAsString()); + address.postName(jsonObject.get(AttributeScopeMapper.PermanentAddressCity).getAsString()); + address.cvAddressArea(jsonObject.get(AttributeScopeMapper.PermanentAddressStreet).getAsString()); + address.thoroughfare(jsonObject.get(AttributeScopeMapper.PermanentAddressStreet).getAsString()); + result.put(attr, address.build()); + + } else { + Logger.warn("Complexe eID4U attribute: " + attr + " is NOT SUPPORTED yet!"); + + } + + } + + return result; + + } + + + private AttributeScopeMapper() { + + } + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java index 9d9d44b34..a58bc4f8d 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java @@ -5,9 +5,12 @@ import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; +import com.google.common.collect.UnmodifiableIterator; + import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; @@ -19,7 +22,8 @@ import at.gv.egiz.eid4u.api.attributes.Definitions; import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper; import at.gv.egovernment.moa.id.auth.modules.eidas.eID4UConstants; -import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SimpleEidasAttributeGenerator; +import at.gv.egovernment.moa.id.auth.modules.eidas.eid4u.utils.AttributeScopeMapper; +import at.gv.egovernment.moa.id.protocols.builder.attributes.SimpleStringAttributeGenerator; import at.gv.egovernment.moa.id.protocols.eidas.EIDASData; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20SessionObject; @@ -31,6 +35,7 @@ import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; import eu.eidas.auth.commons.attribute.ImmutableAttributeMap.Builder; +import eu.eidas.auth.commons.attribute.ImmutableAttributeMap.ImmutableAttributeEntry; @Component("CollectAddtionalAttributesTask") public class CollectAddtionalAttributesTask extends AbstractAuthServletTask { @@ -75,8 +80,7 @@ public class CollectAddtionalAttributesTask extends AbstractAuthServletTask { if (MiscUtil.isEmpty(scopes)) { //generate scope from attributes - //TODO extract 'scopes' from requested attributes - Logger.warn("Dynamic 'scope' generation is currently NOT supported"); + scopes = mapReqAttributesIntoScopes(reqEid4uAttrList); } @@ -139,7 +143,7 @@ public class CollectAddtionalAttributesTask extends AbstractAuthServletTask { new BPKAttributeBuilder().build( fakeOpenIDReq.getServiceProviderConfiguration(), authData, - new SimpleEidasAttributeGenerator())); + new SimpleStringAttributeGenerator())); requestStoreage.storePendingRequest(pendingReq); } else @@ -156,4 +160,22 @@ public class CollectAddtionalAttributesTask extends AbstractAuthServletTask { } + private String mapReqAttributesIntoScopes(ImmutableAttributeMap reqEid4uAttrList) { + String result = StringUtils.EMPTY; + UnmodifiableIterator<ImmutableAttributeEntry<?>> it = reqEid4uAttrList.entrySet().iterator(); + while (it.hasNext()) { + ImmutableAttributeEntry<?> el = it.next(); + String scope = AttributeScopeMapper.getInstance().getTUGScopesForAttribute( + el.getKey().getNameUri().toString()); + + if (result.isEmpty()) + result = scope; + else + result += " " + scope; + + } + + return result; + } + } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveConsentForAddtionalAttributesTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveConsentForAddtionalAttributesTask.java index 3f1e999ca..e878f8ab1 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveConsentForAddtionalAttributesTask.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveConsentForAddtionalAttributesTask.java @@ -3,11 +3,14 @@ package at.gv.egovernment.moa.id.auth.modules.eidas.tasks; import java.io.InputStreamReader; import java.nio.charset.StandardCharsets; import java.util.Base64; +import java.util.Map; +import java.util.Map.Entry; import javax.net.ssl.SSLSocketFactory; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.apache.commons.io.IOUtils; import org.apache.http.Header; import org.apache.http.HttpHeaders; import org.apache.http.HttpResponse; @@ -26,10 +29,9 @@ import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; -import at.gv.egiz.eid4u.api.attributes.Definitions; -import at.gv.egiz.eid4u.api.attributes.natural.IdType; import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper; import at.gv.egovernment.moa.id.auth.modules.eidas.eID4UConstants; +import at.gv.egovernment.moa.id.auth.modules.eidas.eid4u.utils.AttributeScopeMapper; import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.eID4UAPException; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.utils.HttpClientWithProxySupport; @@ -39,11 +41,11 @@ import at.gv.egovernment.moa.id.util.CookieUtils; import at.gv.egovernment.moa.id.util.SSLUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress; @Component("ReceiveConsentForAddtionalAttributesTask") public class ReceiveConsentForAddtionalAttributesTask extends AbstractAuthServletTask { + private static final int HashMap = 0; @Autowired private AuthConfiguration moaAuthConfig; @Override @@ -128,12 +130,14 @@ public class ReceiveConsentForAddtionalAttributesTask extends AbstractAuthServle if (Logger.isTraceEnabled()) { for (Header el : httpResultToken.getAllHeaders()) - Logger.trace("Headername:" + el.getName() + " Value:" + el.getValue()); + Logger.trace("Resp. Headername:" + el.getName() + " Value:" + el.getValue()); } if (httpResultToken.getStatusLine().getStatusCode() != 200) { Logger.info("eID4U AP TokenService anwser with StatusCode:" + httpResultToken.getStatusLine().getStatusCode() + " eID4U AP process stopping ... "); + if (httpResultToken.getEntity().getContent() != null) + Logger.trace("StatusMessage: " + IOUtils.toString(httpResultToken.getEntity().getContent(), "UTF-8")); throw new eID4UAPException("eID4U AP TokenService return statusCode: " + httpResultToken.getStatusLine().getStatusCode(), null); } @@ -166,6 +170,11 @@ public class ReceiveConsentForAddtionalAttributesTask extends AbstractAuthServle "X-PVP-BPK", pendingReq.getRawData(eID4UConstants.PROCESS_CONTEXT_USERS_BPK_EID4U_ATTRPROVIDER, String.class)); + if (Logger.isTraceEnabled()) { + for (Header el : httpGetData.getAllHeaders()) + Logger.trace("Req. Headername:" + el.getName() + " Value:" + el.getValue()); + } + //request Attribute Provider HttpResponse httpResultData = httpClient.execute(httpGetData); @@ -175,12 +184,15 @@ public class ReceiveConsentForAddtionalAttributesTask extends AbstractAuthServle if (Logger.isTraceEnabled()) { for (Header el : httpResultData.getAllHeaders()) - Logger.trace("Headername:" + el.getName() + " Value:" + el.getValue()); + Logger.trace("Resp. Headername:" + el.getName() + " Value:" + el.getValue()); } if (httpResultData.getStatusLine().getStatusCode() != 200) { Logger.info("eID4U Attr.Provider Service anwser with StatusCode:" + httpResultData.getStatusLine().getStatusCode() + " eID4U AP process stopping ... "); + if (httpResultData.getEntity().getContent() != null) + Logger.trace("StatusMessage: " + IOUtils.toString(httpResultData.getEntity().getContent(), "UTF-8")); + throw new eID4UAPException("eID4U Attr.Provider Service return statusCode: " + httpResultData.getStatusLine().getStatusCode(), null); } @@ -191,11 +203,13 @@ public class ReceiveConsentForAddtionalAttributesTask extends AbstractAuthServle new InputStreamReader(httpResultData.getEntity().getContent())); Logger.trace("FullAttrSet: " + fullAttrSet.toString()); + //populate eID4U attributes + populateEid4uAttributes(fullAttrSet.getAsJsonObject()); - //TODO: implement collection process - populateEid4uDummyAttributes(fullAttrSet.getAsJsonObject()); - - + //store pendingRequest + requestStoreage.storePendingRequest(pendingReq); + + } else Logger.debug("No eIDAS Request found. Skip eID4U attribute collection"); @@ -206,48 +220,17 @@ public class ReceiveConsentForAddtionalAttributesTask extends AbstractAuthServle } } - - private void populateEid4uDummyAttributes(JsonObject jsonObject) { + + private void populateEid4uAttributes(JsonObject jsonObject) throws EAAFStorageException { try { - eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress.Builder dummyAddr = PostalAddress.builder(); - dummyAddr.postCode("8020"); - dummyAddr.postName("Graz"); - dummyAddr.addressId("25"); - dummyAddr.cvAddressArea("Mustergasse"); - dummyAddr.locatorDesignator("25"); - dummyAddr.thoroughfare("Mustergasse"); - AuthenticationSessionWrapper session = pendingReq.getSessionData(AuthenticationSessionWrapper.class); - session.setGenericDataToSession(Definitions.IDTYPE_NAME, IdType.PASSPORT); - session.setGenericDataToSession(Definitions.IDNUMBER_NAME, "P0571414"); -// session.setGenericDataToSession(Definitions.IDISSUER_NAME, "Magistrat Nirgendwo"); -// session.setGenericDataToSession(Definitions.IDEXPIREDATE_NAME, "2020-01-01"); -// //session.setGenericDataToSession(Definitions.EHICID_NAME, "80010000012345678990"); -// session.setGenericDataToSession(Definitions.NATIONALITY_NAME, "AT"); -// session.setGenericDataToSession(Definitions.CITIZENSHIP_FRIENDLYNAME, "AT"); -// session.setGenericDataToSession(Definitions.MARITALSTATE_NAME, MaritalState.SINGLE); -// session.setGenericDataToSession(Definitions.COUNTRYOFBIRTH_NAME, "AT"); - session.setGenericDataToSession(Definitions.EMAIL_NAME, jsonObject.get("email").getAsString()); -// session.setGenericDataToSession(Definitions.PHONE_NAME, "+43666111222444"); -// session.setGenericDataToSession(Definitions.TEMPORARYADDRESS_NAME, dummyAddr.build()); - //session.setGenericDataToSession(Definitions.TAXIDENTIFICATIONNUMBER_NAME, "AT/1213454654718"); -// session.setGenericDataToSession(Definitions.HOMEINSTITUTIONNAME_NAME, "Graz Technical University"); -// session.setGenericDataToSession(Definitions.HOMEINSTITUTIONIDENTIFIER_NAME, "A GRAZ02"); -// session.setGenericDataToSession(Definitions.HOMEINSTITUTIONCOUNTRY_NAME, "AT"); -// session.setGenericDataToSession(Definitions.HOMEINSTITUTIONADDRESS_NAME, dummyAddr.build()); -// session.setGenericDataToSession(Definitions.CURRENTLEVELOFSTUDY_NAME, "7"); -// session.setGenericDataToSession(Definitions.FIELDOFSTUDY_NAME, "52"); - //session.setGenericDataToSession(Definitions.CURRENTDEGREE_NAME, "MsC"); -// session.setGenericDataToSession(Definitions.DEGREE_NAME, "6"); -// session.setGenericDataToSession(Definitions.DEGREEAWARDINGINSTITUTION_NAME, "Graz Technical University"); -// session.setGenericDataToSession(Definitions.GRADUATIONYEAR_NAME, "2016"); -// session.setGenericDataToSession(Definitions.DEGREECOUNTRY_NAME, "AT"); - - //TODO: not all attributes are populated with dummy values + Map<String, Object> eID4UAttributes = AttributeScopeMapper.getInstance().populateEid4uAttributesFromTugResponse(jsonObject); + for (Entry<String, Object> el : eID4UAttributes.entrySet()) + session.setGenericDataToSession(el.getKey(), el.getValue()); } catch (EAAFStorageException e) { - // TODO Auto-generated catch block - e.printStackTrace(); + Logger.warn("Can NOT inject authentication data into user object.", e); + throw e; } } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeNaturalPersonalIdentifier.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeNaturalPersonalIdentifier.java index f7e135bae..14ba239a1 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeNaturalPersonalIdentifier.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeNaturalPersonalIdentifier.java @@ -61,7 +61,7 @@ public class eIDASAttrRepresentativeNaturalPersonalIdentifier extends MandateNat throws AttributeBuilderException { try { - Pair<String, String> calcResult = internalBPKGenerator(oaParam, authData); + Pair<String, String> calcResult = getBpkForSp(oaParam, authData); if (calcResult != null) { String personalID = calcResult.getFirst(); String type = calcResult.getSecond(); diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/resources/resources/eID4U_TUG_scopes.map b/id/server/modules/moa-id-module-eIDAS/src/main/resources/resources/eID4U_TUG_scopes.map new file mode 100644 index 000000000..6a8a28dd4 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/resources/resources/eID4U_TUG_scopes.map @@ -0,0 +1,27 @@ +ANY@tugraz.idm.attr.Citizenship=http://eidas.europa.eu/attributes/sectorspecific/eid4u/naturalperson/Citizenship +ANY@tugraz.idm.attr.CityOfBirth=http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth +ANY@tugraz.idm.attr.CountryOfBirth=http://eidas.europa.eu/attributes/sectorspecific/eid4u/naturalperson/CountryOfBirth +ANY@tugraz.idm.attr.CurrentDegreeName=http://eidas.europa.eu/attributes/sectorspecific/eid4u/studies/CurrentDegree +ANY@tugraz.idm.attr.CurrentFieldOfStudy=http://eidas.europa.eu/attributes/sectorspecific/eid4u/studies/FieldOfStudy +ANY@tugraz.idm.attr.CurrentLevelOfStudy=http://eidas.europa.eu/attributes/sectorspecific/eid4u/studies/CurrentLevelOfStudy +ANY@tugraz.idm.attr.EmailStud=http://eidas.europa.eu/attributes/sectorspecific/eid4u/naturalperson/Email +ANY@tugraz.idm.attr.Gender=http://eidas.europa.eu/attributes/naturalperson/Gender +ANY@tugraz.idm.attr.HomeInstitutionName=http://eidas.europa.eu/attributes/sectorspecific/eid4u/studies/homeinstitution/Name +ANY@tugraz.idm.attr.HomeInstitutionCountry=http://eidas.europa.eu/attributes/sectorspecific/eid4u/studies/homeinstitution/Country + + +ANY@tugraz.idm.attr.HomeInstitutionAddressCountryCode=http://eidas.europa.eu/attributes/sectorspecific/eid4u/studies/homeinstitution/Address +ANY@tugraz.idm.attr.HomeInstitutionAddressPostalCode=http://eidas.europa.eu/attributes/sectorspecific/eid4u/studies/homeinstitution/Address +ANY@tugraz.idm.attr.HomeInstitutionAddressStreet=http://eidas.europa.eu/attributes/sectorspecific/eid4u/studies/homeinstitution/Address +ANY@tugraz.idm.attr.HomrInstitutionAddressCity=http://eidas.europa.eu/attributes/sectorspecific/eid4u/studies/homeinstitution/Address + + +ANY@tugraz.idm.attr.PermanentAddressCity=http://eidas.europa.eu/attributes/naturalperson/CurrentAddress +ANY@tugraz.idm.attr.PermanentAddressCountryCode=http://eidas.europa.eu/attributes/naturalperson/CurrentAddress +ANY@tugraz.idm.attr.PermanentAddressPostalCode=http://eidas.europa.eu/attributes/naturalperson/CurrentAddress +ANY@tugraz.idm.attr.PermanentAddressStreet=http://eidas.europa.eu/attributes/naturalperson/CurrentAddress + +ANY@tugraz.idm.attr.StudyAddressCity=http://eidas.europa.eu/attributes/sectorspecific/eid4u/naturalperson/TemporaryAddress +ANY@tugraz.idm.attr.StudyAddressCountryCode=http://eidas.europa.eu/attributes/sectorspecific/eid4u/naturalperson/TemporaryAddress +ANY@tugraz.idm.attr.StudyAddressPostalCode=http://eidas.europa.eu/attributes/sectorspecific/eid4u/naturalperson/TemporaryAddress +ANY@tugraz.idm.attr.StudyAddressStreet=http://eidas.europa.eu/attributes/sectorspecific/eid4u/naturalperson/TemporaryAddress
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-eIDAS/src/test/java/test/at/gv/egovernment/moa/id/modules/eidas/eid4u/AttributeScopeMapperTest.java b/id/server/modules/moa-id-module-eIDAS/src/test/java/test/at/gv/egovernment/moa/id/modules/eidas/eid4u/AttributeScopeMapperTest.java new file mode 100644 index 000000000..0daa90b40 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/test/java/test/at/gv/egovernment/moa/id/modules/eidas/eid4u/AttributeScopeMapperTest.java @@ -0,0 +1,253 @@ +package test.at.gv.egovernment.moa.id.modules.eidas.eid4u; + +import java.io.UnsupportedEncodingException; +import java.util.Base64; +import java.util.Map; + +import org.junit.Assert; +import org.junit.Test; + +import com.google.gson.JsonElement; +import com.google.gson.JsonParseException; +import com.google.gson.JsonParser; + +import at.gv.egiz.eid4u.api.attributes.Definitions; +import at.gv.egovernment.moa.id.auth.modules.eidas.eid4u.utils.AttributeScopeMapper; +import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress; + + +public class AttributeScopeMapperTest { + + private static final String TUG_AP_RESPONSE_B64 = "ewogICAiQU5ZQHR1Z3Jhei5pZG0uYXR0ci5Db3VudHJ5T2ZCaXJ0aCI6IiIsCiAgICJBTllAdHVncmF6LmlkbS5hdHRyLkN1cnJlbnREZWdyZWVOYW1lIjoiRHIudGVjaG4uIiwKICAgIkFOWUB0dWdyYXouaWRtLmF0dHIuQ3VycmVudEZpZWxkT2ZTdHVkeSI6IjA2ODg7OTk5OSIsCiAgICJBTllAdHVncmF6LmlkbS5hdHRyLkN1cnJlbnRMZXZlbE9mU3R1ZHkiOiI4IiwKICAgIkFOWUB0dWdyYXouaWRtLmF0dHIuRW1haWxTdHVkIjoidC5rZXJuQHN0dWRlbnQudHVncmF6LmF0IiwKICAgIkFOWUB0dWdyYXouaWRtLmF0dHIuSG9tZUluc3RpdHV0aW9uQWRkcmVzc0NvdW50cnlDb2RlIjoiQVQiLAogICAiQU5ZQHR1Z3Jhei5pZG0uYXR0ci5Ib21lSW5zdGl0dXRpb25BZGRyZXNzUG9zdGFsQ29kZSI6IjgwMTAiLAogICAiQU5ZQHR1Z3Jhei5pZG0uYXR0ci5Ib21lSW5zdGl0dXRpb25BZGRyZXNzU3RyZWV0IjoiUmVjaGJhdWVyc3RyYcOfZSAxMiIsCiAgICJBTllAdHVncmF6LmlkbS5hdHRyLkhvbWVJbnN0aXR1dGlvbkNvdW50cnkiOiJBVCIsCiAgICJBTllAdHVncmF6LmlkbS5hdHRyLkhvbWVJbnN0aXR1dGlvbk5hbWUiOiJHcmF6IFVuaXZlcnNpdHkgT2YgVGVjaG5vbG9neSIsCiAgICJBTllAdHVncmF6LmlkbS5hdHRyLkhvbWVJbnN0aXR1dGlvbkFkZHJlc3NDaXR5IjoiR3JheiIsCiAgICJBTllAdHVncmF6LmlkbS5hdHRyLlN0dWR5QWRkcmVzc0NpdHkiOiJGcm9obmxlaXRlbiIsCiAgICJBTllAdHVncmF6LmlkbS5hdHRyLlN0dWR5QWRkcmVzc1Bvc3RhbENvZGUiOiI4MTMwIiwKICAgIkFOWUB0dWdyYXouaWRtLmF0dHIuU3R1ZHlBZGRyZXNzQ291bnRyeUNvZGUiOiJBVCIsCiAgICJBTllAdHVncmF6LmlkbS5hdHRyLlN0dWR5QWRkcmVzc1N0cmVldCI6IkvDvGhhdSAyMiIKfQ=="; + + private AttributeScopeMapper mapper = null; + + @Test + public void dummyTest() throws Exception { + + + } + + @Test + public void checkTugApResponseMapping() throws JsonParseException, UnsupportedEncodingException { + JsonElement fullAttrSet = new JsonParser().parse(new String( + Base64.getDecoder().decode(TUG_AP_RESPONSE_B64.getBytes()), "UTF-8")); + + Map<String, Object> result = getMapper().populateEid4uAttributesFromTugResponse(fullAttrSet.getAsJsonObject()); + + Assert.assertTrue("eID4u attribte-table is EMPTY after mapping", !result.isEmpty()); + + Assert.assertTrue(result.containsKey(Definitions.COUNTRYOFBIRTH_NAME)); + Assert.assertEquals("", result.get(Definitions.COUNTRYOFBIRTH_NAME)); + + Assert.assertTrue(result.containsKey(Definitions.CURRENTDEGREE_NAME)); + Assert.assertEquals("Dr.techn.", result.get(Definitions.CURRENTDEGREE_NAME)); + + Assert.assertTrue(result.containsKey(Definitions.FIELDOFSTUDY_NAME)); + Assert.assertEquals("0688;9999", result.get(Definitions.FIELDOFSTUDY_NAME)); + + Assert.assertTrue(result.containsKey(Definitions.CURRENTLEVELOFSTUDY_NAME)); + Assert.assertEquals("8", result.get(Definitions.CURRENTLEVELOFSTUDY_NAME)); + + Assert.assertTrue(result.containsKey(Definitions.EMAIL_NAME)); + Assert.assertEquals("t.kern@student.tugraz.at", result.get(Definitions.EMAIL_NAME)); + + Assert.assertTrue(result.containsKey(Definitions.HOMEINSTITUTIONNAME_NAME)); + Assert.assertEquals("Graz University Of Technology", result.get(Definitions.HOMEINSTITUTIONNAME_NAME)); + + Assert.assertTrue(result.containsKey(Definitions.HOMEINSTITUTIONCOUNTRY_NAME)); + Assert.assertEquals("AT", result.get(Definitions.HOMEINSTITUTIONCOUNTRY_NAME)); + + Assert.assertTrue(result.containsKey(Definitions.HOMEINSTITUTIONADDRESS_NAME)); + checkComplexeAddress( + result.get(Definitions.HOMEINSTITUTIONADDRESS_NAME), + "AT", + "8010", + "Rechbauerstraße 12", + "Graz"); + + Assert.assertTrue(result.containsKey(Definitions.TEMPORARYADDRESS_NAME)); + checkComplexeAddress( + result.get(Definitions.TEMPORARYADDRESS_NAME), + "AT", + "8130", + "Kühau 22", + "Frohnleiten"); + + } + + private void checkComplexeAddress(Object toCheck, String cc, String postalCode, String Street, String city) { + Assert.assertNotNull(toCheck); + Assert.assertTrue(toCheck instanceof PostalAddress); + + PostalAddress addr = (PostalAddress)toCheck; + Assert.assertEquals(postalCode, addr.getPostCode()); + Assert.assertEquals(Street, addr.getCvAddressArea()); + Assert.assertEquals(Street, addr.getThoroughfare()); + Assert.assertEquals(city, addr.getPostName()); + + } + + @Test + public void checkCitizenship() throws Exception { + checkBasicMappingInitialization(Definitions.CITIZENSHIP_NAME, AttributeScopeMapper.Citizenship, false); + + } + + @Test + public void checkCityOfBirth() throws Exception { + checkBasicMappingInitialization(eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.PLACE_OF_BIRTH.getNameUri().toString(), AttributeScopeMapper.CityOfBirth, false); + + } + + @Test + public void checkCountryOfBirth() throws Exception { + checkBasicMappingInitialization(Definitions.COUNTRYOFBIRTH_NAME, AttributeScopeMapper.CountryOfBirth, false); + + } + + @Test + public void checkCurrentDegreeName() throws Exception { + checkBasicMappingInitialization(Definitions.CURRENTDEGREE_NAME, AttributeScopeMapper.CurrentDegreeName, false); + + } + + @Test + public void checkCurrentFieldOfStudy() throws Exception { + checkBasicMappingInitialization(Definitions.FIELDOFSTUDY_NAME, AttributeScopeMapper.CurrentFieldOfStudy, false); + } + + @Test + public void checkCurrentLevelOfStudy() throws Exception { + checkBasicMappingInitialization(Definitions.CURRENTLEVELOFSTUDY_NAME, AttributeScopeMapper.CurrentLevelOfStudy, false); + + } + + @Test + public void checkEmailStud() throws Exception { + checkBasicMappingInitialization(Definitions.EMAIL_NAME, AttributeScopeMapper.EmailStud, false); + + } + + @Test + public void checkGender() throws Exception { + checkBasicMappingInitialization(eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.GENDER.getNameUri().toString(), AttributeScopeMapper.Gender, false); + + } + + @Test + public void checkHomeInstitutionName() throws Exception { + checkBasicMappingInitialization(Definitions.HOMEINSTITUTIONNAME_NAME, AttributeScopeMapper.HomeInstitutionName, false); + + } + + @Test + public void checkHomeInstitutionCountry() throws Exception { + checkBasicMappingInitialization(Definitions.HOMEINSTITUTIONCOUNTRY_NAME, AttributeScopeMapper.HomeInstitutionCountry, false); + + } + + @Test + public void checkHomeInstitutionAddressCountryCode() throws Exception { + checkBasicMappingInitialization(Definitions.HOMEINSTITUTIONADDRESS_NAME, AttributeScopeMapper.HomeInstitutionAddressCountryCode, true); + + } + + @Test + public void checkHomeInstitutionAddressPostalCode() throws Exception { + checkBasicMappingInitialization(Definitions.HOMEINSTITUTIONADDRESS_NAME, AttributeScopeMapper.HomeInstitutionAddressPostalCode, true); + + } + + @Test + public void checkHomeInstitutionAddressStreet() throws Exception { + checkBasicMappingInitialization(Definitions.HOMEINSTITUTIONADDRESS_NAME, AttributeScopeMapper.HomeInstitutionAddressStreet, true); + + } + + @Test + public void checkHomeInstitutionAddressCity() throws Exception { + checkBasicMappingInitialization(Definitions.HOMEINSTITUTIONADDRESS_NAME, AttributeScopeMapper.HomeInstitutionAddressCity, true); + + } + + @Test + public void checkPermanentAddressCity() throws Exception { + checkBasicMappingInitialization(eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.CURRENT_ADDRESS.getNameUri().toString(), AttributeScopeMapper.PermanentAddressCity, true); + + } + + @Test + public void checkPermanentAddressCountryCode() throws Exception { + checkBasicMappingInitialization(eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.CURRENT_ADDRESS.getNameUri().toString(), AttributeScopeMapper.PermanentAddressCountryCode, true); + + } + + @Test + public void checkPermanentAddressPostalCode() throws Exception { + checkBasicMappingInitialization(eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.CURRENT_ADDRESS.getNameUri().toString(), AttributeScopeMapper.PermanentAddressPostalCode, true); + + } + + @Test + public void checkPermanentAddressStreet() throws Exception { + checkBasicMappingInitialization(eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.CURRENT_ADDRESS.getNameUri().toString(), AttributeScopeMapper.PermanentAddressStreet, true); + + } + + @Test + public void checkStudyAddressCity() throws Exception { + checkBasicMappingInitialization(Definitions.TEMPORARYADDRESS_NAME, AttributeScopeMapper.StudyAddressCity, true); + + } + + @Test + public void checkStudyAddressCountryCode() throws Exception { + checkBasicMappingInitialization(Definitions.TEMPORARYADDRESS_NAME, AttributeScopeMapper.StudyAddressCountryCode, true); + + } + + @Test + public void checkStudyAddressPostalCode() throws Exception { + checkBasicMappingInitialization(Definitions.TEMPORARYADDRESS_NAME, AttributeScopeMapper.StudyAddressPostalCode, true); + + } + + @Test + public void checkStudyAddressStreet() throws Exception { + checkBasicMappingInitialization(Definitions.TEMPORARYADDRESS_NAME, AttributeScopeMapper.StudyAddressStreet, true); + + } + + private void checkBasicMappingInitialization(String eid4Uattr, String scope, boolean isComplexe) { + Assert.assertTrue((getMapper().isComplexeScope(scope) == isComplexe)); + + String eid4UattrRes = getMapper().geteIDASAttrFromScope(scope); + Assert.assertEquals(eid4Uattr, eid4UattrRes); + + String scopeRes = getMapper().getTUGScopesForAttribute(eid4Uattr); + if (isComplexe) { + Assert.assertNotNull(scopeRes); + Assert.assertTrue(scopeRes.contains(scope)); + + } else + Assert.assertEquals(scope, scopeRes); + + } + + private void checkAddress() { + + + } + + private AttributeScopeMapper getMapper() { + if (mapper == null) + mapper = AttributeScopeMapper.getInstance(); + + return mapper; + } + + + + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/test/resources/SpringTest-context.xml b/id/server/modules/moa-id-module-eIDAS/src/test/resources/SpringTest-context.xml new file mode 100644 index 000000000..7af79d60c --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/test/resources/SpringTest-context.xml @@ -0,0 +1,12 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + +</beans> |