diff options
| author | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2021-09-14 12:37:14 +0200 |
|---|---|---|
| committer | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2021-09-14 12:37:14 +0200 |
| commit | 664c9bcffc537dc206140f03ca0a7c9b81b396cd (patch) | |
| tree | ec6172b240fc610a08b7c0dd92806cc564205544 | |
| parent | e0f2c884de659fb1bd3670bdc1ac04edf2382552 (diff) | |
| download | moa-id-spss-664c9bcffc537dc206140f03ca0a7c9b81b396cd.tar.gz moa-id-spss-664c9bcffc537dc206140f03ca0a7c9b81b396cd.tar.bz2 moa-id-spss-664c9bcffc537dc206140f03ca0a7c9b81b396cd.zip | |
update EHVD communication-task to implement new requirements from BRZ
5 files changed, 90 insertions, 13 deletions
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java index 035e59387..d1f7c47b2 100644 --- a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java @@ -42,6 +42,18 @@ public class ConfigurationProperties { public static final String DEFAULT_EHVD_SERVICE_TARGET = EAAFConstants.URN_PREFIX_CDID + "GH"; + + //TODO: define custom EHVD SAML2 attributes + public static final String ATTRIBUTE_URN_EHVD_PREFIX = "urn:brzgvat:attributes.ehvd."; + public static final String ATTRIBUTE_URN_EHVD_TITLE = ATTRIBUTE_URN_EHVD_PREFIX + "title"; + public static final String ATTRIBUTE_URN_EHVD_FIRSTNAME = ATTRIBUTE_URN_EHVD_PREFIX + "firstname"; + public static final String ATTRIBUTE_URN_EHVD_SURNAME = ATTRIBUTE_URN_EHVD_PREFIX + "surname"; + public static final String ATTRIBUTE_URN_EHVD_ZIPCODE = ATTRIBUTE_URN_EHVD_PREFIX + "zip"; + public static final String ATTRIBUTE_URN_EHVD_STATE = ATTRIBUTE_URN_EHVD_PREFIX + "state"; + public static final String ATTRIBUTE_URN_EHVD_ID = ATTRIBUTE_URN_EHVD_PREFIX + "id"; + public static final String ATTRIBUTE_URN_EHVD_OTHERID = ATTRIBUTE_URN_EHVD_PREFIX + "otherid"; + + private ConfigurationProperties() { // hide constructor or static class } diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java index 900adaff7..cf58fe718 100644 --- a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java @@ -83,7 +83,7 @@ public class EhvdCommunicationService implements IEhvdCommunication { */ @Override @Nonnull - public List<String> getRoles(IIdentityLink identityLink) throws AuthenticationException, + public EhvdResponseHolder getRoles(IIdentityLink identityLink) throws AuthenticationException, EAAFBuilderException { // get bPK for EHVD request @@ -96,7 +96,7 @@ public class EhvdCommunicationService implements IEhvdCommunication { final GdaIndexResponse gdaResp = requestingGda(ehvdBpk.getFirst()); // parse roles from response - return parseGdaResponse(gdaResp); + return EhvdResponseHolder.getInstance(gdaResp.getGda(), parseGdaResponse(gdaResp)); } @@ -287,7 +287,33 @@ public class EhvdCommunicationService implements IEhvdCommunication { http.getClient().setProxyServerPort(Integer.valueOf(socksPort)); } - } + public static class EhvdResponseHolder { + final List<String> roles; + final GdaDescriptor fullGdaResponse; + + + public static EhvdResponseHolder getInstance(GdaDescriptor gdaInfo, List<String> processedRoles) { + return new EhvdResponseHolder(gdaInfo, processedRoles); + + } + + private EhvdResponseHolder(GdaDescriptor gdaInfo, List<String> processedRoles) { + this.roles = processedRoles; + this.fullGdaResponse = gdaInfo; + + } + + public List<String> getRoles() { + return roles; + } + + public GdaDescriptor getFullGdaResponse() { + return fullGdaResponse; + } + + + + } } diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java index 2d9291ed7..6b7c7e2f5 100644 --- a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java @@ -1,10 +1,9 @@ package at.gv.egovernment.moa.id.auth.modules.ehvd.service; -import java.util.List; - import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.service.EhvdCommunicationService.EhvdResponseHolder; public interface IEhvdCommunication { @@ -12,10 +11,10 @@ public interface IEhvdCommunication { * Get user's GDA roles from EHVD Service. * * @param identityLink IdentityLink of the user - * @return {@link List} of Roles that are received from EHVD + * @return {@link EhvdResponseHolder} that contains the Roles received from EHVD and the full GDA response * @throws AuthenticationException In case of an EHVD communication error * @throws EAAFBuilderException In case of a bPK generation error */ - List<String> getRoles(IIdentityLink identityLink) throws AuthenticationException, EAAFBuilderException; + EhvdResponseHolder getRoles(IIdentityLink identityLink) throws AuthenticationException, EAAFBuilderException; }
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java index 8f22c6ffc..ee5dbb2fd 100644 --- a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java @@ -37,6 +37,8 @@ import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.service.EhvdCommunicationService.EhvdResponseHolder; import at.gv.egovernment.moa.id.auth.modules.ehvd.service.IEhvdCommunication; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.logging.Logger; @@ -72,12 +74,16 @@ public class InjectEhvdInformationTask extends AbstractAuthServletTask { validateInternalState(session); // requesting roles from EHVD - final List<String> ehvdRoles = ehvdService.getRoles(session.getIdentityLink()); + final EhvdResponseHolder ehvdResponse = ehvdService.getRoles(session.getIdentityLink()); // inject EHVD roles session.setGenericDataToSession(PVPAttributeDefinitions.ROLES_NAME, - StringUtils.join(ehvdRoles, ";")); + StringUtils.join(ehvdResponse.getRoles(), ";")); + // inject full EHVD response + session.setGenericDataToSession(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, + ehvdResponse.getFullGdaResponse()); + // store MOASession into database requestStoreage.storePendingRequest(pendingReq); diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java index adedd1d02..818a2c34b 100644 --- a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java @@ -1,8 +1,10 @@ package at.gv.egovernment.moa.id.auth.modules.ehvd.test.tasks; +import static org.hamcrest.CoreMatchers.instanceOf; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.when; @@ -61,11 +63,14 @@ import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVD; import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDARoles; import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDAStatus; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaAddress; import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaIndexResponse; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier; import at.gv.egovernment.moa.id.auth.modules.ehvd.task.InjectEhvdInformationTask; import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap; import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.TestUtils; @@ -251,7 +256,7 @@ public class InjectEhvdIdentityInformationTaskTest { assertFalse("foreign", moaSession.isForeigner()); assertFalse("mandate", moaSession.isMandateUsed()); - assertEquals("missing attributes", 1, moaSession.getGenericSessionDataStorage().size()); + assertEquals("missing attributes", 2, moaSession.getGenericSessionDataStorage().size()); assertNotNull("no Role attr", moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME)); assertEquals("wrong role attr", "EPI-GDA()", @@ -278,7 +283,7 @@ public class InjectEhvdIdentityInformationTaskTest { assertFalse("foreign", moaSession.isForeigner()); assertFalse("mandate", moaSession.isMandateUsed()); - assertEquals("missing attributes", 1, moaSession.getGenericSessionDataStorage().size()); + assertEquals("missing attributes", 2, moaSession.getGenericSessionDataStorage().size()); assertNotNull("no Role attr", moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME)); assertEquals("wrong role attr", "EPI-GDA()", @@ -292,7 +297,8 @@ public class InjectEhvdIdentityInformationTaskTest { String role1 = "1.2.40.0.33.5.2.101"; String role2 = "1.2.40.0.34.5.2:158"; String role3 = RandomStringUtils.randomAlphabetic(10); - when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(true, Arrays.asList(role1, role2, role3))); + GdaIndexResponse gdaResponse = generateGdaResponse(true, Arrays.asList(role1, role2, role3)); + when(ehvdService.getGDA(any())).thenReturn(gdaResponse); task.execute(pendingReq, context); @@ -305,11 +311,17 @@ public class InjectEhvdIdentityInformationTaskTest { assertFalse("foreign", moaSession.isForeigner()); assertFalse("mandate", moaSession.isMandateUsed()); - assertEquals("missing attributes", 1, moaSession.getGenericSessionDataStorage().size()); + assertEquals("missing attributes", 2, moaSession.getGenericSessionDataStorage().size()); assertNotNull("no Role attr", moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME)); assertEquals("wrong role attr", "EPI-GDA()", moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME, String.class)); + + assertNotNull("no full GDA response", + moaSession.getGenericDataFromSession(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX)); + assertTrue("wrong GDA response type", + moaSession.getGenericDataFromSession(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX) instanceof GdaDescriptor); + } @@ -322,6 +334,20 @@ public class InjectEhvdIdentityInformationTaskTest { gda.setStatus(status); status.setEhvdstatus(isActive ? "Aktiv" : "Inaktiv"); + gda.setFirstname(RandomStringUtils.randomAlphabetic(5)); + gda.setSurname(RandomStringUtils.randomAlphabetic(5)); + gda.setTitle(RandomStringUtils.randomAlphabetic(5)); + + InstanceIdentifier id = new InstanceIdentifier(); + id.setId(RandomStringUtils.randomAlphabetic(5)); + gda.setId(id); + + gda.getOtherID().add(RandomStringUtils.randomAlphabetic(5)); + gda.getOtherID().add(RandomStringUtils.randomAlphabetic(5)); + + gda.getAddress().add(generateAddress()); + gda.getAddress().add(generateAddress()); + GDARoles gdaRoles = new GDARoles(); gda.setRoles(gdaRoles); gdaRoles.getRole().addAll(roles); @@ -329,6 +355,14 @@ public class InjectEhvdIdentityInformationTaskTest { return resp; } + private GdaAddress generateAddress() { + GdaAddress address = new GdaAddress(); + address.setZip(RandomStringUtils.randomNumeric(4)); + address.setState(RandomStringUtils.randomAlphabetic(10)); + return address; + + } + private SOAPFault generateSoaFault(String msg) { return new SOAPFault() { |