diff options
author | Thomas Knall <t.knall@datentechnik-innovation.com> | 2015-01-29 10:56:18 +0100 |
---|---|---|
committer | Thomas Knall <t.knall@datentechnik-innovation.com> | 2015-01-29 10:56:18 +0100 |
commit | 8579cf80c3602f963566d31eaf04f59f68d3bf11 (patch) | |
tree | 646ee6eeed14725058e3d17d89d68f310ff02653 /id/server/idserverlib/src/main/resources | |
parent | e32765da563770ca209943fe14b84cc71c2d2aac (diff) | |
download | moa-id-spss-8579cf80c3602f963566d31eaf04f59f68d3bf11.tar.gz moa-id-spss-8579cf80c3602f963566d31eaf04f59f68d3bf11.tar.bz2 moa-id-spss-8579cf80c3602f963566d31eaf04f59f68d3bf11.zip |
Add STORK process (MOAID-58).
- Add STORKAuthentication.process.xml
- Add PepsConnectorTask using code from PEPSConnectorServlet.
- Split code from PEPSConnectorWithLocalSigningServlet into PepsConnectorHandleResponseWithoutSignatureTask and PepsConnectorHandleLocalSignResponseTask.
- Replace SpringExpressionEvaluator within applicationContext.xml with SpringWebExpressionEvaluator (allowing expressions using request parameter(s)).
- Make servlet mappings /PEPSConnectorWithLocalSigning and /PEPSConnector point to the process engine signaling servlet.
- Add many FIXMEs marking problematic code.
- Move code to start stork authentication from StartAuthenticationBuilder to CreateStorkAuthRequestFormTask.
- Mark PEPSConnectorServlet and PEPSConnectorWithLocalSigningServlet deprecated.
- Remove @author tknall from classes assembled using existing (bogus) code.
Diffstat (limited to 'id/server/idserverlib/src/main/resources')
3 files changed, 34 insertions, 2 deletions
diff --git a/id/server/idserverlib/src/main/resources/resources/processes/DefaultAuthentication.process.xml b/id/server/idserverlib/src/main/resources/resources/processes/DefaultAuthentication.process.xml index 48c9ee56c..b7d0d0f8b 100644 --- a/id/server/idserverlib/src/main/resources/resources/processes/DefaultAuthentication.process.xml +++ b/id/server/idserverlib/src/main/resources/resources/processes/DefaultAuthentication.process.xml @@ -2,7 +2,7 @@ <pd:ProcessDefinition id="DefaultAuthentication" xmlns:pd="http://www.datentechnik.com/process-engine/processdefinition/v1">
<!--
- - National authentication with Austrian Citizen Card and mobile signature.
+ - National authentication with Austrian Citizen Card and mobile signature with our without mandate.
- Legacy authentication for foreign citizens using MOCCA supported signature cards.
-->
<pd:Task id="createIdentityLinkForm" class="at.gv.egovernment.moa.id.auth.tasks.CreateIdentityLinkFormTask" />
@@ -21,7 +21,7 @@ <pd:Transition from="createIdentityLinkForm" to="verifyIdentityLink" />
- <pd:Transition from="verifyIdentityLink" to="certificateReadRequest" conditionExpression="!ctx['identityLinkFound'] || ctx['useMandate']" />
+ <pd:Transition from="verifyIdentityLink" to="certificateReadRequest" conditionExpression="!ctx['identityLinkAvailable'] || ctx['useMandate']" />
<pd:Transition from="verifyIdentityLink" to="prepareAuthBlockSignature" />
<pd:Transition from="prepareAuthBlockSignature" to="verifyAuthBlock" />
diff --git a/id/server/idserverlib/src/main/resources/resources/processes/STORKAuthentication.process.xml b/id/server/idserverlib/src/main/resources/resources/processes/STORKAuthentication.process.xml new file mode 100644 index 000000000..592603457 --- /dev/null +++ b/id/server/idserverlib/src/main/resources/resources/processes/STORKAuthentication.process.xml @@ -0,0 +1,29 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<pd:ProcessDefinition id="STORKAuthentication" xmlns:pd="http://www.datentechnik.com/process-engine/processdefinition/v1">
+
+<!--
+ - STORK authentication both with C-PEPS supporting xml signatures and with C-PEPS not supporting xml signatures.
+-->
+ <pd:Task id="createStorkAuthRequestForm" class="at.gv.egovernment.moa.id.auth.tasks.stork.CreateStorkAuthRequestFormTask" />
+ <pd:Task id="pepsConnector" class="at.gv.egovernment.moa.id.auth.tasks.stork.PepsConnectorTask" async="true" />
+ <pd:Task id="pepsConnectorWithoutSignature" class="at.gv.egovernment.moa.id.auth.tasks.stork.PepsConnectorHandleResponseWithoutSignatureTask" async="true" />
+ <pd:Task id="pepsConnectorWithLocalSignature" class="at.gv.egovernment.moa.id.auth.tasks.stork.PepsConnectorHandleLocalSignResponseTask" async="true" />
+
+ <!-- Process is triggered either by GenerateIFrameTemplateServlet (upon bku selection) or by AuthenticationManager (upon legacy authentication start using legacy parameters. -->
+ <pd:StartEvent id="start" />
+
+ <pd:Transition from="start" to="createStorkAuthRequestForm" />
+
+ <pd:Transition from="createStorkAuthRequestForm" to="pepsConnector" conditionExpression="ctx['C-PEPS:XMLSignatureSupported']" />
+ <pd:Transition from="createStorkAuthRequestForm" to="pepsConnectorWithoutSignature" />
+
+ <pd:Transition from="pepsConnector" to="pepsConnector" conditionExpression="!ctx['identityLinkAvailable']" /> <!-- honor strange intermediate step of asking for the subject's gender -->
+ <pd:Transition from="pepsConnector" to="end" />
+
+ <pd:Transition from="pepsConnectorWithoutSignature" to="pepsConnectorWithLocalSignature" />
+ <pd:Transition from="pepsConnectorWithLocalSignature" to="pepsConnectorWithoutSignature" conditionExpression="!ctx['identityLinkAvailable']" /> <!-- honor strange intermediate step of asking for the subject's gender -->
+ <pd:Transition from="pepsConnectorWithLocalSignature" to="end" />
+
+ <pd:EndEvent id="end" />
+
+</pd:ProcessDefinition>
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties index 232f53559..8807d4ce0 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties @@ -229,6 +229,9 @@ stork.18=STORK-SAML Engine konnte nicht initialisiert werden. stork.19=Das erforderliche Attribut ist f\u00FCr naturliche Personen nicht vorhanden\: {0}
stork.20=Fehler bei der Datenkonversion - eingegebens Datum fehlerhaft
stork.21=Der angeforderte QAA-level {0} ist h\u00F6her als der QAA-level der Authentifizierung {1}
+stork.22=Der STORK Authentifizierung erfordert die Auswahl des Herkunftslandes der Betroffenen.
+stork.23=Die STORK Authentifizierung f\u00FCr "{0}" wird nicht unterst\u00FCtzt.
+stork.24=Die STORK Authentifizierungsantwort enth\uFFFDlt leere Angaben zum Geschlecht.
pvp2.00={0} ist kein gueltiger consumer service index
pvp2.01=Fehler beim kodieren der PVP2 Antwort
|