add support of additional eIDAS attributes by using a simple configuration file

1 files changed, 31 insertions, 2 deletions

diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java
index 70135c06f..edbecc4a0 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java
@@ -23,6 +23,8 @@
 package at.gv.egovernment.moa.id.auth.modules.eidas.utils;
 
 import java.io.InputStream;
+import java.net.MalformedURLException;
+import java.net.URL;
 import java.util.HashMap;
 import java.util.Map;
 
@@ -36,8 +38,13 @@ import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAEidasProtocolProces
 import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetadataProvider;
 import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASMetadataProviderDecorator;
 import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASEngineException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
 import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.FileUtils;
+import at.gv.egovernment.moa.util.MiscUtil;
 import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.AttributeRegistries;
+import eu.eidas.auth.commons.attribute.AttributeRegistry;
 import eu.eidas.auth.engine.ProtocolEngineI;
 import eu.eidas.auth.engine.SamlEngineSystemClock;
 import eu.eidas.auth.engine.metadata.MetadataFetcherI;
@@ -62,6 +69,7 @@ public class SAMLEngineUtils {
 		
 		if (eIDASEngine == null) {
 			try {
+			
 				//get eIDAS SAMLengine configuration from MOA-ID configuration
 				CertificateConfigurationManager configManager = new MOAIDCertificateManagerConfigurationImpl();
 								
@@ -70,12 +78,25 @@ public class SAMLEngineUtils {
 								
 				//set metadata signer	
 				metadataSigner = new MOAExtendedSWSigner(configManager);
-								 
+				
+				//load additional eIDAS attribute definitions
+				String additionalAttributeConfigFile = 
+						AuthConfigurationProviderFactory.getInstance().getBasicMOAIDConfiguration(
+								Constants.CONIG_PROPS_EIDAS_SAMLENGINE_ATTIONAL_ATTRIBUTE_DEFINITIONS);
+				AttributeRegistry addAttrDefinitions = AttributeRegistries.empty();				
+				if (MiscUtil.isNotEmpty(additionalAttributeConfigFile)) {
+					URL addAttrConfigUrl = new URL(FileUtils.makeAbsoluteURL(
+							additionalAttributeConfigFile,
+							AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir()));					
+					addAttrDefinitions = AttributeRegistries.fromFile(addAttrConfigUrl.getPath());
+					
+				}
+								
 				//build eIDAS SAML eninge
 				ProtocolEngineI engine = MOAProtocolEngineFactory.createProtocolEngine(
 						Constants.eIDAS_SAML_ENGINE_NAME, 
 						configManager, 
-						new MOAEidasProtocolProcesser(metadataFetcher, metadataSigner), 
+						new MOAEidasProtocolProcesser(metadataFetcher, metadataSigner, addAttrDefinitions), 
 						new SamlEngineSystemClock());
 				
 				//build a map with all actually supported attributes
@@ -93,6 +114,14 @@ public class SAMLEngineUtils {
 				Logger.error("eIDAS SAMLengine initialization FAILED!", e);
 				throw new EIDASEngineException("eIDAS.00", new Object[]{e.getMessage()}, e);
 				
+			} catch (at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException e) {				
+				Logger.error("eIDAS SAMLengine initialization FAILED!", e);
+				throw new EIDASEngineException("eIDAS.00", new Object[]{e.getMessage()}, e);
+				
+			} catch (MalformedURLException e) {
+				Logger.error("eIDAS SAMLengine initialization FAILED!", e);
+				throw new EIDASEngineException("eIDAS.00", new Object[]{e.getMessage()}, e);
+				
 			}
 		}