diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2016-08-16 07:08:00 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2016-08-16 07:08:00 +0200 |
commit | a9c3d654ebd5af475c1fb634d4fb03d8499218ee (patch) | |
tree | 5b79d73bc82a1fe8622c4e514b1b75a05ee4028f /id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java | |
parent | 2f880e1903fb24a32979d894967666b9406820a3 (diff) | |
download | moa-id-spss-a9c3d654ebd5af475c1fb634d4fb03d8499218ee.tar.gz moa-id-spss-a9c3d654ebd5af475c1fb634d4fb03d8499218ee.tar.bz2 moa-id-spss-a9c3d654ebd5af475c1fb634d4fb03d8499218ee.zip |
update eIDAS attribute generation from AuthData
Diffstat (limited to 'id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java')
-rw-r--r-- | id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java | 64 |
1 files changed, 42 insertions, 22 deletions
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java index 168cb42d9..033052eed 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java @@ -42,11 +42,16 @@ import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityProvider; import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetadataProvider; +import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SimpleEidasAttributeGenerator; import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationInterface; import at.gv.egovernment.moa.id.moduls.IAction; +import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator; +import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateLegalPersonFullNameAttributeBuilder; +import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateLegalPersonSourcePinAttributeBuilder; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; import eu.eidas.auth.commons.EidasStringUtil; @@ -72,6 +77,8 @@ import eu.eidas.auth.engine.xml.opensaml.SAMLEngineUtils; @Service("eIDASAuthenticationRequest") public class eIDASAuthenticationRequest implements IAction { + private static IAttributeGenerator<String> generator = new SimpleEidasAttributeGenerator(); + @Autowired protected MOAReversionLogger revisionsLogger; @Autowired(required=true) MOAeIDASChainingMetadataProvider eIDASMetadataProvider; @@ -85,29 +92,41 @@ public class eIDASAuthenticationRequest implements IAction { //gather attributes - ImmutableAttributeMap reqAttributeList = (ImmutableAttributeMap) eidasRequest.getEidasRequestedAttributes(); - + ImmutableAttributeMap reqAttributeList = (ImmutableAttributeMap) eidasRequest.getEidasRequestedAttributes(); ImmutableAttributeMap.Builder attrMapBuilder = ImmutableAttributeMap.builder(); - + + //TODO: if we support more then this minimum required attributes -> redesign to a smoother attribute builder selector for(AttributeDefinition<?> attr : reqAttributeList.getDefinitions()) { String newValue = ""; boolean isUniqueID = false; - // TODO make use of proper builder - - switch(attr.getFriendlyName()) { - case Constants.eIDAS_ATTR_DATEOFBIRTH: - newValue = new SimpleDateFormat("YYYY-MM-dd").format(authData.getDateOfBirth()); - break; - case Constants.eIDAS_ATTR_CURRENTFAMILYNAME: - newValue = authData.getFamilyName(); - break; - case Constants.eIDAS_ATTR_CURRENTGIVENNAME: - newValue = authData.getGivenName(); - break; - case Constants.eIDAS_ATTR_PERSONALIDENTIFIER: - newValue = authData.getBPK(); - isUniqueID = true; - break; + try { + switch(attr.getFriendlyName()) { + case Constants.eIDAS_ATTR_DATEOFBIRTH: + newValue = new SimpleDateFormat("YYYY-MM-dd").format(authData.getDateOfBirth()); + break; + case Constants.eIDAS_ATTR_CURRENTFAMILYNAME: + newValue = authData.getFamilyName(); + break; + case Constants.eIDAS_ATTR_CURRENTGIVENNAME: + newValue = authData.getGivenName(); + break; + case Constants.eIDAS_ATTR_PERSONALIDENTIFIER: + newValue = authData.getBPK(); + isUniqueID = true; + break; + case Constants.eIDAS_ATTR_LEGALPERSONIDENTIFIER: + newValue = new MandateLegalPersonSourcePinAttributeBuilder().build( + req.getOnlineApplicationConfiguration(), authData, generator); + break; + case Constants.eIDAS_ATTR_LEGALNAME: + newValue = new MandateLegalPersonFullNameAttributeBuilder().build( + req.getOnlineApplicationConfiguration(), authData, generator); + break; + + } + + } catch (AttributeException e) { + Logger.debug("Attribute can not generate requested attribute:" + attr.getFriendlyName() + " Reason:" + e.getMessage()); } @@ -115,10 +134,13 @@ public class eIDASAuthenticationRequest implements IAction { Logger.info("eIDAS Attr:" + attr.getNameUri() + " is not available."); } else { + //set uniqueIdentifier attribute, because eIDAS SAMLEngine use this flag to select the + // Subject->NameID value from this attribute Builder<?> attrBuilder = AttributeDefinition.builder(attr); attrBuilder.uniqueIdentifier(isUniqueID); AttributeDefinition<?> returnAttr = attrBuilder.build(); + //unmarshal attribute value into eIDAS attribute AttributeValueMarshaller<?> attributeValueMarshaller = returnAttr.getAttributeValueMarshaller(); ImmutableSet.Builder<AttributeValue<?>> builder = ImmutableSet.builder(); @@ -132,12 +154,10 @@ public class eIDASAuthenticationRequest implements IAction { } + //add attribute to Map attrMapBuilder.put((AttributeDefinition)returnAttr, (ImmutableSet) builder.build()); } - - - } // construct eIDaS response |