aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/moa-id-module-elga_mandate_service/src/main/java
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2016-03-09 09:15:03 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2016-03-09 09:15:03 +0100
commitf9020f47b60bc1cff6c671461924ba606ce87853 (patch)
treedd05ff3e0467293094253a495eb203e71a5d1be5 /id/server/modules/moa-id-module-elga_mandate_service/src/main/java
parentf66ed1831a4877d6c7cb3c55bbc3fd84024a1523 (diff)
downloadmoa-id-spss-f9020f47b60bc1cff6c671461924ba606ce87853.tar.gz
moa-id-spss-f9020f47b60bc1cff6c671461924ba606ce87853.tar.bz2
moa-id-spss-f9020f47b60bc1cff6c671461924ba606ce87853.zip
fix some problems in ELGA-mandate module
Diffstat (limited to 'id/server/modules/moa-id-module-elga_mandate_service/src/main/java')
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthConstants.java1
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ELGAInitializeBKUAuthenticationTask.java43
2 files changed, 41 insertions, 3 deletions
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthConstants.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthConstants.java
index f682913e6..acb0b3aa1 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthConstants.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthConstants.java
@@ -52,6 +52,7 @@ public class ELGAMandatesAuthConstants {
public static final String CONFIG_PROPS_ENTITYID = CONFIG_PROPS_PREFIX + "service.entityID";
public static final String CONFIG_PROPS_METADATAURL = CONFIG_PROPS_PREFIX + "service.metadataurl";
public static final String CONFIG_PROPS_METADATA_TRUSTPROFILE = CONFIG_PROPS_PREFIX + "service.metadata.trustprofileID";
+ public static final String CONFIG_PROPS_ALLOWED_MANDATE_TYPES = "service.mandateprofiles";
public static final String CONFIG_PROPS_KEYSTORE = CONFIG_PROPS_PREFIX + "keystore.path";
public static final String CONFIG_PROPS_KEYSTOREPASSWORD = CONFIG_PROPS_PREFIX + "keystore.password";
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ELGAInitializeBKUAuthenticationTask.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ELGAInitializeBKUAuthenticationTask.java
index 50bac3eab..03711aa40 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ELGAInitializeBKUAuthenticationTask.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ELGAInitializeBKUAuthenticationTask.java
@@ -22,6 +22,8 @@
*/
package at.gv.egovernment.moa.id.auth.modules.elgamandates.tasks;
+import java.util.List;
+
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -30,8 +32,10 @@ import org.springframework.stereotype.Component;
import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
+import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants;
import at.gv.egovernment.moa.id.auth.modules.internal.tasks.InitializeBKUAuthenticationTask;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.logging.Logger;
@@ -69,8 +73,7 @@ public class ELGAInitializeBKUAuthenticationTask extends InitializeBKUAuthentica
elgaMandateUsed = (boolean) elgaMandateUsedObj;
}
-
-
+
//check if both mandate Services are requested
if ( (misMandateUsed != null && misMandateUsed) &&
elgaMandateUsed ) {
@@ -79,8 +82,19 @@ public class ELGAInitializeBKUAuthenticationTask extends InitializeBKUAuthentica
}
- //remove MIS-Mandate flag and set useMandate flag to MOASession
+
if (elgaMandateUsed) {
+ //check mandateProfiles against ELGA-MandateService configuration
+ if (!checkServiceProviderAgainstELGAModulConfigration()) {
+ Logger.info("Service-Provider: " + pendingReq.getOnlineApplicationConfiguration().getPublicURLPrefix()
+ + " does not fulfill requirements to use ELGA-MandateService.");
+ throw new MOAIDException("service.10", new Object[]{
+ ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING,
+ "No valid mandate-profile defined"});
+
+ }
+
+ //remove MIS-Mandate flag and set useMandate flag to MOASession
Logger.debug("Authentication process select ELGA-MandateService.");
executionContext.remove(MOAIDAuthConstants.PARAM_USEMISMANDATE);
moasession.setUseMandates(elgaMandateUsed);
@@ -104,4 +118,27 @@ public class ELGAInitializeBKUAuthenticationTask extends InitializeBKUAuthentica
}
}
+
+ /**
+ * Check Service-Provider mandate-profiles against allowed mandate-profiles for ELGA MandateService.
+ *
+ * @return true, if ELGA mandateservice is allowed, otherwise false
+ */
+ private boolean checkServiceProviderAgainstELGAModulConfigration() {
+ String allowedMandateTypesCSV =
+ authConfig.getBasicMOAIDConfiguration(ELGAMandatesAuthConstants.CONFIG_PROPS_ALLOWED_MANDATE_TYPES);
+ List<String> allowedMandateTypes = KeyValueUtils.getListOfCSVValues(allowedMandateTypesCSV);
+ List<String> spMandateProfiles = pendingReq.getOnlineApplicationConfiguration().getMandateProfiles();
+
+ boolean isELGAMandateServiceAllowed = false;
+ if (spMandateProfiles != null) {
+ for (String el : allowedMandateTypes) {
+ if (spMandateProfiles.contains(el))
+ isELGAMandateServiceAllowed = true;
+
+ }
+ }
+
+ return isELGAMandateServiceAllowed;
+ }
}