diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2016-03-09 09:15:03 +0100 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2016-03-09 09:15:03 +0100 |
commit | f9020f47b60bc1cff6c671461924ba606ce87853 (patch) | |
tree | dd05ff3e0467293094253a495eb203e71a5d1be5 /id/server/modules/moa-id-module-elga_mandate_service/src/main | |
parent | f66ed1831a4877d6c7cb3c55bbc3fd84024a1523 (diff) | |
download | moa-id-spss-f9020f47b60bc1cff6c671461924ba606ce87853.tar.gz moa-id-spss-f9020f47b60bc1cff6c671461924ba606ce87853.tar.bz2 moa-id-spss-f9020f47b60bc1cff6c671461924ba606ce87853.zip |
fix some problems in ELGA-mandate module
Diffstat (limited to 'id/server/modules/moa-id-module-elga_mandate_service/src/main')
2 files changed, 41 insertions, 3 deletions
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthConstants.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthConstants.java index f682913e6..acb0b3aa1 100644 --- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthConstants.java +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthConstants.java @@ -52,6 +52,7 @@ public class ELGAMandatesAuthConstants { public static final String CONFIG_PROPS_ENTITYID = CONFIG_PROPS_PREFIX + "service.entityID"; public static final String CONFIG_PROPS_METADATAURL = CONFIG_PROPS_PREFIX + "service.metadataurl"; public static final String CONFIG_PROPS_METADATA_TRUSTPROFILE = CONFIG_PROPS_PREFIX + "service.metadata.trustprofileID"; + public static final String CONFIG_PROPS_ALLOWED_MANDATE_TYPES = "service.mandateprofiles"; public static final String CONFIG_PROPS_KEYSTORE = CONFIG_PROPS_PREFIX + "keystore.path"; public static final String CONFIG_PROPS_KEYSTOREPASSWORD = CONFIG_PROPS_PREFIX + "keystore.password"; diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ELGAInitializeBKUAuthenticationTask.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ELGAInitializeBKUAuthenticationTask.java index 50bac3eab..03711aa40 100644 --- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ELGAInitializeBKUAuthenticationTask.java +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ELGAInitializeBKUAuthenticationTask.java @@ -22,6 +22,8 @@ */ package at.gv.egovernment.moa.id.auth.modules.elgamandates.tasks; +import java.util.List; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -30,8 +32,10 @@ import org.springframework.stereotype.Component; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants; import at.gv.egovernment.moa.id.auth.modules.internal.tasks.InitializeBKUAuthenticationTask; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.logging.Logger; @@ -69,8 +73,7 @@ public class ELGAInitializeBKUAuthenticationTask extends InitializeBKUAuthentica elgaMandateUsed = (boolean) elgaMandateUsedObj; } - - + //check if both mandate Services are requested if ( (misMandateUsed != null && misMandateUsed) && elgaMandateUsed ) { @@ -79,8 +82,19 @@ public class ELGAInitializeBKUAuthenticationTask extends InitializeBKUAuthentica } - //remove MIS-Mandate flag and set useMandate flag to MOASession + if (elgaMandateUsed) { + //check mandateProfiles against ELGA-MandateService configuration + if (!checkServiceProviderAgainstELGAModulConfigration()) { + Logger.info("Service-Provider: " + pendingReq.getOnlineApplicationConfiguration().getPublicURLPrefix() + + " does not fulfill requirements to use ELGA-MandateService."); + throw new MOAIDException("service.10", new Object[]{ + ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING, + "No valid mandate-profile defined"}); + + } + + //remove MIS-Mandate flag and set useMandate flag to MOASession Logger.debug("Authentication process select ELGA-MandateService."); executionContext.remove(MOAIDAuthConstants.PARAM_USEMISMANDATE); moasession.setUseMandates(elgaMandateUsed); @@ -104,4 +118,27 @@ public class ELGAInitializeBKUAuthenticationTask extends InitializeBKUAuthentica } } + + /** + * Check Service-Provider mandate-profiles against allowed mandate-profiles for ELGA MandateService. + * + * @return true, if ELGA mandateservice is allowed, otherwise false + */ + private boolean checkServiceProviderAgainstELGAModulConfigration() { + String allowedMandateTypesCSV = + authConfig.getBasicMOAIDConfiguration(ELGAMandatesAuthConstants.CONFIG_PROPS_ALLOWED_MANDATE_TYPES); + List<String> allowedMandateTypes = KeyValueUtils.getListOfCSVValues(allowedMandateTypesCSV); + List<String> spMandateProfiles = pendingReq.getOnlineApplicationConfiguration().getMandateProfiles(); + + boolean isELGAMandateServiceAllowed = false; + if (spMandateProfiles != null) { + for (String el : allowedMandateTypes) { + if (spMandateProfiles.contains(el)) + isELGAMandateServiceAllowed = true; + + } + } + + return isELGAMandateServiceAllowed; + } } |