diff options
3 files changed, 109 insertions, 66 deletions
| diff --git a/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_VIDP.xml b/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_VIDP.xml index 5aff0d1fa..688ff0f19 100644 --- a/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_VIDP.xml +++ b/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_VIDP.xml @@ -23,10 +23,7 @@  	<!--Only HTTP-POST binding is only supported for inter PEPS-->  	<!--The SOAP binding is only supported for direct communication between SP-MW and VIdP--> -	<entry key="protocolBinding">HTTP-POST</entry> -	 -	 -	 +	<entry key="protocolBinding">HTTP-POST</entry>	  	<!--URI representing the classification of the identifier  		Allow values: 'entity'. @@ -36,25 +33,26 @@  	--> -	  	<!-- A friendly name for the attribute that can be displayed to a user -->  	<entry key="friendlyName">false</entry>  	<!-- A friendly name for the attribute that can be displayed to a user -->  	<entry key="isRequired">true</entry> -	<!--PEPS in the Service Provider's country--> -	<entry key="requester">http://S-PEPS.gov.xx</entry> +        <!--PEPS in the Service Provider's country--> +        <entry key="requester">https://testvidp.buergerkarte.at/moa-id-auth/stork2/SendPEPSAuthnRequest</entry> -	<!--PEPS in the citizen's origin country--> -	<entry key="responder">http://C-PEPS.gov.xx</entry> +        <!--PEPS in the citizen's origin country--> +        <entry key="responder">https://testvidp.buergerkarte.at/moa-id-auth/stork2/SendPEPSAuthnRequest</entry>  	<!--Subject cannot be confirmed on or after this seconds time (positive number)--> -	<entry key="timeNotOnOrAfter">300</entry> +	<entry key="timeNotOnOrAfter">600</entry>  	<!--Validation IP of the response-->  	<entry key="ipAddrValidation">false</entry> -	 + +        <!--One time use--> +        <entry key="oneTimeUse">true</entry>	  	<!--Subject Attribute Definitions-->  	<entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry> @@ -73,7 +71,6 @@  	<entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>  	<entry key="age">http://www.stork.gov.eu/1.0/age</entry>  	<entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry> -  <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry>  	<entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>  	<entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry> @@ -86,10 +83,34 @@  	<entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>  	<entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry> -	<entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry> -	<entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry> -	<entry key="representative">http://www.stork.gov.eu/1.0/representative</entry> -	<entry key="represented">http://www.stork.gov.eu/1.0/represented</entry> -        <entry key="mandateType">http://www.stork.gov.eu/1.0/mandateType</entry> -	 +        <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry> + + +        <entry key="diplomaSupplement">http://www.stork.gov.eu/1.0/diplomaSupplement</entry> +        <entry key="currentStudiesSupplement">http://www.stork.gov.eu/1.0/currentStudiesSupplement</entry> +        <entry key="isStudent">http://www.stork.gov.eu/1.0/isStudent</entry> +        <entry key="isAcademicStaff">http://www.stork.gov.eu/1.0/isAcademicStaff</entry> +        <entry key="isTeacherOf">http://www.stork.gov.eu/1.0/isTeacherOf</entry> +        <entry key="isCourseCoordinator">http://www.stork.gov.eu/1.0/isCourseCoordinator</entry> +        <entry key="isAdminStaff">http://www.stork.gov.eu/1.0/isAdminStaff</entry> +        <entry key="habilitation">http://www.stork.gov.eu/1.0/habilitation</entry> +        <entry key="Title">http://www.stork.gov.eu/1.0/Title</entry> +        <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry> +        <entry key="hasAccountInBank">http://www.stork.gov.eu/1.0/hasAccountInBank</entry> +        <entry key="isHealthCareProfessional">http://www.stork.gov.eu/1.0/isHealthCareProfessional</entry> + +        <entry key="eLPIdentifier">http://www.stork.gov.eu/1.0/eLPIdentifier</entry> +        <entry key="legalName">http://www.stork.gov.eu/1.0/legalName</entry> +        <entry key="alternativeName">http://www.stork.gov.eu/1.0/alternativeName</entry> +        <entry key="type">http://www.stork.gov.eu/1.0/type</entry> +        <entry key="translatableType">http://www.stork.gov.eu/1.0/translatableType</entry> +        <entry key="status">http://www.stork.gov.eu/1.0/status</entry> +        <entry key="activity">http://www.stork.gov.eu/1.0/activity</entry> +        <entry key="registeredAddress">http://www.stork.gov.eu/1.0/registeredAddress</entry> +        <entry key="registeredCanonicalAddress">http://www.stork.gov.eu/1.0/registeredCanonicalAddress</entry> +        <entry key="contactInformation">http://www.stork.gov.eu/1.0/contactInformation</entry> +        <entry key="LPFiscalNumber">http://www.stork.gov.eu/1.0/LPFiscalNumber</entry> +        <entry key="mandate">http://www.stork.gov.eu/1.0/mandate</entry> +	<entry key="docRequest">http://www.stork.gov.eu/1.0/docRequest</entry> +  </properties> diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java index 811d828e1..95b59314d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java @@ -1,12 +1,11 @@  package at.gv.egovernment.moa.id.protocols.stork2; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;  import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;  import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.data.SLOInformationInterface;  import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;  import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.data.IAuthData; +import at.gv.egovernment.moa.id.data.SLOInformationInterface;  import at.gv.egovernment.moa.id.moduls.IAction;  import at.gv.egovernment.moa.id.moduls.IRequest;  import at.gv.egovernment.moa.logging.Logger; @@ -14,9 +13,10 @@ import eu.stork.peps.auth.commons.IPersonalAttributeList;  import eu.stork.peps.auth.commons.PersonalAttribute;  import eu.stork.peps.auth.commons.PersonalAttributeList;  import eu.stork.peps.auth.commons.STORKAttrQueryResponse; -import eu.stork.peps.complex.attributes.*; -import org.apache.xerces.impl.dv.DatatypeException; -import org.w3c.dom.Node; +import eu.stork.peps.complex.attributes.CanonicalAddressType; +import eu.stork.peps.complex.attributes.MandateContentType; +import eu.stork.peps.complex.attributes.MandateType; +import eu.stork.peps.complex.attributes.RepresentationPersonType;  import javax.servlet.http.HttpServletRequest;  import javax.servlet.http.HttpServletResponse; @@ -30,6 +30,7 @@ import javax.xml.namespace.QName;  import java.io.StringWriter;  import java.math.BigInteger;  import java.util.ArrayList; +import java.util.Arrays;  /**   * @@ -69,7 +70,7 @@ public class MandateRetrievalRequest implements IAction {                      mandateContainer = new PhyPersonMandateContainer(new String(authData.getMISMandate().getMandate(), "UTF-8"));                  } catch (Exception ex2) {                      Logger.error("Could not extract data and create mandate container."); -                    throw new MOAIDException("stork.16", new Object[] {}); // TODO +                    throw new MOAIDException("stork.16", new Object[]{}); // TODO                  }              } @@ -80,10 +81,6 @@ public class MandateRetrievalRequest implements IAction {              } - - - -  //            moaStorkResponse.setPersonalAttributeList(populateAttributes());              //moaStorkResponse.setCountry(moaStorkRequest.getSpCountry()); @@ -98,37 +95,42 @@ public class MandateRetrievalRequest implements IAction {                      MandateContentType mandateContent = getMandateContent(mandateContainer, currentAttribute);                      attributeList.add(marshallComplexAttribute(currentAttribute, mandateContent)); -                   // final Marshaller marshaller = JAXBContext.newInstance(MandateContentType.class).createMarshaller(); -                   // marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); +                    // final Marshaller marshaller = JAXBContext.newInstance(MandateContentType.class).createMarshaller(); +                    // marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); -                   // StringWriter stringWriter = new StringWriter(); +                    // StringWriter stringWriter = new StringWriter(); -                   // marshaller.marshal(new JAXBElement<MandateContentType>(new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "mandateContent"), MandateContentType.class, null, mandateContent), stringWriter); +                    // marshaller.marshal(new JAXBElement<MandateContentType>(new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "mandateContent"), MandateContentType.class, null, mandateContent), stringWriter); -                   // ArrayList<String> value = new ArrayList<String>(); -                   // value.add(stringWriter.toString()); +                    // ArrayList<String> value = new ArrayList<String>(); +                    // value.add(stringWriter.toString()); -                   // PersonalAttribute  mandateContentAttribute = new PersonalAttribute("mandateContent", false, value, "Available"); +                    // PersonalAttribute  mandateContentAttribute = new PersonalAttribute("mandateContent", false, value, "Available"); -                   // attributeList.add(mandateContentAttribute); -                } else -                if (currentAttribute.getName().equals("representative")) {  //  TODO CHECK +                    // attributeList.add(mandateContentAttribute); +                } else if (currentAttribute.getName().equals("representative")) {  //  TODO CHECK                      RepresentationPersonType representative = getRepresentative(mandateContainer, currentAttribute);                      attributeList.add(marshallComplexAttribute(currentAttribute, representative));                      //attributeList.add(getRepresentative(mandateContainer, currentAttribute)); -                }  else -                if (currentAttribute.getName().equals("represented")) { +                } else if (currentAttribute.getName().equals("represented")) {                      //attributeList.add(getRepresented(mandateContainer, currentAttribute));                      RepresentationPersonType represented = getRepresented(mandateContainer, currentAttribute);                      attributeList.add(marshallComplexAttribute(currentAttribute, represented)); -                } else -                if (currentAttribute.getName().equals("mandateType")) { +                } else if (currentAttribute.getName().equals("mandate")) {                      //attributeList.add(getMandateType(mandateContainer, currentAttribute));                      MandateType mandateType = getMandateType(mandateContainer, currentAttribute);                      attributeList.add(marshallComplexAttribute(currentAttribute, mandateType)); +                } else if (currentAttribute.getName().equals("legalName")) { +                    String legalName = getLegalName(mandateContainer, currentAttribute); +                    PersonalAttribute personalAttribute = new PersonalAttribute(currentAttribute.getName(), currentAttribute.isRequired(), Arrays.asList(legalName), "Available"); +                    attributeList.add(personalAttribute); +                } else if (currentAttribute.getName().equals("eLPIdentifier")) { +                    String eLPIdentifier = geteLPIdentifier(mandateContainer, currentAttribute); +                    PersonalAttribute personalAttribute = new PersonalAttribute(currentAttribute.getName(), currentAttribute.isRequired(), Arrays.asList(eLPIdentifier), "Available"); +                    attributeList.add(personalAttribute);                  }              } @@ -165,24 +167,35 @@ public class MandateRetrievalRequest implements IAction {          return null;  //      } +    private String geteLPIdentifier(MandateContainer mandateContainer, PersonalAttribute currentAttribute) throws MOAIDException { +        RepresentationPersonType represented = getRepresented(mandateContainer, currentAttribute); +        if (mandateContainer instanceof CorporateBodyMandateContainer) { +            return represented.getELPIdentifier(); +        } else { +            Logger.error("Cannot provide eLPIdentifier for natural person."); +            throw new MOAIDException("stork.16", new Object[]{}); // TODO +        } + +    } +      private PersonalAttribute marshallComplexAttribute(PersonalAttribute currentAttribute, Object obj) {    // TODO refactor          StringWriter stringWriter = new StringWriter();          try { -        if (obj instanceof MandateContentType) { -            final Marshaller marshaller = JAXBContext.newInstance(MandateContentType.class).createMarshaller(); -            marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); -            marshaller.marshal(new JAXBElement<MandateContentType>(new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", currentAttribute.getName()), MandateContentType.class, null, (MandateContentType)obj), stringWriter); -        } else if (obj instanceof MandateType) { -            final Marshaller marshaller = JAXBContext.newInstance(MandateType.class).createMarshaller(); -            marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); -            marshaller.marshal(new JAXBElement<MandateType>(new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", currentAttribute.getName()), MandateType.class, null, (MandateType)obj), stringWriter); -        } else if (obj instanceof RepresentationPersonType) { -            final Marshaller marshaller = JAXBContext.newInstance(RepresentationPersonType.class).createMarshaller(); -            marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); -            marshaller.marshal(new JAXBElement<RepresentationPersonType>(new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", currentAttribute.getName()), RepresentationPersonType.class, null, (RepresentationPersonType)obj), stringWriter); -        } +            if (obj instanceof MandateContentType) { +                final Marshaller marshaller = JAXBContext.newInstance(MandateContentType.class).createMarshaller(); +                marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); +                marshaller.marshal(new JAXBElement<MandateContentType>(new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", currentAttribute.getName()), MandateContentType.class, null, (MandateContentType) obj), stringWriter); +            } else if (obj instanceof MandateType) { +                final Marshaller marshaller = JAXBContext.newInstance(MandateType.class).createMarshaller(); +                marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); +                marshaller.marshal(new JAXBElement<MandateType>(new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", currentAttribute.getName()), MandateType.class, null, (MandateType) obj), stringWriter); +            } else if (obj instanceof RepresentationPersonType) { +                final Marshaller marshaller = JAXBContext.newInstance(RepresentationPersonType.class).createMarshaller(); +                marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); +                marshaller.marshal(new JAXBElement<RepresentationPersonType>(new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", currentAttribute.getName()), RepresentationPersonType.class, null, (RepresentationPersonType) obj), stringWriter); +            }          } catch (Exception ex) {              Logger.error("Could not marshall atrribute: " + currentAttribute.getName() + ", " + ex.getMessage()); @@ -191,15 +204,14 @@ public class MandateRetrievalRequest implements IAction {          ArrayList<String> value = new ArrayList<String>();          value.add(stringWriter.toString()); -        PersonalAttribute  personalAttribute = new PersonalAttribute(currentAttribute.getName(), currentAttribute.isRequired(), value, "Available"); +        PersonalAttribute personalAttribute = new PersonalAttribute(currentAttribute.getName(), currentAttribute.isRequired(), value, "Available");          return personalAttribute;      } -      private String mapPowersType(MandateContainer mandateContainer) {    // TODO -         return ""; +        return "";      }      private String mapCompanyType(MandateContainer mandateContainer) {    // TODO @@ -208,7 +220,7 @@ public class MandateRetrievalRequest implements IAction {      private MandateType getMandateType(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) throws MOAIDException {          MandateType mandateType = new MandateType(); -        RepresentationPersonType representative = getRepresentative(mandateContainer,  sourceAttribute); +        RepresentationPersonType representative = getRepresentative(mandateContainer, sourceAttribute);          RepresentationPersonType represented = getRepresented(mandateContainer, sourceAttribute);          MandateContentType mandateContent = getMandateContent(mandateContainer, sourceAttribute);          mandateType.setRepresenting(representative); @@ -218,6 +230,16 @@ public class MandateRetrievalRequest implements IAction {          return mandateType;      } +    private String getLegalName(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) throws MOAIDException { +        RepresentationPersonType represented = getRepresented(mandateContainer, sourceAttribute); +        if (mandateContainer instanceof CorporateBodyMandateContainer) { +            return represented.getName(); +        } else { +            Logger.error("Cannot provide legalName for natural person."); +            throw new MOAIDException("stork.16", new Object[]{}); // TODO +        } +    } +      private RepresentationPersonType getRepresentative(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) {          RepresentationPersonType representative = new RepresentationPersonType(); @@ -235,14 +257,14 @@ public class MandateRetrievalRequest implements IAction {          RepresentationPersonType represented = new RepresentationPersonType();          if (mandateContainer instanceof CorporateBodyMandateContainer) { -            CorporateBodyMandateContainer corporateBodyMandateContainer = (CorporateBodyMandateContainer)mandateContainer; +            CorporateBodyMandateContainer corporateBodyMandateContainer = (CorporateBodyMandateContainer) mandateContainer;              represented.setELPIdentifier(corporateBodyMandateContainer.getCorpMandatorIdentificationValue());              represented.setName(corporateBodyMandateContainer.getCorpMandatorFullName());              represented.setAddress("");              represented.setCanonicalAddress(new CanonicalAddressType());              represented.setType(mapCompanyType(mandateContainer));     // TODO          } else if (mandateContainer instanceof PhyPersonMandateContainer) { -            PhyPersonMandateContainer phyPersonMandateContainer = (PhyPersonMandateContainer)mandateContainer; +            PhyPersonMandateContainer phyPersonMandateContainer = (PhyPersonMandateContainer) mandateContainer;              represented.setEIdentifier(""); // TODO CALCULATE              represented.setGivenName(phyPersonMandateContainer.getPhyPersMandatorGivenName());              represented.setSurname(phyPersonMandateContainer.getPhyPersMandatorFamilyName()); @@ -260,13 +282,12 @@ public class MandateRetrievalRequest implements IAction {          try {              XMLGregorianCalendar validFrom = DatatypeFactory.newInstance().newXMLGregorianCalendar(mandateContainer.getMandateValidFrom()); -        XMLGregorianCalendar validTo = DatatypeFactory.newInstance().newXMLGregorianCalendar(mandateContainer.getMandateValidTo()); +            XMLGregorianCalendar validTo = DatatypeFactory.newInstance().newXMLGregorianCalendar(mandateContainer.getMandateValidTo());              mandateContent.setValidFrom(validFrom);              mandateContent.setValidTo(validTo);          } catch (DatatypeConfigurationException dte) {              Logger.error("Error converting data from mandate"); -            throw new MOAIDException("stork.16", new Object[] {}); // TODO - +            throw new MOAIDException("stork.16", new Object[]{}); // TODO          }          mandateContent.setTransactionLimit(BigInteger.valueOf(0)); // TODO diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/MandateAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/MandateAttributeRequestProvider.java index 49250df6b..d08720f83 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/MandateAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/MandateAttributeRequestProvider.java @@ -113,7 +113,7 @@ public class MandateAttributeRequestProvider extends AttributeProvider {          attributeRequest.setPersonalAttributeList(requestedAttributes);          attributeRequest.setCitizenCountryCode("AT"); - +        attributeRequest.setQaa(4); @@ -122,6 +122,7 @@ public class MandateAttributeRequestProvider extends AttributeProvider {          STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("VIDP");          try { +              attributeRequest = samlEngine.generateSTORKAttrQueryRequest(attributeRequest);          } catch (STORKSAMLEngineException e) {              Logger.error("Could not sign STORK SAML AttrRequest.", e); | 
