diff options
2 files changed, 41 insertions, 3 deletions
diff --git a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthConstants.java b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthConstants.java index c6b5ed821..b057ecaf8 100644 --- a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthConstants.java +++ b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthConstants.java @@ -59,7 +59,7 @@ public class EIDProxyAuthConstants { public static final String CONFIG_PROPS_NODE_METADATAURL = CONFIG_PROPS_PREFIX + "EID.metadataUrl"; public static final String CONFIG_PROPS_NODE_TRUSTPROFILEID = CONFIG_PROPS_PREFIX + "EID.trustprofileID"; public static final String CONFIG_PROPS_REQUIRED_PVP_ATTRIBUTES_LIST = CONFIG_PROPS_PREFIX + "required.additional.attributes"; - + public static final String CONFIG_PROPS_DISABLE_PROCESS_ENFORCEMENT = CONFIG_PROPS_PREFIX + "enforce.process.disabled"; public static final String CONFIG_DEFAULT_LOA_EIDAS_LEVEL = EAAFConstants.EIDAS_LOA_HIGH; public static final List<Trible<String, String, Boolean>> DEFAULT_REQUIRED_PVP_ATTRIBUTES = @@ -113,6 +113,8 @@ public class EIDProxyAuthConstants { add(el.getFirst()); } }); + + } diff --git a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthModuleImpl.java b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthModuleImpl.java index 16bcdb421..f4c27e047 100644 --- a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthModuleImpl.java +++ b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthModuleImpl.java @@ -22,8 +22,17 @@ */ package at.gv.egovernment.moa.id.auth.modules.eidproxyauth; +import java.io.Serializable; + +import javax.annotation.PostConstruct; + +import org.apache.commons.lang3.StringUtils; +import org.springframework.beans.factory.annotation.Autowired; + +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egovernment.moa.id.moduls.AuthenticationManager; import at.gv.egovernment.moa.logging.Logger; /** @@ -32,8 +41,18 @@ import at.gv.egovernment.moa.logging.Logger; */ public class EIDProxyAuthModuleImpl implements AuthModule { + @Autowired(required=true) private IConfiguration authConfig; + @Autowired(required=true) private AuthenticationManager authManager; + private int priority = 0; + private final String AUTH_PROCESS_NAME = "EIDAuthentication"; + + @PostConstruct + protected void initalizeEIDProxyAuthentication() { + //parameter to whiteList + authManager.addParameterNameToWhiteList(EIDProxyAuthConstants.HTTP_PARAM_EIDPROXY_AUTH_SELECTION); + } /* (non-Javadoc) * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getPriority() @@ -48,8 +67,25 @@ public class EIDProxyAuthModuleImpl implements AuthModule { */ @Override public String selectProcess(ExecutionContext context) { - Logger.trace("Select E-ID authentication process ... "); - return "EIDAuthentication"; + + if (authConfig.getBasicConfigurationBoolean(EIDProxyAuthConstants.CONFIG_PROPS_DISABLE_PROCESS_ENFORCEMENT, false)) { + Serializable paramObj = context.get(EIDProxyAuthConstants.HTTP_PARAM_EIDPROXY_AUTH_SELECTION); + if (paramObj != null ) { + if (paramObj instanceof String) { + String param = (String)paramObj; + if (StringUtils.isNotEmpty(param) && Boolean.parseBoolean(param)) { + Logger.debug("Manually selected E-ID authentication process "); + return AUTH_PROCESS_NAME; + } + } + } + + return null; + + } + + Logger.trace("Select E-ID authentication process ... "); + return AUTH_PROCESS_NAME; } |