aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java96
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/BKUSelectionModuleImpl.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameterDecorator.java6
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EidSpMandateProfilesAttributeBuilder.java50
5 files changed, 132 insertions, 24 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index d26f7b396..3a826ed13 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -222,7 +222,11 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
authData.setIseIDNewDemoMode(Boolean.parseBoolean(
oaParam.getConfigurationValue(
MOAIDConfigurationConstants.SERVICE_AUTH_AUSTRIAN_EID_DEMO_MODE,
- String.valueOf(false))));
+ String.valueOf(false))) ||
+ Boolean.parseBoolean(
+ oaParam.getConfigurationValue(
+ MOAIDConfigurationConstants.SERVICE_AUTH_AUSTRIAN_EID_PROXY_MODE,
+ String.valueOf(false))));
if (authData.isIseIDNewDemoMode()) {
Logger.info("Demo-mode for 'New Austrian eID' is active. Set 'BaseIDTransferRestrication' to true");
@@ -538,18 +542,21 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
//build foreign bPKs
generateForeignbPK(oaParam, authData);
-
+
+ Logger.debug("Search for additional bPKs");
+ generateAdditonalbPK(authData, oaParam.additionalbPKSectorsRequested());
if (Boolean.parseBoolean(
oaParam.getConfigurationValue(
MOAIDConfigurationConstants.SERVICE_AUTH_AUSTRIAN_EID_DEMO_MODE,
- String.valueOf(false)))) {
+ String.valueOf(false))) ||
+ Boolean.parseBoolean(
+ oaParam.getConfigurationValue(
+ MOAIDConfigurationConstants.SERVICE_AUTH_AUSTRIAN_EID_PROXY_MODE,
+ String.valueOf(false)))) {
Logger.info("Demo-Mode for Austrian eID is active. Post-Processing authData according the new requirements ... ");
- //build additional bPKs
- Logger.debug("Search for additional bPKs");
- generateAdditonalbPK(authData, oaParam.additionalbPKSectorsRequested());
-
+ //build additional bPKs
Logger.debug("Clearing identitylink ... ");
authData.setIdentityLink(null);
@@ -559,6 +566,10 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
Logger.info("Post-Processing for Austrian eID finished");
}
+
+ injectNewEidAttributes(authData, session);
+
+
//####################################################################
//copy all generic authentication information, which are not processed before to authData
Iterator<String> copyInterator = includedToGenericAuthData.iterator();
@@ -583,7 +594,33 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
}
- /**
+ private void injectNewEidAttributes(MOAAuthenticationData authData, IAuthenticationSession session) {
+ try {
+ String onlineIdl = session.getGenericDataFromSession(PVPConstants.EID_E_ID_TOKEN_NAME, String.class);
+ if (StringUtils.isNoneEmpty(onlineIdl)) {
+ authData.seteIDToken(Base64Utils.decode(onlineIdl, true));
+ }
+
+ } catch (IOException e) {
+ Logger.warn("Attribute: " + PVPConstants.EID_E_ID_TOKEN_NAME + " found, but injection failed: " + e.getMessage());
+
+ }
+
+// try {
+// String eidStatusLevel = session.getGenericDataFromSession(PVPConstants.EID_IDENTITY_STATUS_LEVEL_NAME, String.class);
+// if (StringUtils.isNotEmpty(eidStatusLevel)) {
+// authData.setEidStatus(PVPConstants.EID_IDENTITY_STATUS_LEVEL_VALUES.);
+// }
+// } catch (Exception e) {
+// Logger.warn("Attribute: " + PVPConstants.EID_IDENTITY_STATUS_LEVEL_NAME + " found, but injection failed: " + e.getMessage());
+//
+// }
+
+ }
+
+
+
+ /**
* @param authData
* @param notValidbPK
* @param notValidbPKType
@@ -895,7 +932,12 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
}
} catch (Exception e) {
- Logger.warn("Foreign bPK generation FAILED for sector: " + foreignSector, e);
+ Logger.info("Foreign bPK generation FAILED for sector: " + foreignSector);
+ if (Logger.isDebugEnabled()) {
+ Logger.warn("Details: ", e);
+
+ }
+
}
@@ -913,18 +955,30 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
private void generateAdditonalbPK(MOAAuthenticationData authData, List<String> additionalbPKSectorsRequested) throws EAAFBuilderException {
if (additionalbPKSectorsRequested != null && !additionalbPKSectorsRequested.isEmpty()) {
- Logger.debug("Sectors for foreign bPKs are configurated. Starting foreign bPK generation ... ");
- for (String sector : additionalbPKSectorsRequested) {
- Logger.trace("Process sector: " + sector + " ... ");
- Pair<String, String> bpk = new BPKBuilder().generateAreaSpecificPersonIdentifier(
- authData.getIdentificationValue(),
- authData.getIdentificationType(),
- sector);
-
- Logger.trace("Calculate additional bPK for sector: " + bpk.getSecond() + " with value: " + bpk.getFirst() );
- authData.addAdditionalbPKPair(bpk);
-
- }
+ Logger.debug("Sectors for foreign bPKs are configurated. Starting foreign bPK generation ... ");
+
+ try {
+ for (String sector : additionalbPKSectorsRequested) {
+ Logger.trace("Process sector: " + sector + " ... ");
+ Pair<String, String> bpk = new BPKBuilder().generateAreaSpecificPersonIdentifier(
+ authData.getIdentificationValue(),
+ authData.getIdentificationType(),
+ sector);
+
+ Logger.trace("Calculate additional bPK for sector: " + bpk.getSecond() + " with value: " + bpk.getFirst() );
+ authData.addAdditionalbPKPair(bpk);
+
+ }
+
+ } catch (Exception e) {
+ Logger.info("Can NOT generate additional bPKs. Reason: " + e.getMessage());
+
+ if (Logger.isDebugEnabled()) {
+ Logger.warn("StackTrace: ", e);
+
+ }
+
+ }
}
}
@Override
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/BKUSelectionModuleImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/BKUSelectionModuleImpl.java
index 6426e0e0c..8fba069cb 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/BKUSelectionModuleImpl.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/BKUSelectionModuleImpl.java
@@ -58,7 +58,7 @@ public class BKUSelectionModuleImpl implements AuthModule {
performBKUSelection = (boolean) performBKUSelectionObj;
if (performBKUSelection && configuration != null
- && configuration.getBasicConfigurationBoolean(PropertyBasedAuthConfigurationProvider.PROP_MOAID_MODE, false))
+ && configuration.getBasicConfigurationBoolean(PropertyBasedAuthConfigurationProvider.PROP_MOAID_MODE, true))
return "BKUSelectionProcess";
else
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameterDecorator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameterDecorator.java
index ab2a07f7c..e76acfad5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameterDecorator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameterDecorator.java
@@ -266,7 +266,11 @@ public String getKeyBoxIdentifier() {
if (Boolean.parseBoolean(
spConfiguration.getConfigurationValue(
MOAIDConfigurationConstants.SERVICE_AUTH_AUSTRIAN_EID_DEMO_MODE,
- String.valueOf(false)))) {
+ String.valueOf(false))) ||
+ Boolean.parseBoolean(
+ spConfiguration.getConfigurationValue(
+ MOAIDConfigurationConstants.SERVICE_AUTH_AUSTRIAN_EID_PROXY_MODE,
+ String.valueOf(false)))) {
Logger.info("Demo-mode for 'New Austrian eID' is active. Restrict SAML1 response ... ");
returnValue.setProvideBaseId(false);
returnValue.setProvideAuthBlock(false);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
index eae7aae9d..f299e0e94 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
@@ -235,7 +235,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
allowedProtcols.setPVP21Active(
configuration.getBooleanValue(
MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_ENABLED, true)
- && getBasicConfigurationBoolean(PROP_MOAID_MODE, false));
+ && getBasicConfigurationBoolean(PROP_MOAID_MODE, true));
return allowedProtcols;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EidSpMandateProfilesAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EidSpMandateProfilesAttributeBuilder.java
new file mode 100644
index 000000000..31563b267
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EidSpMandateProfilesAttributeBuilder.java
@@ -0,0 +1,50 @@
+package at.gv.egovernment.moa.id.protocols.builder.attributes;
+
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.eaaf.core.api.data.ExtendedPVPAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IPVPAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
+
+public class EidSpMandateProfilesAttributeBuilder implements IPVPAttributeBuilder {
+ private static final Logger log = LoggerFactory.getLogger(EidSpMandateProfilesAttributeBuilder.class);
+
+ @Override
+ public <T> T build(final ISPConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<T> g)
+ throws AttributeBuilderException {
+ if (oaParam instanceof IOAAuthParameters && ((IOAAuthParameters) oaParam).isShowMandateCheckBox()) {
+ return g.buildStringAttribute(getFriendlyName(), getName(),
+ StringUtils.join(
+ ((IOAAuthParameters) oaParam).getMandateProfiles(), ","));
+
+ } else {
+ log.info("{} is only available in AuthHandler context", getFriendlyName());
+
+ }
+ throw new UnavailableAttributeException(getName());
+
+ }
+
+ @Override
+ public <T> T buildEmpty(final IAttributeGenerator<T> g) {
+ return g.buildEmptyAttribute(getFriendlyName(), getName());
+
+ }
+
+ @Override
+ public String getName() {
+ return ExtendedPVPAttributeDefinitions.SP_USESMANDATES_NAME;
+ }
+
+ private String getFriendlyName() {
+ return ExtendedPVPAttributeDefinitions.SP_USESMANDATES_FRIENDLY_NAME;
+ }
+
+}