5 files changed, 132 insertions, 24 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index d26f7b396..3a826ed13 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -222,7 +222,11 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
 			authData.setIseIDNewDemoMode(Boolean.parseBoolean(
 					oaParam.getConfigurationValue(
 							MOAIDConfigurationConstants.SERVICE_AUTH_AUSTRIAN_EID_DEMO_MODE, 
-							String.valueOf(false))));
+							String.valueOf(false))) ||
+			    Boolean.parseBoolean(
+		          oaParam.getConfigurationValue(
+		              MOAIDConfigurationConstants.SERVICE_AUTH_AUSTRIAN_EID_PROXY_MODE, 
+		              String.valueOf(false))));
 			
 			if (authData.isIseIDNewDemoMode()) {
 				Logger.info("Demo-mode for 'New Austrian eID' is active. Set 'BaseIDTransferRestrication' to true");
@@ -538,18 +542,21 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
 
 			//build foreign bPKs
 			generateForeignbPK(oaParam, authData); 
-			
+
+      Logger.debug("Search for additional bPKs");
+      generateAdditonalbPK(authData, oaParam.additionalbPKSectorsRequested());
 			
 			if (Boolean.parseBoolean(
 					oaParam.getConfigurationValue(
 							MOAIDConfigurationConstants.SERVICE_AUTH_AUSTRIAN_EID_DEMO_MODE, 
-							String.valueOf(false)))) {
+							String.valueOf(false))) ||
+			    Boolean.parseBoolean(
+		          oaParam.getConfigurationValue(
+		              MOAIDConfigurationConstants.SERVICE_AUTH_AUSTRIAN_EID_PROXY_MODE, 
+		              String.valueOf(false)))) {
 				Logger.info("Demo-Mode for Austrian eID is active. Post-Processing authData according the new requirements ... ");
 
-				//build additional bPKs
-				Logger.debug("Search for additional bPKs");
-				generateAdditonalbPK(authData, oaParam.additionalbPKSectorsRequested());
-				
+				//build additional bPKs				
 				Logger.debug("Clearing identitylink ... ");
 				authData.setIdentityLink(null);
 				
@@ -559,6 +566,10 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
 				Logger.info("Post-Processing for Austrian eID finished");
 			}
 			
+			
+			injectNewEidAttributes(authData, session);
+			
+			
 			//####################################################################
 			//copy all generic authentication information, which are not processed before to authData
 			Iterator<String> copyInterator = includedToGenericAuthData.iterator();
@@ -583,7 +594,33 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
 		
 	}
 	
-	/**
+	private void injectNewEidAttributes(MOAAuthenticationData authData, IAuthenticationSession session) {
+	    try {
+	      String onlineIdl = session.getGenericDataFromSession(PVPConstants.EID_E_ID_TOKEN_NAME, String.class);
+	      if (StringUtils.isNoneEmpty(onlineIdl)) {
+	        authData.seteIDToken(Base64Utils.decode(onlineIdl, true));
+	      }
+        
+      } catch (IOException e) {
+        Logger.warn("Attribute: " + PVPConstants.EID_E_ID_TOKEN_NAME + " found, but injection failed: " + e.getMessage());
+        
+      }
+	    
+//	    try {
+//	      String eidStatusLevel = session.getGenericDataFromSession(PVPConstants.EID_IDENTITY_STATUS_LEVEL_NAME, String.class);
+//	      if (StringUtils.isNotEmpty(eidStatusLevel)) {
+//	        authData.setEidStatus(PVPConstants.EID_IDENTITY_STATUS_LEVEL_VALUES.);
+//	      }
+//	    } catch (Exception e) {
+//	      Logger.warn("Attribute: " + PVPConstants.EID_IDENTITY_STATUS_LEVEL_NAME + " found, but injection failed: " + e.getMessage());
+//	        
+//	    }
+	    
+	  }
+	  
+  
+
+  /**
 	 * @param authData
 	 * @param notValidbPK
 	 * @param notValidbPKType
@@ -895,7 +932,12 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
 						}
 														
 					} catch (Exception e) {
-						Logger.warn("Foreign bPK generation FAILED for sector: " + foreignSector, e);
+						Logger.info("Foreign bPK generation FAILED for sector: " + foreignSector);
+						if (Logger.isDebugEnabled()) {
+						  Logger.warn("Details: ", e);
+						  
+						}
+						
 						
 					}
 																		
@@ -913,18 +955,30 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
 	
 	private void generateAdditonalbPK(MOAAuthenticationData authData, List<String> additionalbPKSectorsRequested) throws EAAFBuilderException {
 		if (additionalbPKSectorsRequested != null && !additionalbPKSectorsRequested.isEmpty()) {
-			Logger.debug("Sectors for foreign bPKs are configurated. Starting foreign bPK generation ... ");					
-			for (String sector : additionalbPKSectorsRequested) {
-				Logger.trace("Process sector: " + sector + " ... ");
-				Pair<String, String> bpk = new BPKBuilder().generateAreaSpecificPersonIdentifier(
-						authData.getIdentificationValue(), 
-						authData.getIdentificationType(), 										
-						sector);
-				
-				Logger.trace("Calculate additional bPK for sector: " + bpk.getSecond() + " with value: " + bpk.getFirst() );
-				authData.addAdditionalbPKPair(bpk);
-				
-			}
+			Logger.debug("Sectors for foreign bPKs are configurated. Starting foreign bPK generation ... ");
+			
+			try {
+			  for (String sector : additionalbPKSectorsRequested) {
+			    Logger.trace("Process sector: " + sector + " ... ");
+			    Pair<String, String> bpk = new BPKBuilder().generateAreaSpecificPersonIdentifier(
+			        authData.getIdentificationValue(), 
+			        authData.getIdentificationType(), 										
+			        sector);
+				
+			    Logger.trace("Calculate additional bPK for sector: " + bpk.getSecond() + " with value: " + bpk.getFirst() );
+			    authData.addAdditionalbPKPair(bpk);
+				
+			  }
+			  
+			} catch (Exception e) {
+			  Logger.info("Can NOT generate additional bPKs. Reason: " + e.getMessage());
+			  
+			  if (Logger.isDebugEnabled()) {
+			    Logger.warn("StackTrace: ", e);
+			    
+			  }
+			  
+      }
 		}		
 	}
 	@Override
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/BKUSelectionModuleImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/BKUSelectionModuleImpl.java
index 6426e0e0c..8fba069cb 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/BKUSelectionModuleImpl.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/BKUSelectionModuleImpl.java
@@ -58,7 +58,7 @@ public class BKUSelectionModuleImpl implements AuthModule {
 			performBKUSelection = (boolean) performBKUSelectionObj;
 		
 		if (performBKUSelection && configuration != null
-				&& configuration.getBasicConfigurationBoolean(PropertyBasedAuthConfigurationProvider.PROP_MOAID_MODE, false))
+				&& configuration.getBasicConfigurationBoolean(PropertyBasedAuthConfigurationProvider.PROP_MOAID_MODE, true))
 			return "BKUSelectionProcess";
 		
 		else
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameterDecorator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameterDecorator.java
index ab2a07f7c..e76acfad5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameterDecorator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameterDecorator.java
@@ -266,7 +266,11 @@ public String getKeyBoxIdentifier() {
 		if (Boolean.parseBoolean(
 					spConfiguration.getConfigurationValue(
 							MOAIDConfigurationConstants.SERVICE_AUTH_AUSTRIAN_EID_DEMO_MODE, 
-							String.valueOf(false)))) {
+							String.valueOf(false))) || 
+		    Boolean.parseBoolean(
+	          spConfiguration.getConfigurationValue(
+	              MOAIDConfigurationConstants.SERVICE_AUTH_AUSTRIAN_EID_PROXY_MODE, 
+	              String.valueOf(false)))) {
 			Logger.info("Demo-mode for 'New Austrian eID' is active. Restrict SAML1 response ... ");			
 			returnValue.setProvideBaseId(false);
 			returnValue.setProvideAuthBlock(false);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
index eae7aae9d..f299e0e94 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
@@ -235,7 +235,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 			allowedProtcols.setPVP21Active(
 					configuration.getBooleanValue(
 							MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_ENABLED, true) 
-					&& getBasicConfigurationBoolean(PROP_MOAID_MODE, false));
+					&& getBasicConfigurationBoolean(PROP_MOAID_MODE, true));
 			
 			return allowedProtcols;
 			
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EidSpMandateProfilesAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EidSpMandateProfilesAttributeBuilder.java
new file mode 100644
index 000000000..31563b267
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EidSpMandateProfilesAttributeBuilder.java
@@ -0,0 +1,50 @@
+package at.gv.egovernment.moa.id.protocols.builder.attributes;
+
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.eaaf.core.api.data.ExtendedPVPAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IPVPAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
+
+public class EidSpMandateProfilesAttributeBuilder implements IPVPAttributeBuilder {
+  private static final Logger log = LoggerFactory.getLogger(EidSpMandateProfilesAttributeBuilder.class);
+
+  @Override
+  public <T> T build(final ISPConfiguration oaParam, final IAuthData authData, final IAttributeGenerator<T> g)
+      throws AttributeBuilderException {
+    if (oaParam instanceof IOAAuthParameters && ((IOAAuthParameters) oaParam).isShowMandateCheckBox()) {
+      return g.buildStringAttribute(getFriendlyName(), getName(),
+          StringUtils.join(
+              ((IOAAuthParameters) oaParam).getMandateProfiles(), ","));
+
+    } else {
+      log.info("{} is only available in AuthHandler context", getFriendlyName());
+
+    }
+    throw new UnavailableAttributeException(getName());
+
+  }
+
+  @Override
+  public <T> T buildEmpty(final IAttributeGenerator<T> g) {
+    return g.buildEmptyAttribute(getFriendlyName(), getName());
+
+  }
+
+  @Override
+  public String getName() {
+    return ExtendedPVPAttributeDefinitions.SP_USESMANDATES_NAME;
+  }
+
+  private String getFriendlyName() {
+    return ExtendedPVPAttributeDefinitions.SP_USESMANDATES_FRIENDLY_NAME;
+  }
+
+}