diff options
Diffstat (limited to 'id/server/idserverlib')
11 files changed, 244 insertions, 645 deletions
| diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java index 3e6308bf6..c58f19333 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java @@ -75,6 +75,7 @@ import at.gv.egovernment.moa.id.commons.api.data.IMISMandate;  import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse;  import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;  import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;  import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore;  import at.gv.egovernment.moa.id.config.auth.OAAuthParameterDecorator;  import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory; @@ -212,6 +213,18 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder  		try {  			//generate basic authentication data  			generateBasicAuthData(authData, protocolRequest, session); +						 +			//set Austrian eID demo-mode flag +			authData.setIseIDNewDemoMode(Boolean.parseBoolean( +					oaParam.getConfigurationValue( +							MOAIDConfigurationConstants.SERVICE_AUTH_AUSTRIAN_EID_DEMO_MODE,  +							String.valueOf(false)))); +			 +			if (authData.isIseIDNewDemoMode()) { +				Logger.info("Demo-mode for 'New Austrian eID' is active. Set 'BaseIDTransferRestrication' to true"); +				authData.setBaseIDTransferRestrication(true); +				 +			}  			// #### generate MOA-ID specific authentication data ###### @@ -521,6 +534,26 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder  			//build foreign bPKs  			generateForeignbPK(authData, oaParam.foreignbPKSectorsRequested());  +			 +			if (Boolean.parseBoolean( +					oaParam.getConfigurationValue( +							MOAIDConfigurationConstants.SERVICE_AUTH_AUSTRIAN_EID_DEMO_MODE,  +							String.valueOf(false)))) { +				Logger.info("Demo-Mode for Austrian eID is active. Post-Processing authData according the new requirements ... "); + +				//build additional bPKs +				Logger.debug("Search for additional bPKs"); +				generateAdditonalbPK(authData, oaParam.additionalbPKSectorsRequested()); +				 +				Logger.debug("Clearing identitylink ... "); +				authData.setIdentityLink(null); +				 +				Logger.debug("Clearing authBlock ... "); +				authData.setAuthBlock(null); +				 +				Logger.info("Post-Processing for Austrian eID finished"); +			} +			  			//####################################################################  			//copy all generic authentication information, which are not processed before to authData  			Iterator<String> copyInterator = includedToGenericAuthData.iterator(); @@ -827,4 +860,20 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder  	} +	private void generateAdditonalbPK(MOAAuthenticationData authData, List<String> additionalbPKSectorsRequested) throws EAAFBuilderException { +		if (additionalbPKSectorsRequested != null && !additionalbPKSectorsRequested.isEmpty()) { +			Logger.debug("Sectors for foreign bPKs are configurated. Starting foreign bPK generation ... ");					 +			for (String sector : additionalbPKSectorsRequested) { +				Logger.trace("Process sector: " + sector + " ... "); +				Pair<String, String> bpk = new BPKBuilder().generateAreaSpecificPersonIdentifier( +						authData.getIdentificationValue(),  +						authData.getIdentificationType(), 										 +						sector); +				 +				Logger.trace("Calculate additional bPK for sector: " + bpk.getSecond() + " with value: " + bpk.getFirst() ); +				authData.addAdditionalbPKPair(bpk); +				 +			} +		}		 +	}  } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameterDecorator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameterDecorator.java index a2dfeba2f..ab2a07f7c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameterDecorator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameterDecorator.java @@ -263,6 +263,19 @@ public String getKeyBoxIdentifier() {  			returnValue.setProvideAllErrors(  					Boolean.valueOf(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_RETURNERROR))); +		if (Boolean.parseBoolean( +					spConfiguration.getConfigurationValue( +							MOAIDConfigurationConstants.SERVICE_AUTH_AUSTRIAN_EID_DEMO_MODE,  +							String.valueOf(false)))) { +			Logger.info("Demo-mode for 'New Austrian eID' is active. Restrict SAML1 response ... ");			 +			returnValue.setProvideBaseId(false); +			returnValue.setProvideAuthBlock(false); +			returnValue.setProvideIdl(false); +			returnValue.setProvideMandate(false); +			 +		} +			 +		  		return returnValue;  	} @@ -920,6 +933,16 @@ public List<String> foreignbPKSectorsRequested() {  } +@Override +public List<String> additionalbPKSectorsRequested() { +	String value = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_ADDITIONAL_BPKS); +	if (MiscUtil.isNotEmpty(value)) +		return KeyValueUtils.getListOfCSVValues(KeyValueUtils.normalizeCSVValueString(value)); +		 +	else +		return null; +	 +}  @Override @@ -1002,4 +1025,5 @@ public boolean isConfigurationValue(String key, boolean defaultValue) {  } +  } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java index 390b77dab..1b2d203c9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java @@ -541,6 +541,12 @@ public class DynamicOAAuthParameters implements IOAAuthParameters, Serializable{  	}  	@Override +	public List<String> additionalbPKSectorsRequested() { +		// TODO Auto-generated method stub +		return null; +	} +	 +	@Override  	public boolean containsConfigurationKey(String arg0) {  		// TODO Auto-generated method stub  		return false; @@ -593,6 +599,5 @@ public class DynamicOAAuthParameters implements IOAAuthParameters, Serializable{  	public String getLoAMatchingMode() {  		return EAAFConstants.EIDAS_LOA_MATCHING_MINIMUM;  	} -  } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IMOAAuthData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IMOAAuthData.java index ff4b96aab..415f4db18 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IMOAAuthData.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IMOAAuthData.java @@ -35,4 +35,10 @@ public interface IMOAAuthData extends IAuthData{  	 String getPvpAttribute_OU();  	 List<AuthenticationRole> getAuthenticationRoles(); +	 /** +	  * Indicate Austrian eID demo-mode  +	  *  +	  * @return true if it is in demo-mode, otherwise false +	  */ +	 public boolean isIseIDNewDemoMode();  } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/MOAAuthenticationData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/MOAAuthenticationData.java index ca0ae0687..c1545f354 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/MOAAuthenticationData.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/MOAAuthenticationData.java @@ -69,6 +69,8 @@ public class MOAAuthenticationData extends AuthenticationData implements IMOAAut  	private LoALevelMapper loaMapper; +	private boolean iseIDNewDemoMode = false; +	  	public MOAAuthenticationData(ILoALevelMapper loaMapper) {  		if (loaMapper instanceof LoALevelMapper)  			this.loaMapper = (LoALevelMapper) loaMapper; @@ -321,648 +323,18 @@ public class MOAAuthenticationData extends AuthenticationData implements IMOAAut  	  public void setQualifiedCertificate(boolean qualifiedCertificate) {  	    this.qualifiedCertificate = qualifiedCertificate;  	  } -	 -	 -//	private static final long serialVersionUID = -1042697056735596866L; -//	public static final String IDENTITY_LINK_DATE_FORMAT = "yyyy-MM-dd"; -//	 -//	  /** -//	   * URL of the MOA-ID Auth component issueing this assertion -//	   */ -//	  private String issuer; -//	  /** -//	   * time instant of issue of this assertion -//	   */ -//	  private Date issueInstant; -//	  /** -//	   * user identification value (Stammzahl); <code>null</code>,  -//	   * if the authentication module is configured not to return this data -//	   */ -//	  private String identificationValue; -//		/** -//		 * user identification type -//		 */ -//	  private String identificationType; -//		 -//		/** -//		 * user identityLink specialized to OAParamter -//		 */ -//	  private IIdentityLink identityLink; -//		 -//	  /** -//	   * application specific user identifier (bPK/wbPK) -//	   */ -//	  private String bPK; -//	   -//	  /** -//	   * application specific user identifier type -//	   */ -//	  private String bPKType; -//	   -//	  /** -//	   * given name of the user -//	   */ -//	  private String givenName; -//	  /** -//	   * family name of the user -//	   */ -//	  private String familyName; -//	  /** -//	   * date of birth of the user -//	   */ -//	  private Date dateOfBirth; -//	  /** -//	   * says whether the certificate is a qualified certificate or not -//	   */ -//	   -//	  /** -//	   * says whether the certificate is a public authority or not -//	   */ -//	  /** -//	   * public authority code (Behördenkennzeichen - BKZ) -//	   */ -//	   -// -//	  /** -//	   * URL of the BKU -//	   */ -//	   -//	  /** -//	   * the corresponding <code>lt;saml:Assertion></code> -//	   */ -// -//	  private boolean isBaseIDTransferRestrication = true; -//	   -//	   -//	 /** -//	  * STORK attributes from response -//	  */ -//	  private String ccc = null; -//	   -//	  private Map<String, Object> genericDataStorate = new HashedMap<String, Object>(); -//	   -//	   -//	  	   -//	  private String authBlock = null;  -//	  private List<String> encbPKList = null; -//	   -//	  //ISA 1.18 attributes -//	  private List<AuthenticationRole> roles = null; -//	  private String pvpAttribute_OU = null; -//	   -//	  private boolean useMandate = false; -//	  private IMISMandate mandate = null; -//	  private String mandateReferenceValue = null; -//	   -//	  private boolean foreigner =false; -//	  private String QAALevel = null; -//	   -//	  private boolean ssoSession = false; -//	  private Date ssoSessionValidTo = null; -// -////	  private boolean interfederatedSSOSession = false; -////	  private String interfederatedIDP = null; -//	   -//	  private String sessionIndex = null; -//	  private String nameID = null; -//	  private String nameIDFormat = null; -//	   -//	  public AuthenticationData() { -//		  issueInstant = new Date(); -//	  } -//	  	   -//	  /** -//	   * Returns the publicAuthority. -//	   * @return boolean -//	   */ -//	  public boolean isPublicAuthority() { -//	    return publicAuthority; -//	  } -// -//	  /** -//	   * Returns the publicAuthorityCode. -//	   * @return String -//	   */ -//	  public String getPublicAuthorityCode() { -//	    return publicAuthorityCode; -//	  } -// -//	  /** -//	   * Returns the qualifiedCertificate. -//	   * @return boolean -//	   */ -//	  public boolean isQualifiedCertificate() { -//	    return qualifiedCertificate; -//	  } -// -//	  /** -//	   * Returns the bPK. -//	   * @return String -//	   */ -//	  public String getBPK() { -//	    return bPK; -//	  } -// -//	  /** -//	   * Sets the publicAuthority. -//	   * @param publicAuthority The publicAuthority to set -//	   */ -//	  public void setPublicAuthority(boolean publicAuthority) { -//	    this.publicAuthority = publicAuthority; -//	  } -// -//	  /** -//	   * Sets the publicAuthorityCode. -//	   * @param publicAuthorityIdentification The publicAuthorityCode to set -//	   */ -//	  public void setPublicAuthorityCode(String publicAuthorityIdentification) { -//	    this.publicAuthorityCode = publicAuthorityIdentification; -//	  } -// -//	  /** -//	   * Sets the qualifiedCertificate. -//	   * @param qualifiedCertificate The qualifiedCertificate to set -//	   */ -//	  public void setQualifiedCertificate(boolean qualifiedCertificate) { -//	    this.qualifiedCertificate = qualifiedCertificate; -//	  } -// -//	  /** -//	   * Sets the bPK. -//	   * @param bPK The bPK to set -//	   */ -//	  public void setBPK(String bPK) { -//	    this.bPK = bPK; -//	  } -// -//	  /** -//	   * Returns the dateOfBirth. -//	   * @return String -//	   */ -//	  public Date getDateOfBirth() { -//	    return dateOfBirth; -//	  } -// -//	  public String getFormatedDateOfBirth() { -//			DateFormat pvpDateFormat = new SimpleDateFormat(IDENTITY_LINK_DATE_FORMAT); -//			if (getDateOfBirth() != null) -//				return pvpDateFormat.format(getDateOfBirth()); -//			else -//				return "2999-12-31"; -//		} -//	   -//	  /** -//	   * Returns the familyName. -//	   * @return String -//	   */ -//	  public String getFamilyName() { -//	    return familyName; -//	  } -// -//	  /** -//	   * Returns the givenName. -//	   * @return String -//	   */ -//	  public String getGivenName() { -//	    return givenName; -//	  } -// -//	  /** -//	   * Holds the baseID of a citizen -//	   *  -//	   * @return baseID -//	   */ -//	  public String getIdentificationValue() { -//	    return identificationValue; -//	  } -// -//		/** -//		 * Holds the type of the baseID -//		 *  -//		 * @return baseID-Type -//		 */ -//		public String getIdentificationType() { -//			return identificationType; -//		} -// -//	  /** -//	   * Returns the issueInstant. -//	   * @return String -//	   */ -//	  public String getIssueInstantString() { -//	    return DateTimeUtils.buildDateTimeUTC(issueInstant); -//	     -//	  } -// -//	  /** -//	   * Returns the issueInstant. -//	   * @return String -//	   */ -//	  public Date getIssueInstant() { -//	    return issueInstant; -//	     -//	  } -//	   -//	  public void setIssueInstant(Date date) { -//		  this.issueInstant = date; -//	  } -//	   -//	  /** -//	   * Returns the issuer. -//	   * @return String -//	   */ -//	  public String getIssuer() { -//	    return issuer; -//	  } -//	   -//	  /** -//	   * Returns the BKU URL. -//	   * @return String -//	   */ -//	  public String getBkuURL() { -//	    return bkuURL; -//	  } -// -//	  /** -//	   * Sets the dateOfBirth. -//	   * @param dateOfBirth The dateOfBirth to set -//	   */ -//	  public void setDateOfBirth(Date dateOfBirth) { -//	    this.dateOfBirth = dateOfBirth; -//	  } -// -//	  public void setDateOfBirth(String dateOfBirth) {		   -//		  try {		   -//			  if (MiscUtil.isNotEmpty(dateOfBirth)) { -//				  DateFormat identityLinkFormat = new SimpleDateFormat(IDENTITY_LINK_DATE_FORMAT); -//				  this.dateOfBirth = identityLinkFormat.parse(dateOfBirth); -//			  } -//			   -//		  } catch (ParseException e) { -//			  Logger.warn("Parse dateOfBirht from IdentityLink FAILED", e); -//			   -//		  }		   -//	  } -//	   -//	  /** -//	   * Sets the familyName. -//	   * @param familyName The familyName to set -//	   */ -//	  public void setFamilyName(String familyName) { -//	    this.familyName = familyName; -//	  } -// -//	  /** -//	   * Sets the givenName. -//	   * @param givenName The givenName to set -//	   */ -//	  public void setGivenName(String givenName) { -//	    this.givenName = givenName; -//	  } -// -//	  /** -//	   * Sets the identificationValue. -//	   * @param identificationValue The identificationValue to set -//	   */ -//	  public void setIdentificationValue(String identificationValue) { -//	    this.identificationValue = identificationValue; -//	  } -// -//		/** -//		 * Sets the identificationType. -//		 * @param identificationType The identificationType to set -//		 */ -//		public void setIdentificationType(String identificationType) { -//			this.identificationType = identificationType; -//		} -// -//	  /** -//	   * Sets the issuer. -//	   * @param issuer The issuer to set -//	   */ -//	  public void setIssuer(String issuer) { -//	    this.issuer = issuer; -//	  } -//	   -//	  /** -//	   * Sets the bkuURL -//	   * @param url The BKU URL to set -//	   */ -//	  public void setBkuURL(String url) { -//	    this.bkuURL = url; -//	  } -// -//	public String getBPKType() { -//		return bPKType; -//	} -// -//	public void setBPKType(String bPKType) { -//		this.bPKType = bPKType; -//	} -// - -// -// - -// -//	 -//	public String getEIDASQAALevel() { -//		if (this.QAALevel != null &&  -//				this.QAALevel.startsWith(PVPConstants.STORK_QAA_PREFIX)) { -//			String mappedQAA = PVPtoSTORKMapper.getInstance().mapSTORKQAAToeIDASQAA(this.QAALevel); -//			if (MiscUtil.isNotEmpty(mappedQAA)) -//				return mappedQAA; -//			 -//			else { -//				Logger.error("STORK QAA-level:" + this.QAALevel  -//						+ " can not be mapped to eIDAS QAA-level! Use " -//						+ PVPConstants.EIDAS_QAA_LOW + " as default value."); -//				return PVPConstants.EIDAS_QAA_LOW; -//				 -//			} -//			 -//			 -//		} else -//			return this.QAALevel; -//		 -//	} -//	 -// -//	/** -//	 * @return -//	 */ -//	public boolean isForeigner() { -//		return this.foreigner; -//	} -// -// -//	/** -//	 * @param foreigner the foreigner to set -//	 */ -//	public void setForeigner(boolean foreigner) { -//		this.foreigner = foreigner; -//	} -// -// - -// -//	/** -//	 * @return the ssoSession -//	 */ -//	public boolean isSsoSession() { -//		return ssoSession; -//	} -// -// -//	/** -//	 * @param ssoSession the ssoSession to set -//	 */ -//	public void setSsoSession(boolean ssoSession) { -//		this.ssoSession = ssoSession; -//	} -// -//	/** -//	 * @return the mandateReferenceValue -//	 */ -//	public String getMandateReferenceValue() { -//		return mandateReferenceValue; -//	} -// -//	/** -//	 * @param mandateReferenceValue the mandateReferenceValue to set -//	 */ -//	public void setMandateReferenceValue(String mandateReferenceValue) { -//		this.mandateReferenceValue = mandateReferenceValue; -//	} -// -//	/** -//	 * CountryCode of the citizen which is identified and authenticated -//	 *  -//	 * @return the CountryCode <pre>like. AT, SI, ...</pre> -//	 */ -//	public String getCcc() { -//		return ccc; -//	} -// -//	/** -//	 * @param ccc the ccc to set -//	 */ -//	public void setCcc(String ccc) { -//		this.ccc = ccc; -//	} -// -//	/** -//	 * @return the sessionIndex -//	 */ -//	public String getSessionIndex() { -//		return sessionIndex; -//	} -// -//	/** -//	 * @param sessionIndex the sessionIndex to set -//	 */ -//	public void setSessionIndex(String sessionIndex) { -//		this.sessionIndex = sessionIndex; -//	} -// -//	/* (non-Javadoc) -//	 * @see at.gv.egovernment.moa.id.data.IAuthData#getNameID() -//	 */ -//	@Override -//	public String getNameID() { -//		return this.nameID; -//	} -// -//	/** -//	 * @param nameID the nameID to set -//	 */ -//	public void setNameID(String nameID) { -//		this.nameID = nameID; -//	} -// -//	/** -//	 * @return the nameIDFormat -//	 */ -//	public String getNameIDFormat() { -//		return nameIDFormat; -//	} -// -//	/** -//	 * @param nameIDFormat the nameIDFormat to set -//	 */ -//	public void setNameIDFormat(String nameIDFormat) { -//		this.nameIDFormat = nameIDFormat; -//	} -// -////	/** -////	 * @return the interfederatedSSOSession -////	 */ -////	public boolean isInterfederatedSSOSession() { -////		return interfederatedSSOSession; -////	} -//// -////	/** -////	 * @param interfederatedSSOSession the interfederatedSSOSession to set -////	 */ -////	public void setInterfederatedSSOSession(boolean interfederatedSSOSession) { -////		this.interfederatedSSOSession = interfederatedSSOSession; -////	} -//// -////	/** -////	 * @return the interfederatedIDP -////	 */ -////	public String getInterfederatedIDP() { -////		return interfederatedIDP; -////	} -//// -////	/** -////	 * @param interfederatedIDP the interfederatedIDP to set -////	 */ -////	public void setInterfederatedIDP(String interfederatedIDP) { -////		this.interfederatedIDP = interfederatedIDP; -////	} -// -//	/** -//	 * @return the ssoSessionValidTo -//	 */ -//	public Date getSsoSessionValidTo() { -//		return ssoSessionValidTo; -//	} -// -//	/** -//	 * @param ssoSessionValidTo the ssoSessionValidTo to set -//	 */ -//	public void setSsoSessionValidTo(Date ssoSessionValidTo) { -//		this.ssoSessionValidTo = ssoSessionValidTo; -//	} -// -//	/** -//	 * @return the encbPKList -//	 */ -//	public List<String> getEncbPKList() { -//		return encbPKList; -//	} -// -//	/** -//	 * @param encbPKList the encbPKList to set -//	 */ -//	public void setEncbPKList(List<String> encbPKList) { -//		this.encbPKList = encbPKList; -//	} -// -//	/** -//	 * @return the roles -//	 */ -//	public List<AuthenticationRole> getAuthenticationRoles() { -////		if (this.roles == null) { -////			this.roles = new ArrayList<AuthenticationRole>(); -////			this.roles.add(new AuthenticationRole("xxpvprole", "xxpvprole")); -////			this.roles.add(new AuthenticationRole("yypvprole", "yypvprole")); -////		} -//		 -//		return roles; -//	} -// -//	//ISA 1.18 attributes -//	/** -//	 * @param roles the roles to set -//	 */ -//	public void addAuthenticationRole(AuthenticationRole role) { -//		if (this.roles == null) -//			this.roles = new ArrayList<AuthenticationRole>(); -// -//		this.roles.add(role); -//	} -//	 -//	/** -//	 * @return the pvpAttribute_OU -//	 */ -//	public String getPvpAttribute_OU() { -//		return pvpAttribute_OU; -//	} -// -//	/** -//	 * @param pvpAttribute_OU the pvpAttribute_OU to set -//	 */ -//	public void setPvpAttribute_OU(String pvpAttribute_OU) { -//		this.pvpAttribute_OU = pvpAttribute_OU; -//	} -// -//	/* (non-Javadoc) -//	 * @see at.gv.egovernment.moa.id.data.IAuthData#isBusinessService() -//	 */ -//	@Override -//	public boolean isBaseIDTransferRestrication() { -//		return isBaseIDTransferRestrication; -//	} -// -//	/** -//	 * @param isBaseIDTransmittionAllowed the isBaseIDTransmittionAllowed to set -//	 */ -//	public void setBaseIDTransferRestrication(boolean isBaseIDTransferRestrication) { -//		this.isBaseIDTransferRestrication = isBaseIDTransferRestrication; -//	} -//	 -//	/** -//	 * Returns a generic data-object with is stored with a specific identifier  -//	 *  -//	 * @param key The specific identifier of the data object -//	 * @param clazz The class type which is stored with this key -//	 * @return The data object or null if no data is found with this key -//	 */ -//	public <T> T getGenericData(String key, final Class<T> clazz) { -//		if (MiscUtil.isNotEmpty(key)) { -//			Object data = genericDataStorate.get(key);			 -//			 -//			if (data == null) -//				return null; -//			 -//			try { -//				@SuppressWarnings("unchecked") -//				T test = (T) data; -//				return test; -//				 -//			} catch (Exception e) { -//				Logger.warn("Generic authentication-data object can not be casted to requsted type", e); -//				return null; -//				 -//			} -//			 -//		}  -//		 -//		Logger.warn("Can not load generic session-data with key='null'"); -//		return null; -//				 -//	} -//	 -//	/** -//	 * Store a generic data-object to session with a specific identifier -//	 *  -//	 * @param key Identifier for this data-object -//	 * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface -//	 * @throws SessionDataStorageException Error message if the data-object can not stored to generic session-data storage -//	 */ -//	public void setGenericData(String key, Object object) throws SessionDataStorageException { -//		if (MiscUtil.isEmpty(key)) { -//			Logger.warn("Generic session-data can not be stored with a 'null' key"); -//			throw new SessionDataStorageException("Generic data can not be stored with a 'null' key", null); -//			 -//		} -//		 -//		if (object != null) { -//			if (!Serializable.class.isInstance(object)) { -//				Logger.warn("Generic data can only store objects which implements the 'Seralizable' interface"); -//				throw new SessionDataStorageException("Generic data can only store objects which implements the 'Seralizable' interface", null); -//				 -//			}						 -//		} -//		 -//		if (genericDataStorate.containsKey(key)) -//			Logger.debug("Overwrite generic data with key:" + key); -//		else -//			Logger.trace("Add generic data with key:" + key + " to session."); -//		 -//		genericDataStorate.put(key, object); -//	} + +	   +	  public boolean isIseIDNewDemoMode() { +		  return iseIDNewDemoMode; +	  } + +	  /** +	   * Set eID demo-mode into AuthData +	   * @param iseIDNewDemoMode true if it is in demo-mode, otherwise false +	   */ +	  public void setIseIDNewDemoMode(boolean iseIDNewDemoMode) { +		  this.iseIDNewDemoMode = iseIDNewDemoMode; +	  }  } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/BPKListAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/BPKListAttributeBuilder.java new file mode 100644 index 000000000..ec8c7629f --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/BPKListAttributeBuilder.java @@ -0,0 +1,52 @@ + +package at.gv.egovernment.moa.id.protocols.builder.attributes; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.IPVPAttributeBuilder; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import at.gv.egiz.eaaf.core.impl.data.Pair; +import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.BPKAttributeBuilder; +import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA; + +@PVPMETADATA +public class BPKListAttributeBuilder extends BPKAttributeBuilder implements IPVPAttributeBuilder { +	 +	private static final Logger log = LoggerFactory.getLogger(BPKListAttributeBuilder.class); +	 +	protected static final String DELIMITER_BPK_LIST = ";"; +	 +	public String getName() { +		return BPK_LIST_NAME; +	} +	 +	public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData, +			IAttributeGenerator<ATT> g) throws AttributeBuilderException { +		String result = getBpkForSP(authData); +		 +		//add additional bPKs if someone are available +		if (authData.getAdditionalbPKs() != null && !authData.getAdditionalbPKs().isEmpty()) { +			log.info("Adding additional bPKs into bPK attribute"); +			for (Pair<String, String> el : authData.getAdditionalbPKs()) { +				result += DELIMITER_BPK_LIST  +							+ removeBpkTypePrefix(el.getSecond())  +							+ DELIMITER_BPKTYPE_BPK  +							+ attrMaxSize(el.getFirst()); +				 +			} +			log.trace("Authenticate user with bPK-List: " + result); +		} +		 +		log.trace("Authenticate user with bPK/wbPK: " + result);		 +		return g.buildStringAttribute(BPK_LIST_FRIENDLY_NAME, BPK_LIST_NAME, result); +	} +	 +	public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { +		return g.buildEmptyAttribute(BPK_LIST_FRIENDLY_NAME, BPK_LIST_NAME); +	} +	 +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDAuthBlock.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDAuthBlock.java index 139bb15cc..a1a5825b3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDAuthBlock.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDAuthBlock.java @@ -37,6 +37,7 @@ import at.gv.egovernment.moa.id.data.IMOAAuthData;  import at.gv.egovernment.moa.logging.Logger;  import at.gv.egovernment.moa.util.MiscUtil; +@Deprecated  @PVPMETADATA  public class EIDAuthBlock implements IPVPAttributeBuilder { @@ -49,6 +50,13 @@ public class EIDAuthBlock implements IPVPAttributeBuilder {  		try {  			if (authData instanceof IMOAAuthData) { +				 +				if (((IMOAAuthData)authData).isIseIDNewDemoMode()) { +					Logger.info(EID_AUTH_BLOCK_FRIENDLY_NAME + " is NOT available in Austrian eID demo-mode"); +					throw new UnavailableAttributeException(EID_AUTH_BLOCK_NAME); +					 +				} +				  				String authblock = ((IMOAAuthData)authData).getAuthBlock();  				if (MiscUtil.isNotEmpty(authblock)) {  					return g.buildStringAttribute(EID_AUTH_BLOCK_FRIENDLY_NAME, EID_AUTH_BLOCK_NAME, diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateFullMandateAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateFullMandateAttributeBuilder.java index a40c0fefb..fb101467a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateFullMandateAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateFullMandateAttributeBuilder.java @@ -48,8 +48,16 @@ public class MandateFullMandateAttributeBuilder implements IPVPAttributeBuilder  	public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData,  			IAttributeGenerator<ATT> g) throws AttributeBuilderException { -		if (authData instanceof IMOAAuthData) { +		if (authData instanceof IMOAAuthData) {					  			if (((IMOAAuthData)authData).isUseMandate()) { +				 +				if (((IMOAAuthData)authData).isIseIDNewDemoMode()) { +					Logger.info(MANDATE_FULL_MANDATE_FRIENDLY_NAME + " is NOT available in Austrian eID demo-mode"); +					return null; +					 +				} +				 +				  				//only provide full mandate if it is included.   				//In case of federation only a short mandate could be include   				if (((IMOAAuthData)authData).getMandate() != null) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/SimpleStringAttributeGenerator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/SimpleStringAttributeGenerator.java new file mode 100644 index 000000000..5daa71b1f --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/SimpleStringAttributeGenerator.java @@ -0,0 +1,68 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.protocols.builder.attributes; + +import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; + +/** + * @author tlenz + * + */ +public class SimpleStringAttributeGenerator implements IAttributeGenerator<String> { + +	/* (non-Javadoc) +	 * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildStringAttribute(java.lang.String, java.lang.String, java.lang.String) +	 */ +	@Override +	public String buildStringAttribute(String friendlyName, String name, String value) { +		return value; +		 +	}  + +	/* (non-Javadoc) +	 * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildIntegerAttribute(java.lang.String, java.lang.String, int) +	 */ +	@Override +	public String buildIntegerAttribute(String friendlyName, String name, int value) { +		return String.valueOf(value); +		 +	} + +	/* (non-Javadoc) +	 * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildLongAttribute(java.lang.String, java.lang.String, long) +	 */ +	@Override +	public String buildLongAttribute(String friendlyName, String name, long value) { +		return String.valueOf(value); +		 +	} + +	/* (non-Javadoc) +	 * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildEmptyAttribute(java.lang.String, java.lang.String) +	 */ +	@Override +	public String buildEmptyAttribute(String friendlyName, String name) { +		return null; +	} + +} diff --git a/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder b/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder index 14d4d9fb6..b4e62a344 100644 --- a/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder +++ b/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder @@ -20,3 +20,4 @@ at.gv.egovernment.moa.id.protocols.builder.attributes.MandateReferenceValueAttri  at.gv.egovernment.moa.id.protocols.builder.attributes.MandateTypeAttributeBuilder  at.gv.egovernment.moa.id.protocols.builder.attributes.MandateTypeOIDAttributeBuilder  at.gv.egovernment.moa.id.protocols.builder.attributes.HolderOfKey +at.gv.egovernment.moa.id.protocols.builder.attributes.BPKListAttributeBuilder diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyOAConfig.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyOAConfig.java index 61e765f55..bcbabae5b 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyOAConfig.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyOAConfig.java @@ -346,5 +346,11 @@ public class DummyOAConfig implements IOAAuthParameters {  	public void setHasBaseIdTransferRestriction(boolean hasBaseIdTransferRestriction) {  		this.hasBaseIdTransferRestriction = hasBaseIdTransferRestriction;  	} + +	@Override +	public List<String> additionalbPKSectorsRequested() { +		// TODO Auto-generated method stub +		return null; +	}  } | 
