diff options
Diffstat (limited to 'id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java')
-rw-r--r-- | id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java | 62 |
1 files changed, 43 insertions, 19 deletions
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java index 298d3e84e..1e1bfa94b 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java @@ -31,6 +31,7 @@ import at.gv.egovernment.moa.id.commons.api.data.CPEPS; import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters; import at.gv.egovernment.moa.id.commons.api.data.StorkAttribute; import at.gv.egovernment.moa.id.commons.api.data.StorkAttributeProviderPlugin; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; /** * @author tlenz @@ -38,6 +39,9 @@ import at.gv.egovernment.moa.id.commons.api.data.StorkAttributeProviderPlugin; */ public interface IOAAuthParameters { + public static final String CONFIG_KEY_RESTRICTIONS_BASEID_INTERNAL = "configuration.restrictions.baseID.idpProcessing"; + public static final String CONFIG_KEY_RESTRICTIONS_BASEID_TRANSMISSION = "configuration.restrictions.baseID.spTransmission"; + public static final String THIRDBKU = "thirdBKU"; public static final String HANDYBKU = "handy"; public static final String LOCALBKU = "local"; @@ -67,20 +71,52 @@ public interface IOAAuthParameters { public String getFriendlyName(); public String getPublicURLPrefix(); - - public String getOaType(); - public boolean getBusinessService(); + /** + * Indicates if this online applications has private area restrictions that disallow baseId processing in general + * This restriction is evaluated from area-identifier of this online application and a policy from configuration. + * The configuration key 'configuration.restrictions.baseID.idpProcessing' specifies a list of comma-separated values + * of area-identifier prefixes that are allowed to receive a baseID. By default only the prefix + * 'urn:publicid:gv.at:cdid+' is allowed to receive baseIDs + * + * @return true if there is a restriction, otherwise false + * @throws ConfigurationException In case of online-application configuration has public and private identifies + */ + public boolean hasBaseIdInternalProcessingRestriction() throws ConfigurationException; + /** - * Get target of a public service-provider + * Indicates if this online applications has private area restrictions that disallow baseId transfer to OA + * This restriction is evaluated from area-identifier of this online application and a policy from configuration. + * The configuration key 'configuration.restrictions.baseID.spTransmission' specifies a list of comma-separated values + * of area-identifier prefixes that are allowed to receive a baseID. By default only the prefix + * 'urn:publicid:gv.at:cdid+' is allowed to receive baseIDs * - * @return target identifier without prefix + * @return true if there is a restriction, otherwise false + * @throws ConfigurationException In case of online-application configuration has public and private identifies */ - public String getTarget(); + public boolean hasBaseIdTransferRestriction() throws ConfigurationException; - public String getTargetFriendlyName(); + /** + * Get the full area-identifier for this online application to calculate the + * area-specific unique person identifier (bPK, wbPK, eIDAS unique identifier, ...). + * This identifier always contains the full prefix + * + * @return area identifier with prefix + * @throws ConfigurationException In case of online-application configuration has public and private identifies + */ + public String getAreaSpecificTargetIdentifier() throws ConfigurationException; + + /** + * Get a friendly name for the specific area-identifier of this online application + * + * @return fiendly name of the area-identifier + * @throws ConfigurationException In case of online-application configuration has public and private identifies + */ + public String getAreaSpecificTargetIdentifierFriendlyName() throws ConfigurationException; + + public boolean isInderfederationIDP(); public boolean isSTORKPVPGateway(); @@ -88,13 +124,6 @@ public interface IOAAuthParameters { public boolean isRemovePBKFromAuthBlock(); /** - * Return the private-service domain-identifier with PreFix - * - * @return the identityLinkDomainIdentifier - */ - public String getIdentityLinkDomainIdentifier(); - - /** * @return the keyBoxIdentifier */ public String getKeyBoxIdentifier(); @@ -142,11 +171,6 @@ public interface IOAAuthParameters { */ public List<String> getMandateProfiles(); - /** - * @return the identityLinkDomainIdentifierType - */ - public String getIdentityLinkDomainIdentifierType(); - public boolean isShowMandateCheckBox(); public boolean isOnlyMandateAllowed(); |