1 files changed, 152 insertions, 0 deletions

diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthModule.java b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthModule.java
new file mode 100644
index 000000000..e2f550736
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthModule.java
@@ -0,0 +1,152 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.auth.dummy;
+
+import java.io.Serializable;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.stream.Collectors;
+
+import javax.annotation.PostConstruct;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager;
+import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * @author tlenz
+ *
+ */
+public class DummyIdentityAuthModule implements AuthModule {
+
+  private int priority = 2;
+
+  @Autowired(required = true)
+  protected IConfigurationWithSP authConfig;
+  @Autowired(required = true)
+  private IAuthenticationManager authManager;
+
+  private Collection<String> uniqueIDsDummyAuthEnabled;
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getPriority()
+   */
+  @Override
+  public int getPriority() {
+    return priority;
+  }
+
+  /**
+   * Sets the priority of this module. Default value is {@code 0}.
+   *
+   * @param priority The priority.
+   */
+  public void setPriority(int priority) {
+    this.priority = priority;
+  }
+
+  @PostConstruct
+  private void initialDummyAuthWhiteList() {    
+    if (authConfig.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) {
+      Logger.info("AuthModule for 'dummy-identities' is enabled");
+      
+      // load allowed service-provider Id's
+      uniqueIDsDummyAuthEnabled = authConfig.getBasicConfigurationWithPrefix(
+          ConfigurationProperties.PROP_MODULE_SP_PREFIX).values().stream()
+          .filter(el -> StringUtils.isNotEmpty(el))
+          .collect(Collectors.toSet());
+
+      if (!uniqueIDsDummyAuthEnabled.isEmpty()) {
+        Logger.info("Dummy authentication is enabled for ....");
+        uniqueIDsDummyAuthEnabled.forEach(el -> Logger.info("   EntityID: " + el));
+
+      }
+
+      // TODO: do we need a selection parameter from external
+      authManager.addParameterNameToWhiteList(ConfigurationProperties.HTTP_PARAM_START_DUMMY_AUTH);
+      
+    } else {
+      uniqueIDsDummyAuthEnabled = Collections.emptySet();
+      Logger.info("AuthModule for 'dummy-identities' is disabled");
+      
+    }
+
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.
+   * egovernment.moa.id.process.api.ExecutionContext)
+   */
+  @Override
+  public String selectProcess(ExecutionContext context, IRequest pendingReq) {
+
+    if (authConfig.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) {
+      final String spEntityID = pendingReq.getServiceProviderConfiguration().getUniqueIdentifier();
+      Logger.trace("Check dummy-auth for SP: " + spEntityID);
+      if (uniqueIDsDummyAuthEnabled.contains(spEntityID)) {
+        final Serializable flagObj = context.get(ConfigurationProperties.HTTP_PARAM_START_DUMMY_AUTH);
+        if (flagObj instanceof String && Boolean.valueOf((String) flagObj)) {
+          Logger.info("Starting Dummy-Identity authentication for SP: " + spEntityID);
+          return "dummyIdentityAuthentication";
+
+        } else {
+          Logger.debug("Dummy-Identity authentication flag not 'true'. Skip it ... ");
+
+        }
+
+      } else {
+        Logger.debug("Unique SP-Id: " + spEntityID
+            + " is not in whitelist for Dummy-Identity authentication.");
+
+      }
+
+    } else {
+      Logger.trace("Dummy-Identity authentication is disabled");
+
+    }
+
+    return null;
+
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getProcessDefinitions()
+   */
+  @Override
+  public String[] getProcessDefinitions() {
+    return new String[] { "classpath:/dummy_identity_auth.process.xml" };
+  }
+
+}