diff options
Diffstat (limited to 'id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/task/InjectDummyIdentityInformationTask.java')
-rw-r--r-- | id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/task/InjectDummyIdentityInformationTask.java | 140 |
1 files changed, 140 insertions, 0 deletions
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/task/InjectDummyIdentityInformationTask.java b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/task/InjectDummyIdentityInformationTask.java new file mode 100644 index 000000000..5eb441bc9 --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/task/InjectDummyIdentityInformationTask.java @@ -0,0 +1,140 @@ +/* + * Copyright 2021 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.auth.dummy.task; + +import java.util.Map; +import java.util.Map.Entry; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.exceptions.EAAFAuthenticationException; +import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; +import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; +import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper; +import at.gv.egovernment.moa.id.auth.modules.auth.dummy.service.DummyIdentityService; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +@Component("InjectDummyIdentityInformationTask") +public class InjectDummyIdentityInformationTask extends AbstractAuthServletTask { + + @Autowired + IConfiguration moaAuthConfig; + @Autowired + DummyIdentityService service; + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv. + * egovernment.moa.id.process.api.ExecutionContext, + * javax.servlet.http.HttpServletRequest, + * javax.servlet.http.HttpServletResponse) + */ + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest request, + HttpServletResponse response) + throws TaskExecutionException { + + try { + Logger.debug("Injecting user credentials for Dummy-Identity authentication ... "); + parseDemoValuesIntoMOASession(pendingReq); + + // set 'needConsent' to false, because user gives consent during authentication + pendingReq.setNeedUserConsent(false); + + // set 'authenticated' flag to true + pendingReq.setAuthenticated(true); + + // store MOASession into database + requestStoreage.storePendingRequest(pendingReq); + + } catch (final MOAIDException e) { + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } catch (final Exception e) { + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } + } + + /** + * @param pendingReq + * @param moaSession + * @throws MOAIDException + * @throws EAAFStorageException + * @throws EAAFAuthenticationException + */ + private void parseDemoValuesIntoMOASession(IRequest pendingReq) throws MOAIDException, EAAFStorageException, + EAAFAuthenticationException { + final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData( + AuthenticationSessionWrapper.class); + moaSession.setForeigner(false); + moaSession.setQAALevel(PVPConstants.EIDAS_QAA_HIGH); + + final Map<String, String> rawIdentity = service.getIdentityRandomly(); + + // add attributes into session + for (final Entry<String, String> el : rawIdentity.entrySet()) { + moaSession.setGenericDataToSession(el.getKey(), el.getValue()); + Logger.debug("Add PVP-attribute " + el.getKey() + " into MOASession"); + + } + + // set BKU URL + if (rawIdentity.containsKey(PVPAttributeDefinitions.EID_CCS_URL_NAME)) { + moaSession.setBkuURL(rawIdentity.get(PVPAttributeDefinitions.EID_CCS_URL_NAME)); + + } else { + moaSession.setBkuURL("http://egiz.gv.at/dummy-authentication"); + + } + + // check if mandates are included + if (rawIdentity.containsKey(PVPAttributeDefinitions.MANDATE_TYPE_NAME) + || rawIdentity.containsKey(PVPAttributeDefinitions.MANDATE_TYPE_OID_NAME)) { + Logger.debug("Find Mandate-Attributes in E-ID response. Switch to mandate-mode ... "); + moaSession.setUseMandates(true); + + } else { + moaSession.setUseMandates(false); + + } + } + +} |