3 files changed, 74 insertions, 33 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateLegalPersonSourcePinAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateLegalPersonSourcePinAttributeBuilder.java
index 46472c983..481690013 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateLegalPersonSourcePinAttributeBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateLegalPersonSourcePinAttributeBuilder.java
@@ -42,41 +42,12 @@ public class MandateLegalPersonSourcePinAttributeBuilder  implements IPVPAttribu
 
 	public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData,
 			IAttributeGenerator<ATT> g) throws AttributeException {
-		if(authData.isUseMandate()) {
-			
-			//get PVP attribute directly, if exists 
-			String sourcePin = authData.getGenericData(MANDATE_LEG_PER_SOURCE_PIN_NAME, String.class);
-			
-			if (MiscUtil.isEmpty(sourcePin)) {
-				Element mandate = authData.getMandate();
-				if(mandate == null) {
-					throw new NoMandateDataAttributeException();
-					
-				}
-				Mandate mandateObject = MandateBuilder.buildMandate(mandate);
-				if(mandateObject == null) {
-					throw new NoMandateDataAttributeException();
-					
-				}
-				CorporateBodyType corporation = mandateObject.getMandator().getCorporateBody();
-				if(corporation == null) {
-					Logger.error("No corporation mandate");
-					throw new NoMandateDataAttributeException();
-					
-				}
-				if(corporation.getIdentification().size() == 0) {
-					Logger.error("Failed to generate IdentificationType");
-					throw new NoMandateDataAttributeException();
-					
-				}
-				
-				sourcePin =  corporation.getIdentification().get(0).getValue().getValue();
-				
-			}
-				
+		if(authData.isUseMandate()) {				
 			return g.buildStringAttribute(MANDATE_LEG_PER_SOURCE_PIN_FRIENDLY_NAME, 
-					MANDATE_LEG_PER_SOURCE_PIN_NAME, sourcePin);
+					MANDATE_LEG_PER_SOURCE_PIN_NAME, getLegalPersonIdentifierFromMandate(authData));
+			
 		}
+		
 		return null;
 		
 	}
@@ -84,4 +55,39 @@ public class MandateLegalPersonSourcePinAttributeBuilder  implements IPVPAttribu
 	public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) {
 		return g.buildEmptyAttribute(MANDATE_LEG_PER_SOURCE_PIN_FRIENDLY_NAME, MANDATE_LEG_PER_SOURCE_PIN_NAME);
 	}
+	
+	
+	protected String getLegalPersonIdentifierFromMandate(IAuthData authData) throws NoMandateDataAttributeException {
+		//get PVP attribute directly, if exists 
+		String sourcePin = authData.getGenericData(MANDATE_LEG_PER_SOURCE_PIN_NAME, String.class);
+		
+		if (MiscUtil.isEmpty(sourcePin)) {
+			Element mandate = authData.getMandate();
+			if(mandate == null) {
+				throw new NoMandateDataAttributeException();
+				
+			}
+			Mandate mandateObject = MandateBuilder.buildMandate(mandate);
+			if(mandateObject == null) {
+				throw new NoMandateDataAttributeException();
+				
+			}
+			CorporateBodyType corporation = mandateObject.getMandator().getCorporateBody();
+			if(corporation == null) {
+				Logger.error("No corporation mandate");
+				throw new NoMandateDataAttributeException();
+				
+			}
+			if(corporation.getIdentification().size() == 0) {
+				Logger.error("Failed to generate IdentificationType");
+				throw new NoMandateDataAttributeException();
+				
+			}
+			
+			sourcePin =  corporation.getIdentification().get(0).getValue().getValue();
+			
+		}
+		
+		return sourcePin;
+	}
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonBPKAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonBPKAttributeBuilder.java
index df8f86f7e..f4e69749c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonBPKAttributeBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonBPKAttributeBuilder.java
@@ -75,6 +75,10 @@ public class MandateNaturalPersonBPKAttributeBuilder implements IPVPAttributeBui
 				
 				try {					
 					if (id.getType().equals(Constants.URN_PREFIX_BASEID)) {
+												
+						/*TODO: some updates are required if we support bPKs in eIDAS context, because
+						 * BPKBuilder().buildWBPK only supports Austrian wbPKs  
+						 */						
 						if (oaParam.getBusinessService()) {
 							bpk = new BPKBuilder().buildWBPK(id.getValue().getValue(), oaParam.getIdentityLinkDomainIdentifier());
 							
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrLegalPersonIdentifier.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrLegalPersonIdentifier.java
index c008048cb..ea5a002e0 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrLegalPersonIdentifier.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrLegalPersonIdentifier.java
@@ -22,7 +22,13 @@
  */
 package at.gv.egovernment.moa.id.protocols.eidas.attributes.builder;
 
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
+import at.gv.egovernment.moa.id.data.IAuthData;
+import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
 import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateLegalPersonSourcePinAttributeBuilder;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
 
 /**
  * @author tlenz
@@ -31,6 +37,31 @@ import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateLegalPersonS
 public class eIDASAttrLegalPersonIdentifier extends MandateLegalPersonSourcePinAttributeBuilder implements IeIDASAttribute {
 
 	@Override
+	public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData,
+			IAttributeGenerator<ATT> g) throws AttributeException {
+		if(authData.isUseMandate()) {
+			
+			//extract eIDAS unique Id prefix from naturalPerson bPK identifier
+			if (MiscUtil.isEmpty(authData.getBPKType())
+					|| !authData.getBPKType().startsWith(at.gv.egovernment.moa.util.Constants.URN_PREFIX_EIDAS)) {
+				Logger.error("BPKType is empty or does not start with eIDAS bPKType prefix! bPKType:" + authData.getBPKType());
+				throw new AttributeException("Suspect bPKType for eIDAS identifier generation");
+				
+			} 
+			
+			//add eIDAS eID prefix to legal person identifier
+			String prefix = authData.getBPKType().substring(at.gv.egovernment.moa.util.Constants.URN_PREFIX_EIDAS.length() + 1);
+			String legalPersonID = prefix.replaceAll("\\+", "/") + "/" + getLegalPersonIdentifierFromMandate(authData);						
+			return g.buildStringAttribute(MANDATE_LEG_PER_SOURCE_PIN_FRIENDLY_NAME, 
+					MANDATE_LEG_PER_SOURCE_PIN_NAME, legalPersonID);
+			
+		}
+		
+		return null;
+				
+	}
+	
+	@Override
 	public String getName() {
 		return eu.eidas.auth.engine.core.eidas.spec.LegalPersonSpec.Definitions.LEGAL_PERSON_IDENTIFIER.getNameUri().toString();
 	}