aboutsummaryrefslogtreecommitdiff
path: root/id
diff options
context:
space:
mode:
Diffstat (limited to 'id')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java50
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java1
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPConstants.java5
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/PVPtoSTORKMapper.java48
-rw-r--r--id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_mapping.properties20
5 files changed, 116 insertions, 8 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java
index a5dfe7524..53be0881b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java
@@ -36,6 +36,9 @@ import org.w3c.dom.Element;
import at.gv.egovernment.moa.id.auth.data.IdentityLink;
import at.gv.egovernment.moa.id.auth.exception.SessionDataStorageException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption;
+import at.gv.egovernment.moa.id.util.PVPtoSTORKMapper;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.DateTimeUtils;
@@ -477,9 +480,47 @@ public class AuthenticationData implements IAuthData, Serializable {
* @return
*/
public String getQAALevel() {
- return this.QAALevel;
+ if (this.QAALevel != null &&
+ this.QAALevel.startsWith(PVPConstants.EIDAS_QAA_PREFIX)) {
+ String mappedQAA = PVPtoSTORKMapper.getInstance().mapeIDASQAAToSTORKQAA(this.QAALevel);
+ if (MiscUtil.isNotEmpty(mappedQAA))
+ return mappedQAA;
+
+ else {
+ Logger.error("eIDAS QAA-level:" + this.QAALevel
+ + " can not be mapped to STORK QAA-level! Use "
+ + PVPConstants.STORK_QAA_1_1 + " as default value.");
+ return PVPConstants.STORK_QAA_1_1;
+
+ }
+
+
+ } else
+ return this.QAALevel;
}
+
+ public String getEIDASQAALevel() {
+ if (this.QAALevel != null &&
+ this.QAALevel.startsWith(PVPConstants.STORK_QAA_PREFIX)) {
+ String mappedQAA = PVPtoSTORKMapper.getInstance().mapSTORKQAAToeIDASQAA(this.QAALevel);
+ if (MiscUtil.isNotEmpty(mappedQAA))
+ return mappedQAA;
+
+ else {
+ Logger.error("STORK QAA-level:" + this.QAALevel
+ + " can not be mapped to eIDAS QAA-level! Use "
+ + PVPConstants.EIDAS_QAA_LOW + " as default value.");
+ return PVPConstants.EIDAS_QAA_LOW;
+
+ }
+
+
+ } else
+ return this.QAALevel;
+
+ }
+
/**
* @return
@@ -498,13 +539,16 @@ public class AuthenticationData implements IAuthData, Serializable {
/**
+ * Store QAA level in eIDAS format to authentication Data
+ *
* @param qAALevel the qAALevel to set
+ * @throws AssertionAttributeExtractorExeption
*/
public void setQAALevel(String qAALevel) {
- QAALevel = qAALevel;
+ QAALevel = qAALevel;
+
}
-
/**
* @return the ssoSession
*/
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java
index 915242787..91d40fcc3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java
@@ -79,6 +79,7 @@ public interface IAuthData {
String getMandateReferenceValue();
String getQAALevel();
+ public String getEIDASQAALevel();
String getSessionIndex();
String getNameID();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPConstants.java
index 168f2362a..dc0cab8c3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPConstants.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPConstants.java
@@ -41,6 +41,11 @@ public interface PVPConstants {
public static final String STORK_QAA_1_3 = "http://www.stork.gov.eu/1.0/citizenQAALevel/3";
public static final String STORK_QAA_1_4 = "http://www.stork.gov.eu/1.0/citizenQAALevel/4";
+ public static final String EIDAS_QAA_PREFIX = "http://eidas.europa.eu/LoA/";
+ public static final String EIDAS_QAA_LOW = EIDAS_QAA_PREFIX + "low";
+ public static final String EIDAS_QAA_SUBSTANTIAL = EIDAS_QAA_PREFIX + "substantial";
+ public static final String EIDAS_QAA_HIGH = EIDAS_QAA_PREFIX + "high";
+
public static final String STORK_ATTRIBUTE_PREFIX = "http://www.stork.gov.eu/";
public static final String URN_OID_PREFIX = "urn:oid:";
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/PVPtoSTORKMapper.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/PVPtoSTORKMapper.java
index 5ef9494f4..d0da0003f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/PVPtoSTORKMapper.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/PVPtoSTORKMapper.java
@@ -37,10 +37,14 @@ public class PVPtoSTORKMapper {
private static final String PVP_SECCLASS_PREFIX = "http://www.ref.gv.at/ns/names/agiz/pvp/";
private static final String STORK_QAA_PREFIX = "http://www.stork.gov.eu/1.0/";
+ private static final String eIDAS_QAA_PREFIX = "http://eidas.europa.eu/";
private static final String MAPPING_RESOURCE =
"resources/properties/pvp-stork_mapping.properties";
+ private static final String MAPPING_SECCLASS_PREFIX = "secclass_";
+ private static final String MAPPING_EIDAS_PREFIX = "eidas_";
+
private Properties mapping = null;
private static PVPtoSTORKMapper instance = null;
@@ -68,6 +72,47 @@ public class PVPtoSTORKMapper {
}
+ /**
+ * Map STORK QAA level to eIDAS QAA level
+ *
+ * @param storkQAA STORK QAA level
+ * @return
+ */
+ public String mapSTORKQAAToeIDASQAA(String storkQAA) {
+ if (mapping != null) {
+ String input = storkQAA.substring(STORK_QAA_PREFIX.length());
+ String mappedQAA = mapping.getProperty(MAPPING_EIDAS_PREFIX + input);
+ if (MiscUtil.isNotEmpty(mappedQAA)) {
+ Logger.info("Map STORK-QAA " + storkQAA + " to eIDAS-QAA " + mappedQAA);
+ return mappedQAA;
+
+ }
+ }
+ Logger.warn("No eIDAS-QAA mapping for STORK-QAA " + storkQAA +" !");
+ return null;
+
+ }
+
+ /**
+ * Map eIDAS QAA-level to STORK QAA-level
+ *
+ * @param qaaLevel eIDAS QAA-level
+ * @return STORK QAA-level
+ */
+ public String mapeIDASQAAToSTORKQAA(String qaaLevel) {
+ if (mapping != null) {
+ String input = qaaLevel.substring(eIDAS_QAA_PREFIX.length());
+ String mappedQAA = mapping.getProperty(MAPPING_EIDAS_PREFIX + input);
+ if (MiscUtil.isNotEmpty(mappedQAA)) {
+ Logger.info("Map eIDAS-QAA " + qaaLevel + " to STORK-QAA " + mappedQAA);
+ return mappedQAA;
+
+ }
+ }
+ Logger.warn("No eIDAS-QAA mapping for eIDAS-QAA " + qaaLevel +" !");
+ return null;
+ }
+
/**Map a STORK QAA level to PVP SecClass
*
* @param STORK-QAA level
@@ -76,7 +121,7 @@ public class PVPtoSTORKMapper {
public String mapToSecClass(String storkQAALevel) {
if (mapping != null) {
String input = storkQAALevel.substring(STORK_QAA_PREFIX.length());
- String mappedQAA = mapping.getProperty(input);
+ String mappedQAA = mapping.getProperty(MAPPING_SECCLASS_PREFIX + input);
if (MiscUtil.isNotEmpty(mappedQAA)) {
Logger.info("Map STORK-QAA " + storkQAALevel + " to PVP SecClass " + mappedQAA);
return mappedQAA;
@@ -125,4 +170,5 @@ public class PVPtoSTORKMapper {
Logger.warn("NO mapping for PVPRole "+ el.getRoleName() + " !");
return null;
}
+
}
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_mapping.properties b/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_mapping.properties
index ca12fada4..63a679db5 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_mapping.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_mapping.properties
@@ -25,7 +25,19 @@ secclass/0-2=http://www.stork.gov.eu/1.0/citizenQAALevel/4
secclass/0-3=http://www.stork.gov.eu/1.0/citizenQAALevel/4
##STORK-QAA to PVP SecClass mapping
-citizenQAALevel/1=http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0
-citizenQAALevel/2=http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0-1
-citizenQAALevel/3=http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0-2
-citizenQAALevel/4=http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0-2 \ No newline at end of file
+secclass_citizenQAALevel/1=http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0
+secclass_citizenQAALevel/2=http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0-1
+secclass_citizenQAALevel/3=http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0-2
+secclass_citizenQAALevel/4=http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0-2
+
+
+##STORK-QAA to eIDAS-QAA mapping
+eidas_citizenQAALevel/1=http://eidas.europa.eu/LoA/low
+eidas_citizenQAALevel/2=http://eidas.europa.eu/LoA/low
+eidas_citizenQAALevel/3=http://eidas.europa.eu/LoA/substantial
+eidas_citizenQAALevel/4=http://eidas.europa.eu/LoA/high
+
+##eIDAS-QAA to STORK-QAA mapping
+LoA/low=http://www.stork.gov.eu/1.0/citizenQAALevel/1
+LoA/substantial=http://www.stork.gov.eu/1.0/citizenQAALevel/2
+LoA/high=http://www.stork.gov.eu/1.0/citizenQAALevel/4 \ No newline at end of file