From 9ac6c3342ba7afdd75838230d13ceda70614cedc Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Fri, 13 Mar 2015 16:03:33 +0100 Subject: added fakeidl no-signature option config --- .../moa/id/config/auth/AuthConfigurationProvider.java | 10 ++++++++++ .../moa/id/auth/modules/stork/tasks/PepsConnectorTask.java | 8 ++++++-- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java index c746c0888..d33a9ea92 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java @@ -1042,6 +1042,16 @@ public class AuthConfigurationProvider extends ConfigurationProvider { return null; } + /** + * Gets the countries for which it is configured to require no signature + * + * @return the stork no signature countries + */ + public List getStorkNoSignatureCountries() { + String prop = props.getProperty("stork.fakeIdL.noSignatureCountries", ""); + return Arrays.asList(prop.replaceAll(" ", "").split(",")); + } + public boolean isMonitoringActive() { String prop = props.getProperty("configuration.monitoring.active", "false"); return Boolean.valueOf(prop); diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java index d233f88c4..3d787f371 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java @@ -326,9 +326,13 @@ public class PepsConnectorTask extends AbstractAuthServletTask { // //////////////////////////////////////////////////////////////////////// + AuthConfigurationProvider config = AuthConfigurationProvider.getInstance(); + String citizenSignature = null; + if(config.isStorkFakeIdLActive() && config.getStorkNoSignatureCountries().contains(storkAuthnRequest.getCitizenCountryCode()) && config.getStorkFakeIdLCountries().contains(storkAuthnRequest.getCitizenCountryCode())) { + Logger.debug("signedDoc extraction skipped due to configuration"); + } else { Logger.debug("Starting extraction of signedDoc attribute"); // extract signed doc element and citizen signature - String citizenSignature = null; try { if (authnResponse.getPersonalAttributeList().get("signedDoc") == null @@ -409,6 +413,7 @@ public class PepsConnectorTask extends AbstractAuthServletTask { Logger.error("Could not extract citizen signature from C-PEPS", e); throw new MOAIDException("stork.09", null); } + } Logger.debug("Foregin Citizen signature successfully extracted from STORK Assertion (signedDoc)"); Logger.debug("Citizen signature will be verified by SZR Gateway!"); @@ -441,7 +446,6 @@ public class PepsConnectorTask extends AbstractAuthServletTask { IdentityLink identityLink = null; executionContext.put("identityLinkAvailable", false); try { - AuthConfigurationProvider config = AuthConfigurationProvider.getInstance(); if(config.isStorkFakeIdLActive() && config.getStorkFakeIdLCountries().contains(storkAuthnRequest.getCitizenCountryCode())) { // create fake IdL // - fetch IdL template from resources -- cgit v1.2.3