From d0f6c3700d574e3822250af9d4050726caace846 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Thu, 3 Apr 2014 16:43:14 +0200 Subject: eid derivation --- .../id/configuration/data/oa/OAGeneralConfig.java | 3 ++- .../moa/id/auth/AuthenticationServer.java | 2 +- .../moa/id/auth/builder/BPKBuilder.java | 31 +++++++++++++++------- .../stork2/EHvdAttributeProviderPlugin.java | 2 +- .../id/protocols/stork2/MOAAttributeProvider.java | 2 +- 5 files changed, 26 insertions(+), 14 deletions(-) diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java index 3483a8453..d43c97aed 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java @@ -209,7 +209,8 @@ public class OAGeneralConfig { identificationType = split[1]; identificationNumber = split[2]; } else if (Constants.PREFIX_STORK.startsWith(split[0]) && split.length >= 2) { - identificationType = split[1]; // setting at as iden category ? + //identificationType = split[1]; // setting at as iden category ? + identificationType = Constants.IDENIFICATIONTYPE_STORK; identificationNumber = split[2]; // setting sp country as ident type -> sp ident } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index 0bb822c09..d7083ec81 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -409,7 +409,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { // if OA is type is business service the manifest validation result has // to be ignored - boolean ignoreManifestValidationResult = (oaParam.getBusinessService() || oaParam.getStorkService()) ? true + boolean ignoreManifestValidationResult = (oaParam.getBusinessService()) ? true : false; // validates the diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java index 866c5a923..7039a1fe0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java @@ -46,6 +46,7 @@ package at.gv.egovernment.moa.id.auth.builder; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; @@ -137,28 +138,37 @@ public class BPKBuilder { /** * Builds the storkeid from the given parameters. * - * @param identificationValue Base64 encoded "Stammzahl" + * @param identityLink identity link * @param destinationCountry destination country code (2 chars) * @return storkid in a BASE64 encoding * @throws BuildException if an error occurs on building the wbPK */ - public String buildStorkbPK(String identificationValue, String destinationCountry) + public String buildStorkeIdentifier(IdentityLink identityLink, String destinationCountry) throws BuildException { - return buildStorkbPK(identificationValue, "AT", destinationCountry); + return buildStorkbPK(identityLink, "AT", destinationCountry); } /** * Builds the storkeid from the given parameters. * - * @param identificationValue Base64 encoded "Stammzahl" + * @param identityLink identity link * @param sourceCountry source country code (2 chars) * @param destinationCountry destination country code (2 chars) * @return storkid in a BASE64 encoding * @throws BuildException if an error occurs on building the wbPK */ - public String buildStorkbPK(String identificationValue, String sourceCountry, String destinationCountry) + public String buildStorkbPK(IdentityLink identityLink, String sourceCountry, String destinationCountry) throws BuildException { + String identificationValue = null; + + // check if we have been called by public sector application + if (identityLink.getIdentificationType().startsWith(Constants.URN_PREFIX_BASEID)) { + identificationValue = calculateStorkeIdentifierBase(identityLink, sourceCountry, destinationCountry); + } else { // if not, sector identification value is already calculated by BKU + Logger.info("STORK eIdentifier already provided by BKU"); + identificationValue = identityLink.getIdentificationValue(); + } if ((identificationValue == null || identificationValue.length() == 0 || @@ -173,20 +183,21 @@ public class BPKBuilder { Logger.info("Building STORK identification from: " + sourceCountry+"/"+destinationCountry+"/" + "[identValue]"); String eIdentifier = sourceCountry+"/"+destinationCountry+"/"+identificationValue; - /* Commented - it is already done by BKU, we need only to add Stork values - String basisbegriff = identificationValue + "+" + Constants.URN_PREFIX_STORK + "+" + sourceCountry + "+" + destinationCountry; + return eIdentifier; + } + + private String calculateStorkeIdentifierBase(IdentityLink identityLink, String sourceCountry, String destinationCountry) throws BuildException { + String basisbegriff = identityLink.getIdentificationValue() + "+" + Constants.URN_PREFIX_STORK + "+" + sourceCountry + "+" + destinationCountry; Logger.info("Building STORK identification from: [identValue]+" + Constants.URN_PREFIX_STORK + "+" + sourceCountry + "+" + destinationCountry); try { MessageDigest md = MessageDigest.getInstance("SHA-1"); byte[] hash = md.digest(basisbegriff.getBytes("ISO-8859-1")); String hashBase64 = Base64Utils.encode(hash); - Logger.info("STORK identification defined as: " + hashBase64); + Logger.debug("STORK identification defined as: " + hashBase64); return hashBase64; } catch (Exception ex) { throw new BuildException("builder.00", new Object[]{"storkid", ex.toString()}, ex); } - */ - return eIdentifier; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java index 5e9d9404c..370182e71 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java @@ -193,7 +193,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { // add stork id for verification ArrayList value = new ArrayList(); - value.add(new BPKBuilder().buildStorkbPK(moasession.getIdentityLink().getIdentificationValue(), spCountryCode)); + value.add(new BPKBuilder().buildStorkeIdentifier(moasession.getIdentityLink(), spCountryCode)); result.add(new PersonalAttribute("eIdentifier", false, value, "Available")); return result; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java index 873ec1e26..21d6f2718 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java @@ -71,7 +71,7 @@ public class MOAAttributeProvider { private String geteIdentifier() { Logger.debug("Using base urn for identification value: " + identityLink.getIdentificationType() + " and target country: " + moastorkRequest.getStorkAuthnRequest().getSpCountry()); try { - return new BPKBuilder().buildStorkbPK(identityLink.getIdentificationValue(), moastorkRequest.getStorkAuthnRequest().getSpCountry()); + return new BPKBuilder().buildStorkeIdentifier(identityLink, moastorkRequest.getStorkAuthnRequest().getSpCountry()); } catch (BuildException be) { Logger.error("Stork eid could not be constructed; " + be.getMessage()); return null; // TODO error -- cgit v1.2.3