From f63e2f9bfa26a37ff15a60c91897298f5044c561 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 4 Oct 2017 12:47:56 +0200
Subject: enable mandates for eIDAS service provider

---
 .../id/auth/parser/StartAuthentificationParameterParser.java  | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

(limited to 'id/server/idserverlib/src/main/java/at/gv')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
index 92d76751f..cfe075520 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
@@ -33,6 +33,7 @@ import org.springframework.stereotype.Service;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
 import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.commons.MOAIDConstants;
 import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
 import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
 import at.gv.egovernment.moa.id.commons.api.IRequest;
@@ -155,11 +156,15 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{
 		} else {
 			Logger.debug("Service-Provider is of type 'PrivateService' with DomainIdentifier:" + oaParam.getIdentityLinkDomainIdentifier());
 			
-			if (useMandateBoolean) {
+			/*eIDAS SPs have the same policies regarding Austrian baseIDs as Austrian business services, 
+			 * but mandates are allowed for these 
+			 */
+			if (useMandateBoolean && 
+					!oaParam.getIdentityLinkDomainIdentifier().startsWith(MOAIDConstants.PREFIX_EIDAS)) {
 				Logger.error("Online-Mandate Mode for business application not supported.");
 				throw new AuthenticationException("auth.17", null);
-			}
-			
+				
+			}			
 		}
 		 		
 		//Validate BKU URI
-- 
cgit v1.2.3