From e4fa532f93f10115e1f39c97cc96e5950a048884 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 11 Dec 2019 16:01:38 +0100
Subject: update to EAAF-Components 1.0.13.1 Enforce E-ID authentication based
 on Service-Provider configuration

---
 .../eidproxyauth/EIDProxyAuthModuleImpl.java       | 52 +++++++++++++---------
 1 file changed, 32 insertions(+), 20 deletions(-)

(limited to 'id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa')

diff --git a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthModuleImpl.java b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthModuleImpl.java
index f4c27e047..85d9d0f76 100644
--- a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthModuleImpl.java
+++ b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthModuleImpl.java
@@ -29,9 +29,11 @@ import javax.annotation.PostConstruct;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 
+import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
 import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
 import at.gv.egovernment.moa.logging.Logger;
 
@@ -66,27 +68,37 @@ public class EIDProxyAuthModuleImpl implements AuthModule {
 	 * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
 	 */
 	@Override
-	public String selectProcess(ExecutionContext context) {
-		
-		if (authConfig.getBasicConfigurationBoolean(EIDProxyAuthConstants.CONFIG_PROPS_DISABLE_PROCESS_ENFORCEMENT, false)) {
-			Serializable paramObj = context.get(EIDProxyAuthConstants.HTTP_PARAM_EIDPROXY_AUTH_SELECTION);
-			if (paramObj != null ) {
-				if (paramObj instanceof String) {		
-					String param = (String)paramObj;
-					if (StringUtils.isNotEmpty(param) && Boolean.parseBoolean(param)) {
-						Logger.debug("Manually selected E-ID authentication process  ");
-						return AUTH_PROCESS_NAME;
-					}
-				}
-			}
-			
-			return null;
-
-		}
-
-		Logger.trace("Select E-ID authentication process ... ");		
-		return AUTH_PROCESS_NAME;		
+	public String selectProcess(ExecutionContext context, IRequest pendingReq) {
 		
+	  if (Boolean.parseBoolean(
+          pendingReq.getServiceProviderConfiguration().getConfigurationValue(
+              MOAIDConfigurationConstants.SERVICE_AUTH_AUSTRIAN_EID_DEMO_MODE, 
+              String.valueOf(false)))) {
+	    Logger.debug("SP: " + pendingReq.getSPEntityId() + " activates E-ID mode.");
+	    return AUTH_PROCESS_NAME;
+	    
+	  } else {	  
+  		if (authConfig.getBasicConfigurationBoolean(EIDProxyAuthConstants.CONFIG_PROPS_DISABLE_PROCESS_ENFORCEMENT, true)) {
+  		  Logger.trace("Disable E-ID enforcment is 'true' ");
+  			Serializable paramObj = context.get(EIDProxyAuthConstants.HTTP_PARAM_EIDPROXY_AUTH_SELECTION);
+  			if (paramObj != null ) {
+  				if (paramObj instanceof String) {		
+  					String param = (String)paramObj;
+  					if (StringUtils.isNotEmpty(param) && Boolean.parseBoolean(param)) {
+  						Logger.debug("Manually selected E-ID authentication process  ");
+  						return AUTH_PROCESS_NAME;
+  					}
+  				}
+  			}
+  			
+  			return null;
+  
+  		} else {
+  		  Logger.trace("Select E-ID authentication process ... ");		
+  		  return AUTH_PROCESS_NAME;
+	    
+  		}
+	  }		
 	}
 
 	/* (non-Javadoc)
-- 
cgit v1.2.3