From a9c3d654ebd5af475c1fb634d4fb03d8499218ee Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 16 Aug 2016 07:08:00 +0200
Subject: update eIDAS attribute generation from AuthData

---
 .../eidas/utils/SimpleEidasAttributeGenerator.java | 68 ++++++++++++++++++++++
 .../eidas/eIDASAuthenticationRequest.java          | 64 +++++++++++++-------
 2 files changed, 110 insertions(+), 22 deletions(-)
 create mode 100644 id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SimpleEidasAttributeGenerator.java

(limited to 'id/server/modules/moa-id-module-eIDAS/src')

diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SimpleEidasAttributeGenerator.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SimpleEidasAttributeGenerator.java
new file mode 100644
index 000000000..d43fa1622
--- /dev/null
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SimpleEidasAttributeGenerator.java
@@ -0,0 +1,68 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.eidas.utils;
+
+import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
+
+/**
+ * @author tlenz
+ *
+ */
+public class SimpleEidasAttributeGenerator implements IAttributeGenerator<String> {
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildStringAttribute(java.lang.String, java.lang.String, java.lang.String)
+	 */
+	@Override
+	public String buildStringAttribute(String friendlyName, String name, String value) {
+		return value;
+		
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildIntegerAttribute(java.lang.String, java.lang.String, int)
+	 */
+	@Override
+	public String buildIntegerAttribute(String friendlyName, String name, int value) {
+		return String.valueOf(value);
+		
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildLongAttribute(java.lang.String, java.lang.String, long)
+	 */
+	@Override
+	public String buildLongAttribute(String friendlyName, String name, long value) {
+		return String.valueOf(value);
+		
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildEmptyAttribute(java.lang.String, java.lang.String)
+	 */
+	@Override
+	public String buildEmptyAttribute(String friendlyName, String name) {
+		return null;
+	}
+
+}
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java
index 168cb42d9..033052eed 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java
@@ -42,11 +42,16 @@ import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
 import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityProvider;
 import at.gv.egovernment.moa.id.auth.modules.eidas.Constants;
 import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetadataProvider;
+import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SimpleEidasAttributeGenerator;
 import at.gv.egovernment.moa.id.commons.api.IRequest;
 import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
 import at.gv.egovernment.moa.id.data.IAuthData;
 import at.gv.egovernment.moa.id.data.SLOInformationInterface;
 import at.gv.egovernment.moa.id.moduls.IAction;
+import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
+import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateLegalPersonFullNameAttributeBuilder;
+import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateLegalPersonSourcePinAttributeBuilder;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
 import eu.eidas.auth.commons.EidasStringUtil;
@@ -72,6 +77,8 @@ import eu.eidas.auth.engine.xml.opensaml.SAMLEngineUtils;
 @Service("eIDASAuthenticationRequest")
 public class eIDASAuthenticationRequest implements IAction {
 
+	private static IAttributeGenerator<String> generator = new SimpleEidasAttributeGenerator();
+	
 	@Autowired protected MOAReversionLogger revisionsLogger;
 	@Autowired(required=true) MOAeIDASChainingMetadataProvider eIDASMetadataProvider;
 	
@@ -85,29 +92,41 @@ public class eIDASAuthenticationRequest implements IAction {
 		
 		
 		//gather attributes
-		ImmutableAttributeMap reqAttributeList = (ImmutableAttributeMap) eidasRequest.getEidasRequestedAttributes();
-		
+		ImmutableAttributeMap reqAttributeList = (ImmutableAttributeMap) eidasRequest.getEidasRequestedAttributes();		
 		ImmutableAttributeMap.Builder attrMapBuilder = ImmutableAttributeMap.builder();
-		
+				
+		//TODO: if we support more then this minimum required attributes -> redesign to a smoother attribute builder selector 
 		for(AttributeDefinition<?> attr : reqAttributeList.getDefinitions()) {
 			String newValue = "";
 			boolean isUniqueID = false;
-			// TODO make use of proper builder
-			
-			switch(attr.getFriendlyName()) {
-				case Constants.eIDAS_ATTR_DATEOFBIRTH: 
-					newValue = new SimpleDateFormat("YYYY-MM-dd").format(authData.getDateOfBirth()); 
-					break;
-				case Constants.eIDAS_ATTR_CURRENTFAMILYNAME: 
-					newValue = authData.getFamilyName();
-					break;
-				case Constants.eIDAS_ATTR_CURRENTGIVENNAME: 
-					newValue = authData.getGivenName();
-					break;			
-				case Constants.eIDAS_ATTR_PERSONALIDENTIFIER: 
-					newValue = authData.getBPK();
-					isUniqueID = true;
-					break;
+			try {
+				switch(attr.getFriendlyName()) {
+					case Constants.eIDAS_ATTR_DATEOFBIRTH: 
+						newValue = new SimpleDateFormat("YYYY-MM-dd").format(authData.getDateOfBirth()); 
+						break;
+					case Constants.eIDAS_ATTR_CURRENTFAMILYNAME: 
+						newValue = authData.getFamilyName();
+						break;
+					case Constants.eIDAS_ATTR_CURRENTGIVENNAME: 
+						newValue = authData.getGivenName();
+						break;			
+					case Constants.eIDAS_ATTR_PERSONALIDENTIFIER: 
+						newValue = authData.getBPK();
+						isUniqueID = true;
+						break;
+					case Constants.eIDAS_ATTR_LEGALPERSONIDENTIFIER:
+						newValue = new MandateLegalPersonSourcePinAttributeBuilder().build(
+								req.getOnlineApplicationConfiguration(), authData, generator);
+						break;
+					case Constants.eIDAS_ATTR_LEGALNAME:
+						newValue = new MandateLegalPersonFullNameAttributeBuilder().build(
+								req.getOnlineApplicationConfiguration(), authData, generator);
+						break;
+									
+				}
+				
+			} catch (AttributeException e) {
+				Logger.debug("Attribute can not generate requested attribute:" + attr.getFriendlyName() + " Reason:" + e.getMessage());
 				
 			}
 												
@@ -115,10 +134,13 @@ public class eIDASAuthenticationRequest implements IAction {
 				Logger.info("eIDAS Attr:" + attr.getNameUri() + " is not available.");
 				
 			} else {
+				//set uniqueIdentifier attribute, because eIDAS SAMLEngine use this flag to select the
+				//  Subject->NameID value from this attribute
 				Builder<?> attrBuilder = AttributeDefinition.builder(attr);
 				attrBuilder.uniqueIdentifier(isUniqueID);
 				AttributeDefinition<?> returnAttr = attrBuilder.build();
 				
+				//unmarshal attribute value into eIDAS attribute  
 				AttributeValueMarshaller<?> attributeValueMarshaller = returnAttr.getAttributeValueMarshaller();
 	            ImmutableSet.Builder<AttributeValue<?>> builder = ImmutableSet.builder();
 					            
@@ -132,12 +154,10 @@ public class eIDASAuthenticationRequest implements IAction {
                     
                 }
 	            				
+	            //add attribute to Map
 				attrMapBuilder.put((AttributeDefinition)returnAttr, (ImmutableSet) builder.build());
 				
 			}
-			
-
-			
 		}
 		
 		// construct eIDaS response
-- 
cgit v1.2.3