From f27dd94733a9c2cf3a6e4f5611fbeff9de199720 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 14 Dec 2018 13:18:23 +0100 Subject: some more updates and first code for TUG interaction --- id/server/idserverlib/pom.xml | 2 +- id/server/modules/moa-id-module-eIDAS/pom.xml | 11 ++- ...strianAuthWitheID4UAuthenticationModulImpl.java | 1 - .../tasks/CollectAddtionalAttributesTask.java | 108 ++++++++++++++++++++- .../modules/eidas/utils/NewMoaEidasMetadata.java | 41 ++++---- .../builder/eid4u/CititzenshipAttrBuilder.java | 41 ++++++++ .../eid4u/HomeInstituteAddressAttrBuilder.java | 33 ++++++- .../builder/eid4u/TemporaryAddressAttrBuilder.java | 32 ++++-- .../eidas/eIDASAuthenticationRequest.java | 21 ++-- .../at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder | 3 + ...tocols.eidas.attributes.builder.IeIDASAttribute | 3 + .../oauth20/protocol/OAuth20AuthAction.java | 4 +- 12 files changed, 251 insertions(+), 49 deletions(-) create mode 100644 id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eid4u/CititzenshipAttrBuilder.java (limited to 'id/server') diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml index a0d8b9a22..f819329f3 100644 --- a/id/server/idserverlib/pom.xml +++ b/id/server/idserverlib/pom.xml @@ -55,7 +55,7 @@ test - + com.google.guava guava 19.0 diff --git a/id/server/modules/moa-id-module-eIDAS/pom.xml b/id/server/modules/moa-id-module-eIDAS/pom.xml index d04aa02fb..7e3aa1eef 100644 --- a/id/server/modules/moa-id-module-eIDAS/pom.xml +++ b/id/server/modules/moa-id-module-eIDAS/pom.xml @@ -18,7 +18,7 @@ 1.4.3 1.4.3 - 0.1 + 0.2 @@ -60,6 +60,15 @@ + + MOA.id.server.modules + moa-id-module-openID + + + * + + + eu.eidas.extension.eID4U diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/AustrianAuthWitheID4UAuthenticationModulImpl.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/AustrianAuthWitheID4UAuthenticationModulImpl.java index d1ad4b665..d3aa7b4a0 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/AustrianAuthWitheID4UAuthenticationModulImpl.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/AustrianAuthWitheID4UAuthenticationModulImpl.java @@ -26,7 +26,6 @@ package at.gv.egovernment.moa.id.auth.modules.eidas; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; - import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.IRequestStorage; import at.gv.egiz.eaaf.core.api.data.EAAFConstants; diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java index 71b7b927e..7cd276043 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java @@ -1,24 +1,43 @@ package at.gv.egovernment.moa.id.auth.modules.eidas.tasks; +import java.util.Map; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; +import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; +import at.gv.egiz.eaaf.core.impl.utils.Random; import at.gv.egiz.eid4u.api.attributes.Definitions; +import at.gv.egiz.eid4u.api.attributes.natural.IdType; +import at.gv.egiz.eid4u.api.attributes.natural.MaritalState; +import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataBuilder; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper; import at.gv.egovernment.moa.id.protocols.eidas.EIDASData; +import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20SessionObject; +import at.gv.egovernment.moa.id.protocols.oauth20.protocol.OAuth20AuthAction; +import at.gv.egovernment.moa.id.protocols.oauth20.protocol.OAuth20AuthRequest; import at.gv.egovernment.moa.logging.Logger; import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; import eu.eidas.auth.commons.attribute.ImmutableAttributeMap.Builder; +import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress; @Component("CollectAddtionalAttributesTask") public class CollectAddtionalAttributesTask extends AbstractAuthServletTask { + @Autowired private OAuth20AuthAction openIDAuthAction; + @Autowired private ITransactionStorage transactionStorage; + @Autowired private AuthenticationDataBuilder authDataBuilder; + @Override - public void execute(ExecutionContext arg0, HttpServletRequest arg1, HttpServletResponse arg2) + public void execute(ExecutionContext context, HttpServletRequest httpReq, HttpServletResponse httpResp) throws TaskExecutionException { try{ if (pendingReq instanceof EIDASData) { @@ -29,7 +48,7 @@ public class CollectAddtionalAttributesTask extends AbstractAuthServletTask { Builder reqEid4uAttrListBuilder = ImmutableAttributeMap.builder(); ImmutableAttributeMap reqAttrList = eidasReq.getEidasRequestedAttributes(); for (String el : Definitions.EID4UATTRIBUTEELIST) { - if(reqAttrList.getAttributeValuesByNameUri(el) == null) { + if(reqAttrList.getAttributeValuesByNameUri(el) != null) { Logger.debug("Find eID4U attr: " + el); reqEid4uAttrListBuilder.put(reqAttrList.getDefinitionByNameUri(el)); @@ -40,8 +59,46 @@ public class CollectAddtionalAttributesTask extends AbstractAuthServletTask { ImmutableAttributeMap reqEid4uAttrList = reqEid4uAttrListBuilder.build(); if (reqEid4uAttrList != null && reqEid4uAttrList.size() > 0) { Logger.info("Starting eID4U attribute collection process ... "); - //TODO: implement collection process + + //generate scope from attributes + + + //load connection parameters to TUG + String uniqueID = null; + + + /* + *build openID and set connect token + */ + + //generate fake OpenID_Connect request + OAuth20AuthRequest fakeOpenIDReq = new OAuth20AuthRequest(); + fakeOpenIDReq.setOnlineApplicationConfiguration(authConfig.getServiceProviderConfiguration(uniqueID)); + fakeOpenIDReq.setScope("openId profile"); + + //populate with SessionData + fakeOpenIDReq.setRawDataToTransaction( + pendingReq.getSessionData(AuthenticationSessionWrapper.class) + .getKeyValueRepresentationFromAuthSession()); + + //generate authData + IAuthData authData = authDataBuilder.buildAuthenticationData(fakeOpenIDReq); + + //generate OpenIDConenct token + String accessToken = Random.nextHexRandom32(); + OAuth20SessionObject o = new OAuth20SessionObject(); + o.setScope(fakeOpenIDReq.getScope()); + o.setCode(accessToken); + Map idToken = openIDAuthAction.generateIDToken(o, fakeOpenIDReq, authData, accessToken); + o.setAuthDataSession(idToken); + transactionStorage.put(accessToken, o, -1); + + //forward to TUG + + + //TODO: implement collection process + populateEid4uDummyAttributes(); } else @@ -58,4 +115,49 @@ public class CollectAddtionalAttributesTask extends AbstractAuthServletTask { } + private void populateEid4uDummyAttributes() { + try { + eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress.Builder dummyAddr = PostalAddress.builder(); + dummyAddr.postCode("8020"); + dummyAddr.postName("Graz"); + dummyAddr.addressId("25"); + dummyAddr.cvAddressArea("Mustergasse"); + dummyAddr.locatorDesignator("25"); + dummyAddr.thoroughfare("Mustergasse"); + + AuthenticationSessionWrapper session = pendingReq.getSessionData(AuthenticationSessionWrapper.class); + session.setGenericDataToSession(Definitions.IDTYPE_NAME, IdType.PASSPORT); + session.setGenericDataToSession(Definitions.IDNUMBER_NAME, "P0571414"); + session.setGenericDataToSession(Definitions.IDISSUER_NAME, "Magistrat Nirgendwo"); + session.setGenericDataToSession(Definitions.IDEXPIREDATE_NAME, "2020-01-01"); + session.setGenericDataToSession(Definitions.EHICID_NAME, "80010000012345678990"); + session.setGenericDataToSession(Definitions.NATIONALITY_NAME, "AT"); + session.setGenericDataToSession(Definitions.CITIZENSHIP_FRIENDLYNAME, "AT"); + session.setGenericDataToSession(Definitions.MARITALSTATE_NAME, MaritalState.SINGLE); + session.setGenericDataToSession(Definitions.COUNTRYOFBIRTH_NAME, "AT"); + session.setGenericDataToSession(Definitions.EMAIL_NAME, "max.mustermann@domain.at"); + session.setGenericDataToSession(Definitions.PHONE_NAME, "+43666111222444"); + session.setGenericDataToSession(Definitions.TEMPORARYADDRESS_NAME, dummyAddr.build()); + session.setGenericDataToSession(Definitions.TAXIDENTIFICATIONNUMBER_NAME, "AT/1213454654718"); + session.setGenericDataToSession(Definitions.HOMEINSTITUTIONNAME_NAME, "Graz Technical University"); + session.setGenericDataToSession(Definitions.HOMEINSTITUTIONIDENTIFIER_NAME, "A GRAZ02"); + session.setGenericDataToSession(Definitions.HOMEINSTITUTIONCOUNTRY_NAME, "AT"); + session.setGenericDataToSession(Definitions.HOMEINSTITUTIONADDRESS_NAME, dummyAddr.build()); + session.setGenericDataToSession(Definitions.CURRENTLEVELOFSTUDY_NAME, "7"); + session.setGenericDataToSession(Definitions.FIELDOFSTUDY_NAME, "52"); + session.setGenericDataToSession(Definitions.CURRENTDEGREE_NAME, "MsC"); + session.setGenericDataToSession(Definitions.DEGREE_NAME, "6"); + session.setGenericDataToSession(Definitions.DEGREEAWARDINGINSTITUTION_NAME, "Graz Technical University"); + session.setGenericDataToSession(Definitions.GRADUATIONYEAR_NAME, "2016"); + session.setGenericDataToSession(Definitions.DEGREECOUNTRY_NAME, "AT"); + + //TODO: not all attributes are populated with dummy values + + } catch (EAAFStorageException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + + } + } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/NewMoaEidasMetadata.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/NewMoaEidasMetadata.java index 1e5609e4e..44a313885 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/NewMoaEidasMetadata.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/NewMoaEidasMetadata.java @@ -69,12 +69,11 @@ import org.opensaml.xml.security.credential.UsageType; import org.opensaml.xml.security.keyinfo.KeyInfoGenerator; import org.opensaml.xml.security.x509.X509KeyInfoGeneratorFactory; import org.opensaml.xml.signature.KeyInfo; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; import com.google.common.collect.ImmutableSortedSet; import com.google.common.collect.Ordering; +import at.gv.egovernment.moa.logging.Logger; import eu.eidas.auth.commons.EIDASUtil; import eu.eidas.auth.commons.EidasStringUtil; import eu.eidas.auth.commons.attribute.AttributeDefinition; @@ -108,7 +107,6 @@ import eu.eidas.util.Preconditions; * */ public class NewMoaEidasMetadata { - private static final Logger LOGGER = LoggerFactory.getLogger(EidasMetadata.class.getName()); private final String metadata; private final String entityId; private static final Set DEFAULT_BINDING = new HashSet() { @@ -180,7 +178,7 @@ public class NewMoaEidasMetadata { dm.setAlgorithm(digestMethod); eidasExtensions.getUnknownXMLObjects().add(dm); } else { - NewMoaEidasMetadata.LOGGER.info("BUSINESS EXCEPTION error adding DigestMethod extension"); + Logger.info("BUSINESS EXCEPTION error adding DigestMethod extension"); } } } @@ -197,7 +195,7 @@ public class NewMoaEidasMetadata { spTypeObj.setSPType(this.params.getSpType()); eidasExtensions.getUnknownXMLObjects().add(spTypeObj); } else { - NewMoaEidasMetadata.LOGGER.info("BUSINESS EXCEPTION error adding SPType extension"); + Logger.info("BUSINESS EXCEPTION error adding SPType extension"); } } generateDigest(eidasExtensions); @@ -212,7 +210,7 @@ public class NewMoaEidasMetadata { sm.setAlgorithm(signMethod); eidasExtensions.getUnknownXMLObjects().add(sm); } else { - NewMoaEidasMetadata.LOGGER.info("BUSINESS EXCEPTION error adding SigningMethod extension"); + Logger.info("BUSINESS EXCEPTION error adding SigningMethod extension"); } } } @@ -378,9 +376,12 @@ public class NewMoaEidasMetadata { new ImmutableSortedSet.Builder<>(Ordering.>natural()); for (String attr : eIDASAttributeBuilder.getAllProvideableeIDASAttributes()) { - NewMoaEidasMetadata.LOGGER.trace("Build metadata-attr: " + attr); + Logger.trace("Build metadata-attr: " + attr); AttributeDefinition supAttr = params.getIdpEngine().getProtocolProcessor().getAttributeDefinitionNullable(attr); - builder.add(supAttr); + if (supAttr == null) + Logger.warn("Suspect eIDAS attribute definition: " + attr); + else + builder.add(supAttr); } return builder.build(); @@ -445,11 +446,11 @@ public class NewMoaEidasMetadata { url.setURL(new LocalizedString(this.params.getOrganization().getUrl(), "en")); organization.getURLs().add(url); } catch (IllegalAccessException iae) { - NewMoaEidasMetadata.LOGGER.info("ERROR : error generating the OrganizationData: {}", iae.getMessage()); - NewMoaEidasMetadata.LOGGER.debug("ERROR : error generating the OrganizationData: {}", iae); + Logger.info("ERROR : error generating the OrganizationData: " + iae.getMessage()); + Logger.warn("ERROR : error generating the OrganizationData:", iae); } catch (NoSuchFieldException nfe) { - NewMoaEidasMetadata.LOGGER.info("ERROR : error generating the OrganizationData: {}", nfe.getMessage()); - NewMoaEidasMetadata.LOGGER.debug("ERROR : error generating the OrganizationData: {}", nfe); + Logger.info("ERROR : error generating the OrganizationData: " + nfe.getMessage()); + Logger.warn("ERROR : error generating the OrganizationData:", nfe); } } return organization; @@ -464,11 +465,11 @@ public class NewMoaEidasMetadata { else if (contactType == ContactPersonTypeEnumeration.TECHNICAL) currentContact = this.params.getTechnicalContact(); else { - NewMoaEidasMetadata.LOGGER.error("ERROR: unsupported contact type"); + Logger.error("ERROR: unsupported contact type"); } contact = (ContactPerson) BuilderFactoryUtil.buildXmlObject(ContactPerson.class); if (currentContact == null) { - NewMoaEidasMetadata.LOGGER.error("ERROR: cannot retrieve contact from the configuration"); + Logger.error("ERROR: cannot retrieve contact from the configuration"); return contact; } @@ -487,11 +488,11 @@ public class NewMoaEidasMetadata { populateContact(contact, currentContact, emailAddressObj, company, givenName, surName, phoneNumber); } catch (IllegalAccessException iae) { - NewMoaEidasMetadata.LOGGER.info("ERROR : error generating the OrganizationData: {}", iae.getMessage()); - NewMoaEidasMetadata.LOGGER.debug("ERROR : error generating the OrganizationData: {}", iae); + Logger.info("ERROR : error generating the OrganizationData: " + iae.getMessage()); + Logger.warn("ERROR : error generating the OrganizationData: ", iae); } catch (NoSuchFieldException nfe) { - NewMoaEidasMetadata.LOGGER.info("ERROR : error generating the OrganizationData: {}", nfe.getMessage()); - NewMoaEidasMetadata.LOGGER.debug("ERROR : error generating the OrganizationData: {}", nfe); + Logger.info("ERROR : error generating the OrganizationData: " + nfe.getMessage()); + Logger.warn("ERROR : error generating the OrganizationData: ", nfe); } return contact; } @@ -547,8 +548,8 @@ public class NewMoaEidasMetadata { } return EidasStringUtil.toString(OpenSamlHelper.marshall(entityDescriptor, false)); } catch (Exception ex) { - NewMoaEidasMetadata.LOGGER.info("ERROR : SAMLException ", ex.getMessage()); - NewMoaEidasMetadata.LOGGER.debug("ERROR : SAMLException ", ex); + Logger.info("ERROR : SAMLException: " + ex.getMessage()); + Logger.warn("ERROR : SAMLException ", ex); throw new IllegalStateException(ex); } } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eid4u/CititzenshipAttrBuilder.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eid4u/CititzenshipAttrBuilder.java new file mode 100644 index 000000000..2f066bc6b --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eid4u/CititzenshipAttrBuilder.java @@ -0,0 +1,41 @@ +package at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eid4u; + +import org.apache.commons.lang3.StringUtils; + +import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import at.gv.egiz.eid4u.api.attributes.Definitions; +import at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.IeIDASAttribute; +import at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eIDASMetadata; + +@eIDASMetadata +public class CititzenshipAttrBuilder implements IeIDASAttribute { + + @Override + public ATT build(ISPConfiguration oaParam, IAuthData authData, IAttributeGenerator g) + throws AttributeBuilderException { + + String idType= authData.getGenericData(getName(), String.class); + if (StringUtils.isNotEmpty(idType)) + return g.buildStringAttribute(Definitions.CITIZENSHIP_FRIENDLYNAME, getName(), idType); + + else + throw new AttributeBuilderException("Attribute '" + getName() + "' is not available"); + + } + + @Override + public ATT buildEmpty(IAttributeGenerator g) { + return g.buildEmptyAttribute(Definitions.CITIZENSHIP_FRIENDLYNAME, getName()); + } + + @Override + public String getName() { + return Definitions.CITIZENSHIP_NAME; + + } + +} + \ No newline at end of file diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eid4u/HomeInstituteAddressAttrBuilder.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eid4u/HomeInstituteAddressAttrBuilder.java index b5e240759..73ab6fdda 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eid4u/HomeInstituteAddressAttrBuilder.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eid4u/HomeInstituteAddressAttrBuilder.java @@ -1,5 +1,7 @@ package at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eid4u; +import java.io.IOException; + import org.apache.commons.lang3.StringUtils; import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; @@ -9,7 +11,12 @@ import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; import at.gv.egiz.eid4u.api.attributes.Definitions; import at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.IeIDASAttribute; import at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eIDASMetadata; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.Base64Utils; +import eu.eidas.auth.commons.attribute.AttributeValueMarshallingException; +import eu.eidas.auth.commons.protocol.eidas.impl.CurrentAddressAttributeValueMarshaller; import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress; +import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddressAttributeValue; @eIDASMetadata public class HomeInstituteAddressAttrBuilder implements IeIDASAttribute { @@ -21,12 +28,28 @@ public class HomeInstituteAddressAttrBuilder implements IeIDASAttribute { Object obj= authData.getGenericData(getName(), Object.class); if (obj instanceof PostalAddress) { - return g.buildStringAttribute(Definitions.HOMEINSTITUTIONADDRESS_FRIENDLYNAME, getName(), ((PostalAddress)obj).toString()); - - + try { + return g.buildStringAttribute(Definitions.HOMEINSTITUTIONADDRESS_FRIENDLYNAME, getName(), + new CurrentAddressAttributeValueMarshaller().marshal( + new PostalAddressAttributeValue((PostalAddress) obj))); + + } catch (AttributeValueMarshallingException e) { + Logger.warn("Can NOT build attribute: " + getName(), e); + + } + } else if (obj instanceof String) { - if (StringUtils.isNotEmpty((String)obj)) - return g.buildStringAttribute(Definitions.HOMEINSTITUTIONADDRESS_FRIENDLYNAME, getName(), (String) obj); + if (StringUtils.isNotEmpty((String)obj)) { + try { + return g.buildStringAttribute(Definitions.HOMEINSTITUTIONADDRESS_FRIENDLYNAME, getName(), + Base64Utils.encode(((String) obj).getBytes())); + + } catch (IOException e) { + Logger.warn("Can NOT build attribute: " + getName(), e); + + } + + } } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eid4u/TemporaryAddressAttrBuilder.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eid4u/TemporaryAddressAttrBuilder.java index 32131e325..9a57750cf 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eid4u/TemporaryAddressAttrBuilder.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eid4u/TemporaryAddressAttrBuilder.java @@ -1,5 +1,7 @@ package at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eid4u; +import java.io.IOException; + import org.apache.commons.lang3.StringUtils; import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; @@ -7,10 +9,14 @@ import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; import at.gv.egiz.eid4u.api.attributes.Definitions; -import at.gv.egiz.eid4u.impl.attributes.xjc.eid4u.generic.Document; import at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.IeIDASAttribute; import at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eIDASMetadata; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.Base64Utils; +import eu.eidas.auth.commons.attribute.AttributeValueMarshallingException; +import eu.eidas.auth.commons.protocol.eidas.impl.CurrentAddressAttributeValueMarshaller; import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress; +import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddressAttributeValue; @eIDASMetadata public class TemporaryAddressAttrBuilder implements IeIDASAttribute { @@ -21,13 +27,27 @@ public class TemporaryAddressAttrBuilder implements IeIDASAttribute { Object obj= authData.getGenericData(getName(), Object.class); - if (obj instanceof PostalAddress) { - return g.buildStringAttribute(Definitions.TEMPORARYADDRESS_FRIENDLYNAME, getName(), ((PostalAddress)obj).toString()); - - + if (obj instanceof PostalAddress) { + try { + return g.buildStringAttribute(Definitions.TEMPORARYADDRESS_FRIENDLYNAME, getName(), + new CurrentAddressAttributeValueMarshaller().marshal( + new PostalAddressAttributeValue((PostalAddress) obj))); + + } catch (AttributeValueMarshallingException e) { + Logger.warn("Can NOT build attribute: " + getName(), e); + + } + } else if (obj instanceof String) { if (StringUtils.isNotEmpty((String)obj)) - return g.buildStringAttribute(Definitions.TEMPORARYADDRESS_FRIENDLYNAME, getName(), (String) obj); + try { + return g.buildStringAttribute(Definitions.TEMPORARYADDRESS_FRIENDLYNAME, getName(), + Base64Utils.encode(((String) obj).getBytes())); + + } catch (IOException e) { + Logger.warn("Can NOT build attribute: " + getName(), e); + + } } diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java index 7b97576bf..b42d3273f 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java @@ -44,7 +44,6 @@ import at.gv.egiz.eaaf.core.api.logging.IRevisionLogger; import at.gv.egiz.eaaf.core.impl.data.Pair; import at.gv.egiz.eaaf.core.impl.data.SLOInformationImpl; import at.gv.egiz.eaaf.core.impl.gui.velocity.VelocityProvider; -import at.gv.egiz.eid4u.api.attributes.Definitions; import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetadataProvider; import at.gv.egovernment.moa.id.auth.modules.eidas.utils.eIDASAttributeBuilder; @@ -137,13 +136,13 @@ public class eIDASAuthenticationRequest implements IAction { //TODO: eID4U testcode //************************************************************************** - Builder reqAttrWitheID4U = ImmutableAttributeMap.builder(reqAttributeList); - AttributeDefinition attrDef = - engine.getProtocolProcessor().getAttributeDefinitionNullable( - Definitions.IDTYPE_NAME); - reqAttrWitheID4U.put(AttributeDefinition.builder(attrDef).required(false).build()); - - reqAttributeList = reqAttrWitheID4U.build(); +// Builder reqAttrWitheID4U = ImmutableAttributeMap.builder(reqAttributeList); +// AttributeDefinition attrDef = +// engine.getProtocolProcessor().getAttributeDefinitionNullable( +// Definitions.IDTYPE_NAME); +// reqAttrWitheID4U.put(AttributeDefinition.builder(attrDef).required(false).build()); +// +// reqAttributeList = reqAttrWitheID4U.build(); //************************************************************************** @@ -269,10 +268,12 @@ public class eIDASAuthenticationRequest implements IAction { if(eIDASAttr == null) { if (attr.isRequired()) { Logger.info("eIDAS Attr:" + attr.getNameUri() + " is marked as 'Required' but not available."); - throw new MOAIDException("eIDAS.15", new Object[]{attr.getFriendlyName()}); + + //TODO!!!!!!! + //throw new MOAIDException("eIDAS.15", new Object[]{attr.getFriendlyName()}); } else - Logger.info("eIDAS Attr:" + attr.getNameUri() + " is not available."); + Logger.debug("eIDAS Attr:" + attr.getNameUri() + " is not available."); } else { //add attribute to Map diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder b/id/server/modules/moa-id-module-eIDAS/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder index 7d92bbc83..3a05c47ac 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder +++ b/id/server/modules/moa-id-module-eIDAS/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder @@ -1,6 +1,8 @@ at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eIDASAttrDateOfBirth at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eIDASAttrFamilyName at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eIDASAttrGivenName +at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eIDASAttrLegalName +at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eIDASAttrLegalPersonIdentifier at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eIDASAttrNaturalPersonalIdentifier at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eIDASAttrRepresentativeDateOfBirth at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eIDASAttrRepresentativeFamilyName @@ -14,6 +16,7 @@ at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eid4u.IdIssuerAttrBu at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eid4u.IdExpireddateAttrBuilder at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eid4u.EHICIDAttrBuilder at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eid4u.NationalityAttrBuilder +at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eid4u.CititzenshipAttrBuilder at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eid4u.MaritalstateAttrBuilder at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eid4u.CountryOfBirthAttrBuilder at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eid4u.EMailAttrBuilder diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.IeIDASAttribute b/id/server/modules/moa-id-module-eIDAS/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.IeIDASAttribute index f3159b2c8..2a147e18c 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.IeIDASAttribute +++ b/id/server/modules/moa-id-module-eIDAS/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.IeIDASAttribute @@ -2,6 +2,8 @@ at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eIDASAttrDateOfBirth at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eIDASAttrFamilyName at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eIDASAttrGivenName at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eIDASAttrNaturalPersonalIdentifier +at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eIDASAttrLegalName +at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eIDASAttrLegalPersonIdentifier at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eIDASAttrRepresentativeDateOfBirth at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eIDASAttrRepresentativeFamilyName at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eIDASAttrRepresentativeGivenName @@ -14,6 +16,7 @@ at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eid4u.IdIssuerAttrBu at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eid4u.IdExpireddateAttrBuilder at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eid4u.EHICIDAttrBuilder at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eid4u.NationalityAttrBuilder +at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eid4u.CititzenshipAttrBuilder at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eid4u.MaritalstateAttrBuilder at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eid4u.CountryOfBirthAttrBuilder at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eid4u.EMailAttrBuilder diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java index b00675e7c..3b300c824 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java @@ -58,7 +58,7 @@ import at.gv.egovernment.moa.id.protocols.oauth20.json.OAuthSigner; import at.gv.egovernment.moa.logging.Logger; @Service("OAuth20AuthAction") -class OAuth20AuthAction implements IAction { +public class OAuth20AuthAction implements IAction { @Autowired protected IRevisionLogger revisionsLogger; @Autowired protected ITransactionStorage transactionStorage; @@ -131,7 +131,7 @@ class OAuth20AuthAction implements IAction { } - private Map generateIDToken(OAuth20SessionObject auth20SessionObject, + public Map generateIDToken(OAuth20SessionObject auth20SessionObject, OAuth20AuthRequest oAuthRequest, IAuthData authData, String accessToken) throws SignatureException, MOAIDException { // create response -- cgit v1.2.3