From 5b78f619548a47bed61b813e1610b6954a74e969 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Mon, 10 Nov 2014 18:44:03 +0100 Subject: original mandate hiding ident --- .../moa/id/protocols/stork2/MandateRetrievalRequest.java | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java index 929313dd1..74af70bda 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java @@ -41,6 +41,9 @@ import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.PersonalAttributeList; import eu.stork.peps.auth.commons.STORKAttrQueryResponse; import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.*; +import org.apache.commons.codec.binary.Base64; +import org.apache.commons.codec.binary.StringUtils; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.xml.bind.JAXBContext; @@ -74,8 +77,12 @@ public class MandateRetrievalRequest implements IAction { this.representingIdentityLink = authData.getIdentityLink(); this.QAALevel = translateQAALevel(authData.getQAALevel()); + // preparing original content and removing sensitive data from it this.originalContent = authData.getMISMandate().getMandate(); - + //Logger.debug("Original content " + StringUtils.newStringUtf8(authData.getMISMandate().getMandate())); + String originalMandate = StringUtils.newStringUtf8(authData.getMISMandate().getMandate()).replaceAll(".*?==urn:publicid:gv.at:baseid","");; + Logger.debug("Removing personal identification value and type from original mandate "); + originalContent = StringUtils.getBytesUtf8(originalMandate); OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(req.getOAURL()); if (oaParam == null) -- cgit v1.2.3