From be8d392611fe2ed733869a4a9701904313a207fd Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 8 Feb 2017 15:59:45 +0100 Subject: update eIDAS assertion generation to generate an error message if attribute that is marked as required is not available --- .../resources/resources/properties/id_messages_de.properties | 1 + .../properties/protocol_response_statuscodes_de.properties | 1 + .../moa/id/protocols/eidas/eIDASAuthenticationRequest.java | 10 ++++++++-- 3 files changed, 10 insertions(+), 2 deletions(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties index b88df0b9d..79dc11f34 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties @@ -271,6 +271,7 @@ eIDAS.11=Received eIDAS Error-Response. Reason:{0} eIDAS.12=Received eIDAS AuthnRequest is not valid. Reason:{0} eIDAS.13=Generation of eIDAS Response FAILED. Reason:{0} eIDAS.14=eIDAS Response validation FAILED: LevelOfAssurance {0} is to low. +eIDAS.15=Generation of eIDAS Response FAILED. Required attribute: {0} is NOT available. pvp2.01=Fehler beim kodieren der PVP2 Antwort pvp2.02=Ungueltiges Datumsformat diff --git a/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties index e72a28046..8d6c77831 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties @@ -228,6 +228,7 @@ eIDAS.11=1302 eIDAS.12=1305 eIDAS.13=1307 eIDAS.14=1301 +eIDAS.15=1307 pvp2.01=6100 pvp2.06=6100 diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java index 97241af6a..f0e7e918b 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java @@ -145,8 +145,14 @@ public class eIDASAuthenticationRequest implements IAction { } - if(MiscUtil.isEmpty(newValue)) { - Logger.info("eIDAS Attr:" + attr.getNameUri() + " is not available."); + if(MiscUtil.isEmpty(newValue)) { + if (attr.isRequired()) { + Logger.info("eIDAS Attr:" + attr.getNameUri() + " is marked as 'Required' but not available."); + throw new MOAIDException("eIDAS.15", new Object[]{attr.getFriendlyName()}); + + } else + Logger.info("eIDAS Attr:" + attr.getNameUri() + " is not available."); + } else { //set uniqueIdentifier attribute, because eIDAS SAMLEngine use this flag to select the -- cgit v1.2.3