io.mosip.authentication.common.service.filter

Class IdAuthFilter

java.lang.Object

io.mosip.authentication.common.service.filter.BaseIDAFilter

io.mosip.authentication.common.service.filter.BaseAuthFilter

io.mosip.authentication.common.service.filter.IdAuthFilter

All Implemented Interfaces:

javax.servlet.Filter

Direct Known Subclasses:

DefaultInternalFilter

@Component
public class IdAuthFilter
extends BaseAuthFilter

The Class IdAuthFilter - the implementation for deciphering and validation of the authenticating partner done for request as AUTH and KYC.

Author:

Manoj SP, Sanjay Murali, Loganathan Sekar

Field Summary

Fields

Modifier and Type	Field and Description
protected PartnerService	partnerService

Fields inherited from class io.mosip.authentication.common.service.filter.BaseAuthFilter

publicKey

Fields inherited from class io.mosip.authentication.common.service.filter.BaseIDAFilter

env, keyManager, mapper

Constructor Summary

Constructors

Constructor and Description
IdAuthFilter()

Method Summary

Modifier and Type	Method and Description
protected void	checkAllowedAuthTypeBasedOnPolicy(Map<String,Object> requestBody, List<AuthPolicy> authPolicies) Check allowed auth type for bio based on the policies.
protected void	checkAllowedAuthTypeBasedOnPolicy(String policyId, Map<String,Object> requestBody) Check allowed auth type based on policy.
protected void	checkMandatoryAuthTypeBasedOnPolicy(Map<String,Object> requestBody, List<AuthPolicy> mandatoryAuthPolicies) Check mandatory auth type based on policy.
protected Map<String,Object>	decipherRequest(Map<String,Object> requestBody) decipherRequest method is used to get the deciphered request from the encoded and enciphered request passed by the authenticating partner.
protected String	extractBioData(String dataFieldValue)
protected String	fetchReferenceId() Method to get the reference id.
protected Map<String,String>	getAuthPart(ResettableStreamHttpServletRequest requestWrapper) Gets the auth part.
protected String	getBioRefId()
void	init(javax.servlet.FilterConfig filterConfig)
protected boolean	isAllowedAuthType(String authType, List<AuthPolicy> policies) Checks if is allowed auth type.
protected boolean	isAllowedAuthType(String authType, String subAuthType, List<AuthPolicy> policies) Checks if is allowed auth type.
protected void	validateDecipheredRequest(ResettableStreamHttpServletRequest requestWrapper, Map<String,Object> requestBody) validateDecipheredRequest - Method used to validate the input stream request by validating the policy, partner and MISP id of the authenticating partner once the request is decoded and deciphered.
protected boolean	validateRequestSignature(String signature, byte[] requestAsByte) validateSignature method is used to authenticate the request received from the authenticating partner from the pay load received which consists of the JSON signature and certificate .

Methods inherited from class io.mosip.authentication.common.service.filter.BaseAuthFilter

authenticateRequest, consumeRequest, decipherAndValidateRequest, decode, encipherResponse, getPayloadFromJwsSingature, transformResponse, validateRequestHMAC, verifyJwsData, verifySignature

Methods inherited from class io.mosip.authentication.common.service.filter.BaseIDAFilter

destroy, doFilter, fetchId, getRequestBody, isDate, mapResponse, removeNullOrEmptyFieldsInResponse, setResponseParams, validateId, validateRequest

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

partnerService

protected PartnerService partnerService

Constructor Detail

IdAuthFilter

public IdAuthFilter()

Method Detail

init

public void init(javax.servlet.FilterConfig filterConfig)
          throws javax.servlet.ServletException

Specified by:

init in interface javax.servlet.Filter

Overrides:

init in class BaseAuthFilter

Throws:

javax.servlet.ServletException

decipherRequest

protected Map<String,Object> decipherRequest(Map<String,Object> requestBody)
                                      throws IdAuthenticationAppException

Description copied from class: BaseAuthFilter

decipherRequest method is used to get the deciphered request from the encoded and enciphered request passed by the authenticating partner.

Overrides:

decipherRequest in class BaseAuthFilter

Parameters:

requestBody - the encoded and enciphered request body

Returns:

the map the decoded and deciphered request body

Throws:

IdAuthenticationAppException - the id authentication app exception

getBioRefId

protected String getBioRefId()

fetchReferenceId

protected String fetchReferenceId()

Method to get the reference id.

Returns:

the string

validateDecipheredRequest

protected void validateDecipheredRequest(ResettableStreamHttpServletRequest requestWrapper,
                                         Map<String,Object> requestBody)
                                  throws IdAuthenticationAppException

Description copied from class: BaseAuthFilter

validateDecipheredRequest - Method used to validate the input stream request by validating the policy, partner and MISP id of the authenticating partner once the request is decoded and deciphered.

Specified by:

validateDecipheredRequest in class BaseAuthFilter

Parameters:

requestWrapper - ResettableStreamHttpServletRequest

requestBody - the request got after decode and decipher the input stream

Throws:

IdAuthenticationAppException - the id authentication app exception

extractBioData

protected String extractBioData(String dataFieldValue)
                         throws IdAuthenticationAppException

Throws:

IdAuthenticationAppException

validateRequestSignature

protected boolean validateRequestSignature(String signature,
                                           byte[] requestAsByte)
                                    throws IdAuthenticationAppException

Description copied from class: BaseAuthFilter

validateSignature method is used to authenticate the request received from the authenticating partner from the pay load received which consists of the JSON signature and certificate .

Overrides:

validateRequestSignature in class BaseAuthFilter

Parameters:

signature - the JWS serialization received through the request

requestAsByte - the byte array of the request got after decipher

Returns:

true, if successful once the signature is validated

Throws:

IdAuthenticationAppException - the id authentication app exception

checkAllowedAuthTypeBasedOnPolicy

protected void checkAllowedAuthTypeBasedOnPolicy(String policyId,
                                                 Map<String,Object> requestBody)
                                          throws IdAuthenticationAppException

Check allowed auth type based on policy.

Parameters:

policyId - the policy id

requestBody - the request body

Throws:

IdAuthenticationAppException - the id authentication app exception

checkAllowedAuthTypeBasedOnPolicy

protected void checkAllowedAuthTypeBasedOnPolicy(Map<String,Object> requestBody,
                                                 List<AuthPolicy> authPolicies)
                                          throws IdAuthenticationAppException

Check allowed auth type for bio based on the policies.

Parameters:

requestBody - the request body

authPolicies - the auth policies

Throws:

IdAuthenticationAppException - the id authentication app exception

checkMandatoryAuthTypeBasedOnPolicy

protected void checkMandatoryAuthTypeBasedOnPolicy(Map<String,Object> requestBody,
                                                   List<AuthPolicy> mandatoryAuthPolicies)
                                            throws IdAuthenticationAppException

Check mandatory auth type based on policy.

Parameters:

requestBody - the request body

mandatoryAuthPolicies - the mandatory auth policies

Throws:

IdAuthenticationAppException - the id authentication app exception

isAllowedAuthType

protected boolean isAllowedAuthType(String authType,
                                    List<AuthPolicy> policies)

Checks if is allowed auth type.

Parameters:

authType - the auth type

policies - the policies

Returns:

true, if is allowed auth type

isAllowedAuthType

protected boolean isAllowedAuthType(String authType,
                                    String subAuthType,
                                    List<AuthPolicy> policies)

Checks if is allowed auth type.

Parameters:

authType - the auth type

subAuthType - the sub auth type

policies - the policies

Returns:

true, if is allowed auth type

getAuthPart

protected Map<String,String> getAuthPart(ResettableStreamHttpServletRequest requestWrapper)

Gets the auth part.

Parameters:

requestWrapper - the request wrapper

Returns:

the auth part