createMemberWithEidas()

This method creates a TPP member under the realm of a bank and registers it with the eIDAS certificate provided. As introduced above, the created member has a registered PRIVILEGED-level key from the certificate and an EIDAS alias with value equal to the certificate's authNumber.

Remember, the tokenClient needs to be created with a CryptoEngine backed by a key store containing a key pair for the eIDAS certificate to use for registration, as discussed under Step 2 of Onboarding. However, in the case of eIDAS-registered members, the key store contains a single key pair exclusive to the eIDAS certificate.

/**

 * Creates a TPP member under realm of a bank and registers it with the provided eIDAS

 * certificate. The created member has a registered PRIVILEGED-level RSA key from the provided

 * certificate and an EIDAS alias with value equal to authNumber from the certificate.<br><br>

 * Note, that tokenClient needs to be created with a CryptoEngine backed by a key store

 * that contains a key pair for the eIDAS certificate to use for the registration:<br><br>

 * <pre> (see Step 2 under Onboarding)

 * EidasKeyStore keyStore = new InMemoryEidasKeyStore(certificate, privateKey);

 * TokenClient tokenClient = TokenClient.builder()

 *      .connectTo(SANDBOX)

 *      .withCryptoEngine(new EidasCryptoEngineFactory(keyStore))

 *      .build();

 * </pre>

 *

 * @param tokenClient token client

 * @param keyStore a key store that is used by token client and contains eIDAS certificate and

 * a private key

 * @param bankId id of the bank the TPP trying to get access to

 * @return a newly created and oboarded member

 * @throws Exception if an exception occurs

 */

public static Optional<Member> createMemberWithEidas(

        TokenClient tokenClient,

        EidasKeyStore keyStore,

        String bankId) throws Exception {

    Member member = null;

    try {

        member = tokenClient.createMemberWithEidas(bankId, keyStore, 30, TimeUnit.SECONDS);

    } catch (EidasTimeoutException ex) {

        System.out.println(format(

            "Unable to complete eIDAS verification: memberId=%s | verivicationId=%s",

            ex.getMemberId(),

            ex.getVerificationId()));

    }

    return Optional.ofNullable(member);

}

Tip: createMemberWithEidas() is a convenient variation on the registerWithEidas() call discussed next in that it does all the signing for you. However, it is a and can therefore take longer to return a result. Moreover, a member is returned only if it is successfully onboarded; otherwise, an exception is thrown. Hence, for more control and flexibility, registerWithEidas() is recommended.