createMemberWithEidas()
This method creates a TPP member under the realm of a bank and registers it with the eIDAS certificate provided. As introduced above, the created member has a registered PRIVILEGED-level key from the certificate and an EIDAS alias with value equal to the certificate's authNumber.
Remember, the tokenClient needs to be created with a CryptoEngine backed by a key store containing a key pair for the eIDAS certificate to use for registration, as discussed under Step 2 of Onboarding. However, in the case of eIDAS-registered members, the key store contains a single key pair exclusive to the eIDAS certificate.
/**
* Creates a TPP member under realm of a bank and registers it with the provided eIDAS
* certificate. The created member has a registered PRIVILEGED-level RSA key from the provided
* certificate and an EIDAS alias with value equal to authNumber from the certificate.<br><br>
* Note, that tokenClient needs to be created with a CryptoEngine backed by a key store
* that contains a key pair for the eIDAS certificate to use for the registration:<br><br>
* <pre> (see Step 2 under Onboarding)
* EidasKeyStore keyStore = new InMemoryEidasKeyStore(certificate, privateKey);
* TokenClient tokenClient = TokenClient.builder()
* .connectTo(SANDBOX)
* .withCryptoEngine(new EidasCryptoEngineFactory(keyStore))
* .build();
* </pre>
*
* @param tokenClient token client
* @param keyStore a key store that is used by token client and contains eIDAS certificate and
* a private key
* @param bankId id of the bank the TPP trying to get access to
* @return a newly created and oboarded member
* @throws Exception if an exception occurs
*/
public static
Optional<Member> createMemberWithEidas
(
TokenClient tokenClient,
EidasKeyStore keyStore,
String bankId) throws
Exception {
Member member = null
;
try
{
member = tokenClient.createMemberWithEidas
(bankId
, keyStore
, 30
, TimeUnit.SECONDS
);
} catch
(EidasTimeoutException ex) {
System.out.println(format(
"Unable to complete eIDAS verification: memberId=%s | verivicationId=%s"
,
ex.getMemberId(),
ex.getVerificationId()));
}
return
Optional.ofNullable(member
);
}
Tip: createMemberWithEidas() is a convenient variation on the registerWithEidas() call discussed next in that it does all the signing for you. However, it is a and can therefore take longer to return a result. Moreover, a member is returned only if it is successfully onboarded; otherwise, an exception is thrown. Hence, for more control and flexibility, registerWithEidas() is recommended.