summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Lenz <thomas.lenz@egiz.gv.at>2020-02-20 09:43:03 +0100
committerThomas Lenz <thomas.lenz@egiz.gv.at>2020-02-20 09:43:03 +0100
commita57a2ed851b818456421f3ce082dc6813da6b736 (patch)
treeb4c9c4c9f7c317ff3f0686d7427366203bdd9347
parent9e26dd0833cd3a6bfb6f15cc11727cdc8e14d260 (diff)
downloadEAAF-Components-a57a2ed851b818456421f3ce082dc6813da6b736.tar.gz
EAAF-Components-a57a2ed851b818456421f3ce082dc6813da6b736.tar.bz2
EAAF-Components-a57a2ed851b818456421f3ce082dc6813da6b736.zip
add two jUnit test and CodeStyle modifications
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java35
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/AuthProcessDataWrapper.java37
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java20
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/logging/EaafCoreMessageSource.java16
-rw-r--r--eaaf_core/src/main/resources/eaaf_core.beans.xml4
-rw-r--r--eaaf_core/src/main/resources/messages/eaaf_core_messages.properties4
-rw-r--r--eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/EaafCoreMessageSourceTest.java41
-rw-r--r--eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java3
-rw-r--r--eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ExtendedPvpAttributeDefinitions.java9
-rw-r--r--eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IAuthProcessDataContainer.java10
-rw-r--r--eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java5
-rw-r--r--eaaf_core_utils/src/main/resources/spring/eaaf_utils.beans.xml4
-rw-r--r--eaaf_core_utils/src/test/resources/data/hsm_facade_trust_root.crt26
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPvp2BasicConfiguration.java11
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvp2MetadataProvider.java13
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java14
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java4
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SchemaValidationFilter.java9
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/resources/eaaf_pvp.beans.xml3
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java3
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/PvpCoreMessageSourceTest.java3
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineTest.java3
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineWithHsmFacadeTest.java3
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/PostBindingTest.java102
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/RedirectBindingTest.java44
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/SoapBindingTest.java3
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/ChainingMetadataTest.java3
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataBuilderTest.java20
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataResolverTest.java3
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/hsm_facade_trust_root.crt26
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/pvp_metadata_junit_keystore_classpath_entityId.xml62
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/test/resources/spring/test_eaaf_core.beans.xml8
-rw-r--r--eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummyPvpConfiguration.java9
-rw-r--r--eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java31
34 files changed, 385 insertions, 206 deletions
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java
index f5c687f1..8f87cbfa 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java
@@ -26,17 +26,6 @@ import java.util.ArrayList;
import java.util.Collection;
import java.util.Map.Entry;
-import org.apache.commons.lang3.StringUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.lang.NonNull;
-import org.springframework.util.Assert;
-import org.springframework.util.Base64Utils;
-import org.w3c.dom.DOMException;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions;
@@ -60,6 +49,17 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
import at.gv.egiz.eaaf.core.impl.utils.XPathUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.lang.NonNull;
+import org.springframework.util.Assert;
+import org.springframework.util.Base64Utils;
+import org.w3c.dom.DOMException;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+
public abstract class AbstractAuthenticationDataBuilder implements IAuthenticationDataBuilder {
private static final Logger log =
LoggerFactory.getLogger(AbstractAuthenticationDataBuilder.class);
@@ -145,10 +145,11 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
* @param authProcessData Authentication information holder from current pending
* request
* @param pendingReq current pending request
+ * @throws EaafAuthenticationException In case inconsistent authentication data
*/
private void buildInternalAuthDataGeneric(@NonNull final IAuthData authData,
@NonNull final IAuthProcessDataContainer authProcessData,
- @NonNull final IRequest pendingReq) {
+ @NonNull final IRequest pendingReq) throws EaafAuthenticationException {
Assert.notNull(pendingReq, "PendingRequest is null");
Assert.notNull(authData, "AuthData is null");
Assert.notNull(authProcessData, "AuthProcessData is null");
@@ -227,9 +228,10 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
* @param authData Current authentication data
* @param authProcessData Authentication information holder from current pending
* request
+ * @throws EaafAuthenticationException In case inconsistent authentication data
*/
private void setCitizenCountryCode(final AuthenticationData authData,
- final IAuthProcessDataContainer authProcessData) {
+ final IAuthProcessDataContainer authProcessData) throws EaafAuthenticationException {
includedToGenericAuthData.remove(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME);
final String pvpCccAttr = authProcessData
.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class);
@@ -239,8 +241,9 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
} else {
if (authData.isForeigner()) {
- // TODO:
- log.warn("Foreign citizen country NOT set yet!");
+ log.warn("EID_Issuing_Nation NOT SET for foreign citizen.");
+ throw new EaafAuthenticationException("builder.11",
+ new Object[] { "EID_Issuing_Nation NOT SET for foreign citizen." });
} else {
authData.setCiticenCountryCode(basicConfig.getBasicConfiguration(
@@ -324,7 +327,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
protected void generateDeprecatedBasicAuthData(final AuthenticationData authData,
final IRequest pendingReq, final IAuthProcessDataContainer authProcessData)
throws EaafBuilderException, EaafConfigurationException, XPathException, DOMException,
- EaafParserException {
+ EaafParserException, EaafAuthenticationException {
if (authProcessData.getGenericSessionDataStorage() != null
&& !authProcessData.getGenericSessionDataStorage().isEmpty()) {
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/AuthProcessDataWrapper.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/AuthProcessDataWrapper.java
index a6017789..988a78b6 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/AuthProcessDataWrapper.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/AuthProcessDataWrapper.java
@@ -19,13 +19,11 @@
package at.gv.egiz.eaaf.core.impl.idp.auth.data;
+import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
-
-import org.apache.commons.lang3.StringUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import java.util.TimeZone;
import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.idp.EaafAuthProcessDataConstants;
@@ -33,6 +31,10 @@ import at.gv.egiz.eaaf.core.api.idp.auth.data.IAuthProcessDataContainer;
import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
public class AuthProcessDataWrapper
implements IAuthProcessDataContainer, EaafAuthProcessDataConstants {
private static final Logger log = LoggerFactory.getLogger(AuthProcessDataWrapper.class);
@@ -72,6 +74,19 @@ public class AuthProcessDataWrapper
* (non-Javadoc)
*
* @see
+ * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setIssueInstant(
+ * java.lang.String)
+ */
+ @Override
+ public void setIssueInstant(final Date issueInstant) {
+ authProcessData.put(VALUE_ISSUEINSTANT, buildDateTimeUtc(issueInstant));
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
* at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isAuthenticated()
*/
@Override
@@ -305,4 +320,18 @@ public class AuthProcessDataWrapper
}
}
+
+ /**
+ * Builds a <code>dateTime</code> value in UTC from a <code>Calendar</code> value.
+ *
+ * @param date the <code>Calendar</code> value
+ * @return the <code>dateTime</code> value
+ */
+ public static String buildDateTimeUtc(final Date date) {
+
+ final SimpleDateFormat f = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
+ f.setTimeZone(TimeZone.getTimeZone("UTC"));
+
+ return f.format(date.getTime());
+ }
}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java
index 07fc652a..5110d2bf 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java
@@ -32,13 +32,6 @@ import java.util.UUID;
import javax.annotation.Nonnull;
import javax.servlet.http.HttpServletRequest;
-import org.apache.commons.lang3.StringUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.lang.NonNull;
-import org.springframework.lang.Nullable;
-import org.springframework.util.Assert;
-
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
@@ -52,12 +45,21 @@ import at.gv.egiz.eaaf.core.impl.utils.HttpUtils;
import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.lang.NonNull;
+import org.springframework.lang.Nullable;
+import org.springframework.util.Assert;
+
public abstract class RequestImpl implements IRequest, Serializable {
private static final Logger log = LoggerFactory.getLogger(RequestImpl.class);
public static final String DATAID_REQUESTER_IP_ADDRESS = "reqestImpl_requesterIPAddr";
+ private static final String ERROR_CODE_INTERNAL_00 = "eaaf.core.00";
+
private static final long serialVersionUID = 1L;
private String module = null;
@@ -143,14 +145,14 @@ public abstract class RequestImpl implements IRequest, Serializable {
} catch (final MalformedURLException e) {
log.error("IDP AuthenticationServiceURL Prefix is not a valid URL." + authUrlString, e);
- throw new EaafAuthenticationException("errorId", new Object[] { authUrlString }, e);
+ throw new EaafAuthenticationException(ERROR_CODE_INTERNAL_00, new Object[] { authUrlString }, e);
}
this.idpAuthUrl = authConfig.validateIdpUrl(authReqUrl);
if (this.idpAuthUrl == null) {
log.warn(
"Extract AuthenticationServiceURL: " + authReqUrl + " is NOT found in configuration.");
- throw new EaafAuthenticationException("errorId", new Object[] { authUrlString });
+ throw new EaafAuthenticationException(ERROR_CODE_INTERNAL_00, new Object[] { authUrlString });
}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/logging/EaafCoreMessageSource.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/logging/EaafCoreMessageSource.java
new file mode 100644
index 00000000..852c65b1
--- /dev/null
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/logging/EaafCoreMessageSource.java
@@ -0,0 +1,16 @@
+package at.gv.egiz.eaaf.core.impl.logging;
+
+import java.util.Arrays;
+import java.util.List;
+
+import at.gv.egiz.eaaf.core.api.logging.IMessageSourceLocation;
+
+public class EaafCoreMessageSource implements IMessageSourceLocation {
+
+ @Override
+ public List<String> getMessageSourceLocation() {
+ return Arrays.asList("classpath:messages/eaaf_core_messages");
+
+ }
+
+}
diff --git a/eaaf_core/src/main/resources/eaaf_core.beans.xml b/eaaf_core/src/main/resources/eaaf_core.beans.xml
index 9806664c..5b1962cf 100644
--- a/eaaf_core/src/main/resources/eaaf_core.beans.xml
+++ b/eaaf_core/src/main/resources/eaaf_core.beans.xml
@@ -13,8 +13,8 @@
<import resource="classpath:/spring/eaaf_utils.beans.xml"/>
- <bean id="httpClientFactory"
- class="at.gv.egiz.eaaf.core.impl.utils.HttpClientFactory" />
+ <bean id="eaafCoreMessageSource"
+ class="at.gv.egiz.eaaf.core.impl.logging.EaafCoreMessageSource" />
<bean id="ProtocolFinalizationController"
class="at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController" />
diff --git a/eaaf_core/src/main/resources/messages/eaaf_core_messages.properties b/eaaf_core/src/main/resources/messages/eaaf_core_messages.properties
new file mode 100644
index 00000000..5a508ccf
--- /dev/null
+++ b/eaaf_core/src/main/resources/messages/eaaf_core_messages.properties
@@ -0,0 +1,4 @@
+eaaf.core.00=Requested URL: {0} is NOT allowed by configuration.
+
+
+
diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/EaafCoreMessageSourceTest.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/EaafCoreMessageSourceTest.java
new file mode 100644
index 00000000..a354b873
--- /dev/null
+++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/EaafCoreMessageSourceTest.java
@@ -0,0 +1,41 @@
+package at.gv.egiz.eaaf.core.impl.idp.auth;
+
+import java.util.List;
+
+import at.gv.egiz.eaaf.core.api.logging.IMessageSourceLocation;
+
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.io.Resource;
+import org.springframework.core.io.ResourceLoader;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({ "/eaaf_core.beans.xml",
+ "/SpringTest-context_eaaf_core.xml",
+ "/SpringTest-context_authManager.xml"})
+public class EaafCoreMessageSourceTest {
+
+ @Autowired
+ private ResourceLoader loader;
+ @Autowired(required = false)
+ private List<IMessageSourceLocation> messageSources;
+
+ @Test
+ public void checkMessageSources() {
+ Assert.assertNotNull("No messageSource", messageSources);
+
+ for (final IMessageSourceLocation messageSource : messageSources) {
+ Assert.assertNotNull("No sourcePath", messageSource.getMessageSourceLocation());
+
+ for (final String el : messageSource.getMessageSourceLocation()) {
+ final Resource messages = loader.getResource(el + ".properties");
+ Assert.assertTrue("Source not exist", messages.exists());
+
+ }
+ }
+ }
+}
diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java
index dd3976dd..e295d69a 100644
--- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java
+++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java
@@ -22,8 +22,7 @@ public class DummyConfiguration implements IConfigurationWithSP {
@Override
public String getBasicConfiguration(final String key, final String defaultValue) {
- // TODO Auto-generated method stub
- return null;
+ return defaultValue;
}
@Override
diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ExtendedPvpAttributeDefinitions.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ExtendedPvpAttributeDefinitions.java
index f5865067..b6f602d2 100644
--- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ExtendedPvpAttributeDefinitions.java
+++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ExtendedPvpAttributeDefinitions.java
@@ -40,4 +40,13 @@ public interface ExtendedPvpAttributeDefinitions extends PvpAttributeDefinitions
String EID_ENCRYPTED_SOURCEID_TYPE_NAME = "urn:eidgvat:attributes.vsz.type";
String EID_ENCRYPTED_SOURCEID_TYPE_FRIENDLY_NAME = "vSZ-Type";
+ String EID_EIDBIND_NAME = "urn:eidgvat:attributes.eidbind";
+ String EID_EIDBIND_FRIENDLY_NAME = "eidBind";
+
+ String EID_CONSENT_SIGNED_NAME = "urn:eidgvat:attributes.consent.signed";
+ String EID_CONSENT_SIGNED_FRIENDLY_NAME = "userConsent";
+
+ String EID_MIS_MANDATE_NAME = "urn:eidgvat:attributes.mis.mandate";
+ String EID_MIS_MANDATE_FRIENDLY_NAME = "mandate";
+
}
diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IAuthProcessDataContainer.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IAuthProcessDataContainer.java
index 60224ea6..6c7292ac 100644
--- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IAuthProcessDataContainer.java
+++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IAuthProcessDataContainer.java
@@ -41,6 +41,13 @@ public interface IAuthProcessDataContainer {
void setIssueInstant(String issueInstant);
/**
+ * Sets the issuing time of the AUTH-Block SAML assertion.
+ *
+ * @param issueInstant The issueInstant to set.
+ */
+ void setIssueInstant(Date issueInstant);
+
+ /**
* Indicate if the authentication process is finished.
*
* @return
@@ -142,7 +149,7 @@ public interface IAuthProcessDataContainer {
/**
* Get Timestamp when session was created.
- *
+ *
* @return the sessionCreated
*/
Date getSessionCreated();
@@ -178,4 +185,5 @@ public interface IAuthProcessDataContainer {
* to generic session-data storage
*/
void setGenericDataToSession(String key, Object object) throws EaafStorageException;
+
}
diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java
index 5936e106..f69efd49 100644
--- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java
+++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java
@@ -68,8 +68,9 @@ public class EaafKeyStoreFactory {
* Get a new KeyStore based on a KeyStore configuration-object.
*
* @param config KeyStore configuration
- * @return {@link Pair} of a new KeyStore instance and an optional {@link Provider}. If the {@link Provider}
- * is not <code>null</code> this {@link KeyStore} requires a specific {@link Provider} for {@link Key} operations.
+ * @return {@link Pair} of a new {@link KeyStore} instance and an optional {@link Provider}.
+ * The {@link KeyStore} is {@link Nonnull}. If the {@link Provider} is not <code>null</code>
+ * this {@link KeyStore} requires a specific {@link Provider} for {@link Key} operations.
* @throws EaafException In case of a KeyStore initialization error
*/
@Nonnull
diff --git a/eaaf_core_utils/src/main/resources/spring/eaaf_utils.beans.xml b/eaaf_core_utils/src/main/resources/spring/eaaf_utils.beans.xml
index 7568f423..ab631e34 100644
--- a/eaaf_core_utils/src/main/resources/spring/eaaf_utils.beans.xml
+++ b/eaaf_core_utils/src/main/resources/spring/eaaf_utils.beans.xml
@@ -10,11 +10,13 @@
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd" >
+ <bean id="eaafHttpClientFactory"
+ class="at.gv.egiz.eaaf.core.impl.utils.HttpClientFactory" />
+
<bean id="eaafKeyStoreFactory"
class="at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory" />
<bean id="eaafUtilsMessageSource"
class="at.gv.egiz.eaaf.core.impl.logging.EaafUtilsMessageSource" />
-
</beans> \ No newline at end of file
diff --git a/eaaf_core_utils/src/test/resources/data/hsm_facade_trust_root.crt b/eaaf_core_utils/src/test/resources/data/hsm_facade_trust_root.crt
index 37fdc389..01be3821 100644
--- a/eaaf_core_utils/src/test/resources/data/hsm_facade_trust_root.crt
+++ b/eaaf_core_utils/src/test/resources/data/hsm_facade_trust_root.crt
@@ -1,20 +1,10 @@
-----BEGIN CERTIFICATE-----
-MIIDFDCCAfygAwIBAgIEXIjqbjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARy
-b290MB4XDTE5MDMxMzExMzMwMloXDTIwMDMxMjExMzMwMlowDzENMAsGA1UEAwwE
-cm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKijWXfb7bvQ7CIw
-FuyuPUz+aN7uBgSSnpYamtzjagacdtGR2V2OVHfjVHhw+cSoNPaEEV2x0O9A+w8F
-FCatBT30l7/2scuJmrdXYlIhd17NU6HG/HKYvRYROkXrprsbdZobWqdF/zShLIvv
-0bwconAu7AxwlDgNJQz2pL0e94OkCT5rZyA4HFgzJ34XynXaCMbUbVXxVk6EuNaX
-hbyco0qhjOjSn7Rwk3iXp21V4vcYRVq44sG3ieU6jHq6LKmYSGJ1y0yv9ADYJwSp
-jCzRbOEKe/7QVvZIyzzqjhO3SAHONuFNX0V6zPCgMCjUOgHuOIEKLJR9p0YYYocX
-GBLcVuECAwEAAaN4MHYwDAYDVR0TBAUwAwEB/zA6BgNVHSMEMzAxgBQueuDUlVbB
-LBjP+iRFr6lUDBh58qETpBEwDzENMAsGA1UEAwwEcm9vdIIEXIjqbjAdBgNVHQ4E
-FgQULnrg1JVWwSwYz/okRa+pVAwYefIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB
-CwUAA4IBAQCEYSVpiKFO7FjCqTlkxNBY7e7891dq43DfX9i/Hb/AIvZDPe/RC46t
-EXd9LN7QYaXe35U5ZD1q7qmK7NoFJ9zp4D4mxA2iiBHz40GnRt+0abNdQiyw913W
-s/VIElAOv0tvCw+3SwzvLRU/AVCM1weW6IUbYv/Ty5zmLBsG3do3MmVF3cqXho2m
-pNaiubuaUsR8Ms1LqIr6R7Yf8MKSrgYWCOw60gj5O64RHnEJli52D+S/8Cue5GvG
-ECckmgLgGsRcWfFwRqqS7+XWt8Dv8xxD5vurvcs547Hn28kSHtF2i+KYLDVH2QjN
-dbO0qgEJlMPi7oGrsNjIkndrWseNrPA4
+MIIBdDCCARqgAwIBAgIEXkz1yjAKBggqhkjOPQQDAjARMQ8wDQYDVQQDDAZlY3Jv
+b3QwHhcNMjAwMjE5MDg0NjAyWhcNMjEwMjE4MDg0NjAyWjARMQ8wDQYDVQQDDAZl
+Y3Jvb3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS8yvpVIWbPj4E7Lr87hwQR
+T9DZf9WY5LMV7gF6NKpnJ5JkEql/s7fqBVbrh8aSNo6gmfmSk4VYGhPJ+DCMzzQj
+o2AwXjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFOXafzYpIOlu6BgNU+Ee
+JWuJobgWMB0GA1UdDgQWBBTl2n82KSDpbugYDVPhHiVriaG4FjALBgNVHQ8EBAMC
+AQYwCgYIKoZIzj0EAwIDSAAwRQIgRt/51PKL/bATuLCdib95Ika+h845Jo0G+Sbn
+bzNwJAcCIQCVD1cxEBuUkKaiaLbTiNVsEjvQb6ti0TFbbQUH66jCGA==
-----END CERTIFICATE-----
- \ No newline at end of file
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPvp2BasicConfiguration.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPvp2BasicConfiguration.java
index 3e321c21..a54eb0b8 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPvp2BasicConfiguration.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPvp2BasicConfiguration.java
@@ -24,6 +24,7 @@ import java.util.List;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
import org.opensaml.saml.saml2.metadata.ContactPerson;
@@ -95,4 +96,14 @@ public interface IPvp2BasicConfiguration {
@Nonnull
Organization getIdpOrganisation() throws EaafException;
+ /**
+ * Get the basic {@link IConfiguration} object that was
+ * used to generate this {@link IPvp2BasicConfiguration}.
+ *
+ * @return Basic application configuration
+ */
+ @Nonnull
+ IConfiguration getBasicConfiguration();
+
+
}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvp2MetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvp2MetadataProvider.java
index 1af8db7b..2f058af8 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvp2MetadataProvider.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvp2MetadataProvider.java
@@ -19,6 +19,9 @@
package at.gv.egiz.eaaf.modules.pvp2.api.metadata;
+import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
+
import org.opensaml.saml.metadata.resolver.ExtendedRefreshableMetadataResolver;
import org.opensaml.saml.saml2.metadata.EntityDescriptor;
@@ -26,6 +29,14 @@ import net.shibboleth.utilities.java.support.resolver.ResolverException;
public interface IPvp2MetadataProvider extends ExtendedRefreshableMetadataResolver {
- EntityDescriptor getEntityDescriptor(String entityID) throws ResolverException;
+ /**
+ * Get a SAML2 EntityDescriptor with an EntityId from metadata provider.
+ *
+ * @param entityID Unique EntityId of the application
+ * @return SAML2 {@link EntityDescriptor}
+ * @throws ResolverException In case of an internal resolver error.
+ */
+ @Nullable
+ EntityDescriptor getEntityDescriptor(@Nonnull String entityID) throws ResolverException;
}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java
index 902f84c7..40448b45 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java
@@ -33,6 +33,13 @@ import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.naming.ConfigurationException;
+import at.gv.egiz.components.spring.api.IDestroyableObject;
+import at.gv.egiz.eaaf.core.api.IGarbageCollectorProcessing;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpAddableChainingMetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider;
+
import org.apache.commons.lang3.StringUtils;
import org.joda.time.DateTime;
import org.opensaml.core.criterion.EntityIdCriterion;
@@ -43,12 +50,6 @@ import org.opensaml.saml.metadata.resolver.filter.MetadataFilter;
import org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver;
import org.opensaml.saml.saml2.metadata.EntityDescriptor;
-import at.gv.egiz.components.spring.api.IDestroyableObject;
-import at.gv.egiz.eaaf.core.api.IGarbageCollectorProcessing;
-import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
-import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
-import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpAddableChainingMetadataProvider;
-import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider;
import lombok.extern.slf4j.Slf4j;
import net.shibboleth.utilities.java.support.annotation.constraint.NonnullElements;
import net.shibboleth.utilities.java.support.component.IdentifiedComponent;
@@ -486,6 +487,7 @@ public abstract class AbstractChainingMetadataProvider implements IGarbageCollec
}
+ @Nullable
private EntityDescriptor internalResolveSingle(@Nullable final CriteriaSet criteria)
throws ResolverException {
for (final MetadataResolver resolver : internalResolvers) {
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java
index c476846b..5059b1fb 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java
@@ -413,8 +413,8 @@ public class Saml2Utils {
* @param value Attribute value
* @return
*/
- public static EaafRequestedAttribute generateReqAuthnAttributeSimple(final Attribute attr,
- final boolean isRequired, final String value) {
+ public static EaafRequestedAttribute generateReqAuthnAttributeSimple(
+ final Attribute attr, final boolean isRequired, final String value) {
final EaafRequestedAttribute requested =
Saml2Utils.createSamlObject(EaafRequestedAttribute.class);
requested.setName(attr.getName());
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SchemaValidationFilter.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SchemaValidationFilter.java
index 1994eba0..b9e0c37f 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SchemaValidationFilter.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SchemaValidationFilter.java
@@ -39,10 +39,19 @@ public class SchemaValidationFilter implements MetadataFilter {
private static SAMLSchemaBuilder schemaBuilder = new SAMLSchemaBuilder(SAML1Version.SAML_11);
+ /**
+ * XML Schema validation filter for SAML2 metadata.
+ * <p>Schemavalidation is active by default</p>
+ */
public SchemaValidationFilter() {
}
+ /**
+ * XML Schema validation filter for SAML2 metadata.
+ *
+ * @param useSchemaValidation <code>true</code> XML schema validation is active, otherwise <code>false</code>
+ */
public SchemaValidationFilter(final boolean useSchemaValidation) {
this.isActive = useSchemaValidation;
}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/resources/eaaf_pvp.beans.xml b/eaaf_modules/eaaf_module_pvp2_core/src/main/resources/eaaf_pvp.beans.xml
index a2b52fbc..72cf9677 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/resources/eaaf_pvp.beans.xml
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/resources/eaaf_pvp.beans.xml
@@ -28,4 +28,7 @@
<bean id="PvpSoapBinding"
class="at.gv.egiz.eaaf.modules.pvp2.impl.binding.SoapBinding" />
+ <bean id="samlVerificationEngine"
+ class="at.gv.egiz.eaaf.modules.pvp2.impl.verification.SamlVerificationEngine" />
+
</beans> \ No newline at end of file
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java
index 3ba4c962..5690038c 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java
@@ -30,7 +30,8 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration({
"/spring/test_eaaf_core_map_config.beans.xml",
- "/spring/SpringTest-context_lazy.xml"
+ "/spring/SpringTest-context_lazy.xml",
+ "/spring/eaaf_utils.beans.xml"
})
public class CredentialProviderTest {
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/PvpCoreMessageSourceTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/PvpCoreMessageSourceTest.java
index cc15df90..b94ed8cc 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/PvpCoreMessageSourceTest.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/PvpCoreMessageSourceTest.java
@@ -16,7 +16,8 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration({ "/spring/test_eaaf_pvp.beans.xml",
-"/spring/test_eaaf_core_spring_config.beans.xml" })
+"/spring/test_eaaf_core_spring_config.beans.xml",
+"/spring/eaaf_utils.beans.xml" })
@TestPropertySource(locations = { "/config/config_1.props" })
public class PvpCoreMessageSourceTest {
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineTest.java
index bc0084f7..64bfb8f6 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineTest.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineTest.java
@@ -40,7 +40,8 @@ import net.shibboleth.utilities.java.support.xml.XMLParserException;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration({ "/spring/test_eaaf_pvp.beans.xml",
- "/spring/test_eaaf_core_spring_config.beans.xml" })
+ "/spring/test_eaaf_core_spring_config.beans.xml",
+ "/spring/eaaf_utils.beans.xml" })
@TestPropertySource(locations = { "/config/config_1.props" })
public class SamlVerificationEngineTest extends AbstractSamlVerificationEngine {
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineWithHsmFacadeTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineWithHsmFacadeTest.java
index 95f63003..5b06a73f 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineWithHsmFacadeTest.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineWithHsmFacadeTest.java
@@ -12,7 +12,8 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration({ "/spring/test_eaaf_pvp.beans.xml",
- "/spring/test_eaaf_core_spring_config.beans.xml" })
+ "/spring/test_eaaf_core_spring_config.beans.xml",
+ "/spring/eaaf_utils.beans.xml" })
@TestPropertySource(locations = { "/config/config_3.props" })
public class SamlVerificationEngineWithHsmFacadeTest extends AbstractSamlVerificationEngine {
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/PostBindingTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/PostBindingTest.java
index 8833202a..147199a5 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/PostBindingTest.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/PostBindingTest.java
@@ -9,6 +9,33 @@ import java.util.Map;
import javax.xml.parsers.ParserConfigurationException;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.gui.DummyGuiBuilderConfigurationFactory;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
+import at.gv.egiz.eaaf.core.impl.utils.IHttpClientFactory;
+import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
+import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute;
+import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttributes;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SamlMessageValidationException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException;
+import at.gv.egiz.eaaf.modules.pvp2.impl.binding.PostBinding;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileResponse;
+import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
+import at.gv.egiz.eaaf.modules.pvp2.impl.validation.EaafUriCompare;
+import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider;
+import at.gv.egiz.eaaf.modules.pvp2.test.metadata.MetadataResolverTest;
+
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.RandomStringUtils;
import org.joda.time.DateTime;
@@ -42,32 +69,6 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.w3c.dom.Element;
import org.xml.sax.SAXException;
-import at.gv.egiz.eaaf.core.api.IRequest;
-import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration;
-import at.gv.egiz.eaaf.core.impl.idp.module.gui.DummyGuiBuilderConfigurationFactory;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
-import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
-import at.gv.egiz.eaaf.core.impl.utils.IHttpClientFactory;
-import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
-import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
-import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
-import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute;
-import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttributes;
-import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception;
-import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.SamlMessageValidationException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException;
-import at.gv.egiz.eaaf.modules.pvp2.impl.binding.PostBinding;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileResponse;
-import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory;
-import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
-import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
-import at.gv.egiz.eaaf.modules.pvp2.impl.validation.EaafUriCompare;
-import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider;
-import at.gv.egiz.eaaf.modules.pvp2.test.metadata.MetadataResolverTest;
import net.shibboleth.utilities.java.support.net.URIComparator;
import net.shibboleth.utilities.java.support.xml.SerializeSupport;
import net.shibboleth.utilities.java.support.xml.XMLParserException;
@@ -77,7 +78,8 @@ import okhttp3.mockwebserver.MockWebServer;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration({"/spring/test_eaaf_pvp.beans.xml",
- "/spring/test_eaaf_core_spring_config.beans.xml"})
+ "/spring/test_eaaf_core_spring_config.beans.xml",
+ "/spring/eaaf_utils.beans.xml"})
@TestPropertySource(locations = {"/config/config_1.props"})
public class PostBindingTest {
@@ -162,7 +164,7 @@ public class PostBindingTest {
}
}
-
+
@Test
public void decodeRequestWrongEndpoint() throws MessageDecodingException, SecurityException,
IOException, Pvp2MetadataException {
@@ -363,13 +365,13 @@ public class PostBindingTest {
XMLObjectProviderRegistrySupport.getParserPool(),
PostBindingTest.class.getResourceAsStream("/data/eIDAS_connector_authn.xml"));
authnReq.setIssueInstant(DateTime.now());
- Issuer issuer = Saml2Utils.createSamlObject(Issuer.class);
+ final Issuer issuer = Saml2Utils.createSamlObject(Issuer.class);
issuer.setValue("https://demo.egiz.gv.at/demoportal_demologin/");
authnReq.setIssuer(issuer);
-
- RequestAbstractType signedAuthn = Saml2Utils.signSamlObject(authnReq, credentialProvider.getMessageSigningCredential(), true);
- Element signedElement = XMLObjectSupport.getMarshaller(signedAuthn).marshall(signedAuthn);
- final String b64AuthnReq =
+
+ final RequestAbstractType signedAuthn = Saml2Utils.signSamlObject(authnReq, credentialProvider.getMessageSigningCredential(), true);
+ final Element signedElement = XMLObjectSupport.getMarshaller(signedAuthn).marshall(signedAuthn);
+ final String b64AuthnReq =
Base64.getEncoder().encodeToString(SerializeSupport.nodeToString(signedElement).getBytes("UTF-8"));
httpReq.setMethod("POST");
httpReq.addParameter("SAMLRequest", b64AuthnReq);
@@ -391,35 +393,35 @@ public class PostBindingTest {
Assert.assertNotNull("EntityId is null", msg.getEntityID());
Assert.assertEquals("EntityId not match", "https://demo.egiz.gv.at/demoportal_demologin/", msg.getEntityID());
Assert.assertTrue("Wrong isVerified flag", msg.isVerified());
-
+
org.springframework.util.Assert.isInstanceOf(PvpSProfileRequest.class, msg, "Inbound message is of wrong type");
- org.springframework.util.Assert.isInstanceOf(AuthnRequest.class, ((PvpSProfileRequest)msg).getSamlRequest(),
+ org.springframework.util.Assert.isInstanceOf(AuthnRequest.class, ((PvpSProfileRequest)msg).getSamlRequest(),
"Inbound message is of wrong type");
-
- AuthnRequest parsedAuthnReq = (AuthnRequest)((PvpSProfileRequest)msg).getSamlRequest();
+
+ final AuthnRequest parsedAuthnReq = (AuthnRequest)((PvpSProfileRequest)msg).getSamlRequest();
Assert.assertNotNull("No extension", parsedAuthnReq.getExtensions());
Assert.assertNotNull("No extension child", parsedAuthnReq.getExtensions().getUnknownXMLObjects());
Assert.assertEquals("extension child size", 1, parsedAuthnReq.getExtensions().getUnknownXMLObjects().size());
-
- XMLObject reqAttrs = parsedAuthnReq.getExtensions().getUnknownXMLObjects().get(0);
+
+ final XMLObject reqAttrs = parsedAuthnReq.getExtensions().getUnknownXMLObjects().get(0);
org.springframework.util.Assert.isInstanceOf(EaafRequestedAttributes.class, reqAttrs, "Wrong requested Attributes type");
- EaafRequestedAttributes eaafReqAttrs = (EaafRequestedAttributes) reqAttrs;
+ final EaafRequestedAttributes eaafReqAttrs = (EaafRequestedAttributes) reqAttrs;
Assert.assertNotNull("Req attr is null", eaafReqAttrs.getAttributes());
Assert.assertFalse("Req attr is empty", eaafReqAttrs.getAttributes().isEmpty());
Assert.assertEquals("Req attr size", 1, eaafReqAttrs.getAttributes().size());
-
- EaafRequestedAttribute eaafReqAttr = eaafReqAttrs.getAttributes().get(0);
+
+ final EaafRequestedAttribute eaafReqAttr = eaafReqAttrs.getAttributes().get(0);
Assert.assertNotNull("Req Attibute is null", eaafReqAttr);
Assert.assertEquals("Req. Attr. Friendlyname", "EID-SECTOR-FOR-IDENTIFIER", eaafReqAttr.getFriendlyName());
Assert.assertEquals("Req. Attr. Name", "urn:oid:1.2.40.0.10.2.1.1.261.34", eaafReqAttr.getName());
-
+
Assert.assertEquals("Req. Attr. Value size", 1, eaafReqAttr.getAttributeValues().size());
- org.springframework.util.Assert.isInstanceOf(XSString.class, eaafReqAttr.getAttributeValues().get(0),
+ org.springframework.util.Assert.isInstanceOf(XSString.class, eaafReqAttr.getAttributeValues().get(0),
"Wrong requested Attributes Value type");
Assert.assertEquals("Req. Attr. Value", "urn:publicid:gv.at:cdid+BF", ((XSString)eaafReqAttr.getAttributeValues().get(0)).getValue());
-
+
}
-
+
@Test
public void decodeRequestSuccessWithoutRelayStateEcdsaSig() throws MessageDecodingException, SecurityException,
IOException, Pvp2Exception, CredentialsNotAvailableException, XMLParserException, UnmarshallingException {
@@ -446,13 +448,13 @@ public class PostBindingTest {
Assert.assertNotNull("EntityId is null", msg.getEntityID());
Assert.assertEquals("EntityId not match", "https://demo.egiz.gv.at/demoportal_demologin/", msg.getEntityID());
Assert.assertTrue("Wrong isVerified flag", msg.isVerified());
-
+
//check if reconstraction from serialized form work well
((InboundMessage)msg).setSamlMessage(null);
try {
Assert.assertNotNull("AuthnReq is null", msg.getInboundMessage());
-
- } catch (RuntimeException e) { }
+
+ } catch (final RuntimeException e) { }
}
@@ -480,7 +482,7 @@ public class PostBindingTest {
Assert.assertNotNull("EntityId is null", msg.getEntityID());
Assert.assertEquals("EntityId not match", "https://demo.egiz.gv.at/demoportal_demologin/", msg.getEntityID());
Assert.assertTrue("Wrong isVerified flag", msg.isVerified());
-
+
org.springframework.util.Assert.isInstanceOf(PvpSProfileResponse.class, msg, "Inbound message is of wrong type");
}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/RedirectBindingTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/RedirectBindingTest.java
index 408729e3..37e4acd1 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/RedirectBindingTest.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/RedirectBindingTest.java
@@ -5,6 +5,25 @@ import java.net.URLDecoder;
import javax.xml.parsers.ParserConfigurationException;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.utils.IHttpClientFactory;
+import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
+import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
+import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SamlMessageValidationException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException;
+import at.gv.egiz.eaaf.modules.pvp2.impl.binding.RedirectBinding;
+import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
+import at.gv.egiz.eaaf.modules.pvp2.impl.validation.EaafUriCompare;
+import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider;
+import at.gv.egiz.eaaf.modules.pvp2.test.metadata.MetadataResolverTest;
+
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.RandomStringUtils;
import org.joda.time.DateTime;
@@ -29,24 +48,6 @@ import org.springframework.test.context.TestPropertySource;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.xml.sax.SAXException;
-import at.gv.egiz.eaaf.core.api.IRequest;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
-import at.gv.egiz.eaaf.core.impl.utils.IHttpClientFactory;
-import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
-import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
-import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
-import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
-import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception;
-import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.SamlMessageValidationException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException;
-import at.gv.egiz.eaaf.modules.pvp2.impl.binding.RedirectBinding;
-import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory;
-import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
-import at.gv.egiz.eaaf.modules.pvp2.impl.validation.EaafUriCompare;
-import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider;
-import at.gv.egiz.eaaf.modules.pvp2.test.metadata.MetadataResolverTest;
import net.shibboleth.utilities.java.support.net.URIComparator;
import net.shibboleth.utilities.java.support.net.URISupport;
import net.shibboleth.utilities.java.support.xml.XMLParserException;
@@ -56,7 +57,8 @@ import okhttp3.mockwebserver.MockWebServer;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration({ "/spring/test_eaaf_pvp.beans.xml",
- "/spring/test_eaaf_core_spring_config.beans.xml" })
+ "/spring/test_eaaf_core_spring_config.beans.xml",
+ "/spring/eaaf_utils.beans.xml" })
@TestPropertySource(locations = { "/config/config_1.props" })
public class RedirectBindingTest {
@@ -167,7 +169,7 @@ public class RedirectBindingTest {
}
}
-
+
@Test
public void wrongRedirectBindingType() throws MessageDecodingException,
SecurityException, IOException, Pvp2MetadataException {
@@ -211,7 +213,7 @@ public class RedirectBindingTest {
}
}
-
+
@Test
public void decodeRequestNoSignature() throws MessageDecodingException,
SecurityException, IOException, Pvp2MetadataException {
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/SoapBindingTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/SoapBindingTest.java
index b43f6a3e..f3a7e01d 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/SoapBindingTest.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/SoapBindingTest.java
@@ -45,7 +45,8 @@ import net.shibboleth.utilities.java.support.xml.XMLParserException;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration({"/spring/test_eaaf_pvp.beans.xml",
- "/spring/test_eaaf_core_spring_config.beans.xml"})
+ "/spring/test_eaaf_core_spring_config.beans.xml",
+ "/spring/eaaf_utils.beans.xml"})
@TestPropertySource(locations = {"/config/config_1.props"})
public class SoapBindingTest {
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/ChainingMetadataTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/ChainingMetadataTest.java
index 8e00068f..6abe52dc 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/ChainingMetadataTest.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/ChainingMetadataTest.java
@@ -36,7 +36,8 @@ import okhttp3.mockwebserver.MockWebServer;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration({ "/spring/test_eaaf_pvp.beans.xml",
- "/spring/test_eaaf_core_spring_config.beans.xml" })
+ "/spring/test_eaaf_core_spring_config.beans.xml",
+ "/spring/eaaf_utils.beans.xml" })
@TestPropertySource(locations = { "/config/config_1.props" })
public class ChainingMetadataTest {
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataBuilderTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataBuilderTest.java
index 6cf81d2b..0f8817a0 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataBuilderTest.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataBuilderTest.java
@@ -14,6 +14,15 @@ import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactoryConfigurationError;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataBuilderConfiguration;
+import at.gv.egiz.eaaf.modules.pvp2.api.utils.IPvp2CredentialProvider;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PvpMetadataBuilder;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
+import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider;
+
import org.apache.commons.lang3.RandomStringUtils;
import org.junit.Assert;
import org.junit.BeforeClass;
@@ -41,14 +50,6 @@ import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.TestPropertySource;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-import at.gv.egiz.eaaf.core.exceptions.EaafException;
-import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
-import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataBuilderConfiguration;
-import at.gv.egiz.eaaf.modules.pvp2.api.utils.IPvp2CredentialProvider;
-import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
-import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PvpMetadataBuilder;
-import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
-import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider;
import net.shibboleth.utilities.java.support.xml.XMLParserException;
@@ -57,7 +58,8 @@ import net.shibboleth.utilities.java.support.xml.XMLParserException;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration({ "/spring/test_eaaf_pvp.beans.xml",
- "/spring/test_eaaf_core_spring_config.beans.xml" })
+ "/spring/test_eaaf_core_spring_config.beans.xml",
+ "/spring/eaaf_utils.beans.xml" })
@TestPropertySource(locations = { "/config/config_1.props" })
public class MetadataBuilderTest {
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataResolverTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataResolverTest.java
index bcdeb765..accdd8b0 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataResolverTest.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataResolverTest.java
@@ -79,7 +79,8 @@ import okhttp3.mockwebserver.MockWebServer;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration({ "/spring/test_eaaf_pvp.beans.xml",
- "/spring/test_eaaf_core_spring_config.beans.xml" })
+ "/spring/test_eaaf_core_spring_config.beans.xml",
+ "/spring/eaaf_utils.beans.xml" })
@TestPropertySource(locations = { "/config/config_1.props" })
public class MetadataResolverTest {
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/hsm_facade_trust_root.crt b/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/hsm_facade_trust_root.crt
index 37fdc389..01be3821 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/hsm_facade_trust_root.crt
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/hsm_facade_trust_root.crt
@@ -1,20 +1,10 @@
-----BEGIN CERTIFICATE-----
-MIIDFDCCAfygAwIBAgIEXIjqbjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARy
-b290MB4XDTE5MDMxMzExMzMwMloXDTIwMDMxMjExMzMwMlowDzENMAsGA1UEAwwE
-cm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKijWXfb7bvQ7CIw
-FuyuPUz+aN7uBgSSnpYamtzjagacdtGR2V2OVHfjVHhw+cSoNPaEEV2x0O9A+w8F
-FCatBT30l7/2scuJmrdXYlIhd17NU6HG/HKYvRYROkXrprsbdZobWqdF/zShLIvv
-0bwconAu7AxwlDgNJQz2pL0e94OkCT5rZyA4HFgzJ34XynXaCMbUbVXxVk6EuNaX
-hbyco0qhjOjSn7Rwk3iXp21V4vcYRVq44sG3ieU6jHq6LKmYSGJ1y0yv9ADYJwSp
-jCzRbOEKe/7QVvZIyzzqjhO3SAHONuFNX0V6zPCgMCjUOgHuOIEKLJR9p0YYYocX
-GBLcVuECAwEAAaN4MHYwDAYDVR0TBAUwAwEB/zA6BgNVHSMEMzAxgBQueuDUlVbB
-LBjP+iRFr6lUDBh58qETpBEwDzENMAsGA1UEAwwEcm9vdIIEXIjqbjAdBgNVHQ4E
-FgQULnrg1JVWwSwYz/okRa+pVAwYefIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB
-CwUAA4IBAQCEYSVpiKFO7FjCqTlkxNBY7e7891dq43DfX9i/Hb/AIvZDPe/RC46t
-EXd9LN7QYaXe35U5ZD1q7qmK7NoFJ9zp4D4mxA2iiBHz40GnRt+0abNdQiyw913W
-s/VIElAOv0tvCw+3SwzvLRU/AVCM1weW6IUbYv/Ty5zmLBsG3do3MmVF3cqXho2m
-pNaiubuaUsR8Ms1LqIr6R7Yf8MKSrgYWCOw60gj5O64RHnEJli52D+S/8Cue5GvG
-ECckmgLgGsRcWfFwRqqS7+XWt8Dv8xxD5vurvcs547Hn28kSHtF2i+KYLDVH2QjN
-dbO0qgEJlMPi7oGrsNjIkndrWseNrPA4
+MIIBdDCCARqgAwIBAgIEXkz1yjAKBggqhkjOPQQDAjARMQ8wDQYDVQQDDAZlY3Jv
+b3QwHhcNMjAwMjE5MDg0NjAyWhcNMjEwMjE4MDg0NjAyWjARMQ8wDQYDVQQDDAZl
+Y3Jvb3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS8yvpVIWbPj4E7Lr87hwQR
+T9DZf9WY5LMV7gF6NKpnJ5JkEql/s7fqBVbrh8aSNo6gmfmSk4VYGhPJ+DCMzzQj
+o2AwXjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFOXafzYpIOlu6BgNU+Ee
+JWuJobgWMB0GA1UdDgQWBBTl2n82KSDpbugYDVPhHiVriaG4FjALBgNVHQ8EBAMC
+AQYwCgYIKoZIzj0EAwIDSAAwRQIgRt/51PKL/bATuLCdib95Ika+h845Jo0G+Sbn
+bzNwJAcCIQCVD1cxEBuUkKaiaLbTiNVsEjvQb6ti0TFbbQUH66jCGA==
-----END CERTIFICATE-----
- \ No newline at end of file
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/pvp_metadata_junit_keystore_classpath_entityId.xml b/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/pvp_metadata_junit_keystore_classpath_entityId.xml
index 67eed2ac..7ccd5484 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/pvp_metadata_junit_keystore_classpath_entityId.xml
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/pvp_metadata_junit_keystore_classpath_entityId.xml
@@ -67,20 +67,23 @@ ANsmjI2azWiTSFjb7Ou5fnCfbeiJUP0s66m8qS4rYl9L
</ds:X509Certificate>
</ds:X509Data>
<ds:X509Data>
- <ds:X509Certificate>MIIDEzCCArqgAwIBAgIIHL62SBANl8QwCgYIKoZIzj0EAwIwIzEhMB8GA1UEAwwYS2V5c3RvcmVC
-YWNrZWRQa2lTZXJ2aWNlMB4XDTIwMDIxNzEyMzMxNloXDTIwMDUxNzExMzMxNlowMjEdMBsGA1UE
-AwwUaW50LWF1dGhoYW5kbGVyLXNpZ24xETAPBgNVBAoMCHNvZnR3YXJlMIICIjANBgkqhkiG9w0B
-AQEFAAOCAg8AMIICCgKCAgEAtVRK3ocL1aqCO+Q0OELikVbEU6tOsXGg1HCWr07YdTsu/qoRCVrB
-THF6xqgtFjBVGWkg5kFS7853Lg3peSO1K63RzXWldcgUUM8o9zTybbBI74eXcK8pug1LLAkytQ1i
-I6w166am8eoG/vTrc+TIFCDm+pyzmGcl5K8c8Gnm0k41vsMViEFgy6Oq9glts8eEUCOF3ZnL8rIv
-w4hjrGsQ+8iZPZEEuMj+rZ2iLI9bjWv6xmNKWTLSO9dm7d2kTNGLQST0XFJkmFDXjQ1jXApXkGlp
-i8igWCX3CU8jSuPLdCQ4VU/Pqr/J4uzBWBsv01vs4aqyLVZTGs23xUjJ+9I9fmn1VIfhuh6zGHq+
-jfjBfD6FhndNoPiMEpJT34h39rtF14GOlhb/I1OGjxIyMQGvT7up7p3AlPC7Lz2ylWrVWojR/cAE
-umzS6zWgRW9zmVIgC7j48EmMjkapyUWVBR7FkfdodedzSPNETRdWXr7WulSBjjj82AWmwuoDrSZd
-330g7FUZHd0D1JFUkLXOgZ1SmyFXds7fTiJGzk4XdYiS8MD07pokNDhZ7FHFGSoTHB8u4fvG2r0u
-6tvLRBRkv/3wzDcTcPbEa9Z1JQ3Qh+/aJQmaQMMnE9m4msW4GqTGBoshss8FW1EvUi7JAh4EvXJJ
-bhNQmfwU5wBD6WbPsURo7i0CAwEAATAKBggqhkjOPQQDAgNHADBEAiAyb9SMaC7U/HY//YcfjcR0
-j0/DL+9ckFNMvdw0IUq3yAIgEtWkYQrh5Oog7DmVJv0z/C1qPzcjfzDwJI4AlF7IfO4=</ds:X509Certificate>
+ <ds:X509Certificate>MIIDFDCCArqgAwIBAgIIFy4Oe7D+zq8wCgYIKoZIzj0EAwIwIzEhMB8GA1UEAwwY
+S2V5c3RvcmVCYWNrZWRQa2lTZXJ2aWNlMB4XDTIwMDIxOTE0MDMxNVoXDTIwMDUx
+OTEzMDMxNVowMjEdMBsGA1UEAwwUaW50LWF1dGhoYW5kbGVyLXNpZ24xETAPBgNV
+BAoMCHNvZnR3YXJlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtE1v
+1J54suM3VR17mTO5OKrCBeDP6a2dQswhMmUNO6i1l4eXNbtBvMj7k0mnc4yLLZxQ
+P0cosjT1kNkOvSNCQcSI+869EOdU4QDCreGLss9a84ZNf/X3ioq/2PYTLOJSMkDQ
+qLMHUVawwPYw+ZyUHaY7G0AwX5Gj1gMadfWVMDPAo5OT9WntpqG1850yO0aUMBaF
+GSE9RrWVmL1+d2qHqh/pAwq6DQEtbKCl18t1zQfLZvumnQfF930KB2IkLaq6wRTW
+IRdwte20PfVmEloAOdegXqUX59rkq6+5CaXfIsN+4Vkb12n2ArZwI/EFjgRdtGYj
+CmuySDorynSHrCO934/LHjZtdJPFbg5/4CTXpI1aInum4uqDuq6xoL+ns4hk8kkD
+9H9Pj5MYyjUc51+450ylOwLmGkqNDJBh3ecnH76NIoKviR3KlBaj0bSlnoV5Kl8H
+bfnXQD98BH+YLeULrD3XWVjirOWPdfdNKcInpuXrdTZ/GvyGL5T/63mtEWiWysfP
+Gw4+9AlWNXpyLviaHfxTpC6T76qYHKHd4eltRLubrgL8gHZrJwHio98kKfVMS3Oy
+qHAEWBSWv+LveARn0RF4jlcPIL3gclrU9jxF4k5Btvdax3+if1MWVAZ9ML5263ug
+Qr11Pkbko09VqppyM484/o+mJihTWyucKdVONw8CAwEAATAKBggqhkjOPQQDAgNI
+ADBFAiBJSZqfI1kmJGy8/tRut7h2YbZWNeUA+gmFX+wJxu9ePwIhALgjht8La4AZ
+/r3t33clJW8tGRMiA8cBbxm3Ox0y7DyP</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
@@ -162,20 +165,23 @@ ANsmjI2azWiTSFjb7Ou5fnCfbeiJUP0s66m8qS4rYl9L
</ds:X509Certificate>
</ds:X509Data>
<ds:X509Data>
- <ds:X509Certificate>MIIDEzCCArqgAwIBAgIIHL62SBANl8QwCgYIKoZIzj0EAwIwIzEhMB8GA1UEAwwYS2V5c3RvcmVC
-YWNrZWRQa2lTZXJ2aWNlMB4XDTIwMDIxNzEyMzMxNloXDTIwMDUxNzExMzMxNlowMjEdMBsGA1UE
-AwwUaW50LWF1dGhoYW5kbGVyLXNpZ24xETAPBgNVBAoMCHNvZnR3YXJlMIICIjANBgkqhkiG9w0B
-AQEFAAOCAg8AMIICCgKCAgEAtVRK3ocL1aqCO+Q0OELikVbEU6tOsXGg1HCWr07YdTsu/qoRCVrB
-THF6xqgtFjBVGWkg5kFS7853Lg3peSO1K63RzXWldcgUUM8o9zTybbBI74eXcK8pug1LLAkytQ1i
-I6w166am8eoG/vTrc+TIFCDm+pyzmGcl5K8c8Gnm0k41vsMViEFgy6Oq9glts8eEUCOF3ZnL8rIv
-w4hjrGsQ+8iZPZEEuMj+rZ2iLI9bjWv6xmNKWTLSO9dm7d2kTNGLQST0XFJkmFDXjQ1jXApXkGlp
-i8igWCX3CU8jSuPLdCQ4VU/Pqr/J4uzBWBsv01vs4aqyLVZTGs23xUjJ+9I9fmn1VIfhuh6zGHq+
-jfjBfD6FhndNoPiMEpJT34h39rtF14GOlhb/I1OGjxIyMQGvT7up7p3AlPC7Lz2ylWrVWojR/cAE
-umzS6zWgRW9zmVIgC7j48EmMjkapyUWVBR7FkfdodedzSPNETRdWXr7WulSBjjj82AWmwuoDrSZd
-330g7FUZHd0D1JFUkLXOgZ1SmyFXds7fTiJGzk4XdYiS8MD07pokNDhZ7FHFGSoTHB8u4fvG2r0u
-6tvLRBRkv/3wzDcTcPbEa9Z1JQ3Qh+/aJQmaQMMnE9m4msW4GqTGBoshss8FW1EvUi7JAh4EvXJJ
-bhNQmfwU5wBD6WbPsURo7i0CAwEAATAKBggqhkjOPQQDAgNHADBEAiAyb9SMaC7U/HY//YcfjcR0
-j0/DL+9ckFNMvdw0IUq3yAIgEtWkYQrh5Oog7DmVJv0z/C1qPzcjfzDwJI4AlF7IfO4=</ds:X509Certificate>
+ <ds:X509Certificate>MIIDFDCCArqgAwIBAgIIFy4Oe7D+zq8wCgYIKoZIzj0EAwIwIzEhMB8GA1UEAwwY
+S2V5c3RvcmVCYWNrZWRQa2lTZXJ2aWNlMB4XDTIwMDIxOTE0MDMxNVoXDTIwMDUx
+OTEzMDMxNVowMjEdMBsGA1UEAwwUaW50LWF1dGhoYW5kbGVyLXNpZ24xETAPBgNV
+BAoMCHNvZnR3YXJlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtE1v
+1J54suM3VR17mTO5OKrCBeDP6a2dQswhMmUNO6i1l4eXNbtBvMj7k0mnc4yLLZxQ
+P0cosjT1kNkOvSNCQcSI+869EOdU4QDCreGLss9a84ZNf/X3ioq/2PYTLOJSMkDQ
+qLMHUVawwPYw+ZyUHaY7G0AwX5Gj1gMadfWVMDPAo5OT9WntpqG1850yO0aUMBaF
+GSE9RrWVmL1+d2qHqh/pAwq6DQEtbKCl18t1zQfLZvumnQfF930KB2IkLaq6wRTW
+IRdwte20PfVmEloAOdegXqUX59rkq6+5CaXfIsN+4Vkb12n2ArZwI/EFjgRdtGYj
+CmuySDorynSHrCO934/LHjZtdJPFbg5/4CTXpI1aInum4uqDuq6xoL+ns4hk8kkD
+9H9Pj5MYyjUc51+450ylOwLmGkqNDJBh3ecnH76NIoKviR3KlBaj0bSlnoV5Kl8H
+bfnXQD98BH+YLeULrD3XWVjirOWPdfdNKcInpuXrdTZ/GvyGL5T/63mtEWiWysfP
+Gw4+9AlWNXpyLviaHfxTpC6T76qYHKHd4eltRLubrgL8gHZrJwHio98kKfVMS3Oy
+qHAEWBSWv+LveARn0RF4jlcPIL3gclrU9jxF4k5Btvdax3+if1MWVAZ9ML5263ug
+Qr11Pkbko09VqppyM484/o+mJihTWyucKdVONw8CAwEAATAKBggqhkjOPQQDAgNI
+ADBFAiBJSZqfI1kmJGy8/tRut7h2YbZWNeUA+gmFX+wJxu9ePwIhALgjht8La4AZ
+/r3t33clJW8tGRMiA8cBbxm3Ox0y7DyP</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/spring/test_eaaf_core.beans.xml b/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/spring/test_eaaf_core.beans.xml
index 5e3f0b9b..0c421356 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/spring/test_eaaf_core.beans.xml
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/spring/test_eaaf_core.beans.xml
@@ -10,16 +10,12 @@
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+ <!-- import resource="classpath:/spring/eaaf_utils.beans.xml" /-->
+
<bean id="dummyVelocityGuiBuilder"
class="at.gv.egiz.eaaf.core.impl.idp.module.gui.DummyVelocityGuiFormBuilder" />
<bean id="dummyGuiBuilderConfigFactory"
class="at.gv.egiz.eaaf.core.impl.idp.module.gui.DummyGuiBuilderConfigurationFactory" />
- <bean id="httpClientFactory"
- class="at.gv.egiz.eaaf.core.impl.utils.HttpClientFactory" />
-
- <bean id="eaafKeyStoreFactory"
- class="at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory" />
-
</beans> \ No newline at end of file
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummyPvpConfiguration.java b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummyPvpConfiguration.java
index d9cb251c..c5fc0f13 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummyPvpConfiguration.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummyPvpConfiguration.java
@@ -2,14 +2,18 @@ package at.gv.egiz.eaaf.modules.pvp2.idp.test.dummy;
import java.util.List;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
import at.gv.egiz.eaaf.modules.pvp2.api.IPvp2BasicConfiguration;
import org.opensaml.saml.saml2.metadata.ContactPerson;
import org.opensaml.saml.saml2.metadata.Organization;
+import org.springframework.beans.factory.annotation.Autowired;
public class DummyPvpConfiguration implements IPvp2BasicConfiguration {
+ @Autowired private IConfiguration basicConfig;
+
@Override
public String getIdpEntityId(String authUrl) throws EaafException {
return authUrl + "/idp";
@@ -40,4 +44,9 @@ public class DummyPvpConfiguration implements IPvp2BasicConfiguration {
return null;
}
+ @Override
+ public IConfiguration getBasicConfiguration() {
+ return basicConfig;
+ }
+
}
diff --git a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java
index 53d9d9e8..b12a5913 100644
--- a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java
+++ b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java
@@ -28,6 +28,7 @@ import java.util.List;
import java.util.Map;
import java.util.Set;
+import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions;
import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AssertionAttributeExtractorExeption;
@@ -52,14 +53,19 @@ public class AssertionAttributeExtractor {
private final Map<String, List<String>> attributs = new HashMap<>();
// private PersonalAttributeList storkAttributes = new PersonalAttributeList();
+ @Deprecated
private final List<String> minimalMdsAttributeNamesList =
Arrays.asList(PvpConstants.PRINCIPAL_NAME_NAME, PvpConstants.GIVEN_NAME_NAME,
PvpConstants.BIRTHDATE_NAME, PvpConstants.BPK_NAME);
+ @Deprecated
private final List<String> minimalIdlAttributeNamesList =
Arrays.asList(PvpConstants.EID_IDENTITY_LINK_NAME, PvpConstants.EID_SOURCE_PIN_NAME,
PvpConstants.EID_SOURCE_PIN_TYPE_NAME);
+ private final List<String> minimalEidAttributeNamesList =
+ Arrays.asList(ExtendedPvpAttributeDefinitions.EID_EIDBIND_NAME);
+
/**
* Parse the SAML2 Response element and extracts included information. <br>
* <br>
@@ -128,8 +134,9 @@ public class AssertionAttributeExtractor {
* @return
*/
public boolean containsAllRequiredAttributes() {
- return containsAllRequiredAttributes(minimalMdsAttributeNamesList)
- || containsAllRequiredAttributes(minimalIdlAttributeNamesList);
+ return containsAllRequiredAttributes(minimalEidAttributeNamesList)
+ || containsAllRequiredAttributes(minimalIdlAttributeNamesList)
+ || containsAllRequiredAttributes(minimalMdsAttributeNamesList);
}
@@ -300,6 +307,25 @@ public class AssertionAttributeExtractor {
}
/**
+ * Get the Assertion issuing date.
+ *
+ * <p>
+ * This method returns value of SAML 'Conditions' element.
+ * </p>
+ *
+ * @return Date, when the SAML2 assertion was issued, otherwise null
+ */
+ public Date getAssertionIssuingDate() {
+ try {
+ return getFullAssertion().getIssueInstant().toDate();
+
+ } catch (final NullPointerException e) {
+ return null;
+
+ }
+ }
+
+ /**
* Get the Assertion validFrom period.
*
* <p>
@@ -316,7 +342,6 @@ public class AssertionAttributeExtractor {
return null;
}
-
}
private AuthnStatement getAuthnStatement() throws AssertionAttributeExtractorExeption {