diff options
author | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-02-20 09:43:03 +0100 |
---|---|---|
committer | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-02-20 09:43:03 +0100 |
commit | a57a2ed851b818456421f3ce082dc6813da6b736 (patch) | |
tree | b4c9c4c9f7c317ff3f0686d7427366203bdd9347 | |
parent | 9e26dd0833cd3a6bfb6f15cc11727cdc8e14d260 (diff) | |
download | EAAF-Components-a57a2ed851b818456421f3ce082dc6813da6b736.tar.gz EAAF-Components-a57a2ed851b818456421f3ce082dc6813da6b736.tar.bz2 EAAF-Components-a57a2ed851b818456421f3ce082dc6813da6b736.zip |
add two jUnit test and CodeStyle modifications
34 files changed, 385 insertions, 206 deletions
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java index f5c687f1..8f87cbfa 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java @@ -26,17 +26,6 @@ import java.util.ArrayList; import java.util.Collection; import java.util.Map.Entry; -import org.apache.commons.lang3.StringUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.lang.NonNull; -import org.springframework.util.Assert; -import org.springframework.util.Base64Utils; -import org.w3c.dom.DOMException; -import org.w3c.dom.Element; -import org.w3c.dom.Node; - import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; @@ -60,6 +49,17 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; import at.gv.egiz.eaaf.core.impl.utils.XPathUtils; +import org.apache.commons.lang3.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.lang.NonNull; +import org.springframework.util.Assert; +import org.springframework.util.Base64Utils; +import org.w3c.dom.DOMException; +import org.w3c.dom.Element; +import org.w3c.dom.Node; + public abstract class AbstractAuthenticationDataBuilder implements IAuthenticationDataBuilder { private static final Logger log = LoggerFactory.getLogger(AbstractAuthenticationDataBuilder.class); @@ -145,10 +145,11 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati * @param authProcessData Authentication information holder from current pending * request * @param pendingReq current pending request + * @throws EaafAuthenticationException In case inconsistent authentication data */ private void buildInternalAuthDataGeneric(@NonNull final IAuthData authData, @NonNull final IAuthProcessDataContainer authProcessData, - @NonNull final IRequest pendingReq) { + @NonNull final IRequest pendingReq) throws EaafAuthenticationException { Assert.notNull(pendingReq, "PendingRequest is null"); Assert.notNull(authData, "AuthData is null"); Assert.notNull(authProcessData, "AuthProcessData is null"); @@ -227,9 +228,10 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati * @param authData Current authentication data * @param authProcessData Authentication information holder from current pending * request + * @throws EaafAuthenticationException In case inconsistent authentication data */ private void setCitizenCountryCode(final AuthenticationData authData, - final IAuthProcessDataContainer authProcessData) { + final IAuthProcessDataContainer authProcessData) throws EaafAuthenticationException { includedToGenericAuthData.remove(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME); final String pvpCccAttr = authProcessData .getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class); @@ -239,8 +241,9 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati } else { if (authData.isForeigner()) { - // TODO: - log.warn("Foreign citizen country NOT set yet!"); + log.warn("EID_Issuing_Nation NOT SET for foreign citizen."); + throw new EaafAuthenticationException("builder.11", + new Object[] { "EID_Issuing_Nation NOT SET for foreign citizen." }); } else { authData.setCiticenCountryCode(basicConfig.getBasicConfiguration( @@ -324,7 +327,7 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati protected void generateDeprecatedBasicAuthData(final AuthenticationData authData, final IRequest pendingReq, final IAuthProcessDataContainer authProcessData) throws EaafBuilderException, EaafConfigurationException, XPathException, DOMException, - EaafParserException { + EaafParserException, EaafAuthenticationException { if (authProcessData.getGenericSessionDataStorage() != null && !authProcessData.getGenericSessionDataStorage().isEmpty()) { diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/AuthProcessDataWrapper.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/AuthProcessDataWrapper.java index a6017789..988a78b6 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/AuthProcessDataWrapper.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/AuthProcessDataWrapper.java @@ -19,13 +19,11 @@ package at.gv.egiz.eaaf.core.impl.idp.auth.data; +import java.text.SimpleDateFormat; import java.util.Date; import java.util.HashMap; import java.util.Map; - -import org.apache.commons.lang3.StringUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; +import java.util.TimeZone; import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.idp.EaafAuthProcessDataConstants; @@ -33,6 +31,10 @@ import at.gv.egiz.eaaf.core.api.idp.auth.data.IAuthProcessDataContainer; import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; +import org.apache.commons.lang3.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + public class AuthProcessDataWrapper implements IAuthProcessDataContainer, EaafAuthProcessDataConstants { private static final Logger log = LoggerFactory.getLogger(AuthProcessDataWrapper.class); @@ -72,6 +74,19 @@ public class AuthProcessDataWrapper * (non-Javadoc) * * @see + * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#setIssueInstant( + * java.lang.String) + */ + @Override + public void setIssueInstant(final Date issueInstant) { + authProcessData.put(VALUE_ISSUEINSTANT, buildDateTimeUtc(issueInstant)); + + } + + /* + * (non-Javadoc) + * + * @see * at.gv.egovernment.moa.id.auth.data.IAuthenticationSession#isAuthenticated() */ @Override @@ -305,4 +320,18 @@ public class AuthProcessDataWrapper } } + + /** + * Builds a <code>dateTime</code> value in UTC from a <code>Calendar</code> value. + * + * @param date the <code>Calendar</code> value + * @return the <code>dateTime</code> value + */ + public static String buildDateTimeUtc(final Date date) { + + final SimpleDateFormat f = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'"); + f.setTimeZone(TimeZone.getTimeZone("UTC")); + + return f.format(date.getTime()); + } } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java index 07fc652a..5110d2bf 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java @@ -32,13 +32,6 @@ import java.util.UUID; import javax.annotation.Nonnull; import javax.servlet.http.HttpServletRequest; -import org.apache.commons.lang3.StringUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.lang.NonNull; -import org.springframework.lang.Nullable; -import org.springframework.util.Assert; - import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.idp.IConfiguration; @@ -52,12 +45,21 @@ import at.gv.egiz.eaaf.core.impl.utils.HttpUtils; import at.gv.egiz.eaaf.core.impl.utils.Random; import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils; +import org.apache.commons.lang3.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.lang.NonNull; +import org.springframework.lang.Nullable; +import org.springframework.util.Assert; + public abstract class RequestImpl implements IRequest, Serializable { private static final Logger log = LoggerFactory.getLogger(RequestImpl.class); public static final String DATAID_REQUESTER_IP_ADDRESS = "reqestImpl_requesterIPAddr"; + private static final String ERROR_CODE_INTERNAL_00 = "eaaf.core.00"; + private static final long serialVersionUID = 1L; private String module = null; @@ -143,14 +145,14 @@ public abstract class RequestImpl implements IRequest, Serializable { } catch (final MalformedURLException e) { log.error("IDP AuthenticationServiceURL Prefix is not a valid URL." + authUrlString, e); - throw new EaafAuthenticationException("errorId", new Object[] { authUrlString }, e); + throw new EaafAuthenticationException(ERROR_CODE_INTERNAL_00, new Object[] { authUrlString }, e); } this.idpAuthUrl = authConfig.validateIdpUrl(authReqUrl); if (this.idpAuthUrl == null) { log.warn( "Extract AuthenticationServiceURL: " + authReqUrl + " is NOT found in configuration."); - throw new EaafAuthenticationException("errorId", new Object[] { authUrlString }); + throw new EaafAuthenticationException(ERROR_CODE_INTERNAL_00, new Object[] { authUrlString }); } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/logging/EaafCoreMessageSource.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/logging/EaafCoreMessageSource.java new file mode 100644 index 00000000..852c65b1 --- /dev/null +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/logging/EaafCoreMessageSource.java @@ -0,0 +1,16 @@ +package at.gv.egiz.eaaf.core.impl.logging; + +import java.util.Arrays; +import java.util.List; + +import at.gv.egiz.eaaf.core.api.logging.IMessageSourceLocation; + +public class EaafCoreMessageSource implements IMessageSourceLocation { + + @Override + public List<String> getMessageSourceLocation() { + return Arrays.asList("classpath:messages/eaaf_core_messages"); + + } + +} diff --git a/eaaf_core/src/main/resources/eaaf_core.beans.xml b/eaaf_core/src/main/resources/eaaf_core.beans.xml index 9806664c..5b1962cf 100644 --- a/eaaf_core/src/main/resources/eaaf_core.beans.xml +++ b/eaaf_core/src/main/resources/eaaf_core.beans.xml @@ -13,8 +13,8 @@ <import resource="classpath:/spring/eaaf_utils.beans.xml"/> - <bean id="httpClientFactory" - class="at.gv.egiz.eaaf.core.impl.utils.HttpClientFactory" /> + <bean id="eaafCoreMessageSource" + class="at.gv.egiz.eaaf.core.impl.logging.EaafCoreMessageSource" /> <bean id="ProtocolFinalizationController" class="at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController" /> diff --git a/eaaf_core/src/main/resources/messages/eaaf_core_messages.properties b/eaaf_core/src/main/resources/messages/eaaf_core_messages.properties new file mode 100644 index 00000000..5a508ccf --- /dev/null +++ b/eaaf_core/src/main/resources/messages/eaaf_core_messages.properties @@ -0,0 +1,4 @@ +eaaf.core.00=Requested URL: {0} is NOT allowed by configuration. + + + diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/EaafCoreMessageSourceTest.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/EaafCoreMessageSourceTest.java new file mode 100644 index 00000000..a354b873 --- /dev/null +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/EaafCoreMessageSourceTest.java @@ -0,0 +1,41 @@ +package at.gv.egiz.eaaf.core.impl.idp.auth; + +import java.util.List; + +import at.gv.egiz.eaaf.core.api.logging.IMessageSourceLocation; + +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.core.io.Resource; +import org.springframework.core.io.ResourceLoader; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ "/eaaf_core.beans.xml", + "/SpringTest-context_eaaf_core.xml", + "/SpringTest-context_authManager.xml"}) +public class EaafCoreMessageSourceTest { + + @Autowired + private ResourceLoader loader; + @Autowired(required = false) + private List<IMessageSourceLocation> messageSources; + + @Test + public void checkMessageSources() { + Assert.assertNotNull("No messageSource", messageSources); + + for (final IMessageSourceLocation messageSource : messageSources) { + Assert.assertNotNull("No sourcePath", messageSource.getMessageSourceLocation()); + + for (final String el : messageSource.getMessageSourceLocation()) { + final Resource messages = loader.getResource(el + ".properties"); + Assert.assertTrue("Source not exist", messages.exists()); + + } + } + } +} diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java index dd3976dd..e295d69a 100644 --- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java @@ -22,8 +22,7 @@ public class DummyConfiguration implements IConfigurationWithSP { @Override public String getBasicConfiguration(final String key, final String defaultValue) { - // TODO Auto-generated method stub - return null; + return defaultValue; } @Override diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ExtendedPvpAttributeDefinitions.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ExtendedPvpAttributeDefinitions.java index f5865067..b6f602d2 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ExtendedPvpAttributeDefinitions.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/data/ExtendedPvpAttributeDefinitions.java @@ -40,4 +40,13 @@ public interface ExtendedPvpAttributeDefinitions extends PvpAttributeDefinitions String EID_ENCRYPTED_SOURCEID_TYPE_NAME = "urn:eidgvat:attributes.vsz.type"; String EID_ENCRYPTED_SOURCEID_TYPE_FRIENDLY_NAME = "vSZ-Type"; + String EID_EIDBIND_NAME = "urn:eidgvat:attributes.eidbind"; + String EID_EIDBIND_FRIENDLY_NAME = "eidBind"; + + String EID_CONSENT_SIGNED_NAME = "urn:eidgvat:attributes.consent.signed"; + String EID_CONSENT_SIGNED_FRIENDLY_NAME = "userConsent"; + + String EID_MIS_MANDATE_NAME = "urn:eidgvat:attributes.mis.mandate"; + String EID_MIS_MANDATE_FRIENDLY_NAME = "mandate"; + } diff --git a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IAuthProcessDataContainer.java b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IAuthProcessDataContainer.java index 60224ea6..6c7292ac 100644 --- a/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IAuthProcessDataContainer.java +++ b/eaaf_core_api/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IAuthProcessDataContainer.java @@ -41,6 +41,13 @@ public interface IAuthProcessDataContainer { void setIssueInstant(String issueInstant); /** + * Sets the issuing time of the AUTH-Block SAML assertion. + * + * @param issueInstant The issueInstant to set. + */ + void setIssueInstant(Date issueInstant); + + /** * Indicate if the authentication process is finished. * * @return @@ -142,7 +149,7 @@ public interface IAuthProcessDataContainer { /** * Get Timestamp when session was created. - * + * * @return the sessionCreated */ Date getSessionCreated(); @@ -178,4 +185,5 @@ public interface IAuthProcessDataContainer { * to generic session-data storage */ void setGenericDataToSession(String key, Object object) throws EaafStorageException; + } diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java index 5936e106..f69efd49 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java @@ -68,8 +68,9 @@ public class EaafKeyStoreFactory { * Get a new KeyStore based on a KeyStore configuration-object. * * @param config KeyStore configuration - * @return {@link Pair} of a new KeyStore instance and an optional {@link Provider}. If the {@link Provider} - * is not <code>null</code> this {@link KeyStore} requires a specific {@link Provider} for {@link Key} operations. + * @return {@link Pair} of a new {@link KeyStore} instance and an optional {@link Provider}. + * The {@link KeyStore} is {@link Nonnull}. If the {@link Provider} is not <code>null</code> + * this {@link KeyStore} requires a specific {@link Provider} for {@link Key} operations. * @throws EaafException In case of a KeyStore initialization error */ @Nonnull diff --git a/eaaf_core_utils/src/main/resources/spring/eaaf_utils.beans.xml b/eaaf_core_utils/src/main/resources/spring/eaaf_utils.beans.xml index 7568f423..ab631e34 100644 --- a/eaaf_core_utils/src/main/resources/spring/eaaf_utils.beans.xml +++ b/eaaf_core_utils/src/main/resources/spring/eaaf_utils.beans.xml @@ -10,11 +10,13 @@ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd" > + <bean id="eaafHttpClientFactory" + class="at.gv.egiz.eaaf.core.impl.utils.HttpClientFactory" /> + <bean id="eaafKeyStoreFactory" class="at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory" /> <bean id="eaafUtilsMessageSource" class="at.gv.egiz.eaaf.core.impl.logging.EaafUtilsMessageSource" /> - </beans>
\ No newline at end of file diff --git a/eaaf_core_utils/src/test/resources/data/hsm_facade_trust_root.crt b/eaaf_core_utils/src/test/resources/data/hsm_facade_trust_root.crt index 37fdc389..01be3821 100644 --- a/eaaf_core_utils/src/test/resources/data/hsm_facade_trust_root.crt +++ b/eaaf_core_utils/src/test/resources/data/hsm_facade_trust_root.crt @@ -1,20 +1,10 @@ -----BEGIN CERTIFICATE----- -MIIDFDCCAfygAwIBAgIEXIjqbjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARy -b290MB4XDTE5MDMxMzExMzMwMloXDTIwMDMxMjExMzMwMlowDzENMAsGA1UEAwwE -cm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKijWXfb7bvQ7CIw -FuyuPUz+aN7uBgSSnpYamtzjagacdtGR2V2OVHfjVHhw+cSoNPaEEV2x0O9A+w8F -FCatBT30l7/2scuJmrdXYlIhd17NU6HG/HKYvRYROkXrprsbdZobWqdF/zShLIvv -0bwconAu7AxwlDgNJQz2pL0e94OkCT5rZyA4HFgzJ34XynXaCMbUbVXxVk6EuNaX -hbyco0qhjOjSn7Rwk3iXp21V4vcYRVq44sG3ieU6jHq6LKmYSGJ1y0yv9ADYJwSp -jCzRbOEKe/7QVvZIyzzqjhO3SAHONuFNX0V6zPCgMCjUOgHuOIEKLJR9p0YYYocX -GBLcVuECAwEAAaN4MHYwDAYDVR0TBAUwAwEB/zA6BgNVHSMEMzAxgBQueuDUlVbB -LBjP+iRFr6lUDBh58qETpBEwDzENMAsGA1UEAwwEcm9vdIIEXIjqbjAdBgNVHQ4E -FgQULnrg1JVWwSwYz/okRa+pVAwYefIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB -CwUAA4IBAQCEYSVpiKFO7FjCqTlkxNBY7e7891dq43DfX9i/Hb/AIvZDPe/RC46t -EXd9LN7QYaXe35U5ZD1q7qmK7NoFJ9zp4D4mxA2iiBHz40GnRt+0abNdQiyw913W -s/VIElAOv0tvCw+3SwzvLRU/AVCM1weW6IUbYv/Ty5zmLBsG3do3MmVF3cqXho2m -pNaiubuaUsR8Ms1LqIr6R7Yf8MKSrgYWCOw60gj5O64RHnEJli52D+S/8Cue5GvG -ECckmgLgGsRcWfFwRqqS7+XWt8Dv8xxD5vurvcs547Hn28kSHtF2i+KYLDVH2QjN -dbO0qgEJlMPi7oGrsNjIkndrWseNrPA4 +MIIBdDCCARqgAwIBAgIEXkz1yjAKBggqhkjOPQQDAjARMQ8wDQYDVQQDDAZlY3Jv +b3QwHhcNMjAwMjE5MDg0NjAyWhcNMjEwMjE4MDg0NjAyWjARMQ8wDQYDVQQDDAZl +Y3Jvb3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS8yvpVIWbPj4E7Lr87hwQR +T9DZf9WY5LMV7gF6NKpnJ5JkEql/s7fqBVbrh8aSNo6gmfmSk4VYGhPJ+DCMzzQj +o2AwXjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFOXafzYpIOlu6BgNU+Ee +JWuJobgWMB0GA1UdDgQWBBTl2n82KSDpbugYDVPhHiVriaG4FjALBgNVHQ8EBAMC +AQYwCgYIKoZIzj0EAwIDSAAwRQIgRt/51PKL/bATuLCdib95Ika+h845Jo0G+Sbn +bzNwJAcCIQCVD1cxEBuUkKaiaLbTiNVsEjvQb6ti0TFbbQUH66jCGA== -----END CERTIFICATE----- -
\ No newline at end of file diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPvp2BasicConfiguration.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPvp2BasicConfiguration.java index 3e321c21..a54eb0b8 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPvp2BasicConfiguration.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPvp2BasicConfiguration.java @@ -24,6 +24,7 @@ import java.util.List; import javax.annotation.Nonnull; import javax.annotation.Nullable; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; import at.gv.egiz.eaaf.core.exceptions.EaafException; import org.opensaml.saml.saml2.metadata.ContactPerson; @@ -95,4 +96,14 @@ public interface IPvp2BasicConfiguration { @Nonnull Organization getIdpOrganisation() throws EaafException; + /** + * Get the basic {@link IConfiguration} object that was + * used to generate this {@link IPvp2BasicConfiguration}. + * + * @return Basic application configuration + */ + @Nonnull + IConfiguration getBasicConfiguration(); + + } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvp2MetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvp2MetadataProvider.java index 1af8db7b..2f058af8 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvp2MetadataProvider.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvp2MetadataProvider.java @@ -19,6 +19,9 @@ package at.gv.egiz.eaaf.modules.pvp2.api.metadata; +import javax.annotation.Nonnull; +import javax.annotation.Nullable; + import org.opensaml.saml.metadata.resolver.ExtendedRefreshableMetadataResolver; import org.opensaml.saml.saml2.metadata.EntityDescriptor; @@ -26,6 +29,14 @@ import net.shibboleth.utilities.java.support.resolver.ResolverException; public interface IPvp2MetadataProvider extends ExtendedRefreshableMetadataResolver { - EntityDescriptor getEntityDescriptor(String entityID) throws ResolverException; + /** + * Get a SAML2 EntityDescriptor with an EntityId from metadata provider. + * + * @param entityID Unique EntityId of the application + * @return SAML2 {@link EntityDescriptor} + * @throws ResolverException In case of an internal resolver error. + */ + @Nullable + EntityDescriptor getEntityDescriptor(@Nonnull String entityID) throws ResolverException; } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java index 902f84c7..40448b45 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java @@ -33,6 +33,13 @@ import javax.annotation.Nonnull; import javax.annotation.Nullable; import javax.naming.ConfigurationException; +import at.gv.egiz.components.spring.api.IDestroyableObject; +import at.gv.egiz.eaaf.core.api.IGarbageCollectorProcessing; +import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider; +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpAddableChainingMetadataProvider; +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider; + import org.apache.commons.lang3.StringUtils; import org.joda.time.DateTime; import org.opensaml.core.criterion.EntityIdCriterion; @@ -43,12 +50,6 @@ import org.opensaml.saml.metadata.resolver.filter.MetadataFilter; import org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver; import org.opensaml.saml.saml2.metadata.EntityDescriptor; -import at.gv.egiz.components.spring.api.IDestroyableObject; -import at.gv.egiz.eaaf.core.api.IGarbageCollectorProcessing; -import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpAddableChainingMetadataProvider; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider; import lombok.extern.slf4j.Slf4j; import net.shibboleth.utilities.java.support.annotation.constraint.NonnullElements; import net.shibboleth.utilities.java.support.component.IdentifiedComponent; @@ -486,6 +487,7 @@ public abstract class AbstractChainingMetadataProvider implements IGarbageCollec } + @Nullable private EntityDescriptor internalResolveSingle(@Nullable final CriteriaSet criteria) throws ResolverException { for (final MetadataResolver resolver : internalResolvers) { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java index c476846b..5059b1fb 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java @@ -413,8 +413,8 @@ public class Saml2Utils { * @param value Attribute value * @return */ - public static EaafRequestedAttribute generateReqAuthnAttributeSimple(final Attribute attr, - final boolean isRequired, final String value) { + public static EaafRequestedAttribute generateReqAuthnAttributeSimple( + final Attribute attr, final boolean isRequired, final String value) { final EaafRequestedAttribute requested = Saml2Utils.createSamlObject(EaafRequestedAttribute.class); requested.setName(attr.getName()); diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SchemaValidationFilter.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SchemaValidationFilter.java index 1994eba0..b9e0c37f 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SchemaValidationFilter.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SchemaValidationFilter.java @@ -39,10 +39,19 @@ public class SchemaValidationFilter implements MetadataFilter { private static SAMLSchemaBuilder schemaBuilder = new SAMLSchemaBuilder(SAML1Version.SAML_11); + /** + * XML Schema validation filter for SAML2 metadata. + * <p>Schemavalidation is active by default</p> + */ public SchemaValidationFilter() { } + /** + * XML Schema validation filter for SAML2 metadata. + * + * @param useSchemaValidation <code>true</code> XML schema validation is active, otherwise <code>false</code> + */ public SchemaValidationFilter(final boolean useSchemaValidation) { this.isActive = useSchemaValidation; } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/resources/eaaf_pvp.beans.xml b/eaaf_modules/eaaf_module_pvp2_core/src/main/resources/eaaf_pvp.beans.xml index a2b52fbc..72cf9677 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/resources/eaaf_pvp.beans.xml +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/resources/eaaf_pvp.beans.xml @@ -28,4 +28,7 @@ <bean id="PvpSoapBinding" class="at.gv.egiz.eaaf.modules.pvp2.impl.binding.SoapBinding" /> + <bean id="samlVerificationEngine" + class="at.gv.egiz.eaaf.modules.pvp2.impl.verification.SamlVerificationEngine" /> + </beans>
\ No newline at end of file diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java index 3ba4c962..5690038c 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java @@ -30,7 +30,8 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration({ "/spring/test_eaaf_core_map_config.beans.xml", - "/spring/SpringTest-context_lazy.xml" + "/spring/SpringTest-context_lazy.xml", + "/spring/eaaf_utils.beans.xml" }) public class CredentialProviderTest { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/PvpCoreMessageSourceTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/PvpCoreMessageSourceTest.java index cc15df90..b94ed8cc 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/PvpCoreMessageSourceTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/PvpCoreMessageSourceTest.java @@ -16,7 +16,8 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration({ "/spring/test_eaaf_pvp.beans.xml", -"/spring/test_eaaf_core_spring_config.beans.xml" }) +"/spring/test_eaaf_core_spring_config.beans.xml", +"/spring/eaaf_utils.beans.xml" }) @TestPropertySource(locations = { "/config/config_1.props" }) public class PvpCoreMessageSourceTest { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineTest.java index bc0084f7..64bfb8f6 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineTest.java @@ -40,7 +40,8 @@ import net.shibboleth.utilities.java.support.xml.XMLParserException; @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration({ "/spring/test_eaaf_pvp.beans.xml", - "/spring/test_eaaf_core_spring_config.beans.xml" }) + "/spring/test_eaaf_core_spring_config.beans.xml", + "/spring/eaaf_utils.beans.xml" }) @TestPropertySource(locations = { "/config/config_1.props" }) public class SamlVerificationEngineTest extends AbstractSamlVerificationEngine { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineWithHsmFacadeTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineWithHsmFacadeTest.java index 95f63003..5b06a73f 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineWithHsmFacadeTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineWithHsmFacadeTest.java @@ -12,7 +12,8 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration({ "/spring/test_eaaf_pvp.beans.xml", - "/spring/test_eaaf_core_spring_config.beans.xml" }) + "/spring/test_eaaf_core_spring_config.beans.xml", + "/spring/eaaf_utils.beans.xml" }) @TestPropertySource(locations = { "/config/config_3.props" }) public class SamlVerificationEngineWithHsmFacadeTest extends AbstractSamlVerificationEngine { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/PostBindingTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/PostBindingTest.java index 8833202a..147199a5 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/PostBindingTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/PostBindingTest.java @@ -9,6 +9,33 @@ import java.util.Map; import javax.xml.parsers.ParserConfigurationException; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.gui.DummyGuiBuilderConfigurationFactory; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.utils.DomUtils; +import at.gv.egiz.eaaf.core.impl.utils.IHttpClientFactory; +import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential; +import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface; +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider; +import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; +import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttributes; +import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException; +import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception; +import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException; +import at.gv.egiz.eaaf.modules.pvp2.exception.SamlMessageValidationException; +import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException; +import at.gv.egiz.eaaf.modules.pvp2.impl.binding.PostBinding; +import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage; +import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest; +import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileResponse; +import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; +import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; +import at.gv.egiz.eaaf.modules.pvp2.impl.validation.EaafUriCompare; +import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider; +import at.gv.egiz.eaaf.modules.pvp2.test.metadata.MetadataResolverTest; + import org.apache.commons.io.IOUtils; import org.apache.commons.lang3.RandomStringUtils; import org.joda.time.DateTime; @@ -42,32 +69,6 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.w3c.dom.Element; import org.xml.sax.SAXException; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration; -import at.gv.egiz.eaaf.core.impl.idp.module.gui.DummyGuiBuilderConfigurationFactory; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import at.gv.egiz.eaaf.core.impl.utils.DomUtils; -import at.gv.egiz.eaaf.core.impl.utils.IHttpClientFactory; -import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential; -import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider; -import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute; -import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttributes; -import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException; -import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception; -import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException; -import at.gv.egiz.eaaf.modules.pvp2.exception.SamlMessageValidationException; -import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException; -import at.gv.egiz.eaaf.modules.pvp2.impl.binding.PostBinding; -import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage; -import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest; -import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileResponse; -import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory; -import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; -import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; -import at.gv.egiz.eaaf.modules.pvp2.impl.validation.EaafUriCompare; -import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider; -import at.gv.egiz.eaaf.modules.pvp2.test.metadata.MetadataResolverTest; import net.shibboleth.utilities.java.support.net.URIComparator; import net.shibboleth.utilities.java.support.xml.SerializeSupport; import net.shibboleth.utilities.java.support.xml.XMLParserException; @@ -77,7 +78,8 @@ import okhttp3.mockwebserver.MockWebServer; @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration({"/spring/test_eaaf_pvp.beans.xml", - "/spring/test_eaaf_core_spring_config.beans.xml"}) + "/spring/test_eaaf_core_spring_config.beans.xml", + "/spring/eaaf_utils.beans.xml"}) @TestPropertySource(locations = {"/config/config_1.props"}) public class PostBindingTest { @@ -162,7 +164,7 @@ public class PostBindingTest { } } - + @Test public void decodeRequestWrongEndpoint() throws MessageDecodingException, SecurityException, IOException, Pvp2MetadataException { @@ -363,13 +365,13 @@ public class PostBindingTest { XMLObjectProviderRegistrySupport.getParserPool(), PostBindingTest.class.getResourceAsStream("/data/eIDAS_connector_authn.xml")); authnReq.setIssueInstant(DateTime.now()); - Issuer issuer = Saml2Utils.createSamlObject(Issuer.class); + final Issuer issuer = Saml2Utils.createSamlObject(Issuer.class); issuer.setValue("https://demo.egiz.gv.at/demoportal_demologin/"); authnReq.setIssuer(issuer); - - RequestAbstractType signedAuthn = Saml2Utils.signSamlObject(authnReq, credentialProvider.getMessageSigningCredential(), true); - Element signedElement = XMLObjectSupport.getMarshaller(signedAuthn).marshall(signedAuthn); - final String b64AuthnReq = + + final RequestAbstractType signedAuthn = Saml2Utils.signSamlObject(authnReq, credentialProvider.getMessageSigningCredential(), true); + final Element signedElement = XMLObjectSupport.getMarshaller(signedAuthn).marshall(signedAuthn); + final String b64AuthnReq = Base64.getEncoder().encodeToString(SerializeSupport.nodeToString(signedElement).getBytes("UTF-8")); httpReq.setMethod("POST"); httpReq.addParameter("SAMLRequest", b64AuthnReq); @@ -391,35 +393,35 @@ public class PostBindingTest { Assert.assertNotNull("EntityId is null", msg.getEntityID()); Assert.assertEquals("EntityId not match", "https://demo.egiz.gv.at/demoportal_demologin/", msg.getEntityID()); Assert.assertTrue("Wrong isVerified flag", msg.isVerified()); - + org.springframework.util.Assert.isInstanceOf(PvpSProfileRequest.class, msg, "Inbound message is of wrong type"); - org.springframework.util.Assert.isInstanceOf(AuthnRequest.class, ((PvpSProfileRequest)msg).getSamlRequest(), + org.springframework.util.Assert.isInstanceOf(AuthnRequest.class, ((PvpSProfileRequest)msg).getSamlRequest(), "Inbound message is of wrong type"); - - AuthnRequest parsedAuthnReq = (AuthnRequest)((PvpSProfileRequest)msg).getSamlRequest(); + + final AuthnRequest parsedAuthnReq = (AuthnRequest)((PvpSProfileRequest)msg).getSamlRequest(); Assert.assertNotNull("No extension", parsedAuthnReq.getExtensions()); Assert.assertNotNull("No extension child", parsedAuthnReq.getExtensions().getUnknownXMLObjects()); Assert.assertEquals("extension child size", 1, parsedAuthnReq.getExtensions().getUnknownXMLObjects().size()); - - XMLObject reqAttrs = parsedAuthnReq.getExtensions().getUnknownXMLObjects().get(0); + + final XMLObject reqAttrs = parsedAuthnReq.getExtensions().getUnknownXMLObjects().get(0); org.springframework.util.Assert.isInstanceOf(EaafRequestedAttributes.class, reqAttrs, "Wrong requested Attributes type"); - EaafRequestedAttributes eaafReqAttrs = (EaafRequestedAttributes) reqAttrs; + final EaafRequestedAttributes eaafReqAttrs = (EaafRequestedAttributes) reqAttrs; Assert.assertNotNull("Req attr is null", eaafReqAttrs.getAttributes()); Assert.assertFalse("Req attr is empty", eaafReqAttrs.getAttributes().isEmpty()); Assert.assertEquals("Req attr size", 1, eaafReqAttrs.getAttributes().size()); - - EaafRequestedAttribute eaafReqAttr = eaafReqAttrs.getAttributes().get(0); + + final EaafRequestedAttribute eaafReqAttr = eaafReqAttrs.getAttributes().get(0); Assert.assertNotNull("Req Attibute is null", eaafReqAttr); Assert.assertEquals("Req. Attr. Friendlyname", "EID-SECTOR-FOR-IDENTIFIER", eaafReqAttr.getFriendlyName()); Assert.assertEquals("Req. Attr. Name", "urn:oid:1.2.40.0.10.2.1.1.261.34", eaafReqAttr.getName()); - + Assert.assertEquals("Req. Attr. Value size", 1, eaafReqAttr.getAttributeValues().size()); - org.springframework.util.Assert.isInstanceOf(XSString.class, eaafReqAttr.getAttributeValues().get(0), + org.springframework.util.Assert.isInstanceOf(XSString.class, eaafReqAttr.getAttributeValues().get(0), "Wrong requested Attributes Value type"); Assert.assertEquals("Req. Attr. Value", "urn:publicid:gv.at:cdid+BF", ((XSString)eaafReqAttr.getAttributeValues().get(0)).getValue()); - + } - + @Test public void decodeRequestSuccessWithoutRelayStateEcdsaSig() throws MessageDecodingException, SecurityException, IOException, Pvp2Exception, CredentialsNotAvailableException, XMLParserException, UnmarshallingException { @@ -446,13 +448,13 @@ public class PostBindingTest { Assert.assertNotNull("EntityId is null", msg.getEntityID()); Assert.assertEquals("EntityId not match", "https://demo.egiz.gv.at/demoportal_demologin/", msg.getEntityID()); Assert.assertTrue("Wrong isVerified flag", msg.isVerified()); - + //check if reconstraction from serialized form work well ((InboundMessage)msg).setSamlMessage(null); try { Assert.assertNotNull("AuthnReq is null", msg.getInboundMessage()); - - } catch (RuntimeException e) { } + + } catch (final RuntimeException e) { } } @@ -480,7 +482,7 @@ public class PostBindingTest { Assert.assertNotNull("EntityId is null", msg.getEntityID()); Assert.assertEquals("EntityId not match", "https://demo.egiz.gv.at/demoportal_demologin/", msg.getEntityID()); Assert.assertTrue("Wrong isVerified flag", msg.isVerified()); - + org.springframework.util.Assert.isInstanceOf(PvpSProfileResponse.class, msg, "Inbound message is of wrong type"); } diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/RedirectBindingTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/RedirectBindingTest.java index 408729e3..37e4acd1 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/RedirectBindingTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/RedirectBindingTest.java @@ -5,6 +5,25 @@ import java.net.URLDecoder; import javax.xml.parsers.ParserConfigurationException; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.utils.IHttpClientFactory; +import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; +import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential; +import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface; +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider; +import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException; +import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception; +import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException; +import at.gv.egiz.eaaf.modules.pvp2.exception.SamlMessageValidationException; +import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException; +import at.gv.egiz.eaaf.modules.pvp2.impl.binding.RedirectBinding; +import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; +import at.gv.egiz.eaaf.modules.pvp2.impl.validation.EaafUriCompare; +import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider; +import at.gv.egiz.eaaf.modules.pvp2.test.metadata.MetadataResolverTest; + import org.apache.commons.io.IOUtils; import org.apache.commons.lang3.RandomStringUtils; import org.joda.time.DateTime; @@ -29,24 +48,6 @@ import org.springframework.test.context.TestPropertySource; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.xml.sax.SAXException; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import at.gv.egiz.eaaf.core.impl.utils.IHttpClientFactory; -import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; -import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential; -import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider; -import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException; -import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception; -import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException; -import at.gv.egiz.eaaf.modules.pvp2.exception.SamlMessageValidationException; -import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException; -import at.gv.egiz.eaaf.modules.pvp2.impl.binding.RedirectBinding; -import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory; -import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; -import at.gv.egiz.eaaf.modules.pvp2.impl.validation.EaafUriCompare; -import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider; -import at.gv.egiz.eaaf.modules.pvp2.test.metadata.MetadataResolverTest; import net.shibboleth.utilities.java.support.net.URIComparator; import net.shibboleth.utilities.java.support.net.URISupport; import net.shibboleth.utilities.java.support.xml.XMLParserException; @@ -56,7 +57,8 @@ import okhttp3.mockwebserver.MockWebServer; @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration({ "/spring/test_eaaf_pvp.beans.xml", - "/spring/test_eaaf_core_spring_config.beans.xml" }) + "/spring/test_eaaf_core_spring_config.beans.xml", + "/spring/eaaf_utils.beans.xml" }) @TestPropertySource(locations = { "/config/config_1.props" }) public class RedirectBindingTest { @@ -167,7 +169,7 @@ public class RedirectBindingTest { } } - + @Test public void wrongRedirectBindingType() throws MessageDecodingException, SecurityException, IOException, Pvp2MetadataException { @@ -211,7 +213,7 @@ public class RedirectBindingTest { } } - + @Test public void decodeRequestNoSignature() throws MessageDecodingException, SecurityException, IOException, Pvp2MetadataException { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/SoapBindingTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/SoapBindingTest.java index b43f6a3e..f3a7e01d 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/SoapBindingTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/SoapBindingTest.java @@ -45,7 +45,8 @@ import net.shibboleth.utilities.java.support.xml.XMLParserException; @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration({"/spring/test_eaaf_pvp.beans.xml", - "/spring/test_eaaf_core_spring_config.beans.xml"}) + "/spring/test_eaaf_core_spring_config.beans.xml", + "/spring/eaaf_utils.beans.xml"}) @TestPropertySource(locations = {"/config/config_1.props"}) public class SoapBindingTest { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/ChainingMetadataTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/ChainingMetadataTest.java index 8e00068f..6abe52dc 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/ChainingMetadataTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/ChainingMetadataTest.java @@ -36,7 +36,8 @@ import okhttp3.mockwebserver.MockWebServer; @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration({ "/spring/test_eaaf_pvp.beans.xml", - "/spring/test_eaaf_core_spring_config.beans.xml" }) + "/spring/test_eaaf_core_spring_config.beans.xml", + "/spring/eaaf_utils.beans.xml" }) @TestPropertySource(locations = { "/config/config_1.props" }) public class ChainingMetadataTest { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataBuilderTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataBuilderTest.java index 6cf81d2b..0f8817a0 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataBuilderTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataBuilderTest.java @@ -14,6 +14,15 @@ import javax.xml.parsers.ParserConfigurationException; import javax.xml.transform.TransformerException; import javax.xml.transform.TransformerFactoryConfigurationError; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential; +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataBuilderConfiguration; +import at.gv.egiz.eaaf.modules.pvp2.api.utils.IPvp2CredentialProvider; +import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException; +import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PvpMetadataBuilder; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; +import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider; + import org.apache.commons.lang3.RandomStringUtils; import org.junit.Assert; import org.junit.BeforeClass; @@ -41,14 +50,6 @@ import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.TestPropertySource; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataBuilderConfiguration; -import at.gv.egiz.eaaf.modules.pvp2.api.utils.IPvp2CredentialProvider; -import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException; -import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PvpMetadataBuilder; -import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; -import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider; import net.shibboleth.utilities.java.support.xml.XMLParserException; @@ -57,7 +58,8 @@ import net.shibboleth.utilities.java.support.xml.XMLParserException; @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration({ "/spring/test_eaaf_pvp.beans.xml", - "/spring/test_eaaf_core_spring_config.beans.xml" }) + "/spring/test_eaaf_core_spring_config.beans.xml", + "/spring/eaaf_utils.beans.xml" }) @TestPropertySource(locations = { "/config/config_1.props" }) public class MetadataBuilderTest { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataResolverTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataResolverTest.java index bcdeb765..accdd8b0 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataResolverTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataResolverTest.java @@ -79,7 +79,8 @@ import okhttp3.mockwebserver.MockWebServer; @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration({ "/spring/test_eaaf_pvp.beans.xml", - "/spring/test_eaaf_core_spring_config.beans.xml" }) + "/spring/test_eaaf_core_spring_config.beans.xml", + "/spring/eaaf_utils.beans.xml" }) @TestPropertySource(locations = { "/config/config_1.props" }) public class MetadataResolverTest { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/hsm_facade_trust_root.crt b/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/hsm_facade_trust_root.crt index 37fdc389..01be3821 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/hsm_facade_trust_root.crt +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/hsm_facade_trust_root.crt @@ -1,20 +1,10 @@ -----BEGIN CERTIFICATE----- -MIIDFDCCAfygAwIBAgIEXIjqbjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARy -b290MB4XDTE5MDMxMzExMzMwMloXDTIwMDMxMjExMzMwMlowDzENMAsGA1UEAwwE -cm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKijWXfb7bvQ7CIw -FuyuPUz+aN7uBgSSnpYamtzjagacdtGR2V2OVHfjVHhw+cSoNPaEEV2x0O9A+w8F -FCatBT30l7/2scuJmrdXYlIhd17NU6HG/HKYvRYROkXrprsbdZobWqdF/zShLIvv -0bwconAu7AxwlDgNJQz2pL0e94OkCT5rZyA4HFgzJ34XynXaCMbUbVXxVk6EuNaX -hbyco0qhjOjSn7Rwk3iXp21V4vcYRVq44sG3ieU6jHq6LKmYSGJ1y0yv9ADYJwSp -jCzRbOEKe/7QVvZIyzzqjhO3SAHONuFNX0V6zPCgMCjUOgHuOIEKLJR9p0YYYocX -GBLcVuECAwEAAaN4MHYwDAYDVR0TBAUwAwEB/zA6BgNVHSMEMzAxgBQueuDUlVbB -LBjP+iRFr6lUDBh58qETpBEwDzENMAsGA1UEAwwEcm9vdIIEXIjqbjAdBgNVHQ4E -FgQULnrg1JVWwSwYz/okRa+pVAwYefIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB -CwUAA4IBAQCEYSVpiKFO7FjCqTlkxNBY7e7891dq43DfX9i/Hb/AIvZDPe/RC46t -EXd9LN7QYaXe35U5ZD1q7qmK7NoFJ9zp4D4mxA2iiBHz40GnRt+0abNdQiyw913W -s/VIElAOv0tvCw+3SwzvLRU/AVCM1weW6IUbYv/Ty5zmLBsG3do3MmVF3cqXho2m -pNaiubuaUsR8Ms1LqIr6R7Yf8MKSrgYWCOw60gj5O64RHnEJli52D+S/8Cue5GvG -ECckmgLgGsRcWfFwRqqS7+XWt8Dv8xxD5vurvcs547Hn28kSHtF2i+KYLDVH2QjN -dbO0qgEJlMPi7oGrsNjIkndrWseNrPA4 +MIIBdDCCARqgAwIBAgIEXkz1yjAKBggqhkjOPQQDAjARMQ8wDQYDVQQDDAZlY3Jv +b3QwHhcNMjAwMjE5MDg0NjAyWhcNMjEwMjE4MDg0NjAyWjARMQ8wDQYDVQQDDAZl +Y3Jvb3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS8yvpVIWbPj4E7Lr87hwQR +T9DZf9WY5LMV7gF6NKpnJ5JkEql/s7fqBVbrh8aSNo6gmfmSk4VYGhPJ+DCMzzQj +o2AwXjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFOXafzYpIOlu6BgNU+Ee +JWuJobgWMB0GA1UdDgQWBBTl2n82KSDpbugYDVPhHiVriaG4FjALBgNVHQ8EBAMC +AQYwCgYIKoZIzj0EAwIDSAAwRQIgRt/51PKL/bATuLCdib95Ika+h845Jo0G+Sbn +bzNwJAcCIQCVD1cxEBuUkKaiaLbTiNVsEjvQb6ti0TFbbQUH66jCGA== -----END CERTIFICATE----- -
\ No newline at end of file diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/pvp_metadata_junit_keystore_classpath_entityId.xml b/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/pvp_metadata_junit_keystore_classpath_entityId.xml index 67eed2ac..7ccd5484 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/pvp_metadata_junit_keystore_classpath_entityId.xml +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/pvp_metadata_junit_keystore_classpath_entityId.xml @@ -67,20 +67,23 @@ ANsmjI2azWiTSFjb7Ou5fnCfbeiJUP0s66m8qS4rYl9L </ds:X509Certificate> </ds:X509Data> <ds:X509Data> - <ds:X509Certificate>MIIDEzCCArqgAwIBAgIIHL62SBANl8QwCgYIKoZIzj0EAwIwIzEhMB8GA1UEAwwYS2V5c3RvcmVC -YWNrZWRQa2lTZXJ2aWNlMB4XDTIwMDIxNzEyMzMxNloXDTIwMDUxNzExMzMxNlowMjEdMBsGA1UE -AwwUaW50LWF1dGhoYW5kbGVyLXNpZ24xETAPBgNVBAoMCHNvZnR3YXJlMIICIjANBgkqhkiG9w0B -AQEFAAOCAg8AMIICCgKCAgEAtVRK3ocL1aqCO+Q0OELikVbEU6tOsXGg1HCWr07YdTsu/qoRCVrB -THF6xqgtFjBVGWkg5kFS7853Lg3peSO1K63RzXWldcgUUM8o9zTybbBI74eXcK8pug1LLAkytQ1i -I6w166am8eoG/vTrc+TIFCDm+pyzmGcl5K8c8Gnm0k41vsMViEFgy6Oq9glts8eEUCOF3ZnL8rIv -w4hjrGsQ+8iZPZEEuMj+rZ2iLI9bjWv6xmNKWTLSO9dm7d2kTNGLQST0XFJkmFDXjQ1jXApXkGlp -i8igWCX3CU8jSuPLdCQ4VU/Pqr/J4uzBWBsv01vs4aqyLVZTGs23xUjJ+9I9fmn1VIfhuh6zGHq+ -jfjBfD6FhndNoPiMEpJT34h39rtF14GOlhb/I1OGjxIyMQGvT7up7p3AlPC7Lz2ylWrVWojR/cAE -umzS6zWgRW9zmVIgC7j48EmMjkapyUWVBR7FkfdodedzSPNETRdWXr7WulSBjjj82AWmwuoDrSZd -330g7FUZHd0D1JFUkLXOgZ1SmyFXds7fTiJGzk4XdYiS8MD07pokNDhZ7FHFGSoTHB8u4fvG2r0u -6tvLRBRkv/3wzDcTcPbEa9Z1JQ3Qh+/aJQmaQMMnE9m4msW4GqTGBoshss8FW1EvUi7JAh4EvXJJ -bhNQmfwU5wBD6WbPsURo7i0CAwEAATAKBggqhkjOPQQDAgNHADBEAiAyb9SMaC7U/HY//YcfjcR0 -j0/DL+9ckFNMvdw0IUq3yAIgEtWkYQrh5Oog7DmVJv0z/C1qPzcjfzDwJI4AlF7IfO4=</ds:X509Certificate> + <ds:X509Certificate>MIIDFDCCArqgAwIBAgIIFy4Oe7D+zq8wCgYIKoZIzj0EAwIwIzEhMB8GA1UEAwwY +S2V5c3RvcmVCYWNrZWRQa2lTZXJ2aWNlMB4XDTIwMDIxOTE0MDMxNVoXDTIwMDUx +OTEzMDMxNVowMjEdMBsGA1UEAwwUaW50LWF1dGhoYW5kbGVyLXNpZ24xETAPBgNV +BAoMCHNvZnR3YXJlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtE1v +1J54suM3VR17mTO5OKrCBeDP6a2dQswhMmUNO6i1l4eXNbtBvMj7k0mnc4yLLZxQ +P0cosjT1kNkOvSNCQcSI+869EOdU4QDCreGLss9a84ZNf/X3ioq/2PYTLOJSMkDQ +qLMHUVawwPYw+ZyUHaY7G0AwX5Gj1gMadfWVMDPAo5OT9WntpqG1850yO0aUMBaF +GSE9RrWVmL1+d2qHqh/pAwq6DQEtbKCl18t1zQfLZvumnQfF930KB2IkLaq6wRTW +IRdwte20PfVmEloAOdegXqUX59rkq6+5CaXfIsN+4Vkb12n2ArZwI/EFjgRdtGYj +CmuySDorynSHrCO934/LHjZtdJPFbg5/4CTXpI1aInum4uqDuq6xoL+ns4hk8kkD +9H9Pj5MYyjUc51+450ylOwLmGkqNDJBh3ecnH76NIoKviR3KlBaj0bSlnoV5Kl8H +bfnXQD98BH+YLeULrD3XWVjirOWPdfdNKcInpuXrdTZ/GvyGL5T/63mtEWiWysfP +Gw4+9AlWNXpyLviaHfxTpC6T76qYHKHd4eltRLubrgL8gHZrJwHio98kKfVMS3Oy +qHAEWBSWv+LveARn0RF4jlcPIL3gclrU9jxF4k5Btvdax3+if1MWVAZ9ML5263ug +Qr11Pkbko09VqppyM484/o+mJihTWyucKdVONw8CAwEAATAKBggqhkjOPQQDAgNI +ADBFAiBJSZqfI1kmJGy8/tRut7h2YbZWNeUA+gmFX+wJxu9ePwIhALgjht8La4AZ +/r3t33clJW8tGRMiA8cBbxm3Ox0y7DyP</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> @@ -162,20 +165,23 @@ ANsmjI2azWiTSFjb7Ou5fnCfbeiJUP0s66m8qS4rYl9L </ds:X509Certificate> </ds:X509Data> <ds:X509Data> - <ds:X509Certificate>MIIDEzCCArqgAwIBAgIIHL62SBANl8QwCgYIKoZIzj0EAwIwIzEhMB8GA1UEAwwYS2V5c3RvcmVC -YWNrZWRQa2lTZXJ2aWNlMB4XDTIwMDIxNzEyMzMxNloXDTIwMDUxNzExMzMxNlowMjEdMBsGA1UE -AwwUaW50LWF1dGhoYW5kbGVyLXNpZ24xETAPBgNVBAoMCHNvZnR3YXJlMIICIjANBgkqhkiG9w0B -AQEFAAOCAg8AMIICCgKCAgEAtVRK3ocL1aqCO+Q0OELikVbEU6tOsXGg1HCWr07YdTsu/qoRCVrB -THF6xqgtFjBVGWkg5kFS7853Lg3peSO1K63RzXWldcgUUM8o9zTybbBI74eXcK8pug1LLAkytQ1i -I6w166am8eoG/vTrc+TIFCDm+pyzmGcl5K8c8Gnm0k41vsMViEFgy6Oq9glts8eEUCOF3ZnL8rIv -w4hjrGsQ+8iZPZEEuMj+rZ2iLI9bjWv6xmNKWTLSO9dm7d2kTNGLQST0XFJkmFDXjQ1jXApXkGlp -i8igWCX3CU8jSuPLdCQ4VU/Pqr/J4uzBWBsv01vs4aqyLVZTGs23xUjJ+9I9fmn1VIfhuh6zGHq+ -jfjBfD6FhndNoPiMEpJT34h39rtF14GOlhb/I1OGjxIyMQGvT7up7p3AlPC7Lz2ylWrVWojR/cAE -umzS6zWgRW9zmVIgC7j48EmMjkapyUWVBR7FkfdodedzSPNETRdWXr7WulSBjjj82AWmwuoDrSZd -330g7FUZHd0D1JFUkLXOgZ1SmyFXds7fTiJGzk4XdYiS8MD07pokNDhZ7FHFGSoTHB8u4fvG2r0u -6tvLRBRkv/3wzDcTcPbEa9Z1JQ3Qh+/aJQmaQMMnE9m4msW4GqTGBoshss8FW1EvUi7JAh4EvXJJ -bhNQmfwU5wBD6WbPsURo7i0CAwEAATAKBggqhkjOPQQDAgNHADBEAiAyb9SMaC7U/HY//YcfjcR0 -j0/DL+9ckFNMvdw0IUq3yAIgEtWkYQrh5Oog7DmVJv0z/C1qPzcjfzDwJI4AlF7IfO4=</ds:X509Certificate> + <ds:X509Certificate>MIIDFDCCArqgAwIBAgIIFy4Oe7D+zq8wCgYIKoZIzj0EAwIwIzEhMB8GA1UEAwwY +S2V5c3RvcmVCYWNrZWRQa2lTZXJ2aWNlMB4XDTIwMDIxOTE0MDMxNVoXDTIwMDUx +OTEzMDMxNVowMjEdMBsGA1UEAwwUaW50LWF1dGhoYW5kbGVyLXNpZ24xETAPBgNV +BAoMCHNvZnR3YXJlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtE1v +1J54suM3VR17mTO5OKrCBeDP6a2dQswhMmUNO6i1l4eXNbtBvMj7k0mnc4yLLZxQ +P0cosjT1kNkOvSNCQcSI+869EOdU4QDCreGLss9a84ZNf/X3ioq/2PYTLOJSMkDQ +qLMHUVawwPYw+ZyUHaY7G0AwX5Gj1gMadfWVMDPAo5OT9WntpqG1850yO0aUMBaF +GSE9RrWVmL1+d2qHqh/pAwq6DQEtbKCl18t1zQfLZvumnQfF930KB2IkLaq6wRTW +IRdwte20PfVmEloAOdegXqUX59rkq6+5CaXfIsN+4Vkb12n2ArZwI/EFjgRdtGYj +CmuySDorynSHrCO934/LHjZtdJPFbg5/4CTXpI1aInum4uqDuq6xoL+ns4hk8kkD +9H9Pj5MYyjUc51+450ylOwLmGkqNDJBh3ecnH76NIoKviR3KlBaj0bSlnoV5Kl8H +bfnXQD98BH+YLeULrD3XWVjirOWPdfdNKcInpuXrdTZ/GvyGL5T/63mtEWiWysfP +Gw4+9AlWNXpyLviaHfxTpC6T76qYHKHd4eltRLubrgL8gHZrJwHio98kKfVMS3Oy +qHAEWBSWv+LveARn0RF4jlcPIL3gclrU9jxF4k5Btvdax3+if1MWVAZ9ML5263ug +Qr11Pkbko09VqppyM484/o+mJihTWyucKdVONw8CAwEAATAKBggqhkjOPQQDAgNI +ADBFAiBJSZqfI1kmJGy8/tRut7h2YbZWNeUA+gmFX+wJxu9ePwIhALgjht8La4AZ +/r3t33clJW8tGRMiA8cBbxm3Ox0y7DyP</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/spring/test_eaaf_core.beans.xml b/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/spring/test_eaaf_core.beans.xml index 5e3f0b9b..0c421356 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/spring/test_eaaf_core.beans.xml +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/spring/test_eaaf_core.beans.xml @@ -10,16 +10,12 @@ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + <!-- import resource="classpath:/spring/eaaf_utils.beans.xml" /--> + <bean id="dummyVelocityGuiBuilder" class="at.gv.egiz.eaaf.core.impl.idp.module.gui.DummyVelocityGuiFormBuilder" /> <bean id="dummyGuiBuilderConfigFactory" class="at.gv.egiz.eaaf.core.impl.idp.module.gui.DummyGuiBuilderConfigurationFactory" /> - <bean id="httpClientFactory" - class="at.gv.egiz.eaaf.core.impl.utils.HttpClientFactory" /> - - <bean id="eaafKeyStoreFactory" - class="at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory" /> - </beans>
\ No newline at end of file diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummyPvpConfiguration.java b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummyPvpConfiguration.java index d9cb251c..c5fc0f13 100644 --- a/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummyPvpConfiguration.java +++ b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummyPvpConfiguration.java @@ -2,14 +2,18 @@ package at.gv.egiz.eaaf.modules.pvp2.idp.test.dummy; import java.util.List; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.modules.pvp2.api.IPvp2BasicConfiguration; import org.opensaml.saml.saml2.metadata.ContactPerson; import org.opensaml.saml.saml2.metadata.Organization; +import org.springframework.beans.factory.annotation.Autowired; public class DummyPvpConfiguration implements IPvp2BasicConfiguration { + @Autowired private IConfiguration basicConfig; + @Override public String getIdpEntityId(String authUrl) throws EaafException { return authUrl + "/idp"; @@ -40,4 +44,9 @@ public class DummyPvpConfiguration implements IPvp2BasicConfiguration { return null; } + @Override + public IConfiguration getBasicConfiguration() { + return basicConfig; + } + } diff --git a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java index 53d9d9e8..b12a5913 100644 --- a/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java +++ b/eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/utils/AssertionAttributeExtractor.java @@ -28,6 +28,7 @@ import java.util.List; import java.util.Map; import java.util.Set; +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AssertionAttributeExtractorExeption; @@ -52,14 +53,19 @@ public class AssertionAttributeExtractor { private final Map<String, List<String>> attributs = new HashMap<>(); // private PersonalAttributeList storkAttributes = new PersonalAttributeList(); + @Deprecated private final List<String> minimalMdsAttributeNamesList = Arrays.asList(PvpConstants.PRINCIPAL_NAME_NAME, PvpConstants.GIVEN_NAME_NAME, PvpConstants.BIRTHDATE_NAME, PvpConstants.BPK_NAME); + @Deprecated private final List<String> minimalIdlAttributeNamesList = Arrays.asList(PvpConstants.EID_IDENTITY_LINK_NAME, PvpConstants.EID_SOURCE_PIN_NAME, PvpConstants.EID_SOURCE_PIN_TYPE_NAME); + private final List<String> minimalEidAttributeNamesList = + Arrays.asList(ExtendedPvpAttributeDefinitions.EID_EIDBIND_NAME); + /** * Parse the SAML2 Response element and extracts included information. <br> * <br> @@ -128,8 +134,9 @@ public class AssertionAttributeExtractor { * @return */ public boolean containsAllRequiredAttributes() { - return containsAllRequiredAttributes(minimalMdsAttributeNamesList) - || containsAllRequiredAttributes(minimalIdlAttributeNamesList); + return containsAllRequiredAttributes(minimalEidAttributeNamesList) + || containsAllRequiredAttributes(minimalIdlAttributeNamesList) + || containsAllRequiredAttributes(minimalMdsAttributeNamesList); } @@ -300,6 +307,25 @@ public class AssertionAttributeExtractor { } /** + * Get the Assertion issuing date. + * + * <p> + * This method returns value of SAML 'Conditions' element. + * </p> + * + * @return Date, when the SAML2 assertion was issued, otherwise null + */ + public Date getAssertionIssuingDate() { + try { + return getFullAssertion().getIssueInstant().toDate(); + + } catch (final NullPointerException e) { + return null; + + } + } + + /** * Get the Assertion validFrom period. * * <p> @@ -316,7 +342,6 @@ public class AssertionAttributeExtractor { return null; } - } private AuthnStatement getAuthnStatement() throws AssertionAttributeExtractorExeption { |