diff options
author | Thomas <> | 2022-01-19 19:05:58 +0100 |
---|---|---|
committer | Thomas <> | 2022-01-19 19:05:58 +0100 |
commit | e123bad9e4c49102ef7a4d98396c0e252e2b4759 (patch) | |
tree | d4719e5c9139b3bd20e7487f1996debbae5f0b87 | |
parent | caeea7aceea23e5ac74c74b55ffe416814e3a778 (diff) | |
download | EAAF-Components-e123bad9e4c49102ef7a4d98396c0e252e2b4759.tar.gz EAAF-Components-e123bad9e4c49102ef7a4d98396c0e252e2b4759.tar.bz2 EAAF-Components-e123bad9e4c49102ef7a4d98396c0e252e2b4759.zip |
test(core): add extension of 'AuthenticatedEncryptionPendingRequestIdGenerationStrategy' that allows generation of already expired tokens
4 files changed, 115 insertions, 59 deletions
diff --git a/eaaf_core/src/test/resources/SpringTest-context_authManager.xml b/eaaf_core/src/test/resources/SpringTest-context_authManager.xml index d7b148d0..faec351d 100644 --- a/eaaf_core/src/test/resources/SpringTest-context_authManager.xml +++ b/eaaf_core/src/test/resources/SpringTest-context_authManager.xml @@ -9,43 +9,7 @@ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> - <import resource="classpath:/spring/eaaf_utils.beans.xml"/> - - <bean id="TestAuthenticationDataBuilder" - class="at.gv.egiz.eaaf.core.impl.idp.auth.TestAuthenticationDataBuilder" /> - - <bean id="dummyAuthManager" - class="at.gv.egiz.eaaf.core.impl.idp.auth.DummyAuthManager" /> - - <bean id="dummyRevisionLogger" - class="at.gv.egiz.eaaf.core.impl.logging.DummyRevisionsLogger" /> - - <bean id="DummyProtocolAuthService" - class="at.gv.egiz.eaaf.core.impl.idp.module.test.DummyProtocolAuthService" /> - - <bean id="DummyTransactionStorage" - class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.DummyTransactionStorage" /> - - <bean id="DummyStatusMessager" - class="at.gv.egiz.eaaf.core.impl.logging.DummyStatusMessager" /> - - <bean id="springElAwareExpressionEvaluator" - class="at.gv.egiz.eaaf.core.impl.idp.process.spring.SpringExpressionEvaluator" /> - - <bean id="processEngine" - class="at.gv.egiz.eaaf.core.impl.idp.process.ProcessEngineImpl"> - <property name="transitionConditionExpressionEvaluator" - ref="springElAwareExpressionEvaluator" /> - </bean> - - <bean id="moduleRegistration" - class="at.gv.egiz.eaaf.core.impl.idp.auth.modules.ModuleRegistration" /> - - <bean id="ProcessInstanceStoreage" - class="at.gv.egiz.eaaf.core.impl.idp.process.dao.ProcessInstanceStoreDaoImpl" /> - - <bean id="RequestStorage" - class="at.gv.egiz.eaaf.core.impl.idp.auth.RequestStorage" /> + <import resource="classpath:/SpringTest-context_authManager_without_pendingReqGeneration.xml"/> <bean id="simplePendingRequestIdGenerationStrategy" class="at.gv.egiz.eaaf.core.impl.utils.SimplePendingRequestIdGenerationStrategy" /> diff --git a/eaaf_core/src/test/resources/SpringTest-context_authManager_without_pendingReqGeneration.xml b/eaaf_core/src/test/resources/SpringTest-context_authManager_without_pendingReqGeneration.xml new file mode 100644 index 00000000..5ed5dde8 --- /dev/null +++ b/eaaf_core/src/test/resources/SpringTest-context_authManager_without_pendingReqGeneration.xml @@ -0,0 +1,50 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <import resource="classpath:/spring/eaaf_utils.beans.xml"/> + + <bean id="TestAuthenticationDataBuilder" + class="at.gv.egiz.eaaf.core.impl.idp.auth.TestAuthenticationDataBuilder" /> + + <bean id="dummyAuthManager" + class="at.gv.egiz.eaaf.core.impl.idp.auth.DummyAuthManager" /> + + <bean id="dummyRevisionLogger" + class="at.gv.egiz.eaaf.core.impl.logging.DummyRevisionsLogger" /> + + <bean id="DummyProtocolAuthService" + class="at.gv.egiz.eaaf.core.impl.idp.module.test.DummyProtocolAuthService" /> + + <bean id="DummyTransactionStorage" + class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.DummyTransactionStorage" /> + + <bean id="DummyStatusMessager" + class="at.gv.egiz.eaaf.core.impl.logging.DummyStatusMessager" /> + + <bean id="springElAwareExpressionEvaluator" + class="at.gv.egiz.eaaf.core.impl.idp.process.spring.SpringExpressionEvaluator" /> + + <bean id="processEngine" + class="at.gv.egiz.eaaf.core.impl.idp.process.ProcessEngineImpl"> + <property name="transitionConditionExpressionEvaluator" + ref="springElAwareExpressionEvaluator" /> + </bean> + + <bean id="moduleRegistration" + class="at.gv.egiz.eaaf.core.impl.idp.auth.modules.ModuleRegistration" /> + + <bean id="ProcessInstanceStoreage" + class="at.gv.egiz.eaaf.core.impl.idp.process.dao.ProcessInstanceStoreDaoImpl" /> + + <bean id="RequestStorage" + class="at.gv.egiz.eaaf.core.impl.idp.auth.RequestStorage" /> + +</beans> diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java index ca1db67d..cbf2be5a 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java @@ -80,31 +80,13 @@ public class AuthenticatedEncryptionPendingRequestIdGenerationStrategy @Override public String generateExternalPendingRequestId() throws EaafException { try { - final String toSign = buildInternalToken(Random.nextLongRandom(), DateTime.now()); - JsonWebEncryption encToken = new JsonWebEncryption(); - encToken.setAlgorithmHeaderValue(selectKeyWrappingAlgorithm(key.getFirst())); - encToken.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_GCM); - encToken.setKey(key.getFirst()); - encToken.setPayload(toSign); - - - - if (key.getSecond() != null) { - final ProviderContext providerCtx = new ProviderContext(); - providerCtx.getSuppliedKeyProviderContext().setSignatureProvider( - key.getSecond().getName()); - encToken.setProviderContext(providerCtx); - - } - - return Base64.getUrlEncoder() - .encodeToString(encToken.getCompactSerialization().getBytes(StandardCharsets.UTF_8)); - + final String toSign = buildInternalToken(Random.nextLongRandom(), DateTime.now()); + return encryptAndEncodeToken(toSign); + } catch (final JoseException e) { throw new EaafException("internal.pendingreqid.02", new Object[] { e.getMessage() }, e); } - } @Override @@ -272,9 +254,30 @@ public class AuthenticatedEncryptionPendingRequestIdGenerationStrategy } - private String buildInternalToken(final String internalPendingReqId, final DateTime now) { + protected String buildInternalToken(final String internalPendingReqId, final DateTime now) { return new StringBuilder().append(TOKEN_TEXTUAL_DATE_FORMAT.print(now)).append(TOKEN_SEPARATOR) .append(internalPendingReqId).toString(); + + } + + protected String encryptAndEncodeToken(String token) throws JoseException { + JsonWebEncryption encToken = new JsonWebEncryption(); + encToken.setAlgorithmHeaderValue(selectKeyWrappingAlgorithm(key.getFirst())); + encToken.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_GCM); + encToken.setKey(key.getFirst()); + encToken.setPayload(token); + + if (key.getSecond() != null) { + final ProviderContext providerCtx = new ProviderContext(); + providerCtx.getSuppliedKeyProviderContext().setSignatureProvider( + key.getSecond().getName()); + encToken.setProviderContext(providerCtx); + + } + + return Base64.getUrlEncoder() + .encodeToString(encToken.getCompactSerialization().getBytes(StandardCharsets.UTF_8)); + } } diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/TestAuthenticatedEncryptionPendingRequestIdGenerationStrategy.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/TestAuthenticatedEncryptionPendingRequestIdGenerationStrategy.java new file mode 100644 index 00000000..0ec9446c --- /dev/null +++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/TestAuthenticatedEncryptionPendingRequestIdGenerationStrategy.java @@ -0,0 +1,39 @@ +package at.gv.egiz.eaaf.core.test.utils; + +import org.joda.time.DateTime; +import org.jose4j.lang.JoseException; + +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.utils.AuthenticatedEncryptionPendingRequestIdGenerationStrategy; +import at.gv.egiz.eaaf.core.impl.utils.Random; + +/** + * {@link AuthenticatedEncryptionPendingRequestIdGenerationStrategy} with special methodes for software testing. + * + * @author tlenz + * + */ +public class TestAuthenticatedEncryptionPendingRequestIdGenerationStrategy extends + AuthenticatedEncryptionPendingRequestIdGenerationStrategy { + + /** + * Generate a new pendingRequestId with a specific timestamp. + * + * <p>This method is only for software testing to generate expired pendingRequestId's</p> + * + * @param timestamp Timestamp on which this pendingRequestId was generated + * @return pendingRequestId + * @throws EaafException In case of an error + */ + public String generateExternalPendingRequestId(DateTime timestamp) throws EaafException { + try { + final String toSign = buildInternalToken(Random.nextLongRandom(),timestamp); + return encryptAndEncodeToken(toSign); + + } catch (final JoseException e) { + throw new EaafException("internal.pendingreqid.02", new Object[] { e.getMessage() }, e); + + } + } + +} |