diff options
author | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-02-05 09:02:13 +0100 |
---|---|---|
committer | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-02-05 09:02:13 +0100 |
commit | 5a1eca23a9b35541b7b1955b83b47e0af983d5dd (patch) | |
tree | ea9045f10af6ba12f02777b2b6a3ff3f7fd5557b /eaaf_modules/eaaf_module_pvp2_core/src/test/java | |
parent | e7610325ee2f1d1f4e97e1e7a9b212e692836b5a (diff) | |
download | EAAF-Components-5a1eca23a9b35541b7b1955b83b47e0af983d5dd.tar.gz EAAF-Components-5a1eca23a9b35541b7b1955b83b47e0af983d5dd.tar.bz2 EAAF-Components-5a1eca23a9b35541b7b1955b83b47e0af983d5dd.zip |
add Trusted-Certificates method to AbstractCredentialProvider
add jUnit tests for AbstractCredentialProvider
change method names in AbstractCredentialProvider
Diffstat (limited to 'eaaf_modules/eaaf_module_pvp2_core/src/test/java')
7 files changed, 532 insertions, 31 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java new file mode 100644 index 00000000..1183bb49 --- /dev/null +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java @@ -0,0 +1,477 @@ +package at.gv.egiz.eaaf.modules.pvp2.test; + +import java.security.cert.X509Certificate; +import java.util.List; + +import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyAuthConfigMap; +import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; +import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential; +import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException; +import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.BeansException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.TestPropertySource; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/spring/test_eaaf_core_spring_config.beans.xml", + "/spring/SpringTest-context_lazy.xml" + }) +@TestPropertySource(locations = {"/config/config_1.props"}) +public class CredentialProviderTest { + + private static final String PATH_JKS_WITH_TRUST_CERTS = "src/test/resources/data/junit.jks"; + private static final String PATH_JKS_WITHOUT_TRUST_CERTS = "src/test/resources/data/junit_without_trustcerts.jks"; + private static final String ALIAS_METADATA = "meta"; + private static final String ALIAS_SIGN = "sig"; + private static final String ALIAS_ENC = "meta"; + private static final String PASSWORD = "password"; + + + @Autowired private ApplicationContext context; + @Autowired private DummyAuthConfigMap config; + + /** + * jUnit test initializer. + */ + @Before + public void initialize() { + config.putConfigValue(DummyCredentialProvider.KEYSTORE_PATH, PATH_JKS_WITH_TRUST_CERTS); + config.putConfigValue(DummyCredentialProvider.KEYSTORE_PASSWORD, PASSWORD); + + config.removeConfigValue(DummyCredentialProvider.KEY_METADATA_ALIAS); + config.removeConfigValue(DummyCredentialProvider.KEY_METADATA_PASSWORD); + + config.removeConfigValue(DummyCredentialProvider.KEY_SIGNING_ALIAS); + config.removeConfigValue(DummyCredentialProvider.KEY_SIGNING_PASSWORD); + + config.removeConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_ALIAS); + config.removeConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_PASSWORD); + + } + + @Test + @DirtiesContext + public void noKeyStoreUrl() { + config.removeConfigValue(DummyCredentialProvider.KEYSTORE_PATH); + try { + context.getBean(DummyCredentialProvider.class); + Assert.fail("No KeyStore not detected"); + + } catch (final BeansException e) { + org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, + e.getCause(), "Wrong exception"); + } + + } + + @Test + @DirtiesContext + public void noKeyStore() { + config.putConfigValue(DummyCredentialProvider.KEYSTORE_PATH, "src/test/resources/config/notExist.p12"); + try { + context.getBean(DummyCredentialProvider.class); + Assert.fail("No KeyStore not detected"); + + } catch (final BeansException e) { + org.springframework.util.Assert.isInstanceOf(java.io.FileNotFoundException.class, + e.getCause(), "Wrong exception"); + } + + } + + @Test + @DirtiesContext + public void noWrongKeyStorePassword() { + config.putConfigValue(DummyCredentialProvider.KEYSTORE_PASSWORD, "test"); + try { + context.getBean(DummyCredentialProvider.class); + Assert.fail("No KeyStore not detected"); + + } catch (final BeansException e) { + org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, + e.getCause(), "Wrong exception"); + + } + + } + + @Test + @DirtiesContext + public void notKeyConfigurationWrongAlias() { + final DummyCredentialProvider credential = context.getBean(DummyCredentialProvider.class); + + Assert.assertNotNull("Credetialprovider", credential); + Assert.assertNotNull("Friendlyname", credential.getFriendlyName()); + + try { + config.putConfigValue(DummyCredentialProvider.KEY_METADATA_ALIAS, + RandomStringUtils.randomAlphabetic(5)); + credential.getMetaDataSigningCredential(); + Assert.fail("No Metadata signing credentials not detected"); + + } catch (final CredentialsNotAvailableException e) { + Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01")); + + } + + try { + config.putConfigValue(DummyCredentialProvider.KEY_SIGNING_ALIAS, + RandomStringUtils.randomAlphabetic(5)); + credential.getMessageSigningCredential(); + Assert.fail("No Metadata signing credentials not detected"); + + } catch (final CredentialsNotAvailableException e) { + Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01")); + + } + + try { + config.putConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_ALIAS, + RandomStringUtils.randomAlphabetic(5)); + credential.getMessageEncryptionCredential(); + Assert.fail("No Metadata signing credentials not detected"); + + } catch (final CredentialsNotAvailableException e) { + Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01")); + + } + + } + + @Test + @DirtiesContext + public void notKeyConfigurationWrongPassword() { + final DummyCredentialProvider credential = context.getBean(DummyCredentialProvider.class); + + Assert.assertNotNull("Credetialprovider", credential); + Assert.assertNotNull("Friendlyname", credential.getFriendlyName()); + + try { + config.putConfigValue(DummyCredentialProvider.KEY_METADATA_PASSWORD, + RandomStringUtils.randomAlphabetic(5)); + credential.getMetaDataSigningCredential(); + Assert.fail("No Metadata signing credentials not detected"); + + } catch (final CredentialsNotAvailableException e) { + Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01")); + + } + + try { + config.putConfigValue(DummyCredentialProvider.KEY_SIGNING_PASSWORD, + RandomStringUtils.randomAlphabetic(5)); + credential.getMessageSigningCredential(); + Assert.fail("No message signing credentials not detected"); + + } catch (final CredentialsNotAvailableException e) { + Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01")); + + } + + try { + config.putConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_PASSWORD, + RandomStringUtils.randomAlphabetic(5)); + final EaafX509Credential encCred = credential.getMessageEncryptionCredential(); + Assert.assertNull("No encryption credentials not detected", encCred); + + } catch (final CredentialsNotAvailableException e) { + Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01")); + + } + + } + + @Test + @DirtiesContext + public void notKeyConfigurationValidAliasWrongPassword() { + final DummyCredentialProvider credential = context.getBean(DummyCredentialProvider.class); + + Assert.assertNotNull("Credetialprovider", credential); + Assert.assertNotNull("Friendlyname", credential.getFriendlyName()); + + try { + config.putConfigValue(DummyCredentialProvider.KEY_METADATA_ALIAS, + ALIAS_METADATA); + config.putConfigValue(DummyCredentialProvider.KEY_METADATA_PASSWORD, + RandomStringUtils.randomAlphabetic(5)); + credential.getMetaDataSigningCredential(); + Assert.fail("No Metadata signing credentials not detected"); + + } catch (final CredentialsNotAvailableException e) { + Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01")); + + } + + try { + config.putConfigValue(DummyCredentialProvider.KEY_SIGNING_ALIAS, + ALIAS_SIGN); + config.putConfigValue(DummyCredentialProvider.KEY_SIGNING_PASSWORD, + RandomStringUtils.randomAlphabetic(5)); + credential.getMessageSigningCredential(); + Assert.fail("No Metadata signing credentials not detected"); + + } catch (final CredentialsNotAvailableException e) { + Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01")); + + } + + try { + config.putConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_ALIAS, + ALIAS_ENC); + config.putConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_PASSWORD, + RandomStringUtils.randomAlphabetic(5)); + credential.getMessageEncryptionCredential(); + Assert.fail("No Metadata signing credentials not detected"); + + } catch (final CredentialsNotAvailableException e) { + Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01")); + + } + } + + @Test + @DirtiesContext + public void notKeyConfigurationWrongAliasValidPassword() { + final DummyCredentialProvider credential = context.getBean(DummyCredentialProvider.class); + + Assert.assertNotNull("Credetialprovider", credential); + Assert.assertNotNull("Friendlyname", credential.getFriendlyName()); + + try { + config.putConfigValue(DummyCredentialProvider.KEY_METADATA_ALIAS, + RandomStringUtils.randomAlphabetic(5)); + config.putConfigValue(DummyCredentialProvider.KEY_METADATA_PASSWORD, + PASSWORD); + credential.getMetaDataSigningCredential(); + Assert.fail("No Metadata signing credentials not detected"); + + } catch (final CredentialsNotAvailableException e) { + Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01")); + + } + + try { + config.putConfigValue(DummyCredentialProvider.KEY_SIGNING_ALIAS, + RandomStringUtils.randomAlphabetic(5)); + config.putConfigValue(DummyCredentialProvider.KEY_SIGNING_PASSWORD, + PASSWORD); + credential.getMessageSigningCredential(); + Assert.fail("No Metadata signing credentials not detected"); + + } catch (final CredentialsNotAvailableException e) { + Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01")); + + } + + try { + config.putConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_ALIAS, + RandomStringUtils.randomAlphabetic(5)); + config.putConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_PASSWORD, + PASSWORD); + credential.getMessageEncryptionCredential(); + Assert.fail("No Metadata signing credentials not detected"); + + } catch (final CredentialsNotAvailableException e) { + Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01")); + + } + } + + @Test + @DirtiesContext + public void validonfiguration() throws CredentialsNotAvailableException { + final DummyCredentialProvider credential = context.getBean(DummyCredentialProvider.class); + + Assert.assertNotNull("Credetialprovider", credential); + Assert.assertNotNull("Friendlyname", credential.getFriendlyName()); + + + config.putConfigValue(DummyCredentialProvider.KEY_METADATA_ALIAS, + ALIAS_METADATA); + config.putConfigValue(DummyCredentialProvider.KEY_METADATA_PASSWORD, + PASSWORD); + + checkCredential(credential.getMetaDataSigningCredential(), + PvpConstants.DEFAULT_SIGNING_METHODE_RSA, + PvpConstants.DEFAULT_ASYM_ENCRYPTION_METHODE_RSA); + + config.putConfigValue(DummyCredentialProvider.KEY_SIGNING_ALIAS, + ALIAS_SIGN); + config.putConfigValue(DummyCredentialProvider.KEY_SIGNING_PASSWORD, + PASSWORD); + checkCredential(credential.getMessageSigningCredential(), + PvpConstants.DEFAULT_SIGNING_METHODE_EC, + PvpConstants.DEFAULT_ASYM_ENCRYPTION_METHODE_EC); + + config.putConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_ALIAS, + ALIAS_ENC); + config.putConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_PASSWORD, + PASSWORD); + checkCredential(credential.getMessageEncryptionCredential(), + PvpConstants.DEFAULT_SIGNING_METHODE_RSA, + PvpConstants.DEFAULT_ASYM_ENCRYPTION_METHODE_RSA); + + + final List<X509Certificate> trustCerts = credential.getTrustedCertificates(); + Assert.assertNotNull("TrustCerts are null", trustCerts); + Assert.assertFalse("TrustCerts not empty", trustCerts.isEmpty()); + Assert.assertEquals("# of Trustcerts", 2, trustCerts.size()); + + } + + @Test + @DirtiesContext + public void validonfigurationWithOutTrustCerts() throws CredentialsNotAvailableException { + config.putConfigValue(DummyCredentialProvider.KEYSTORE_PATH, PATH_JKS_WITHOUT_TRUST_CERTS); + + config.putConfigValue(PvpConstants.CONFIG_PROP_SEC_SIGNING_RSA_ALG, + "RSA-SIG_" + RandomStringUtils.randomAlphabetic(10)); + config.putConfigValue(PvpConstants.CONFIG_PROP_SEC_SIGNING_EC_ALG, + "EC-SIG_" + RandomStringUtils.randomAlphabetic(10)); + config.putConfigValue(PvpConstants.CONFIG_PROP_SEC_ENCRYPTION_KEY_RSA_ALG, + "RSA_ENC_" + RandomStringUtils.randomAlphabetic(10)); + config.putConfigValue(PvpConstants.CONFIG_PROP_SEC_ENCRYPTION_KEY_EC_ALG, + "EC-ENC_" + RandomStringUtils.randomAlphabetic(10)); + + final DummyCredentialProvider credential = context.getBean(DummyCredentialProvider.class); + + Assert.assertNotNull("Credetialprovider", credential); + Assert.assertNotNull("Friendlyname", credential.getFriendlyName()); + + config.putConfigValue(DummyCredentialProvider.KEY_METADATA_ALIAS, + ALIAS_METADATA); + config.putConfigValue(DummyCredentialProvider.KEY_METADATA_PASSWORD, + PASSWORD); + + checkCredential(credential.getMetaDataSigningCredential(), + config.getBasicConfiguration(PvpConstants.CONFIG_PROP_SEC_SIGNING_RSA_ALG), + config.getBasicConfiguration(PvpConstants.CONFIG_PROP_SEC_ENCRYPTION_KEY_RSA_ALG)); + + config.putConfigValue(DummyCredentialProvider.KEY_SIGNING_ALIAS, + ALIAS_SIGN); + config.putConfigValue(DummyCredentialProvider.KEY_SIGNING_PASSWORD, + PASSWORD); + checkCredential(credential.getMessageSigningCredential(), + config.getBasicConfiguration(PvpConstants.CONFIG_PROP_SEC_SIGNING_EC_ALG), + config.getBasicConfiguration(PvpConstants.CONFIG_PROP_SEC_ENCRYPTION_KEY_EC_ALG)); + + config.putConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_ALIAS, + ALIAS_ENC); + config.putConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_PASSWORD, + PASSWORD); + checkCredential(credential.getMessageEncryptionCredential(), + config.getBasicConfiguration(PvpConstants.CONFIG_PROP_SEC_SIGNING_RSA_ALG), + config.getBasicConfiguration(PvpConstants.CONFIG_PROP_SEC_ENCRYPTION_KEY_RSA_ALG)); + + final List<X509Certificate> trustCerts = credential.getTrustedCertificates(); + Assert.assertNotNull("TrustCerts are null", trustCerts); + Assert.assertTrue("TrustCerts not empty", trustCerts.isEmpty()); + + } + + @Test + @DirtiesContext + public void notKeyConfiguration() { + final DummyCredentialProvider credential = context.getBean(DummyCredentialProvider.class); + + Assert.assertNotNull("Credetialprovider", credential); + Assert.assertNotNull("Friendlyname", credential.getFriendlyName()); + + try { + credential.getMetaDataSigningCredential(); + Assert.fail("No Metadata signing credentials not detected"); + + } catch (final CredentialsNotAvailableException e) { + Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01")); + + } + + try { + credential.getMessageSigningCredential(); + Assert.fail("No Metadata signing credentials not detected"); + + } catch (final CredentialsNotAvailableException e) { + Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01")); + + } + + try { + final EaafX509Credential encCred = credential.getMessageEncryptionCredential(); + Assert.assertNull("No encryption signing credentials not detected", encCred); + + } catch (final CredentialsNotAvailableException e) { + Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01")); + + } + + } + + @Test + @DirtiesContext + public void notKeyConfigurationPkcs12() { + config.putConfigValue(DummyCredentialProvider.KEYSTORE_PATH, + "src/test/resources/data/junit_without_trustcerts.p12"); + final DummyCredentialProvider credential = context.getBean(DummyCredentialProvider.class); + + Assert.assertNotNull("Credetialprovider", credential); + Assert.assertNotNull("Friendlyname", credential.getFriendlyName()); + + try { + credential.getMetaDataSigningCredential(); + Assert.fail("No Metadata signing credentials not detected"); + + } catch (final CredentialsNotAvailableException e) { + Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01")); + + } + + try { + credential.getMessageSigningCredential(); + Assert.fail("No message signing credentials not detected"); + + } catch (final CredentialsNotAvailableException e) { + Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01")); + + } + + try { + final EaafX509Credential encCred = credential.getMessageEncryptionCredential(); + Assert.assertNull("No encryption signing credentials not detected", encCred); + + } catch (final CredentialsNotAvailableException e) { + Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01")); + + } + } + + private void checkCredential(EaafX509Credential metaDataSigningCredential, String sigAlg, String keyEncAlg) { + Assert.assertNotNull("No metadata signing credentials", metaDataSigningCredential); + Assert.assertNotNull("SigAlg is null", + metaDataSigningCredential.getSignatureAlgorithmForSigning()); + Assert.assertNotNull("KeyEncAlg is null", + metaDataSigningCredential.getKeyEncryptionAlgorithmForDataEncryption()); + Assert.assertFalse("SigAlg is empty", + metaDataSigningCredential.getSignatureAlgorithmForSigning().isEmpty()); + Assert.assertFalse("KeyEncAlg is empty", + metaDataSigningCredential.getKeyEncryptionAlgorithmForDataEncryption().isEmpty()); + + Assert.assertEquals("Wrong SigAlg", sigAlg, + metaDataSigningCredential.getSignatureAlgorithmForSigning()); + Assert.assertEquals("Wrong KeyEncAlg", keyEncAlg, + metaDataSigningCredential.getKeyEncryptionAlgorithmForDataEncryption()); + + } +} diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/PostBindingTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/PostBindingTest.java index 87073e81..76dba510 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/PostBindingTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/PostBindingTest.java @@ -65,7 +65,8 @@ import okhttp3.mockwebserver.MockResponse; import okhttp3.mockwebserver.MockWebServer; @RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration({"/spring/test_eaaf_pvp.beans.xml"}) +@ContextConfiguration({"/spring/test_eaaf_pvp.beans.xml", + "/spring/test_eaaf_core_spring_config.beans.xml"}) @TestPropertySource(locations = {"/config/config_1.props"}) public class PostBindingTest { @@ -246,7 +247,7 @@ public class PostBindingTest { final String serviceUrl = "http://testservice.org"; final String b64AuthnReq = generateSaml2AuthnRequest( - credentialProvider.getIdpMetaDataSigningCredential()); + credentialProvider.getMetaDataSigningCredential()); httpReq.setMethod("POST"); httpReq.addParameter("SAMLRequest", b64AuthnReq); @@ -289,7 +290,7 @@ public class PostBindingTest { final String relayState = RandomStringUtils.randomAlphanumeric(10); final String b64AuthnReq = generateSaml2AuthnRequest( - credentialProvider.getIdpMetaDataSigningCredential()); + credentialProvider.getMetaDataSigningCredential()); httpReq.setMethod("POST"); httpReq.addParameter("SAMLRequest", b64AuthnReq); httpReq.addParameter("RelayState", relayState); @@ -319,7 +320,7 @@ public class PostBindingTest { final String serviceUrl = "http://testservice.org"; final String b64AuthnReq = generateSaml2AuthnRequest( - credentialProvider.getIdpAssertionSigningCredential()); + credentialProvider.getMessageSigningCredential()); httpReq.setMethod("POST"); httpReq.addParameter("SAMLRequest", b64AuthnReq); @@ -353,7 +354,7 @@ public class PostBindingTest { final URIComparator comparator = new EaafUriCompare(serviceUrl); - final String b64AuthnReq = generateSaml2Response(credentialProvider.getIdpMetaDataSigningCredential()); + final String b64AuthnReq = generateSaml2Response(credentialProvider.getMetaDataSigningCredential()); httpReq.setMethod("POST"); httpReq.addParameter("SAMLRequest", b64AuthnReq); @@ -382,7 +383,7 @@ public class PostBindingTest { PostBindingTest.class.getResourceAsStream("/data/AuthRequest_without_sig_1.xml")); bindingImpl.encodeRequest(httpReq, httpResp, authnReq, serviceUrl, relayState, - credentialProvider.getIdpMetaDataSigningCredential(), pendingReq); + credentialProvider.getMetaDataSigningCredential(), pendingReq); //validate Assert.assertEquals("http StatusCode", 200, httpResp.getStatus()); @@ -416,7 +417,7 @@ public class PostBindingTest { PostBindingTest.class.getResourceAsStream("/data/AuthRequest_without_sig_1.xml")); bindingImpl.encodeRequest(httpReq, httpResp, authnReq, serviceUrl, relayState, - credentialProvider.getIdpAssertionSigningCredential(), pendingReq); + credentialProvider.getMessageSigningCredential(), pendingReq); //validate Assert.assertEquals("http StatusCode", 200, httpResp.getStatus()); @@ -451,7 +452,7 @@ public class PostBindingTest { PostBindingTest.class.getResourceAsStream("/data/AuthRequest_without_sig_1.xml")); bindingImpl.encodeRequest(httpReq, httpResp, authnReq, serviceUrl, relayState, - credentialProvider.getIdpMetaDataSigningCredential(), pendingReq); + credentialProvider.getMetaDataSigningCredential(), pendingReq); //validate @@ -489,7 +490,7 @@ public class PostBindingTest { PostBindingTest.class.getResourceAsStream("/data/Response_without_sig_1.xml")); bindingImpl.encodeResponse(httpReq, httpResp, authnReq, serviceUrl, relayState, - credentialProvider.getIdpMetaDataSigningCredential(), pendingReq); + credentialProvider.getMetaDataSigningCredential(), pendingReq); //validate @@ -527,7 +528,7 @@ public class PostBindingTest { PostBindingTest.class.getResourceAsStream("/data/Response_without_sig_1.xml")); bindingImpl.encodeResponse(httpReq, httpResp, authnReq, serviceUrl, relayState, - credentialProvider.getIdpMetaDataSigningCredential(), pendingReq); + credentialProvider.getMetaDataSigningCredential(), pendingReq); //validate diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/RedirectBindingTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/RedirectBindingTest.java index 23cc98a6..f85e5c2a 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/RedirectBindingTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/RedirectBindingTest.java @@ -58,7 +58,8 @@ import okhttp3.mockwebserver.MockResponse; import okhttp3.mockwebserver.MockWebServer; @RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration({ "/spring/test_eaaf_pvp.beans.xml" }) +@ContextConfiguration({ "/spring/test_eaaf_pvp.beans.xml", + "/spring/test_eaaf_core_spring_config.beans.xml" }) @TestPropertySource(locations = { "/config/config_1.props" }) public class RedirectBindingTest { @@ -336,7 +337,7 @@ public class RedirectBindingTest { httpReq.setMethod("GET"); httpReq.setRequestURI("http://testservice.org"); - httpReq.setQueryString(generateAuthnRequest(credentialProvider.getIdpMetaDataSigningCredential())); + httpReq.setQueryString(generateAuthnRequest(credentialProvider.getMetaDataSigningCredential())); httpReq.setParameter(HTTP_FORM_SAMLREQ, URLDecoder.decode(URISupport.getRawQueryStringParameter( httpReq.getQueryString(), HTTP_FORM_SAMLREQ).substring(HTTP_FORM_SAMLREQ_PARAM.length()), "UTF-8")); @@ -406,7 +407,7 @@ public class RedirectBindingTest { httpReq.setMethod("GET"); httpReq.setRequestURI("http://testservice.org"); - httpReq.setQueryString(generateResponse(credentialProvider.getIdpMetaDataSigningCredential())); + httpReq.setQueryString(generateResponse(credentialProvider.getMetaDataSigningCredential())); httpReq.setParameter(HTTP_FORM_SAMLRESP, URLDecoder.decode(URISupport.getRawQueryStringParameter( httpReq.getQueryString(), HTTP_FORM_SAMLRESP).substring(HTTP_FORM_SAMLRESP_PARM.length()), "UTF-8")); @@ -459,7 +460,7 @@ public class RedirectBindingTest { httpReq.setMethod("GET"); httpReq.setRequestURI("http://testservice.org"); httpReq.setParameter(HTTP_FORM_RELAYSTATE, relayState); - httpReq.setQueryString(generateResponse(credentialProvider.getIdpMetaDataSigningCredential())); + httpReq.setQueryString(generateResponse(credentialProvider.getMetaDataSigningCredential())); httpReq.setParameter(HTTP_FORM_SAMLRESP, URLDecoder.decode(URISupport.getRawQueryStringParameter( httpReq.getQueryString(), HTTP_FORM_SAMLRESP).substring(HTTP_FORM_SAMLRESP_PARM.length()), "UTF-8")); @@ -500,7 +501,7 @@ public class RedirectBindingTest { RedirectBindingTest.class.getResourceAsStream("/data/AuthRequest_without_sig_1.xml")); bindingImpl.encodeRequest(httpReq, httpResp, authnReq, serviceUrl, relayState, - credentialProvider.getIdpMetaDataSigningCredential(), pendingReq); + credentialProvider.getMetaDataSigningCredential(), pendingReq); // validate Assert.assertEquals("http StatusCode", 302, httpResp.getStatus()); @@ -548,7 +549,7 @@ public class RedirectBindingTest { RedirectBindingTest.class.getResourceAsStream("/data/AuthRequest_without_sig_1.xml")); bindingImpl.encodeRequest(httpReq, httpResp, authnReq, serviceUrl, relayState, - credentialProvider.getIdpAssertionSigningCredential(), pendingReq); + credentialProvider.getMessageSigningCredential(), pendingReq); // validate // validate @@ -598,7 +599,7 @@ public class RedirectBindingTest { RedirectBindingTest.class.getResourceAsStream("/data/AuthRequest_without_sig_1.xml")); bindingImpl.encodeRequest(httpReq, httpResp, authnReq, serviceUrl, relayState, - credentialProvider.getIdpMetaDataSigningCredential(), pendingReq); + credentialProvider.getMetaDataSigningCredential(), pendingReq); // validate Assert.assertEquals("http StatusCode", 302, httpResp.getStatus()); @@ -649,7 +650,7 @@ public class RedirectBindingTest { RedirectBindingTest.class.getResourceAsStream("/data/Response_without_sig_1.xml")); bindingImpl.encodeResponse(httpReq, httpResp, authnReq, serviceUrl, relayState, - credentialProvider.getIdpMetaDataSigningCredential(), pendingReq); + credentialProvider.getMetaDataSigningCredential(), pendingReq); // validate Assert.assertEquals("http StatusCode", 302, httpResp.getStatus()); @@ -700,7 +701,7 @@ public class RedirectBindingTest { RedirectBindingTest.class.getResourceAsStream("/data/Response_without_sig_1.xml")); bindingImpl.encodeResponse(httpReq, httpResp, authnReq, serviceUrl, relayState, - credentialProvider.getIdpMetaDataSigningCredential(), pendingReq); + credentialProvider.getMetaDataSigningCredential(), pendingReq); // validate Assert.assertEquals("http StatusCode", 302, httpResp.getStatus()); diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/SoapBindingTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/SoapBindingTest.java index 1125d30e..b43f6a3e 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/SoapBindingTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/SoapBindingTest.java @@ -44,7 +44,8 @@ import net.shibboleth.utilities.java.support.xml.SerializeSupport; import net.shibboleth.utilities.java.support.xml.XMLParserException; @RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration({"/spring/test_eaaf_pvp.beans.xml"}) +@ContextConfiguration({"/spring/test_eaaf_pvp.beans.xml", + "/spring/test_eaaf_core_spring_config.beans.xml"}) @TestPropertySource(locations = {"/config/config_1.props"}) public class SoapBindingTest { @@ -162,7 +163,7 @@ public class SoapBindingTest { PostBindingTest.class.getResourceAsStream("/data/AuthRequest_with_sig_1.xml")); payload.setIssueInstant(DateTime.now()); final RequestAbstractType signedPayload = Saml2Utils.signSamlObject( - payload, credentialProvider.getIdpMetaDataSigningCredential(), true); + payload, credentialProvider.getMetaDataSigningCredential(), true); final Envelope enveloped = Saml2Utils.buildSoap11Envelope(signedPayload); final Marshaller marshaller = Constraint.isNotNull( @@ -197,7 +198,7 @@ public class SoapBindingTest { PostBindingTest.class.getResourceAsStream("/data/Response_without_sig_1.xml")); bindingImpl.encodeResponse(httpReq, httpResp, response, serviceUrl, null, - credentialProvider.getIdpMetaDataSigningCredential(), pendingReq); + credentialProvider.getMetaDataSigningCredential(), pendingReq); Assert.assertEquals("http StatusCode", 200, httpResp.getStatus()); Assert.assertNotNull("PVP msg is null", httpResp.getContentLength()); diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/dummy/DummyCredentialProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/dummy/DummyCredentialProvider.java index 6930790d..b9f1326d 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/dummy/DummyCredentialProvider.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/dummy/DummyCredentialProvider.java @@ -1,7 +1,11 @@ package at.gv.egiz.eaaf.modules.pvp2.test.dummy; +import java.net.MalformedURLException; + import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.utils.FileUtils; import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider; import org.springframework.beans.factory.annotation.Autowired; @@ -29,7 +33,22 @@ public class DummyCredentialProvider extends AbstractCredentialProvider { @Override public String getKeyStoreFilePath() throws EaafException { - return basicConfig.getBasicConfiguration(KEYSTORE_PATH); + final String path = basicConfig.getBasicConfiguration(KEYSTORE_PATH); + + if (path != null) { + try { + return FileUtils.makeAbsoluteUrl( + path, + basicConfig.getConfigurationRootDirectory()); + + } catch (final MalformedURLException e) { + throw new EaafConfigurationException("internel test error", null, e); + + } + } + + throw new EaafConfigurationException("No keyStore path", null); + } @Override diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataBuilderTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataBuilderTest.java index 2d46f102..f8402510 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataBuilderTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataBuilderTest.java @@ -56,7 +56,8 @@ import net.shibboleth.utilities.java.support.xml.XMLParserException; @RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration({ "/spring/test_eaaf_pvp.beans.xml" }) +@ContextConfiguration({ "/spring/test_eaaf_pvp.beans.xml", + "/spring/test_eaaf_core_spring_config.beans.xml" }) @TestPropertySource(locations = { "/config/config_1.props" }) public class MetadataBuilderTest { @@ -211,7 +212,7 @@ public class MetadataBuilderTest { @Override public Credential getRequestorResponseSigningCredentials() throws CredentialsNotAvailableException { - return credentialProvider.getIdpAssertionSigningCredential(); + return credentialProvider.getMessageSigningCredential(); } @Override @@ -226,7 +227,7 @@ public class MetadataBuilderTest { @Override public EaafX509Credential getMetadataSigningCredentials() throws CredentialsNotAvailableException { - return credentialProvider.getIdpMetaDataSigningCredential(); + return credentialProvider.getMetaDataSigningCredential(); } @Override @@ -271,7 +272,7 @@ public class MetadataBuilderTest { @Override public Credential getEncryptionCredentials() throws CredentialsNotAvailableException { - return credentialProvider.getIdpAssertionSigningCredential(); + return credentialProvider.getMessageSigningCredential(); } @Override diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataResolverTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataResolverTest.java index f40fbc74..8995152d 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataResolverTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataResolverTest.java @@ -77,7 +77,8 @@ import okhttp3.mockwebserver.MockResponse; import okhttp3.mockwebserver.MockWebServer; @RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration({ "/spring/test_eaaf_pvp.beans.xml" }) +@ContextConfiguration({ "/spring/test_eaaf_pvp.beans.xml", + "/spring/test_eaaf_core_spring_config.beans.xml" }) @TestPropertySource(locations = { "/config/config_1.props" }) public class MetadataResolverTest { @@ -321,7 +322,7 @@ public class MetadataResolverTest { MetadataResolverTest.class.getResourceAsStream("/data/pvp_metadata_valid_with_entityCategory.xml")); metadata.setValidUntil(DateTime.now().plusDays(1)); metadata.setSignature(null); - Saml2Utils.signSamlObject(metadata, credentialProvider.getIdpMetaDataSigningCredential(), true); + Saml2Utils.signSamlObject(metadata, credentialProvider.getMetaDataSigningCredential(), true); final Element metadataElement = XMLObjectSupport.marshall(metadata); mockWebServer.enqueue(new MockResponse().setResponseCode(200) .setBody(SerializeSupport.nodeToString(metadataElement)) @@ -373,7 +374,7 @@ public class MetadataResolverTest { MetadataResolverTest.class.getResourceAsStream("/data/pvp_metadata_valid_with_entityCategory_egov.xml")); metadata.setValidUntil(DateTime.now().plusDays(1)); metadata.setSignature(null); - Saml2Utils.signSamlObject(metadata, credentialProvider.getIdpMetaDataSigningCredential(), true); + Saml2Utils.signSamlObject(metadata, credentialProvider.getMetaDataSigningCredential(), true); final Element metadataElement = XMLObjectSupport.marshall(metadata); mockWebServer.enqueue(new MockResponse().setResponseCode(200) .setBody(SerializeSupport.nodeToString(metadataElement)) @@ -425,7 +426,7 @@ public class MetadataResolverTest { MetadataResolverTest.class.getResourceAsStream("/data/pvp_metadata_valid.xml")); metadata.setValidUntil(DateTime.now().minusDays(2)); metadata.setSignature(null); - Saml2Utils.signSamlObject(metadata, credentialProvider.getIdpMetaDataSigningCredential(), true); + Saml2Utils.signSamlObject(metadata, credentialProvider.getMetaDataSigningCredential(), true); final Element metadataElement = XMLObjectSupport.marshall(metadata); mockWebServer.enqueue(new MockResponse().setResponseCode(200) |