summaryrefslogtreecommitdiff
path: root/eaaf_modules/eaaf_module_pvp2_idp
diff options
context:
space:
mode:
Diffstat (limited to 'eaaf_modules/eaaf_module_pvp2_idp')
-rw-r--r--eaaf_modules/eaaf_module_pvp2_idp/pom.xml6
-rw-r--r--eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java30
-rw-r--r--eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java14
-rw-r--r--eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/AuthenticationActionTest.java226
-rw-r--r--eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/AuthnResponseBuilderTest.java54
-rw-r--r--eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/MetadataActionTest.java67
-rw-r--r--eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/Pvp2SProfileIdpSpringResourceProviderTest.java56
-rw-r--r--eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummyLoALevelMapper.java25
-rw-r--r--eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummyPvpConfiguration.java43
-rw-r--r--eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummyPvpMetadataConfigFactory.java16
-rw-r--r--eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummySubjectNameGenerator.java18
-rw-r--r--eaaf_modules/eaaf_module_pvp2_idp/src/test/resources/data/pvp_metadata_junit_keystore.xml31
-rw-r--r--eaaf_modules/eaaf_module_pvp2_idp/src/test/resources/spring/test_eaaf_core.beans.xml5
-rw-r--r--eaaf_modules/eaaf_module_pvp2_idp/src/test/resources/spring/test_eaaf_pvp.beans.xml28
14 files changed, 586 insertions, 33 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/pom.xml b/eaaf_modules/eaaf_module_pvp2_idp/pom.xml
index 2e9cb88d..0170febf 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/pom.xml
+++ b/eaaf_modules/eaaf_module_pvp2_idp/pom.xml
@@ -39,6 +39,12 @@
</dependency>
<dependency>
<groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf_core_utils</artifactId>
+ <scope>test</scope>
+ <type>test-jar</type>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
<artifactId>eaaf-core</artifactId>
<scope>test</scope>
<type>test-jar</type>
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java
index 16cd27cd..f9d7767f 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java
@@ -23,6 +23,19 @@ import javax.annotation.PostConstruct;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.joda.time.DateTime;
+import org.opensaml.saml.common.xml.SAMLConstants;
+import org.opensaml.saml.saml2.core.Assertion;
+import org.opensaml.saml.saml2.core.AuthnRequest;
+import org.opensaml.saml.saml2.core.Response;
+import org.opensaml.saml.saml2.metadata.AssertionConsumerService;
+import org.opensaml.saml.saml2.metadata.EntityDescriptor;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.stereotype.Service;
+
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.IAction;
import at.gv.egiz.eaaf.core.api.idp.IAuthData;
@@ -44,19 +57,6 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.binding.RedirectBinding;
import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest;
import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
-import org.joda.time.DateTime;
-import org.opensaml.saml.common.xml.SAMLConstants;
-import org.opensaml.saml.saml2.core.Assertion;
-import org.opensaml.saml.saml2.core.AuthnRequest;
-import org.opensaml.saml.saml2.core.Response;
-import org.opensaml.saml.saml2.metadata.AssertionConsumerService;
-import org.opensaml.saml.saml2.metadata.EntityDescriptor;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.ApplicationContext;
-import org.springframework.stereotype.Service;
-
@Service("PVPAuthenticationRequestAction")
public class AuthenticationAction implements IAction {
private static final Logger log = LoggerFactory.getLogger(AuthenticationAction.class);
@@ -117,10 +117,10 @@ public class AuthenticationAction implements IAction {
IEncoder binding = null;
if (consumerService.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
- binding = springContext.getBean("PVPRedirectBinding", RedirectBinding.class);
+ binding = springContext.getBean("PvpRedirectBinding", RedirectBinding.class);
} else if (consumerService.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) {
- binding = springContext.getBean("PVPPOSTBinding", PostBinding.class);
+ binding = springContext.getBean("PvpPostBinding", PostBinding.class);
}
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java
index 565f28fb..482a2a09 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java
@@ -31,6 +31,10 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
import org.joda.time.DateTime;
import org.opensaml.core.criterion.EntityIdCriterion;
+import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
+import org.opensaml.core.xml.io.MarshallingException;
+import org.opensaml.core.xml.io.UnmarshallingException;
+import org.opensaml.core.xml.util.XMLObjectSupport;
import org.opensaml.saml.common.xml.SAMLConstants;
import org.opensaml.saml.criterion.EntityRoleCriterion;
import org.opensaml.saml.criterion.ProtocolCriterion;
@@ -61,6 +65,7 @@ import org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider;
import org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import org.w3c.dom.Element;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
@@ -158,9 +163,14 @@ public class AuthResponseBuilder {
final Encrypter samlEncrypter = new Encrypter(dataEncParams, keyEncParamList);
samlEncrypter.setKeyPlacement(KeyPlacement.PEER);
- return samlEncrypter.encrypt(assertion);
+ final Element assertionElement = XMLObjectProviderRegistrySupport.getMarshallerFactory()
+ .getMarshaller(assertion).marshall(assertion);
+ assertionElement.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:xs", "http://www.w3.org/2001/XMLSchema");
- } catch (final EncryptionException | SamlSigningException e1) {
+ return samlEncrypter.encrypt((Assertion)
+ XMLObjectSupport.getUnmarshaller(assertionElement).unmarshall(assertionElement));
+
+ } catch (final EncryptionException | SamlSigningException | MarshallingException | UnmarshallingException e1) {
log.warn("Can not encrypt the PVP2 assertion", e1);
throw new InvalidAssertionEncryptionException();
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/AuthenticationActionTest.java b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/AuthenticationActionTest.java
new file mode 100644
index 00000000..a88fa869
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/AuthenticationActionTest.java
@@ -0,0 +1,226 @@
+package at.gv.egiz.eaaf.modules.pvp2.idp.test;
+
+import java.util.Date;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.time.DateFormatUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.TestPropertySource;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyAuthConfig;
+import at.gv.egiz.eaaf.modules.pvp2.idp.exception.ResponderErrorException;
+import at.gv.egiz.eaaf.modules.pvp2.idp.impl.AuthenticationAction;
+import at.gv.egiz.eaaf.modules.pvp2.idp.impl.PvpSProfilePendingRequest;
+import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({"/spring/test_eaaf_pvp.beans.xml"})
+@TestPropertySource(
+ locations = {"/config/config_1.props"})
+public class AuthenticationActionTest {
+
+ @Autowired private DummyAuthConfig authConfig;
+ @Autowired private PvpMetadataResolverFactory metadataResolverFactory;
+ @Autowired private AuthenticationAction action;
+
+ protected MockHttpServletRequest httpReq;
+ protected MockHttpServletResponse httpResp;
+ private PvpSProfilePendingRequest pendingReq;
+ /**
+ * JUnit class initializer.
+ *
+ * @throws Exception In case of an OpenSAML3 initialization error
+ */
+ @BeforeClass
+ public static void classInitializer() throws Exception {
+ EaafOpenSaml3xInitializer.eaafInitialize();
+
+ }
+
+ /**
+ * Test initializer.
+ *
+ */
+ @Before
+ public void initialize() {
+ httpReq = new MockHttpServletRequest();
+ httpResp = new MockHttpServletResponse();
+
+ pendingReq = new PvpSProfilePendingRequest();
+
+ }
+
+ @Test
+ public void checkNeedAuthFlag() {
+ Assert.assertTrue("Wrong 'needAuth' flag", action.needAuthentication(pendingReq, httpReq, httpResp));
+
+ }
+
+ @Test
+ public void noAuthnRequestInPendingRequest() {
+
+ IAuthData authData = generateAuthData();
+
+ try {
+ action.processRequest(pendingReq, httpReq, httpResp, authData);
+ Assert.fail("No SAML requst not detected");
+
+ } catch (ResponderErrorException e) {
+ Assert.assertEquals("Wrong errorCode", "pvp2.01", e.getErrorId());
+ }
+
+ }
+
+ private IAuthData generateAuthData() {
+ return new IAuthData() {
+
+ @Override
+ public boolean isSsoSession() {
+ return false;
+ }
+
+ @Override
+ public boolean isForeigner() {
+ return false;
+ }
+
+ @Override
+ public boolean isBaseIdTransferRestrication() {
+ return true;
+ }
+
+ @Override
+ public Date getSsoSessionValidTo() {
+ return null;
+
+ }
+
+ @Override
+ public String getSessionIndex() {
+ return null;
+
+ }
+
+ @Override
+ public String getNameIdFormat() {
+ return null;
+
+ }
+
+ @Override
+ public String getNameID() {
+ return null;
+
+ }
+
+ @Override
+ public IIdentityLink getIdentityLink() {
+ return null;
+
+ }
+
+ @Override
+ public String getIdentificationValue() {
+ return null;
+
+ }
+
+ @Override
+ public String getIdentificationType() {
+ return null;
+
+ }
+
+ @Override
+ public String getGivenName() {
+ return RandomStringUtils.randomAlphabetic(10);
+
+ }
+
+ @Override
+ public <T> T getGenericData(String key, Class<T> clazz) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getFormatedDateOfBirth() {
+ return DateFormatUtils.format(getDateOfBirth(), "yyyy-MM-dd");
+ }
+
+ @Override
+ public String getFamilyName() {
+ return RandomStringUtils.randomAlphabetic(10);
+
+ }
+
+ @Override
+ public String getEncryptedSourceIdType() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getEncryptedSourceId() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getEidasQaaLevel() {
+ return EaafConstants.EIDAS_LOA_LOW;
+ }
+
+ @Override
+ public Date getDateOfBirth() {
+ return new Date();
+
+ }
+
+ @Override
+ public String getCiticenCountryCode() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getBpkType() {
+ return EaafConstants.URN_PREFIX_CDID + RandomStringUtils.randomAlphabetic(2);
+ }
+
+ @Override
+ public String getBpk() {
+ return RandomStringUtils.randomAlphabetic(10);
+ }
+
+ @Override
+ public String getAuthenticationIssuer() {
+ return RandomStringUtils.randomAlphabetic(10);
+ }
+
+ @Override
+ public String getAuthenticationIssueInstantString() {
+ return DateFormatUtils.ISO_8601_EXTENDED_DATETIME_TIME_ZONE_FORMAT.format(getAuthenticationIssueInstant());
+ }
+
+ @Override
+ public Date getAuthenticationIssueInstant() {
+ return new Date();
+ }
+ };
+
+ }
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/AuthnResponseBuilderTest.java b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/AuthnResponseBuilderTest.java
index 98cf5f40..b2e528c4 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/AuthnResponseBuilderTest.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/AuthnResponseBuilderTest.java
@@ -7,12 +7,16 @@ import javax.xml.transform.TransformerException;
import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyAuthConfig;
import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SamlAssertionValidationExeption;
import at.gv.egiz.eaaf.modules.pvp2.idp.exception.InvalidAssertionEncryptionException;
import at.gv.egiz.eaaf.modules.pvp2.idp.impl.builder.AuthResponseBuilder;
import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory;
import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
+import at.gv.egiz.eaaf.modules.pvp2.impl.verification.SamlVerificationEngine;
import at.gv.egiz.eaaf.modules.pvp2.test.binding.PostBindingTest;
+import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider;
import org.apache.commons.lang3.RandomStringUtils;
import org.joda.time.DateTime;
@@ -43,6 +47,8 @@ public class AuthnResponseBuilderTest {
@Autowired private DummyAuthConfig authConfig;
@Autowired private PvpMetadataResolverFactory metadataResolverFactory;
+ @Autowired private SamlVerificationEngine verifyEngine;
+ @Autowired private DummyCredentialProvider credentialProvider;
/**
* JUnit class initializer.
@@ -99,4 +105,52 @@ public class AuthnResponseBuilderTest {
}
+ @Test
+ public void encryptedAssertionWithDecryption() throws InvalidAssertionEncryptionException, Pvp2MetadataException,
+ XMLParserException, UnmarshallingException, MarshallingException, TransformerException, IOException,
+ SamlAssertionValidationExeption, CredentialsNotAvailableException {
+ final String issuerEntityID = RandomStringUtils.randomAlphabetic(15);
+
+ final IPvp2MetadataProvider metadataProvider =
+ metadataResolverFactory.createMetadataProvider(
+ "classpath:/data/pvp_metadata_junit_keystore.xml", null, "jUnit metadata resolver", null);
+
+ final RequestAbstractType authnReq = (RequestAbstractType) XMLObjectSupport.unmarshallFromInputStream(
+ XMLObjectProviderRegistrySupport.getParserPool(),
+ PostBindingTest.class.getResourceAsStream("/data/AuthRequest_without_sig_1.xml"));
+ authnReq.setID("_" + RandomStringUtils.randomAlphanumeric(10));
+
+ final Assertion assertion = (Assertion) XMLObjectSupport.unmarshallFromInputStream(
+ XMLObjectProviderRegistrySupport.getParserPool(),
+ PostBindingTest.class.getResourceAsStream("/data/Assertion_1.xml"));
+
+ //build response
+ final DateTime now = DateTime.now();
+ final Response response = AuthResponseBuilder.buildResponse(
+ metadataProvider, issuerEntityID, authnReq,
+ now, assertion, authConfig);
+
+
+ //validate
+ Assert.assertNotNull("SAML2 response is null", response);
+ Assert.assertTrue("Assertion not null", response.getAssertions().isEmpty());
+ Assert.assertNotNull("Enc. assertion is null", response.getEncryptedAssertions());
+ Assert.assertFalse("Enc. assertion is empty", response.getEncryptedAssertions().isEmpty());
+ Assert.assertEquals("# enc. assertions wrong", 1, response.getEncryptedAssertions().size());
+
+ Assert.assertEquals("InResponseTo", authnReq.getID(), response.getInResponseTo());
+ Assert.assertEquals("Issuer EntityId", issuerEntityID, response.getIssuer().getValue());
+ Assert.assertNotNull("ResponseId is null", response.getID());
+ Assert.assertFalse("ResponseId is emptry", response.getID().isEmpty());
+
+ final Element responseElement = XMLObjectSupport.getMarshaller(response).marshall(response);
+ final String xmlResp = DomUtils.serializeNode(responseElement);
+ Assert.assertNotNull("XML response is null", xmlResp);
+ Assert.assertFalse("XML response is empty", xmlResp.isEmpty());
+
+ verifyEngine.validateAssertion(response, credentialProvider.getMetaDataSigningCredential(),
+ "https://demo.egiz.gv.at/demoportal_demologin/", "jUnitTest", false);
+
+ }
+
}
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/MetadataActionTest.java b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/MetadataActionTest.java
new file mode 100644
index 00000000..8436a43d
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/MetadataActionTest.java
@@ -0,0 +1,67 @@
+package at.gv.egiz.eaaf.modules.pvp2.idp.test;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.TestPropertySource;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyAuthConfig;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.modules.pvp2.idp.impl.MetadataAction;
+import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
+import at.gv.egiz.eaaf.modules.pvp2.impl.verification.SamlVerificationEngine;
+import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({"/spring/test_eaaf_pvp.beans.xml"})
+@TestPropertySource(
+ locations = {"/config/config_1.props"})
+public class MetadataActionTest {
+
+ @Autowired private DummyAuthConfig authConfig;
+ @Autowired private PvpMetadataResolverFactory metadataResolverFactory;
+ @Autowired private SamlVerificationEngine verifyEngine;
+ @Autowired private DummyCredentialProvider credentialProvider;
+ @Autowired private MetadataAction action;
+
+ protected MockHttpServletRequest httpReq;
+ protected MockHttpServletResponse httpResp;
+ private TestRequestImpl pendingReq;
+ /**
+ * JUnit class initializer.
+ *
+ * @throws Exception In case of an OpenSAML3 initialization error
+ */
+ @BeforeClass
+ public static void classInitializer() throws Exception {
+ EaafOpenSaml3xInitializer.eaafInitialize();
+
+ }
+
+ /**
+ * Test initializer.
+ *
+ */
+ @Before
+ public void initialize() {
+ httpReq = new MockHttpServletRequest();
+ httpResp = new MockHttpServletResponse();
+
+ pendingReq = new TestRequestImpl();
+
+ }
+
+ @Test
+ public void checkNeedAuthFlag() {
+ Assert.assertFalse("Wrong 'needAuth' flag", action.needAuthentication(pendingReq, httpReq, httpResp));
+
+ }
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/Pvp2SProfileIdpSpringResourceProviderTest.java b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/Pvp2SProfileIdpSpringResourceProviderTest.java
new file mode 100644
index 00000000..f9aafea9
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/Pvp2SProfileIdpSpringResourceProviderTest.java
@@ -0,0 +1,56 @@
+package at.gv.egiz.eaaf.modules.pvp2.idp.test;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.apache.commons.io.IOUtils;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.springframework.core.io.Resource;
+
+import at.gv.egiz.eaaf.core.test.TestConstants;
+import at.gv.egiz.eaaf.modules.pvp2.idp.Pvp2SProfileIdpSpringResourceProvider;
+
+
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class Pvp2SProfileIdpSpringResourceProviderTest {
+
+ @Test
+ public void testSpringConfig() {
+ final Pvp2SProfileIdpSpringResourceProvider test =
+ new Pvp2SProfileIdpSpringResourceProvider();
+ for (final Resource el : test.getResourcesToLoad()) {
+ try {
+ IOUtils.toByteArray(el.getInputStream());
+
+ } catch (final IOException e) {
+ Assert.fail("Ressouce: " + el.getFilename() + " not found");
+ }
+
+ }
+
+ Assert.assertNotNull("no Name", test.getName());
+ Assert.assertNull("Find package definitions", test.getPackagesToScan());
+
+ }
+
+ @Test
+ public void testSpILoaderConfig() {
+ final InputStream el = this.getClass().getResourceAsStream(TestConstants.TEST_SPI_LOADER_PATH);
+ try {
+ final String spiFile = IOUtils.toString(el, "UTF-8");
+
+ Assert.assertEquals("Wrong classpath in SPI file",
+ Pvp2SProfileIdpSpringResourceProvider.class.getName(), spiFile);
+
+
+ } catch (final IOException e) {
+ Assert.fail("Ressouce: " + TestConstants.TEST_SPI_LOADER_PATH + " not found");
+
+ }
+ }
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummyLoALevelMapper.java b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummyLoALevelMapper.java
new file mode 100644
index 00000000..004df86d
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummyLoALevelMapper.java
@@ -0,0 +1,25 @@
+package at.gv.egiz.eaaf.modules.pvp2.idp.test.dummy;
+
+import at.gv.egiz.eaaf.core.api.data.ILoALevelMapper;
+
+public class DummyLoALevelMapper implements ILoALevelMapper {
+
+ @Override
+ public String mapToEidasLoa(String qaa) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String mapToSecClass(String qaa) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String mapEidasQaaToStorkQaa(String eidasqaaLevel) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummyPvpConfiguration.java b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummyPvpConfiguration.java
new file mode 100644
index 00000000..78e2d700
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummyPvpConfiguration.java
@@ -0,0 +1,43 @@
+package at.gv.egiz.eaaf.modules.pvp2.idp.test.dummy;
+
+import java.util.List;
+
+import org.opensaml.saml.saml2.metadata.ContactPerson;
+import org.opensaml.saml.saml2.metadata.Organization;
+
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.modules.pvp2.api.IPvp2BasicConfiguration;
+
+public class DummyPvpConfiguration implements IPvp2BasicConfiguration {
+
+ @Override
+ public String getIdpEntityId(String authUrl) throws EaafException {
+ return authUrl + "/idp";
+ }
+
+ @Override
+ public String getIdpSsoPostService(String authUrl) throws EaafException {
+ return authUrl + "/sso/post";
+ }
+
+ @Override
+ public String getIdpSsoRedirectService(String authUrl) throws EaafException {
+ return authUrl + "/sso/redirect";
+ }
+
+ @Override
+ public Object getIdpSsoSoapService(String authUrl) throws EaafException {
+ return authUrl + "/sso/soap";
+ }
+
+ @Override
+ public List<ContactPerson> getIdpContacts() throws EaafException {
+ return null;
+ }
+
+ @Override
+ public Organization getIdpOrganisation() throws EaafException {
+ return null;
+ }
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummyPvpMetadataConfigFactory.java b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummyPvpMetadataConfigFactory.java
new file mode 100644
index 00000000..3f24480b
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummyPvpMetadataConfigFactory.java
@@ -0,0 +1,16 @@
+package at.gv.egiz.eaaf.modules.pvp2.idp.test.dummy;
+
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataBuilderConfiguration;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataConfigurationFactory;
+import at.gv.egiz.eaaf.modules.pvp2.api.utils.IPvp2CredentialProvider;
+import at.gv.egiz.eaaf.modules.pvp2.test.metadata.MetadataBuilderTest;
+
+public class DummyPvpMetadataConfigFactory implements IPvpMetadataConfigurationFactory {
+
+ @Override
+ public IPvpMetadataBuilderConfiguration generateMetadataBuilderConfiguration(String authUrl,
+ IPvp2CredentialProvider pvpIdpCredentials) {
+ return MetadataBuilderTest.idpMetadataConfig(pvpIdpCredentials, false, true);
+ }
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummySubjectNameGenerator.java b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummySubjectNameGenerator.java
new file mode 100644
index 00000000..3eaa4c09
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/dummy/DummySubjectNameGenerator.java
@@ -0,0 +1,18 @@
+package at.gv.egiz.eaaf.modules.pvp2.idp.test.dummy;
+
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception;
+import at.gv.egiz.eaaf.modules.pvp2.idp.api.builder.ISubjectNameIdGenerator;
+
+public class DummySubjectNameGenerator implements ISubjectNameIdGenerator {
+
+ @Override
+ public Pair<String, String> generateSubjectNameId(IAuthData authData, ISpConfiguration spConfig)
+ throws Pvp2Exception {
+ return Pair.newInstance(authData.getBpk(), authData.getBpkType());
+
+ }
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/test/resources/data/pvp_metadata_junit_keystore.xml b/eaaf_modules/eaaf_module_pvp2_idp/src/test/resources/data/pvp_metadata_junit_keystore.xml
index 96560960..7fdbef90 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/test/resources/data/pvp_metadata_junit_keystore.xml
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/test/resources/data/pvp_metadata_junit_keystore.xml
@@ -71,21 +71,22 @@ ANsmjI2azWiTSFjb7Ou5fnCfbeiJUP0s66m8qS4rYl9L
<md:KeyDescriptor use="encryption">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
- <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH
-SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W
-ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w
-CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ
-RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq
-UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+
-M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F
-Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt
-1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq
-nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC
-VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq
-itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc
-2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O
-fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy
-4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate>
+ <ds:X509Certificate>MIIC+jCCAeKgAwIBAgIEXjF+fTANBgkqhkiG9w0BAQsFADA/MQswCQYDVQQGEwJB
+VDENMAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxETAPBgNVBAMMCE1ldGFk
+YXRhMB4XDTIwMDEyOTEyNDU0OVoXDTI2MDEyODEyNDU0OVowPzELMAkGA1UEBhMC
+QVQxDTALBgNVBAcMBEVHSVoxDjAMBgNVBAoMBWpVbml0MREwDwYDVQQDDAhNZXRh
+ZGF0YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK230G3dxNbNlSYA
+O5Kx/Js0aBAgxMt7q9m+dA35fK/dOvF/GjrqjWsMCnax+no9gLnq6x0gXiJclz6H
+rp/YDOfLrJjMpNL/r0FWT947vbnEj7eT8TdY5d6Yi8AZulZmjiCI5nbZh2zwrP4+
+WqRroLoPhXQj8mDyp26M4xHBBUhLMRc2HV4S+XH4uNZ/vTmb8vBg31XGHCY33gl7
+/KA54JNGxJdN8Dxv6yHYsm91ZfVrX39W0iYLUNhUCkolwuQmjDVfrExM8BTLIONb
+f+erJoCm3A9ghZyDYRQ/e69/UEUqDa6XOzykr88INkQscEiAXCDS+EBPMpKo+t3l
+PIA9r7kCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAh/2mg4S03bdZy1OVtEAudBT9
+YZb9OF34hxPtNbkB/V04wSIg1d4TBr5KDhV7CdiUOxPZzHpS8LUCgfGX306FB6NX
+zh/b67uTOPaE72AB4VIT/Np0fsM7k5WhG9k9NoprIGiqCz2lXcfpZiT+LtSO1vWS
+YI87wR9KOSWjcw/5i5qZIAJuwvLCQj5JtUsmrhHK75222J3TJf4dS/gfN4xfY2rW
+9vcXtH6//8WdWp/zx9V7Z1ZsDb8TDKtBCEGuFDgVeU5ScKtVq8qRoUKD3Ve76cZi
+purO3KrRrVAuZP2EfLkZdHEHqe8GPigNnZ5kTn8V2VJ3iRAQ73hpJRR98tFd0A==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/test/resources/spring/test_eaaf_core.beans.xml b/eaaf_modules/eaaf_module_pvp2_idp/src/test/resources/spring/test_eaaf_core.beans.xml
index 8c0b8596..99552053 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/test/resources/spring/test_eaaf_core.beans.xml
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/test/resources/spring/test_eaaf_core.beans.xml
@@ -22,7 +22,10 @@
<bean id="httpClientFactory"
class="at.gv.egiz.eaaf.core.impl.utils.HttpClientFactory" />
+ <bean id="dummyRevisionLogger"
+ class="at.gv.egiz.eaaf.core.impl.logging.DummyRevisionsLogger" />
+
<bean id="eaafKeyStoreFactory"
- class="at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory" />
+ class="at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory" />
</beans> \ No newline at end of file
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/test/resources/spring/test_eaaf_pvp.beans.xml b/eaaf_modules/eaaf_module_pvp2_idp/src/test/resources/spring/test_eaaf_pvp.beans.xml
index aac94041..2bddd629 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/test/resources/spring/test_eaaf_pvp.beans.xml
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/test/resources/spring/test_eaaf_pvp.beans.xml
@@ -12,9 +12,37 @@
<import resource="test_eaaf_core.beans.xml"/>
<import resource="classpath:/eaaf_pvp.beans.xml"/>
+ <import resource="classpath:/eaaf_pvp_idp.beans.xml"/>
<bean id="dummyCredentialProvider"
class="at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider" />
+
+ <bean id="dummyChainingMetadataResolver"
+ class="at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyMetadataProvider" />
+ <bean id="samlVerificationEngine"
+ class="at.gv.egiz.eaaf.modules.pvp2.impl.verification.SamlVerificationEngine" />
+
+ <bean id="dummyLoALevelMapper"
+ class="at.gv.egiz.eaaf.modules.pvp2.idp.test.dummy.DummyLoALevelMapper" />
+
+ <bean id="dummySubjectNameIdGenerator"
+ class="at.gv.egiz.eaaf.modules.pvp2.idp.test.dummy.DummySubjectNameGenerator" />
+
+ <bean id="dummyPvpBasicConfig"
+ class="at.gv.egiz.eaaf.modules.pvp2.idp.test.dummy.DummyPvpConfiguration" />
+
+ <bean id="dummyMetadataConfigFactor"
+ class="at.gv.egiz.eaaf.modules.pvp2.idp.test.dummy.DummyPvpMetadataConfigFactory" />
+
+ <bean id="PVPAuthenticationRequestAction"
+ class="at.gv.egiz.eaaf.modules.pvp2.idp.impl.AuthenticationAction">
+ <property name="pvpIdpCredentials" ref="dummyCredentialProvider" />
+ </bean>
+
+ <bean id="pvpMetadataService"
+ class="at.gv.egiz.eaaf.modules.pvp2.idp.impl.MetadataAction" >
+ <property name="pvpIdpCredentials" ref="dummyCredentialProvider" />
+ </bean>
</beans> \ No newline at end of file