9 files changed, 59 insertions, 47 deletions

diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonBuilderUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonBuilderUtils.java
index eb17781b..d76f4aad 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonBuilderUtils.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonBuilderUtils.java
@@ -105,6 +105,7 @@ public class SL20JsonBuilderUtils {
    * @param name            commando name
    * @param result          commando result
    * @param encryptedResult encrypted commando result
+   * @param signer {@link JsonSecurityUtils} implementation
    * @return JWS in serialized form
    * @throws SlCommandoBuildException in case of an error
    * 
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonExtractorUtils.java b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonExtractorUtils.java
index eb6de461..40ea0430 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonExtractorUtils.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/main/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/SL20JsonExtractorUtils.java
@@ -63,6 +63,7 @@ public class SL20JsonExtractorUtils {
    * @param input      JSON
    * @param keyID      Element identifier
    * @param isRequired true, if the element must not null
+   * @param defaultValue in case of no existing element with key
    * @return Boolean
    * @throws SlCommandoParserException In case of an error
    */
@@ -269,6 +270,7 @@ public class SL20JsonExtractorUtils {
    *
    * @param container JSON
    * @param joseTools JWS implementation
+   * @param mustBeSigned Throw an error if the result was not signed
    * @return Signature verification result that contains the payLoad
    * @throws SlCommandoParserException In case of an error
    */
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/CitizenTokenBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/CitizenTokenBuilder.java
index bf201803..1d6e3738 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/CitizenTokenBuilder.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/CitizenTokenBuilder.java
@@ -19,8 +19,6 @@
 
 package at.gv.egiz.eaaf.modules.pvp2.impl.builder;
 
-import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
-
 import org.opensaml.core.xml.XMLObject;
 import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
 import org.opensaml.core.xml.schema.XSInteger;
@@ -30,6 +28,8 @@ import org.opensaml.core.xml.schema.impl.XSStringBuilder;
 import org.opensaml.saml.saml2.core.Attribute;
 import org.opensaml.saml.saml2.core.AttributeValue;
 
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
+
 /**
  * Build all attributes from PVP2 citizen-token.
  *
@@ -73,6 +73,7 @@ public class CitizenTokenBuilder {
    * Build simple attribute.
    *
    * @param friendlyName attribute friendly-name
+   * @param name attribute name
    * @param value        Attributevalue
    * @return XML attribute
    */
@@ -89,6 +90,7 @@ public class CitizenTokenBuilder {
    * Build simple attribute.
    *
    * @param friendlyName attribute friendly-name
+   * @param name attribute name
    * @param value        Attributevalue
    * @return XML attribute
    */
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/PvpMetadataResolverFactory.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/PvpMetadataResolverFactory.java
index 0b505e56..d29f1a0e 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/PvpMetadataResolverFactory.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/PvpMetadataResolverFactory.java
@@ -8,15 +8,6 @@ import javax.annotation.Nullable;
 import javax.annotation.PostConstruct;
 import javax.net.ssl.SSLHandshakeException;
 
-import at.gv.egiz.components.spring.api.IDestroyableObject;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
-import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
-import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.SignatureValidationException;
-import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.OpenSaml3ResourceAdapter;
-
 import org.apache.http.client.HttpClient;
 import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
 import org.opensaml.saml.metadata.resolver.ExtendedRefreshableMetadataResolver;
@@ -30,6 +21,15 @@ import org.springframework.core.io.ResourceLoader;
 import com.google.common.base.Predicates;
 import com.google.common.base.Throwables;
 import com.google.common.collect.FluentIterable;
+
+import at.gv.egiz.components.spring.api.IDestroyableObject;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SignatureValidationException;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.OpenSaml3ResourceAdapter;
 import lombok.extern.slf4j.Slf4j;
 import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
 import net.shibboleth.utilities.java.support.resolver.ResolverException;
@@ -90,6 +90,7 @@ public class PvpMetadataResolverFactory implements IDestroyableObject {
    * @param filter           Filters, which should be used to validate the
    *                         metadata
    * @param idForLogging     Id, which is used for Logging
+   * @param pool             XML parser-pool to parse SAML2 Metadaten
    * @param httpClient       Apache commons 4.x http client
    *
    * @return SAML2 Metadata Provider, or null if the metadata provider can not
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/PvpCoreMessageSourceTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/PvpCoreMessageSourceTest.java
index b94ed8cc..88106e5b 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/PvpCoreMessageSourceTest.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/PvpCoreMessageSourceTest.java
@@ -2,8 +2,6 @@ package at.gv.egiz.eaaf.modules.pvp2.test;
 
 import java.util.List;
 
-import at.gv.egiz.eaaf.core.api.logging.IMessageSourceLocation;
-
 import org.junit.Assert;
 import org.junit.Test;
 import org.junit.runner.RunWith;
@@ -14,10 +12,12 @@ import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.TestPropertySource;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 
+import at.gv.egiz.eaaf.core.api.logging.IMessageSourceLocation;
+
 @RunWith(SpringJUnit4ClassRunner.class)
 @ContextConfiguration({ "/spring/test_eaaf_pvp.beans.xml",
-"/spring/test_eaaf_core_spring_config.beans.xml",
-"/spring/eaaf_utils.beans.xml" })
+    "/spring/test_eaaf_core_spring_config.beans.xml",
+    "/spring/eaaf_utils.beans.xml" })
 @TestPropertySource(locations = { "/config/config_1.props" })
 public class PvpCoreMessageSourceTest {
 
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/PostBindingTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/PostBindingTest.java
index ee601c73..2449c73c 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/PostBindingTest.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/PostBindingTest.java
@@ -9,33 +9,6 @@ import java.util.Map;
 
 import javax.xml.parsers.ParserConfigurationException;
 
-import at.gv.egiz.eaaf.core.api.IRequest;
-import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration;
-import at.gv.egiz.eaaf.core.impl.http.IHttpClientFactory;
-import at.gv.egiz.eaaf.core.impl.idp.module.gui.DummyGuiBuilderConfigurationFactory;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
-import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
-import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
-import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
-import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
-import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute;
-import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttributes;
-import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception;
-import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.SamlMessageValidationException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException;
-import at.gv.egiz.eaaf.modules.pvp2.impl.binding.PostBinding;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileResponse;
-import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory;
-import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
-import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
-import at.gv.egiz.eaaf.modules.pvp2.impl.validation.EaafUriCompare;
-import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider;
-import at.gv.egiz.eaaf.modules.pvp2.test.metadata.MetadataResolverTest;
-
 import org.apache.commons.io.IOUtils;
 import org.apache.commons.lang3.RandomStringUtils;
 import org.joda.time.DateTime;
@@ -69,6 +42,32 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import org.w3c.dom.Element;
 import org.xml.sax.SAXException;
 
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration;
+import at.gv.egiz.eaaf.core.impl.http.IHttpClientFactory;
+import at.gv.egiz.eaaf.core.impl.idp.module.gui.DummyGuiBuilderConfigurationFactory;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
+import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
+import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute;
+import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttributes;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SamlMessageValidationException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException;
+import at.gv.egiz.eaaf.modules.pvp2.impl.binding.PostBinding;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileResponse;
+import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
+import at.gv.egiz.eaaf.modules.pvp2.impl.validation.EaafUriCompare;
+import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider;
+import at.gv.egiz.eaaf.modules.pvp2.test.metadata.MetadataResolverTest;
 import net.shibboleth.utilities.java.support.net.URIComparator;
 import net.shibboleth.utilities.java.support.xml.SerializeSupport;
 import net.shibboleth.utilities.java.support.xml.XMLParserException;
@@ -357,7 +356,8 @@ public class PostBindingTest {
 
   @Test
   public void decodeRequestSuccessWithRequestAttributes() throws MessageDecodingException, SecurityException,
-      IOException, Pvp2Exception, CredentialsNotAvailableException, XMLParserException, UnmarshallingException, MarshallingException {
+      IOException, Pvp2Exception, CredentialsNotAvailableException, XMLParserException, 
+      UnmarshallingException, MarshallingException {
     final String serviceUrl = "https://eidas-test.bmi.gv.at/ms_connector/pvp/post";
     final String relayState = RandomStringUtils.randomAlphanumeric(10);
 
@@ -369,7 +369,8 @@ public class PostBindingTest {
     issuer.setValue("https://demo.egiz.gv.at/demoportal_demologin/");
     authnReq.setIssuer(issuer);
 
-    final RequestAbstractType signedAuthn = Saml2Utils.signSamlObject(authnReq, credentialProvider.getMessageSigningCredential(), true);
+    final RequestAbstractType signedAuthn = Saml2Utils.signSamlObject(
+        authnReq, credentialProvider.getMessageSigningCredential(), true);
     final Element signedElement = XMLObjectSupport.getMarshaller(signedAuthn).marshall(signedAuthn);
     final String b64AuthnReq =
         Base64.getEncoder().encodeToString(SerializeSupport.nodeToString(signedElement).getBytes("UTF-8"));
@@ -404,7 +405,8 @@ public class PostBindingTest {
     Assert.assertEquals("extension child size", 1, parsedAuthnReq.getExtensions().getUnknownXMLObjects().size());
 
     final XMLObject reqAttrs = parsedAuthnReq.getExtensions().getUnknownXMLObjects().get(0);
-    org.springframework.util.Assert.isInstanceOf(EaafRequestedAttributes.class, reqAttrs, "Wrong requested Attributes type");
+    org.springframework.util.Assert.isInstanceOf(
+        EaafRequestedAttributes.class, reqAttrs, "Wrong requested Attributes type");
     final EaafRequestedAttributes eaafReqAttrs = (EaafRequestedAttributes) reqAttrs;
     Assert.assertNotNull("Req attr is null", eaafReqAttrs.getAttributes());
     Assert.assertFalse("Req attr is empty", eaafReqAttrs.getAttributes().isEmpty());
@@ -418,7 +420,8 @@ public class PostBindingTest {
     Assert.assertEquals("Req. Attr. Value size", 1,  eaafReqAttr.getAttributeValues().size());
     org.springframework.util.Assert.isInstanceOf(XSString.class, eaafReqAttr.getAttributeValues().get(0),
         "Wrong requested Attributes Value type");
-    Assert.assertEquals("Req. Attr. Value", "urn:publicid:gv.at:cdid+BF",  ((XSString)eaafReqAttr.getAttributeValues().get(0)).getValue());
+    Assert.assertEquals("Req. Attr. Value", "urn:publicid:gv.at:cdid+BF",  
+        ((XSString)eaafReqAttr.getAttributeValues().get(0)).getValue());
 
   }
 
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataBuilderTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataBuilderTest.java
index 8657bc60..5b09d50d 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataBuilderTest.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/metadata/MetadataBuilderTest.java
@@ -159,7 +159,8 @@ public class MetadataBuilderTest {
     return entity;
   }
 
-  public static IPvpMetadataBuilderConfiguration idpMetadataConfig(IPvp2CredentialProvider credentialProvider, boolean buildSpInfos, boolean buildIdpInfos) {
+  public static IPvpMetadataBuilderConfiguration idpMetadataConfig(
+      IPvp2CredentialProvider credentialProvider, boolean buildSpInfos, boolean buildIdpInfos) {
     return new IPvpMetadataBuilderConfiguration() {
 
       @Override
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/AuthenticationActionTest.java b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/AuthenticationActionTest.java
index a88fa869..df5c15f8 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/AuthenticationActionTest.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/AuthenticationActionTest.java
@@ -39,6 +39,7 @@ public class AuthenticationActionTest {
   protected MockHttpServletRequest httpReq;
   protected MockHttpServletResponse httpResp;
   private PvpSProfilePendingRequest pendingReq;
+  
   /**
    * JUnit class initializer.
    *
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/MetadataActionTest.java b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/MetadataActionTest.java
index 8436a43d..51b4eaef 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/MetadataActionTest.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/test/java/at/gv/egiz/eaaf/modules/pvp2/idp/test/MetadataActionTest.java
@@ -35,6 +35,7 @@ public class MetadataActionTest {
   protected MockHttpServletRequest httpReq;
   protected MockHttpServletResponse httpResp;
   private TestRequestImpl pendingReq;
+  
   /**
    * JUnit class initializer.
    *