From e123bad9e4c49102ef7a4d98396c0e252e2b4759 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Wed, 19 Jan 2022 19:05:58 +0100 Subject: test(core): add extension of 'AuthenticatedEncryptionPendingRequestIdGenerationStrategy' that allows generation of already expired tokens --- .../resources/SpringTest-context_authManager.xml | 38 +--------------- ...xt_authManager_without_pendingReqGeneration.xml | 50 ++++++++++++++++++++++ ...cryptionPendingRequestIdGenerationStrategy.java | 47 ++++++++++---------- ...cryptionPendingRequestIdGenerationStrategy.java | 39 +++++++++++++++++ 4 files changed, 115 insertions(+), 59 deletions(-) create mode 100644 eaaf_core/src/test/resources/SpringTest-context_authManager_without_pendingReqGeneration.xml create mode 100644 eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/TestAuthenticatedEncryptionPendingRequestIdGenerationStrategy.java diff --git a/eaaf_core/src/test/resources/SpringTest-context_authManager.xml b/eaaf_core/src/test/resources/SpringTest-context_authManager.xml index d7b148d0..faec351d 100644 --- a/eaaf_core/src/test/resources/SpringTest-context_authManager.xml +++ b/eaaf_core/src/test/resources/SpringTest-context_authManager.xml @@ -9,43 +9,7 @@ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> - - - - - - - - - - - - - - - - - - - - - - - - - + diff --git a/eaaf_core/src/test/resources/SpringTest-context_authManager_without_pendingReqGeneration.xml b/eaaf_core/src/test/resources/SpringTest-context_authManager_without_pendingReqGeneration.xml new file mode 100644 index 00000000..5ed5dde8 --- /dev/null +++ b/eaaf_core/src/test/resources/SpringTest-context_authManager_without_pendingReqGeneration.xml @@ -0,0 +1,50 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java index ca1db67d..cbf2be5a 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java @@ -80,31 +80,13 @@ public class AuthenticatedEncryptionPendingRequestIdGenerationStrategy @Override public String generateExternalPendingRequestId() throws EaafException { try { - final String toSign = buildInternalToken(Random.nextLongRandom(), DateTime.now()); - JsonWebEncryption encToken = new JsonWebEncryption(); - encToken.setAlgorithmHeaderValue(selectKeyWrappingAlgorithm(key.getFirst())); - encToken.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_GCM); - encToken.setKey(key.getFirst()); - encToken.setPayload(toSign); - - - - if (key.getSecond() != null) { - final ProviderContext providerCtx = new ProviderContext(); - providerCtx.getSuppliedKeyProviderContext().setSignatureProvider( - key.getSecond().getName()); - encToken.setProviderContext(providerCtx); - - } - - return Base64.getUrlEncoder() - .encodeToString(encToken.getCompactSerialization().getBytes(StandardCharsets.UTF_8)); - + final String toSign = buildInternalToken(Random.nextLongRandom(), DateTime.now()); + return encryptAndEncodeToken(toSign); + } catch (final JoseException e) { throw new EaafException("internal.pendingreqid.02", new Object[] { e.getMessage() }, e); } - } @Override @@ -272,9 +254,30 @@ public class AuthenticatedEncryptionPendingRequestIdGenerationStrategy } - private String buildInternalToken(final String internalPendingReqId, final DateTime now) { + protected String buildInternalToken(final String internalPendingReqId, final DateTime now) { return new StringBuilder().append(TOKEN_TEXTUAL_DATE_FORMAT.print(now)).append(TOKEN_SEPARATOR) .append(internalPendingReqId).toString(); + + } + + protected String encryptAndEncodeToken(String token) throws JoseException { + JsonWebEncryption encToken = new JsonWebEncryption(); + encToken.setAlgorithmHeaderValue(selectKeyWrappingAlgorithm(key.getFirst())); + encToken.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_GCM); + encToken.setKey(key.getFirst()); + encToken.setPayload(token); + + if (key.getSecond() != null) { + final ProviderContext providerCtx = new ProviderContext(); + providerCtx.getSuppliedKeyProviderContext().setSignatureProvider( + key.getSecond().getName()); + encToken.setProviderContext(providerCtx); + + } + + return Base64.getUrlEncoder() + .encodeToString(encToken.getCompactSerialization().getBytes(StandardCharsets.UTF_8)); + } } diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/TestAuthenticatedEncryptionPendingRequestIdGenerationStrategy.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/TestAuthenticatedEncryptionPendingRequestIdGenerationStrategy.java new file mode 100644 index 00000000..0ec9446c --- /dev/null +++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/TestAuthenticatedEncryptionPendingRequestIdGenerationStrategy.java @@ -0,0 +1,39 @@ +package at.gv.egiz.eaaf.core.test.utils; + +import org.joda.time.DateTime; +import org.jose4j.lang.JoseException; + +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.utils.AuthenticatedEncryptionPendingRequestIdGenerationStrategy; +import at.gv.egiz.eaaf.core.impl.utils.Random; + +/** + * {@link AuthenticatedEncryptionPendingRequestIdGenerationStrategy} with special methodes for software testing. + * + * @author tlenz + * + */ +public class TestAuthenticatedEncryptionPendingRequestIdGenerationStrategy extends + AuthenticatedEncryptionPendingRequestIdGenerationStrategy { + + /** + * Generate a new pendingRequestId with a specific timestamp. + * + *

This method is only for software testing to generate expired pendingRequestId's

+ * + * @param timestamp Timestamp on which this pendingRequestId was generated + * @return pendingRequestId + * @throws EaafException In case of an error + */ + public String generateExternalPendingRequestId(DateTime timestamp) throws EaafException { + try { + final String toSign = buildInternalToken(Random.nextLongRandom(),timestamp); + return encryptAndEncodeToken(toSign); + + } catch (final JoseException e) { + throw new EaafException("internal.pendingreqid.02", new Object[] { e.getMessage() }, e); + + } + } + +} -- cgit v1.2.3