From e123bad9e4c49102ef7a4d98396c0e252e2b4759 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Wed, 19 Jan 2022 19:05:58 +0100
Subject: test(core): add extension of
'AuthenticatedEncryptionPendingRequestIdGenerationStrategy' that allows
generation of already expired tokens
---
.../resources/SpringTest-context_authManager.xml | 38 +---------------
...xt_authManager_without_pendingReqGeneration.xml | 50 ++++++++++++++++++++++
...cryptionPendingRequestIdGenerationStrategy.java | 47 ++++++++++----------
...cryptionPendingRequestIdGenerationStrategy.java | 39 +++++++++++++++++
4 files changed, 115 insertions(+), 59 deletions(-)
create mode 100644 eaaf_core/src/test/resources/SpringTest-context_authManager_without_pendingReqGeneration.xml
create mode 100644 eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/TestAuthenticatedEncryptionPendingRequestIdGenerationStrategy.java
diff --git a/eaaf_core/src/test/resources/SpringTest-context_authManager.xml b/eaaf_core/src/test/resources/SpringTest-context_authManager.xml
index d7b148d0..faec351d 100644
--- a/eaaf_core/src/test/resources/SpringTest-context_authManager.xml
+++ b/eaaf_core/src/test/resources/SpringTest-context_authManager.xml
@@ -9,43 +9,7 @@
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
diff --git a/eaaf_core/src/test/resources/SpringTest-context_authManager_without_pendingReqGeneration.xml b/eaaf_core/src/test/resources/SpringTest-context_authManager_without_pendingReqGeneration.xml
new file mode 100644
index 00000000..5ed5dde8
--- /dev/null
+++ b/eaaf_core/src/test/resources/SpringTest-context_authManager_without_pendingReqGeneration.xml
@@ -0,0 +1,50 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java
index ca1db67d..cbf2be5a 100644
--- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java
+++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java
@@ -80,31 +80,13 @@ public class AuthenticatedEncryptionPendingRequestIdGenerationStrategy
@Override
public String generateExternalPendingRequestId() throws EaafException {
try {
- final String toSign = buildInternalToken(Random.nextLongRandom(), DateTime.now());
- JsonWebEncryption encToken = new JsonWebEncryption();
- encToken.setAlgorithmHeaderValue(selectKeyWrappingAlgorithm(key.getFirst()));
- encToken.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_GCM);
- encToken.setKey(key.getFirst());
- encToken.setPayload(toSign);
-
-
-
- if (key.getSecond() != null) {
- final ProviderContext providerCtx = new ProviderContext();
- providerCtx.getSuppliedKeyProviderContext().setSignatureProvider(
- key.getSecond().getName());
- encToken.setProviderContext(providerCtx);
-
- }
-
- return Base64.getUrlEncoder()
- .encodeToString(encToken.getCompactSerialization().getBytes(StandardCharsets.UTF_8));
-
+ final String toSign = buildInternalToken(Random.nextLongRandom(), DateTime.now());
+ return encryptAndEncodeToken(toSign);
+
} catch (final JoseException e) {
throw new EaafException("internal.pendingreqid.02", new Object[] { e.getMessage() }, e);
}
-
}
@Override
@@ -272,9 +254,30 @@ public class AuthenticatedEncryptionPendingRequestIdGenerationStrategy
}
- private String buildInternalToken(final String internalPendingReqId, final DateTime now) {
+ protected String buildInternalToken(final String internalPendingReqId, final DateTime now) {
return new StringBuilder().append(TOKEN_TEXTUAL_DATE_FORMAT.print(now)).append(TOKEN_SEPARATOR)
.append(internalPendingReqId).toString();
+
+ }
+
+ protected String encryptAndEncodeToken(String token) throws JoseException {
+ JsonWebEncryption encToken = new JsonWebEncryption();
+ encToken.setAlgorithmHeaderValue(selectKeyWrappingAlgorithm(key.getFirst()));
+ encToken.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_GCM);
+ encToken.setKey(key.getFirst());
+ encToken.setPayload(token);
+
+ if (key.getSecond() != null) {
+ final ProviderContext providerCtx = new ProviderContext();
+ providerCtx.getSuppliedKeyProviderContext().setSignatureProvider(
+ key.getSecond().getName());
+ encToken.setProviderContext(providerCtx);
+
+ }
+
+ return Base64.getUrlEncoder()
+ .encodeToString(encToken.getCompactSerialization().getBytes(StandardCharsets.UTF_8));
+
}
}
diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/TestAuthenticatedEncryptionPendingRequestIdGenerationStrategy.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/TestAuthenticatedEncryptionPendingRequestIdGenerationStrategy.java
new file mode 100644
index 00000000..0ec9446c
--- /dev/null
+++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/TestAuthenticatedEncryptionPendingRequestIdGenerationStrategy.java
@@ -0,0 +1,39 @@
+package at.gv.egiz.eaaf.core.test.utils;
+
+import org.joda.time.DateTime;
+import org.jose4j.lang.JoseException;
+
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.utils.AuthenticatedEncryptionPendingRequestIdGenerationStrategy;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+
+/**
+ * {@link AuthenticatedEncryptionPendingRequestIdGenerationStrategy} with special methodes for software testing.
+ *
+ * @author tlenz
+ *
+ */
+public class TestAuthenticatedEncryptionPendingRequestIdGenerationStrategy extends
+ AuthenticatedEncryptionPendingRequestIdGenerationStrategy {
+
+ /**
+ * Generate a new pendingRequestId with a specific timestamp.
+ *
+ *
This method is only for software testing to generate expired pendingRequestId's
+ *
+ * @param timestamp Timestamp on which this pendingRequestId was generated
+ * @return pendingRequestId
+ * @throws EaafException In case of an error
+ */
+ public String generateExternalPendingRequestId(DateTime timestamp) throws EaafException {
+ try {
+ final String toSign = buildInternalToken(Random.nextLongRandom(),timestamp);
+ return encryptAndEncodeToken(toSign);
+
+ } catch (final JoseException e) {
+ throw new EaafException("internal.pendingreqid.02", new Object[] { e.getMessage() }, e);
+
+ }
+ }
+
+}
--
cgit v1.2.3