From 13952dddd85fc08115f963b259885b5c9b7f2b57 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 5 Mar 2019 08:53:50 +0100 Subject: fix attribute escaping problem in SimpleIdentityLinkAssertionParser this fix can be deactivated by property: 'configuration.bugfix.enable.idl.escaping' to get backward compatibility --- .../eaaf/core/api/idp/auth/data/IIdentityLink.java | 9 +- .../builder/AbstractAuthenticationDataBuilder.java | 24 ++++- .../eaaf/core/impl/idp/auth/data/IdentityLink.java | 13 +-- .../data/SimpleIdentityLinkAssertionParser.java | 4 +- .../idp/auth/AuthenticationDataBuilderTest.java | 107 +++++++++++++++++++++ .../idp/auth/TestAuthenticationDataBuilder.java | 45 +++++++++ .../impl/idp/module/test/DummyConfiguration.java | 90 +++++++++++++++++ .../impl/idp/module/test/DummySPConfiguration.java | 21 ++++ .../resources/SpringTest-context_eaaf_core.xml | 20 ++++ 9 files changed, 316 insertions(+), 17 deletions(-) create mode 100644 eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/AuthenticationDataBuilderTest.java create mode 100644 eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/TestAuthenticationDataBuilder.java create mode 100644 eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java create mode 100644 eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummySPConfiguration.java create mode 100644 eaaf_core/src/test/resources/SpringTest-context_eaaf_core.xml (limited to 'eaaf_core/src') diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IIdentityLink.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IIdentityLink.java index c5c08d87..df71b30a 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IIdentityLink.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/idp/auth/data/IIdentityLink.java @@ -58,9 +58,12 @@ public interface IIdentityLink { String getGivenName(); /** - * Returns the name. - * @return The name. - */ + * Return the name as 'givenName + " " + familyName'
+ * This method should be used any more. Use getFamilyName() and getGivenName() separately. + * + * @return The name. + */ + @Deprecated String getName(); /** diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java index 3ba2c2cf..f578afd8 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java @@ -60,7 +60,10 @@ import at.gv.egiz.eaaf.core.impl.utils.XPathUtils; public abstract class AbstractAuthenticationDataBuilder implements IAuthenticationDataBuilder { - private static final Logger log = LoggerFactory.getLogger(AbstractAuthenticationDataBuilder.class); + private static final Logger log = LoggerFactory.getLogger(AbstractAuthenticationDataBuilder.class); + + public static final String CONFIG_PROP_ENABLE_IDL_ATTRIBUTE_ESCAPEING = "configuration.bugfix.enable.idl.escaping"; + protected Collection includedToGenericAuthData = null; @Autowired protected IConfiguration basicConfig; @@ -384,10 +387,25 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati authData.setIdentificationValue(identityLink.getIdentificationValue()); authData.setIdentificationType(identityLink.getIdentificationType()); - authData.setGivenName(identityLink.getGivenName()); - authData.setFamilyName(identityLink.getFamilyName()); + /* GivenNames and FamilyNames with simple Apostrophe were escaped with ' + * in IdentityLinkParser since 5 years. This feature was bug-fix for an SL1.0 AuthBlock problem. + * However, the authentication attributes (SAML2, eIDAS, OpenID-Connect) also includes this escaped values, + * but there it is not neccesary. We fix this problem in 3.4.3, but the fix can be deactivated + * for dependency reasons. + */ + if (basicConfig.getBasicMOAIDConfigurationBoolean(CONFIG_PROP_ENABLE_IDL_ATTRIBUTE_ESCAPEING, false)) { + authData.setGivenName(identityLink.getGivenName().replaceAll("'", "'")); + authData.setFamilyName(identityLink.getFamilyName().replaceAll("'", "'")); + + } else { + authData.setGivenName(identityLink.getGivenName()); + authData.setFamilyName(identityLink.getFamilyName()); + + } + authData.setDateOfBirth(identityLink.getDateOfBirth()); + //remove corresponding keys from genericSessionData if exists includedGenericSessionData.remove(PVPAttributeDefinitions.PRINCIPAL_NAME_NAME); includedGenericSessionData.remove(PVPAttributeDefinitions.GIVEN_NAME_NAME); diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/IdentityLink.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/IdentityLink.java index becd630e..367643ec 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/IdentityLink.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/IdentityLink.java @@ -86,10 +86,6 @@ public class IdentityLink implements Serializable, IIdentityLink{ */ private String familyName; - /** - * The name as (givenName + familyName) - */ - private String name; /** * date of birth */ @@ -157,11 +153,10 @@ public String getGivenName() { * @see at.gv.egovernment.moa.id.auth.data.IIdentityLink#getName() */ @Override -public String getName() { - if (name == null) { - name = givenName + " " + familyName; - } - return name; + @Deprecated + public String getName() { + return givenName + " " + familyName; + } /* (non-Javadoc) diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/SimpleIdentityLinkAssertionParser.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/SimpleIdentityLinkAssertionParser.java index 0aec58a2..658e6a42 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/SimpleIdentityLinkAssertionParser.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/data/SimpleIdentityLinkAssertionParser.java @@ -274,8 +274,8 @@ public class SimpleIdentityLinkAssertionParser { String familyname = XPathUtils.getElementValue(assertionElem, PERSON_FAMILY_NAME_XPATH, ""); // replace ' in name with ' - givenname = givenname.replaceAll("'", "'"); - familyname = familyname.replaceAll("'", "'"); +// givenname = givenname.replaceAll("'", "'"); +// familyname = familyname.replaceAll("'", "'"); identityLink.setGivenName(givenname); identityLink.setFamilyName(familyname); diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/AuthenticationDataBuilderTest.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/AuthenticationDataBuilderTest.java new file mode 100644 index 00000000..c4acbaad --- /dev/null +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/AuthenticationDataBuilderTest.java @@ -0,0 +1,107 @@ +package at.gv.egiz.eaaf.core.impl.idp.auth; + +import java.io.ByteArrayInputStream; +import java.util.HashMap; +import java.util.Map; + +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.util.Base64Utils; + +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration("/SpringTest-context_eaaf_core.xml") +public class AuthenticationDataBuilderTest { + + @Autowired private TestAuthenticationDataBuilder authBuilder; + @Autowired private DummyConfiguration authConfig; + + private static final String DUMMY_IDL_2 = "PHNhbWw6QXNzZXJ0aW9uIEFzc2VydGlvbklEPSJlbGdhdGVzdC5lZ2l6Lmd2LmF0LUFzc2VydGlvbklEWFhYxZB6Z8O8cl9YWFhUw7x6ZWvDp2kiIElzc3VlSW5zdGFudD0iMjAxOS0wMy0wNFQxNTo1MzowNCswMTowMCIgSXNzdWVyPSJodHRwOi8vcG9ydGFsLmJtaS5ndi5hdC9yZWYvc3pyL2lzc3VlciIgTWFqb3JWZXJzaW9uPSIxIiBNaW5vclZlcnNpb249IjAiIHhtbG5zOmRzaWc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiIHhtbG5zOmVjZHNhPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSMiIHhtbG5zOnByPSJodHRwOi8vcmVmZXJlbmNlLmUtZ292ZXJubWVudC5ndi5hdC9uYW1lc3BhY2UvcGVyc29uZGF0YS8yMDAyMDIyOCMiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMDphc3NlcnRpb24iIHhtbG5zOnNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSI+Cgk8c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+CgkJPHNhbWw6U3ViamVjdD4KCQkJPHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbj4KCQkJCTxzYW1sOkNvbmZpcm1hdGlvbk1ldGhvZD51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjA6Y206c2VuZGVyLXZvdWNoZXM8L3NhbWw6Q29uZmlybWF0aW9uTWV0aG9kPgoJCQkJPHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGE+CgkJCQkJPHByOlBlcnNvbiBzaTp0eXBlPSJwcjpQaHlzaWNhbFBlcnNvblR5cGUiPjxwcjpJZGVudGlmaWNhdGlvbj48cHI6VmFsdWU+UlV4SFFWUmxjM1JRUWpCWVdGakZrSHBudzd4eVgxaFlXRlREdkhwbGE4T25hUT09PC9wcjpWYWx1ZT48cHI6VHlwZT51cm46cHVibGljaWQ6Z3YuYXQ6YmFzZWlkPC9wcjpUeXBlPjwvcHI6SWRlbnRpZmljYXRpb24+PHByOk5hbWU+PHByOkdpdmVuTmFtZT5YWFjFkHonZ8O8cjwvcHI6R2l2ZW5OYW1lPjxwcjpGYW1pbHlOYW1lIHByaW1hcnk9InVuZGVmaW5lZCI+WFhYVMO8emVrw6dpPC9wcjpGYW1pbHlOYW1lPjwvcHI6TmFtZT48cHI6RGF0ZU9mQmlydGg+MTk3My0wNi0wNDwvcHI6RGF0ZU9mQmlydGg+PC9wcjpQZXJzb24+CgkJCQk8L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGE+CgkJCTwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPgoJCTwvc2FtbDpTdWJqZWN0PgoJCTxzYW1sOkF0dHJpYnV0ZSBBdHRyaWJ1dGVOYW1lPSJDaXRpemVuUHVibGljS2V5IiBBdHRyaWJ1dGVOYW1lc3BhY2U9InVybjpwdWJsaWNpZDpndi5hdDpuYW1lc3BhY2VzOmlkZW50aXR5bGluazoxLjIiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlPjxkc2lnOlJTQUtleVZhbHVlPjxkc2lnOk1vZHVsdXM+L1VLUkZIYkFhRWtnVmRnTTFTRE9KaldIcUszN3JKWVN0UHF0VVh6bzlWTm9yTzgzWW95emE5YjBkcDdtdVM4b2paMjRZRVBMUUZ3WQpCSVpkbTROSHJBNXZsVlZrRGV1Qng2bVRwRXBldTdkMkUzd3VZbVFXTjQxUXhWajZPcFhvSHRzek9jajd1Rm9mem1SR09PVUIzNUxDCkg2QzBMTFpJNTU5a3BPbmFxa2RLbU83dnduYVE0eTEwcHpCdjJ3U3BTZnY0djlIV3NCYUYxUWtYNmlmQ3lBbklLS3FKczR6S1RuK2EKR0kvS0FKOXdoam9GQk9yd1MzTlFpK1ZSVGxPYTdKdHdxeHBJZUYrT3c0R2wzaWdVb2szaGtsYlUyeElYcG5VeXNQYWhqUTBMNm5ORApZVHVmUC9jRmxrNWkvR1BZdmtONjJHd0Z4Rko1bDBoL1A3QWtJaCtWZmRCL0Q3SFVYaC9PV2dmek9MK2ZFRGdiL1dHM1BNenlObVFNCm5QQkdQb21hdGFOREtla0hhNUYwOUxFUHR5L0ZwMDUxLzFEUTZUMXhzamZ5ZG11aVZsWDZIRUZqZjFkYmQ4cUtGRm5TQ3NxRHBQdUQKR0hNcStKS0lmN25HQWtYSWxraTA1Nzd1bzM0MmxaeHBUVlRGVkFGdkJHS0Z6azNlQzMyT0NwOUo8L2RzaWc6TW9kdWx1cz48ZHNpZzpFeHBvbmVudD5BUUFCPC9kc2lnOkV4cG9uZW50PjwvZHNpZzpSU0FLZXlWYWx1ZT48L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgQXR0cmlidXRlTmFtZT0iQ2l0aXplblB1YmxpY0tleSIgQXR0cmlidXRlTmFtZXNwYWNlPSJ1cm46cHVibGljaWQ6Z3YuYXQ6bmFtZXNwYWNlczppZGVudGl0eWxpbms6MS4yIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZT48ZHNpZzpSU0FLZXlWYWx1ZT48ZHNpZzpNb2R1bHVzPnlQWGJhcEZhYXBycWlmVXVJaUxzR0FMaVdTTGRsUGNRN0VGZGZ5UzM0RVNJNGEyQnMwbUxTbm5FY1djeHJjWlgzcmxJUXBKaklwb1UKQStSRG9sNVBrU3BoSENMNkl2SVFNZmtreEg1Z0s2akN6VFNWOVJFVm1xUlRFMXNxUmNCUUduRFlwMjZwSFFoYzBHSG13NnVqeCtQTwp1dlE2Mm9hUUlxUXZ0T2ZLWFBReXlXTDE5clhXOTcrRUcweTBLd2VpOHRWY01uamJ5ZEtNL3Z5d01Fb3FFcU1mMEYrR0tjd3A3ZW50ClpzcnVEVEgrY0tJYnBXdUpLZzAwVUhraG45QWZkYlBXdzZWOWUrQmhxU0lYcTBoaEhmSkNBdzZwWXVYaVY2dE9ESlBGdnUxN1diQnQKV3B1ejJOR1RMU3Y3NXJlaklCa09TMk5MS0FmV3JhVmhUaDY3Vnc9PTwvZHNpZzpNb2R1bHVzPjxkc2lnOkV4cG9uZW50PkFRQUI8L2RzaWc6RXhwb25lbnQ+PC9kc2lnOlJTQUtleVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPgoJPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4KPGRzaWc6U2lnbmF0dXJlIHhtbG5zOmRzaWc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxkc2lnOlNpZ25lZEluZm8+PGRzaWc6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjxkc2lnOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPjxkc2lnOlJlZmVyZW5jZSBVUkk9IiI+PGRzaWc6VHJhbnNmb3Jtcz48ZHNpZzpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy9UUi8xOTk5L1JFQy14cGF0aC0xOTk5MTExNiI+PGRzaWc6WFBhdGg+bm90KGFuY2VzdG9yLW9yLXNlbGY6OnByOklkZW50aWZpY2F0aW9uKTwvZHNpZzpYUGF0aD48L2RzaWc6VHJhbnNmb3JtPjxkc2lnOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PC9kc2lnOlRyYW5zZm9ybXM+PGRzaWc6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz48ZHNpZzpEaWdlc3RWYWx1ZT43TmZyRUJKZGw4NTRyZG1BaDFjdFEyWDdXTWM9PC9kc2lnOkRpZ2VzdFZhbHVlPjwvZHNpZzpSZWZlcmVuY2U+PGRzaWc6UmVmZXJlbmNlIFR5cGU9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNNYW5pZmVzdCIgVVJJPSIjbWFuaWZlc3QiPjxkc2lnOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzaWc6RGlnZXN0VmFsdWU+aGZnOHphM21ZcXU1UVNiVXpYSHhEZTUvU05FPTwvZHNpZzpEaWdlc3RWYWx1ZT48L2RzaWc6UmVmZXJlbmNlPjwvZHNpZzpTaWduZWRJbmZvPjxkc2lnOlNpZ25hdHVyZVZhbHVlPm11V2IzOVRhZ0NkM053V2N1NWlrRUp1SnBaZG5lZFJEY2RtMTdJWnYrT0VWRXRxeWxSdXIvd1g2QUdVQ1UvUFUKWm5DdWROR1ZwQ0hMWXpIaXBONWM4b2JtbmhsbElOb1NFTk81b3Y1amlNb05Lb2RBZXhKSU42bVpPREJkL1RtVAptNzBWaVd5ckdVTGJJWWwvd2hsdjFsZ2EzSjhjeDhLU29QejhTd05MMnF3VWoydG8vQWhnNGtjSmxxT3MyNVlNCk5YL3dhSW53NkRSN05HQ0pvRStaWlNwcEh3d1FtNnYrOUhZOUU4NnNlQkFBUHhJOU0xako0WldiMzI5akZ0aUEKcXZiOHM2anhyMmxsOHVWYWdxWENZaFg5K1dOUXdheXFZTCtPdzhPcGxVem9OMVRpS2hSbVFLWkl3S1lDMVo4eQpLK3ZqQWxRTzJhT05zNEhVaG9SNmQyNmUvTVUxZmJlWEhxVHpyZmI5R1hXSHl0dFRkanhiemtaQTFGODJsUUZvCjUrVnpjTUhRUmc3c0RKODY1Wk1zM3BwY2VoLzlaU2ZvT2Y1SFlEUFl1V2VjT0RpZ1pRWVh0TVlwdVBRVGsrQ20KczlaSkd6QlYybGVtZk5DOVFVNzh0Zm42cDFVWnJTTG5zWGFYbVVjOEVjNTNQaUhBT3Z6blh0QjVjRW5hV2daMgp1TGVGOEtTUmw2SjBlTlE5SkRQZ1NOMHNmYWxiVkNkaENUTlFtclJ0T2pVZjNlN3UzeElNelJ1Zm4wb2o2SHRwCnQzaEVESFhuSS9kTk1scHBSSXl4cGQxbFo5bXJYZklLcnJMZVdxdGd3cFB1OTRoVUhRL2VKejFrMy9IM0h6M2QKWkR4dkFFYzNTRERkb1FXeS9HUGZpcXNwRWZjbGd0SkNKQ2E4L2t2dTdSVT08L2RzaWc6U2lnbmF0dXJlVmFsdWU+PGRzaWc6S2V5SW5mbz48ZHNpZzpYNTA5RGF0YT48ZHNpZzpYNTA5Q2VydGlmaWNhdGU+TUlJRlpEQ0NBMHlnQXdJQkFnSUpBSmF2K3plcVUvRE1NQTBHQ1NxR1NJYjNEUUVCQ3dVQU1Gd3hDekFKQmdOVgpCQVlUQWtGVU1RMHdDd1lEVlFRS0V3UkZSMGxhTVJZd0ZBWURWUVFMRXcxVGIyWjBkMkZ5WlVOaGNtUnpNU1l3CkpBWURWUVFERkIxVVpYTjBYMU52Wm5SM1lYSmxZMkZ5WkhOZlNVUk1YMU5wWjI1bGNqQWVGdzB4TmpFd01UZ3gKTURNNU1EZGFGdzB4T1RBM01UUXhNRE01TURkYU1Gd3hDekFKQmdOVkJBWVRBa0ZVTVEwd0N3WURWUVFLRXdSRgpSMGxhTVJZd0ZBWURWUVFMRXcxVGIyWjBkMkZ5WlVOaGNtUnpNU1l3SkFZRFZRUURGQjFVWlhOMFgxTnZablIzCllYSmxZMkZ5WkhOZlNVUk1YMU5wWjI1bGNqQ0NBaUl3RFFZSktvWklodmNOQVFFQkJRQURnZ0lQQURDQ0Fnb0MKZ2dJQkFMa0xndCtNRlR4TGZSemNFSVowYnljSUZnN2cvSFBON1FXSVo2N2JIenJiNmVoZWJ6RjlWaW56RFpYQwprZktXZFVKYmtOU3VXS1dycDJYNjJmN29HaGRxSzB5RmMrRGxvK09wSURnUWlXQ3BCZktKbzhjUFdzaUFtTnVUCnhXVmFnVTVmYUkxaDd4dnZPVk15YldlOTJuaXZmcUxPdUV4Nld2WC9Vb0lhd1JIVjJWbVBHRmdab2NNNUcwWDYKYlVWRXBxeEFhM3FPSWxScjBwb0IrUkEwUEE4NmhScFJZYWwvT3I5M0Q4QmZRSDVsOHpWOVFjdlBlL0tlSlNwSgpIZ0dXbUVzNTkzTHROdUExUnYxaURwdXUxMHk3QzJGZU1CdmNVcFJrUjdXQWo3dklZVnRRSUxYQ2gxRmhmTjFiCkhnNnhMVlR5c2hsZ1VuN0FSUUpZb0ozdG9nZEdhbURSbG5LVTJyWE45ajg4VHc2ZkFkY0N2V2JXVnRqeThwTmoKV0xrVkpNbEZXZGZPNi81TEF2YTFIeFJPTWhGeDdRT1BoT3plbWV0Q3RUMmZJNEZUQWs5VnlmOXdUVVFPTDhzcQpLNzN0MUE0MTlsWVM4V3VVQ3pIRHhMdWpMaVR1d29JVWd6TU4vYnFNRVpyb2dQTFkyS2o0dm1aTVo0Z1UyUFU3Cll3K1hmYW5nMysveUsxZ1lORWVicGR2UGk4U1ZVQW51cy9DZm1kd2RuOU8vbmFXaUJwamMwNkdKdk1iZWdqeHcKb1BCTTVjMFNrQ1I1eENheWdaTDJPQnBSTUtnZGZyazRrMHBqNVpVbSttdHJPR29qdFJaSkVaUUNCcFZQazF5RAozTDQvWjRBWm9mT284ZFNrVVIreEpOMG9LbklkZm5kdkJ4TkY0c3hZNEl3T3ZGUnJBZ01CQUFHaktUQW5NQWtHCkExVWRFd1FDTUFBd0N3WURWUjBQQkFRREFnV2dNQTBHQnlvb0FBb0JCd0VFQWdVQU1BMEdDU3FHU0liM0RRRUIKQ3dVQUE0SUNBUUJjRUQ3dEU4cW1Bd0ZCZGh5b3oxRDh5b2RFWm1tZFhad2tzQS9rSStvKzV3UXM2WS9xdnc3agorZUJ2bGN0eVhDWFdoMWVGZWIvRmFpQTVDcG9hazhOYy9vWTdUL3lCajVnZktIbE5xVlQxb3dhQmtIc0VZTUJ2CmFVWHh5RENibkZNem5KZmt4amJ2RmJRZGQxaGNlSmh0OER4K2lrcEI2TUpIcUhJRXJ5MFdXZ2YzSmRONVBFcnIKQVRuZGpCRTRCYVRaMnE2c0N2K1NkSzYwTWswbVlBNmw2blNDOWVCOEc5QzRiQTFjUUVPdTYrRlBtRnpTa2lJRgp0ZW1BMXRqUW5oeEtaWmlnenhJTjNFUUFucS8yM2pmK0NreEF0NUdrcFVqcUY1YnFLSTFuZXJKT2duNEptNWo2CnNQWkdwR2xsekhMQmF5YmZZNjNBejRzRVJDMjhPbHFGdzF2eFFzNGhXSVdOV0VBTUYzT3o0K3BZZzRPSUloNUMKTnIxYXFKZ3NzV2ZPWnJYMktTejJ2cXJab1U2N3pxODRNUWNKVFNtZ0tWQmI5T25yQzV0WW41WVZVbHlkUFBqcgpVbTBpSGxXQzBNRmlJZ1N6eDZUaTJIblBnYzBVSHNBNklwU1RvK1V1ZllZTkRpRkNzc1JidTRyMC9TeXE0TVAzCmdoWVhkUDlUajBGSVN6MlR2TTZZUWZ6SGVqOTRiWmNWTnduRjRwV0VuR1p0QmJOVnZKUnc5aUpISGtEV0xpWU0KMUI3M3pzNytwQThZZ0txRXhESFhjMVNob3U1SHZTdVRYU21hVE1VSHJDa2hvdEhmcHFZaHJKaUFtSitPZnROdgo2b3hNUGZOaFpnMDFlT290bTFKK1dWMm1KYmdjUFROU0MxT05jU0ZkUTV2WlpMTDI0SjJIY3c9PTwvZHNpZzpYNTA5Q2VydGlmaWNhdGU+PC9kc2lnOlg1MDlEYXRhPjwvZHNpZzpLZXlJbmZvPjxkc2lnOk9iamVjdD48ZHNpZzpNYW5pZmVzdCBJZD0ibWFuaWZlc3QiPjxkc2lnOlJlZmVyZW5jZSBVUkk9IiI+PGRzaWc6VHJhbnNmb3Jtcz48ZHNpZzpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy9UUi8xOTk5L1JFQy14cGF0aC0xOTk5MTExNiI+PGRzaWc6WFBhdGggeG1sbnM6ZHNpZz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+bm90KGFuY2VzdG9yLW9yLXNlbGY6OmRzaWc6U2lnbmF0dXJlKTwvZHNpZzpYUGF0aD48L2RzaWc6VHJhbnNmb3JtPjwvZHNpZzpUcmFuc2Zvcm1zPjxkc2lnOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzaWc6RGlnZXN0VmFsdWU+QXN4VHprWmRBWUM0U0s1cTh5c0pLVDd5ZHVRPTwvZHNpZzpEaWdlc3RWYWx1ZT48L2RzaWc6UmVmZXJlbmNlPjwvZHNpZzpNYW5pZmVzdD48L2RzaWc6T2JqZWN0PjwvZHNpZzpTaWduYXR1cmU+PC9zYW1sOkFzc2VydGlvbj4="; + + @Test + public void dummyTest() throws Exception { + + + } + + + + @Test + public void buildAuthDataWithIDLOnly_2_without_flag() throws Exception { + buildAuthDataWithIDLOnly_2(null, "XXXŐz'gür", "XXXTüzekçi"); + System.out.println("IDPParser and AuthDataBuilder without escape config --> Successfull"); + + } + + + @Test + public void buildAuthDataWithIDLOnly_2_with_flag_true() throws Exception { + buildAuthDataWithIDLOnly_2(true, "XXXŐz'gür", "XXXTüzekçi"); + System.out.println("IDPParser and AuthDataBuilder with escape config 'true' --> Successfull"); + + } + + @Test + public void buildAuthDataWithIDLOnly_2_with_flag_false() throws Exception { + buildAuthDataWithIDLOnly_2(false, "XXXŐz'gür", "XXXTüzekçi"); + System.out.println("IDPParser and AuthDataBuilder with escape config 'false' --> Successfull"); + + } + + private void buildAuthDataWithIDLOnly_2(Boolean idlEscaptionFlag, String givenName, String familyName) throws Exception { + IAuthData authData = null; + + try { + authConfig.setIsIDLEscapingEnabled(idlEscaptionFlag); + + TestRequestImpl pendingReq = new TestRequestImpl(); + Map spConfigMap = new HashMap(); + spConfigMap.put("target", "urn:publicid:gv.at:cdid+ZP-MH"); + + DummySPConfiguration spConfig = new DummySPConfiguration(spConfigMap , authConfig); + pendingReq.setSpConfig(spConfig); + + HashMap sessionStore = new HashMap(); + AuthProcessDataWrapper wrapper = new AuthProcessDataWrapper(sessionStore); + wrapper.setIdentityLink(new SimpleIdentityLinkAssertionParser(new ByteArrayInputStream(Base64Utils.decode(DUMMY_IDL_2.getBytes()))).parseIdentityLink()); + pendingReq.setRawDataToTransaction(sessionStore); + + authData = authBuilder.buildAuthenticationData(pendingReq); + + } catch (Exception e) { + e.printStackTrace(); + throw e; + + } + + if (authData == null) + throw new Exception("AuthenticationData is 'null'"); + + if (!authData.getFamilyName().equals(familyName)) + throw new Exception("Familyname wrong"); + + if (!authData.getGivenName().equals(givenName)) + throw new Exception("GivenName wrong"); + + if (!authData.getFormatedDateOfBirth().equals("1973-06-04")) + throw new Exception("DateOfBirth wrong"); + + + if (!authData.getIdentificationValue().equals("RUxHQVRlc3RQQjBYWFjFkHpnw7xyX1hYWFTDvHpla8OnaQ==")) + throw new Exception("baseId wrong"); + + if (!authData.getIdentificationType().equals("urn:publicid:gv.at:baseid")) + throw new Exception("baseIdType wrong"); + + } + +} diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/TestAuthenticationDataBuilder.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/TestAuthenticationDataBuilder.java new file mode 100644 index 00000000..834c2d6e --- /dev/null +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/auth/TestAuthenticationDataBuilder.java @@ -0,0 +1,45 @@ +package at.gv.egiz.eaaf.core.impl.idp.auth; + +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.api.idp.auth.data.IAuthProcessDataContainer; +import at.gv.egiz.eaaf.core.exceptions.EAAFAuthenticationException; +import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException; +import at.gv.egiz.eaaf.core.impl.data.Pair; +import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData; +import at.gv.egiz.eaaf.core.impl.idp.auth.builder.AbstractAuthenticationDataBuilder; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; + +public class TestAuthenticationDataBuilder extends AbstractAuthenticationDataBuilder { + + @Override + public IAuthData buildAuthenticationData(IRequest pendingReq) throws EAAFAuthenticationException { + + AuthenticationData authData = new AuthenticationData(); + try { + generateBasicAuthData(authData, pendingReq, pendingReq.getSessionData(AuthProcessDataWrapper.class)); + + } catch (Exception e) { + e.printStackTrace(); + throw new EAAFAuthenticationException("AuthDataGeneration FAILED", null, e); + + } + return authData; + } + + @Override + protected Pair getEncryptedbPKFromPVPAttribute(IAuthProcessDataContainer authProcessDataContainer, + AuthenticationData authData, ISPConfiguration spConfig) throws EAAFBuilderException { + // TODO Auto-generated method stub + return null; + } + + @Override + protected Pair getbaseIDFromSZR(AuthenticationData authData, String notValidbPK, + String notValidbPKType) { + // TODO Auto-generated method stub + return null; + } + +} diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java new file mode 100644 index 00000000..cae22fc4 --- /dev/null +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummyConfiguration.java @@ -0,0 +1,90 @@ +package at.gv.egiz.eaaf.core.impl.idp.module.test; + +import java.net.URI; +import java.net.URL; +import java.util.Map; +import java.util.Properties; + +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; +import at.gv.egiz.eaaf.core.impl.idp.auth.builder.AbstractAuthenticationDataBuilder; + +public class DummyConfiguration implements IConfiguration { + + private Boolean isIDLEscapingEnabled = null; + + @Override + public String getBasicConfiguration(String key) { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getBasicConfiguration(String key, String defaultValue) { + // TODO Auto-generated method stub + return null; + } + + @Override + public Map getBasicMOAIDConfigurationWithPrefix(String prefix) { + // TODO Auto-generated method stub + return null; + } + + @Override + public boolean getBasicMOAIDConfigurationBoolean(String key, boolean defaultValue) { + if (AbstractAuthenticationDataBuilder.CONFIG_PROP_ENABLE_IDL_ATTRIBUTE_ESCAPEING.equals(key)) { + if (isIDLEscapingEnabled == null) + return defaultValue; + else + return isIDLEscapingEnabled; + + } + + + return false; + } + + @Override + public ISPConfiguration getServiceProviderConfiguration(String uniqueID) throws EAAFConfigurationException { + // TODO Auto-generated method stub + return null; + } + + @Override + public T getServiceProviderConfiguration(String spIdentifier, Class decorator) + throws EAAFConfigurationException { + // TODO Auto-generated method stub + return null; + } + + @Override + public Properties getFullConfigurationProperties() { + // TODO Auto-generated method stub + return null; + } + + @Override + public URI getConfigurationRootDirectory() { + // TODO Auto-generated method stub + return null; + } + + @Override + public URI getConfigurationFilePath() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String validateIDPURL(URL authReqUrl) throws EAAFException { + // TODO Auto-generated method stub + return null; + } + + public void setIsIDLEscapingEnabled(Boolean isIDLEscapingEnabled) { + this.isIDLEscapingEnabled = isIDLEscapingEnabled; + } +} diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummySPConfiguration.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummySPConfiguration.java new file mode 100644 index 00000000..f51c95ab --- /dev/null +++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/DummySPConfiguration.java @@ -0,0 +1,21 @@ +package at.gv.egiz.eaaf.core.impl.idp.module.test; + +import java.util.Map; + +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.conf.SPConfigurationImpl; + +public class DummySPConfiguration extends SPConfigurationImpl { + + public DummySPConfiguration(Map spConfig, IConfiguration authConfig) { + super(spConfig, authConfig); + + } + + @Override + public String getAreaSpecificTargetIdentifier() { + return getConfigurationValue("target"); + + } + +} diff --git a/eaaf_core/src/test/resources/SpringTest-context_eaaf_core.xml b/eaaf_core/src/test/resources/SpringTest-context_eaaf_core.xml new file mode 100644 index 00000000..523e9fc7 --- /dev/null +++ b/eaaf_core/src/test/resources/SpringTest-context_eaaf_core.xml @@ -0,0 +1,20 @@ + + + + + + + + + + -- cgit v1.2.3