From e123bad9e4c49102ef7a4d98396c0e252e2b4759 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Wed, 19 Jan 2022 19:05:58 +0100 Subject: test(core): add extension of 'AuthenticatedEncryptionPendingRequestIdGenerationStrategy' that allows generation of already expired tokens --- ...cryptionPendingRequestIdGenerationStrategy.java | 47 ++++++++++++---------- ...cryptionPendingRequestIdGenerationStrategy.java | 39 ++++++++++++++++++ 2 files changed, 64 insertions(+), 22 deletions(-) create mode 100644 eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/TestAuthenticatedEncryptionPendingRequestIdGenerationStrategy.java (limited to 'eaaf_core_utils/src') diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java index ca1db67d..cbf2be5a 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java @@ -80,31 +80,13 @@ public class AuthenticatedEncryptionPendingRequestIdGenerationStrategy @Override public String generateExternalPendingRequestId() throws EaafException { try { - final String toSign = buildInternalToken(Random.nextLongRandom(), DateTime.now()); - JsonWebEncryption encToken = new JsonWebEncryption(); - encToken.setAlgorithmHeaderValue(selectKeyWrappingAlgorithm(key.getFirst())); - encToken.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_GCM); - encToken.setKey(key.getFirst()); - encToken.setPayload(toSign); - - - - if (key.getSecond() != null) { - final ProviderContext providerCtx = new ProviderContext(); - providerCtx.getSuppliedKeyProviderContext().setSignatureProvider( - key.getSecond().getName()); - encToken.setProviderContext(providerCtx); - - } - - return Base64.getUrlEncoder() - .encodeToString(encToken.getCompactSerialization().getBytes(StandardCharsets.UTF_8)); - + final String toSign = buildInternalToken(Random.nextLongRandom(), DateTime.now()); + return encryptAndEncodeToken(toSign); + } catch (final JoseException e) { throw new EaafException("internal.pendingreqid.02", new Object[] { e.getMessage() }, e); } - } @Override @@ -272,9 +254,30 @@ public class AuthenticatedEncryptionPendingRequestIdGenerationStrategy } - private String buildInternalToken(final String internalPendingReqId, final DateTime now) { + protected String buildInternalToken(final String internalPendingReqId, final DateTime now) { return new StringBuilder().append(TOKEN_TEXTUAL_DATE_FORMAT.print(now)).append(TOKEN_SEPARATOR) .append(internalPendingReqId).toString(); + + } + + protected String encryptAndEncodeToken(String token) throws JoseException { + JsonWebEncryption encToken = new JsonWebEncryption(); + encToken.setAlgorithmHeaderValue(selectKeyWrappingAlgorithm(key.getFirst())); + encToken.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_GCM); + encToken.setKey(key.getFirst()); + encToken.setPayload(token); + + if (key.getSecond() != null) { + final ProviderContext providerCtx = new ProviderContext(); + providerCtx.getSuppliedKeyProviderContext().setSignatureProvider( + key.getSecond().getName()); + encToken.setProviderContext(providerCtx); + + } + + return Base64.getUrlEncoder() + .encodeToString(encToken.getCompactSerialization().getBytes(StandardCharsets.UTF_8)); + } } diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/TestAuthenticatedEncryptionPendingRequestIdGenerationStrategy.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/TestAuthenticatedEncryptionPendingRequestIdGenerationStrategy.java new file mode 100644 index 00000000..0ec9446c --- /dev/null +++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/TestAuthenticatedEncryptionPendingRequestIdGenerationStrategy.java @@ -0,0 +1,39 @@ +package at.gv.egiz.eaaf.core.test.utils; + +import org.joda.time.DateTime; +import org.jose4j.lang.JoseException; + +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.utils.AuthenticatedEncryptionPendingRequestIdGenerationStrategy; +import at.gv.egiz.eaaf.core.impl.utils.Random; + +/** + * {@link AuthenticatedEncryptionPendingRequestIdGenerationStrategy} with special methodes for software testing. + * + * @author tlenz + * + */ +public class TestAuthenticatedEncryptionPendingRequestIdGenerationStrategy extends + AuthenticatedEncryptionPendingRequestIdGenerationStrategy { + + /** + * Generate a new pendingRequestId with a specific timestamp. + * + *
This method is only for software testing to generate expired pendingRequestId's
+ * + * @param timestamp Timestamp on which this pendingRequestId was generated + * @return pendingRequestId + * @throws EaafException In case of an error + */ + public String generateExternalPendingRequestId(DateTime timestamp) throws EaafException { + try { + final String toSign = buildInternalToken(Random.nextLongRandom(),timestamp); + return encryptAndEncodeToken(toSign); + + } catch (final JoseException e) { + throw new EaafException("internal.pendingreqid.02", new Object[] { e.getMessage() }, e); + + } + } + +} -- cgit v1.2.3