aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas <>2022-01-10 16:55:19 +0100
committerThomas <>2022-03-03 16:31:57 +0100
commitd36b616fb95f5ce3e425ca367447bab9bd91618a (patch)
treee05e69b84417b6c57ac278a696a2b1e624952bef
parent6fe2e9ab4defb4b200fbacdb5bd346b16a3e3037 (diff)
downloadNational_eIDAS_Gateway-d36b616fb95f5ce3e425ca367447bab9bd91618a.tar.gz
National_eIDAS_Gateway-d36b616fb95f5ce3e425ca367447bab9bd91618a.tar.bz2
National_eIDAS_Gateway-d36b616fb95f5ce3e425ca367447bab9bd91618a.zip
refactor(SAML2): change SAML2 implementation to openSAML4.x API
-rw-r--r--eidas_modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/ReceiveFromIdAustriaSystemTask.java2
-rw-r--r--eidas_modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java2
-rw-r--r--eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/controller/IdAustriaAuthMetadataControllerFirstTest.java11
-rw-r--r--eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/ReceiveAuthnResponseTaskTest.java6
-rw-r--r--eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/RequestIdAustriaSystemTaskTest.java6
-rw-r--r--eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/utils/IdAustriaAuthMetadataProviderFirstTest.java5
-rw-r--r--eidas_modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java2
7 files changed, 22 insertions, 12 deletions
diff --git a/eidas_modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/ReceiveFromIdAustriaSystemTask.java b/eidas_modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/ReceiveFromIdAustriaSystemTask.java
index f044c259..bd735a9d 100644
--- a/eidas_modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/ReceiveFromIdAustriaSystemTask.java
+++ b/eidas_modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/ReceiveFromIdAustriaSystemTask.java
@@ -368,7 +368,7 @@ public class ReceiveFromIdAustriaSystemTask extends AbstractAuthServletTask {
new Object[] { IdAustriaAuthConstants.MODULE_NAME_FOR_LOGGING,
samlResp.getIssuer().getValue(),
samlResp.getStatus().getStatusCode().getValue(),
- samlResp.getStatus().getStatusMessage().getMessage() });
+ samlResp.getStatus().getStatusMessage().getValue() });
}
diff --git a/eidas_modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java b/eidas_modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java
index 282b452b..797e4063 100644
--- a/eidas_modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java
+++ b/eidas_modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java
@@ -38,7 +38,7 @@ import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AuthnRequestBuildException;
import at.gv.egiz.eaaf.modules.pvp2.sp.impl.PvpAuthnRequestBuilder;
import lombok.extern.slf4j.Slf4j;
import net.shibboleth.utilities.java.support.resolver.ResolverException;
-import net.shibboleth.utilities.java.support.security.SecureRandomIdentifierGenerationStrategy;
+import net.shibboleth.utilities.java.support.security.impl.SecureRandomIdentifierGenerationStrategy;
/**
* eIDAS Authentication task that generates PVP2 S-Profile request to central
diff --git a/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/controller/IdAustriaAuthMetadataControllerFirstTest.java b/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/controller/IdAustriaAuthMetadataControllerFirstTest.java
index d2a2556b..b8d8bd83 100644
--- a/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/controller/IdAustriaAuthMetadataControllerFirstTest.java
+++ b/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/controller/IdAustriaAuthMetadataControllerFirstTest.java
@@ -18,6 +18,7 @@ import org.opensaml.core.xml.io.UnmarshallingException;
import org.opensaml.core.xml.util.XMLObjectSupport;
import org.opensaml.saml.common.xml.SAMLConstants;
import org.opensaml.saml.metadata.resolver.filter.FilterException;
+import org.opensaml.saml.metadata.resolver.filter.MetadataFilterContext;
import org.opensaml.saml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml.saml2.metadata.SPSSODescriptor;
import org.opensaml.security.x509.BasicX509Credential;
@@ -137,15 +138,17 @@ public class IdAustriaAuthMetadataControllerFirstTest {
"http://localhost/authhandler" + IdAustriaAuthConstants.ENDPOINT_METADATA,
metadata.getEntityID());
+ MetadataFilterContext filterContext = new MetadataFilterContext();
+
//check XML scheme
final SchemaValidationFilter schemaFilter = new SchemaValidationFilter();
- schemaFilter.filter(metadata);
+ schemaFilter.filter(metadata, filterContext);
//check signature
final SimpleMetadataSignatureVerificationFilter sigFilter =
new SimpleMetadataSignatureVerificationFilter(credProvider.getKeyStore().getFirst(),
metadata.getEntityID());
- sigFilter.filter(metadata);
+ sigFilter.filter(metadata, filterContext);
//check content
final SPSSODescriptor spSsoDesc = metadata.getSPSSODescriptor(SAMLConstants.SAML20P_NS);
@@ -163,12 +166,12 @@ public class IdAustriaAuthMetadataControllerFirstTest {
Assert.assertFalse("NameIDFormats",
spSsoDesc.getNameIDFormats().isEmpty());
Assert.assertEquals("wrong NameIDFormats", "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
- spSsoDesc.getNameIDFormats().get(0).getFormat());
+ spSsoDesc.getNameIDFormats().get(0).getURI());
Assert.assertFalse("AttributeConsumingServices",
spSsoDesc.getAttributeConsumingServices().isEmpty());
Assert.assertEquals("#RequestAttributes", numberOfRequestedAttributes,
- spSsoDesc.getAttributeConsumingServices().get(0).getRequestAttributes().size());
+ spSsoDesc.getAttributeConsumingServices().get(0).getRequestedAttributes().size());
}
diff --git a/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/ReceiveAuthnResponseTaskTest.java b/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/ReceiveAuthnResponseTaskTest.java
index b3a5130f..25525c0d 100644
--- a/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/ReceiveAuthnResponseTaskTest.java
+++ b/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/ReceiveAuthnResponseTaskTest.java
@@ -6,6 +6,7 @@ import static org.junit.Assert.assertThrows;
import static org.junit.Assert.assertTrue;
import java.io.IOException;
+import java.time.Instant;
import java.util.Arrays;
import java.util.Base64;
import java.util.HashMap;
@@ -15,7 +16,6 @@ import javax.xml.transform.TransformerException;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.RandomStringUtils;
-import org.joda.time.DateTime;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
@@ -777,13 +777,13 @@ public class ReceiveAuthnResponseTaskTest {
final Response response = (Response) XMLObjectSupport.unmarshallFromInputStream(
XMLObjectProviderRegistrySupport.getParserPool(),
ReceiveAuthnResponseTaskTest.class.getResourceAsStream(responsePath));
- response.setIssueInstant(DateTime.now());
+ response.setIssueInstant(Instant.now());
final Issuer issuer = Saml2Utils.createSamlObject(Issuer.class);
issuer.setValue(idpEntityId);
response.setIssuer(issuer);
if (validConditions) {
- response.getAssertions().get(0).getConditions().setNotOnOrAfter(DateTime.now().plusMinutes(5));
+ response.getAssertions().get(0).getConditions().setNotOnOrAfter(Instant.now().plusSeconds(5*60));
}
diff --git a/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/RequestIdAustriaSystemTaskTest.java b/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/RequestIdAustriaSystemTaskTest.java
index 92aece46..abdc7462 100644
--- a/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/RequestIdAustriaSystemTaskTest.java
+++ b/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/RequestIdAustriaSystemTaskTest.java
@@ -444,6 +444,12 @@ public class RequestIdAustriaSystemTaskTest {
return null;
}
+
+ @Override
+ public boolean isWriteAsynch() {
+ return false;
+
+ }
};
}
}
diff --git a/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/utils/IdAustriaAuthMetadataProviderFirstTest.java b/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/utils/IdAustriaAuthMetadataProviderFirstTest.java
index fa0d95a6..ef1b7cf1 100644
--- a/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/utils/IdAustriaAuthMetadataProviderFirstTest.java
+++ b/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/utils/IdAustriaAuthMetadataProviderFirstTest.java
@@ -1,9 +1,10 @@
package at.asitplus.eidas.specific.modules.auth.idaustria.test.utils;
import java.io.IOException;
+import java.time.Instant;
+import java.time.temporal.ChronoUnit;
import org.apache.commons.lang3.RandomStringUtils;
-import org.joda.time.DateTime;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
@@ -213,7 +214,7 @@ public class IdAustriaAuthMetadataProviderFirstTest {
final EntityDescriptor metadata = (EntityDescriptor) XMLObjectSupport.unmarshallFromInputStream(
XMLObjectProviderRegistrySupport.getParserPool(),
IdAustriaAuthMetadataProviderFirstTest.class.getResourceAsStream("/data/idp_metadata_no_sig.xml"));
- metadata.setValidUntil(DateTime.now().plusDays(1));
+ metadata.setValidUntil(Instant.now().plus(1, ChronoUnit.DAYS));
metadata.setSignature(null);
metadata.setEntityID(dynEntityId);
Saml2Utils.signSamlObject(metadata, credentialProvider.getMetaDataSigningCredential(), true);
diff --git a/eidas_modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java b/eidas_modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java
index bea8db98..d3a4881d 100644
--- a/eidas_modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java
+++ b/eidas_modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java
@@ -140,7 +140,7 @@ public class EidasProxyServiceControllerTest {
assertTrue("wrong redirect URL", httpResp.getHeader("Location").startsWith("http://eidas.proxy/endpoint?token="));
String token = httpResp.getHeader("Location").substring("http://eidas.proxy/endpoint?token=".length());
- ILightResponse resp = springManagedSpecificConnectorCommunicationService.getAndRemoveResponse(URLDecoder.decode(token),
+ ILightResponse resp = springManagedSpecificConnectorCommunicationService.getAndRemoveResponse(URLDecoder.decode(token, "UTF-8"),
ImmutableSortedSet.copyOf(attrRegistry.getCoreAttributeRegistry().getAttributes()));
assertNotNull("responseId", resp.getId());