Merge branch 'connector_update_SZRv4' into 'nightlybuild'

Integration of E-ID functionality

See merge request egiz/eidas_at_proxy!1

4 files changed, 339 insertions, 9 deletions

diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthenticationDataBuilderTest.java
new file mode 100644
index 00000000..1721fe61
--- /dev/null
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthenticationDataBuilderTest.java
@@ -0,0 +1,107 @@
+package at.asitplus.eidas.specific.connector.test;
+
+
+import at.asitplus.eidas.specific.connector.builder.AuthenticationDataBuilder;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
+import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.opensaml.core.config.InitializationException;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.i18n.LocaleContextHolder;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.context.web.WebAppConfiguration;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({"/applicationContext.xml", "/SpringTest_connector.beans.xml", "/eaaf_core.beans.xml", "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml"})
+@WebAppConfiguration
+public class AuthenticationDataBuilderTest {
+
+  @Autowired
+  private AuthenticationDataBuilder authenticationDataBuilder;
+
+  @Autowired(required = true)
+  private IConfiguration basicConfig;
+
+  private MockHttpServletRequest httpReq;
+  private MockHttpServletResponse httpResp;
+  private TestRequestImpl pendingReq;
+
+  private DummySpConfiguration oaParam;
+
+  private String eidasBind;
+  private String authBlock;
+
+
+  @BeforeClass
+  public static void classInitializer() throws InitializationException, ComponentInitializationException {
+    final String current = new java.io.File(".").toURI().toString();
+    System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_3.properties");
+
+    EaafOpenSaml3xInitializer.eaafInitialize();
+  }
+
+  @Before
+  public void initialize() throws EaafStorageException {
+    httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector");
+    httpResp = new MockHttpServletResponse();
+    RequestContextHolder.resetRequestAttributes();
+    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+    final Map<String, String> spConfig = new HashMap<>();
+    spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+    spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+    spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true");
+    oaParam = new DummySpConfiguration(spConfig, basicConfig);
+
+    pendingReq = new TestRequestImpl();
+    pendingReq.setAuthUrl("https://localhost/ms_connector");
+    pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+    pendingReq.setSpConfig(oaParam);
+    pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true);
+    authBlock = RandomStringUtils.randomAlphanumeric(20);
+    eidasBind = RandomStringUtils.randomAlphanumeric(20);
+    pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(Constants.SZR_AUTHBLOCK, authBlock);
+    pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(Constants.EIDAS_BIND, eidasBind);
+    LocaleContextHolder.resetLocaleContext();
+  }
+
+  @Test
+  public void first() throws EaafAuthenticationException {
+    IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq);
+
+    Assert.assertNotNull("AuthData null", authData);
+    Assert.assertNotNull("authBlock null", authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class));
+    Assert.assertNotNull("eidasBind null", authData.getGenericData(Constants.EIDAS_BIND, String.class));
+    Assert.assertNotNull("eidasBind null", authData.getEidasQaaLevel());
+    String authBlock = authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class);
+    String eidasBind = authData.getGenericData(Constants.EIDAS_BIND, String.class);
+
+    Assert.assertEquals("authBlock not equal", authBlock, this.authBlock);
+    Assert.assertEquals("eidasBind not equal", eidasBind, this.eidasBind);
+  }
+
+}
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthnRequestValidatorTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthnRequestValidatorTest.java
index e34c8036..389f561e 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthnRequestValidatorTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthnRequestValidatorTest.java
@@ -33,11 +33,14 @@ import org.xml.sax.SAXException;
 import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
 import at.asitplus.eidas.specific.connector.config.ServiceProviderConfiguration;
 import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
 import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
 import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
 import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
 import at.gv.egiz.eaaf.modules.pvp2.api.validation.IAuthnRequestPostProcessor;
+import at.gv.egiz.eaaf.modules.pvp2.idp.impl.PvpSProfilePendingRequest;
 import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
 import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
 
@@ -53,12 +56,12 @@ import net.shibboleth.utilities.java.support.component.ComponentInitializationEx
 @DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
 public class AuthnRequestValidatorTest {
 
-  @Autowired private IConfiguration basicConfig;
+  @Autowired private IConfigurationWithSP basicConfig;
   @Autowired protected IAuthnRequestPostProcessor authRequestValidator;
   
   private MockHttpServletRequest httpReq;
   private MockHttpServletResponse httpResp;
-  private TestRequestImpl pendingReq;
+  private PvpSProfilePendingRequest pendingReq;
   
   /**
    * jUnit class initializer.
@@ -76,10 +79,11 @@ public class AuthnRequestValidatorTest {
   
   /**
    * jUnit test set-up.
+   * @throws EaafException 
    * 
    */
   @Before
-  public void initialize() {
+  public void initialize() throws EaafException {
     httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector");
     httpResp = new MockHttpServletResponse();
     RequestContextHolder.resetRequestAttributes();
@@ -88,10 +92,12 @@ public class AuthnRequestValidatorTest {
     Map<String, String> spConfig = new HashMap<>();
     spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphabetic(10));
     
-    pendingReq = new TestRequestImpl();
-    pendingReq.setAuthUrl("https://localhost/ms_connector");
-    pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
-    pendingReq.setSpConfig(new ServiceProviderConfiguration(spConfig, basicConfig));
+    pendingReq = new PvpSProfilePendingRequest();
+    pendingReq.initialize(httpReq, basicConfig);
+    pendingReq.setPendingRequestId(RandomStringUtils.randomAlphanumeric(10));
+    pendingReq.setOnlineApplicationConfiguration(new ServiceProviderConfiguration(spConfig, basicConfig));    
+    ((RequestImpl)pendingReq).setUniqueTransactionIdentifier(null);
+    
   }
   
   @Test
@@ -128,6 +134,8 @@ public class AuthnRequestValidatorTest {
     Assert.assertEquals("bPK target not match", "urn:publicid:gv.at:cdid+BF", 
         pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier());
         
+    Assert.assertNull("wrong transactionId", pendingReq.getUniqueTransactionIdentifier());
+    
   }
   
   @Test
@@ -164,6 +172,8 @@ public class AuthnRequestValidatorTest {
     Assert.assertEquals("bPK target not match", "urn:publicid:gv.at:cdid+BF", 
         pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier());
         
+    Assert.assertNull("wrong transactionId", pendingReq.getUniqueTransactionIdentifier());
+    
   }
   
   @Test
@@ -200,6 +210,30 @@ public class AuthnRequestValidatorTest {
     Assert.assertEquals("bPK target not match", "urn:publicid:gv.at:cdid+XX", 
         pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier());
         
+    Assert.assertEquals("wrong transactionId", "transId_11223344556677aabbcc", 
+        pendingReq.getUniqueTransactionIdentifier());
+    
+  }
+  
+  @Test
+  public void transactionIdWrongPendingReqType() throws AuthnRequestValidatorException, ParserConfigurationException, 
+      SAXException, IOException, UnmarshallingException {
+    
+    Map<String, String> spConfig = new HashMap<>();
+    spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphabetic(10));
+    
+    TestRequestImpl pendingReqLocal = new TestRequestImpl();
+    pendingReqLocal.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+    pendingReqLocal.setSpConfig(new ServiceProviderConfiguration(spConfig, basicConfig));    
+    
+    AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_3.xml");
+    
+    //test
+    authRequestValidator.process(httpReq, pendingReqLocal, authReq, null);
+        
+    //validate
+    Assert.assertNull("wrong transactionId", pendingReqLocal.getUniqueTransactionIdentifier());
+    
   }
   
   @Test
@@ -214,7 +248,7 @@ public class AuthnRequestValidatorTest {
       
     } catch (AuthnRequestValidatorException e) {
       Assert.assertEquals("Wrong errorCode", "pvp2.22", e.getErrorId());
-      
+            
     }              
   }
   
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/AuthBlockAttributeBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/AuthBlockAttributeBuilderTest.java
new file mode 100644
index 00000000..b7c6cd44
--- /dev/null
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/AuthBlockAttributeBuilderTest.java
@@ -0,0 +1,97 @@
+package at.asitplus.eidas.specific.connector.test.attributes;
+
+import static at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions.EID_AUTHBLOCK_SIGNED_NAME;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.TestName;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.connector.attributes.AuthBlockAttributeBuilder;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
+import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData;
+import at.gv.egiz.eaaf.core.impl.idp.auth.attributes.AbstractAttributeBuilderTest;
+import lombok.extern.slf4j.Slf4j;
+
+@Slf4j
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration("/SpringTest-context_eaaf_core.xml")
+public class AuthBlockAttributeBuilderTest extends AbstractAttributeBuilderTest {
+
+  private final String JSW =
+      "eyJhbGciOiJQUzI1NiIsIng1dCNTMjU2IjoiTjBDZUJRdzlMX1BleEt6SlhVM2w2dkF1aExGb3hkWFlIUjNSX01ubTZnRSJ9.ImF2YWFz" +
+          "YmF2Ig.dpzCcHFlISXyKEZaXgvRj0ja1cenfMuy0VKwK_rmHZLkUCb58V4X5balpQduDTyRfTyFE0zmBjm8_cmDVNOYTIG4NsEtvY" +
+          "qW4ee9JH-VpkU0w5-7HTH81R3JOd9g7XaHGPXYyUuqceZQRmkl1Vw4HSsnIAT3bb0Di0us6zmFkOPmRtbXQAym_ygGFwTVGLskUTm" +
+          "epCxmDQC7OJoIV9oqDavLySP7Ram4NHfi043uF_DmBf6csTjmQu3g2vKJWwlkD8RXDzqksozO8fLDFyVWjA8G1IcvnuHDW1nTTkuG" +
+          "_fBIU6yBZ7kQe9vtjqKiGhGa1zD-F_Lem2zsY7d7dVUvyQ";
+  private final IAttributeBuilder attrBuilde = new AuthBlockAttributeBuilder();
+
+  @Rule
+  public TestName mTestName = new TestName();
+
+  @Before
+  public void init() {
+    log.info("setting up");
+  }
+
+  @Test
+  public void okTest() {
+    log.info("starting: " + mTestName);
+    try {
+      final IAuthData authData = buildAuthData();
+      ((AuthenticationData) authData).setGenericData(Constants.SZR_AUTHBLOCK, JSW);
+
+      final String value = attrBuilde.build(spConfig, authData, gen);
+
+      Assert.assertEquals("Authblock build wrong", JSW, value);
+
+    } catch (final Exception e) {
+      Assert.assertNull("Attr. builder has an exception", e);
+    }
+  }
+
+
+  @Test
+  public void nullTest() {
+    log.info("starting: " + mTestName);
+    try {
+      final IAuthData authData = buildAuthData();
+      ((AuthenticationData) authData).setGenericData(Constants.SZR_AUTHBLOCK, null);
+
+      final String value = attrBuilde.build(spConfig, authData, gen);
+      Assert.fail("Attr. Builder provide no 'UnavailableAttributeException'");
+
+    } catch (final Exception e) {
+      Assert.assertTrue("Attr. builder provide wrong exception",
+                        e instanceof UnavailableAttributeException);
+      Assert.assertEquals("Attr. name in exception does NOT match",
+                          EID_AUTHBLOCK_SIGNED_NAME,
+                          ((UnavailableAttributeException) e).getAttributeName());
+    }
+  }
+
+  @Test
+  public void emptyTest() {
+    log.info("starting: " + mTestName);
+    try {
+      final IAuthData authData = buildAuthData();
+      ((AuthenticationData) authData).setGenericData(Constants.SZR_AUTHBLOCK, "");
+
+      final String value = attrBuilde.build(spConfig, authData, gen);
+      Assert.fail("Attr. Builder provide no 'UnavailableAttributeException'");
+
+    } catch (final Exception e) {
+      Assert.assertTrue("Attr. builder provide wrong exception",
+                        e instanceof UnavailableAttributeException);
+      Assert.assertEquals("Attr. name in exception does NOT match",
+                          EID_AUTHBLOCK_SIGNED_NAME,
+                          ((UnavailableAttributeException) e).getAttributeName());    }
+  }
+}
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/EidasBindAttributeBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/EidasBindAttributeBuilderTest.java
new file mode 100644
index 00000000..254efb59
--- /dev/null
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/EidasBindAttributeBuilderTest.java
@@ -0,0 +1,92 @@
+package at.asitplus.eidas.specific.connector.test.attributes;
+
+import at.asitplus.eidas.specific.connector.attributes.EidasBindAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
+import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData;
+import at.gv.egiz.eaaf.core.impl.idp.auth.attributes.AbstractAttributeBuilderTest;
+import lombok.extern.slf4j.Slf4j;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.TestName;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.EIDAS_BIND;
+
+
+@Slf4j
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration("/SpringTest-context_eaaf_core.xml")
+public class EidasBindAttributeBuilderTest extends AbstractAttributeBuilderTest {
+
+  private final IAttributeBuilder attrBuilde = new EidasBindAttributeBuilder();
+
+  @Rule
+  public TestName mTestName = new TestName();
+
+  @Before
+  public void init() {
+    log.info("setting up");
+  }
+
+  @Test
+  public void okTest() {
+    log.info("starting: " + mTestName);
+    try {
+      final IAuthData authData = buildAuthData();
+      ((AuthenticationData) authData).setGenericData(EIDAS_BIND, "vuG8w29GT0");
+
+      final String value = attrBuilde.build(spConfig, authData, gen);
+
+      Assert.assertEquals("eDIAS bind build wrong", "vuG8w29GT0", value);
+
+    } catch (final Exception e) {
+      Assert.assertNull("Attr. builder has an exception", e);
+    }
+  }
+
+  @Test
+  public void nullTest() {
+    log.info("starting: " + mTestName);
+    try {
+      final IAuthData authData = buildAuthData();
+      ((AuthenticationData) authData).setGenericData(EIDAS_BIND, null);
+
+      final String value = attrBuilde.build(spConfig, authData, gen);
+      Assert.fail("Attr. Builder provide no 'UnavailableAttributeException'");
+
+    } catch (final Exception e) {
+      Assert.assertTrue("Attr. builder provide wrong exception",
+                        e instanceof UnavailableAttributeException);
+      Assert.assertEquals("Attr. name in exception does NOT match",
+                          ExtendedPvpAttributeDefinitions.EID_EIDBIND_NAME,
+                          ((UnavailableAttributeException) e).getAttributeName());
+    }
+  }
+
+  @Test
+  public void emptyTest() {
+    log.info("starting: " + mTestName);
+    try {
+      final IAuthData authData = buildAuthData();
+      ((AuthenticationData) authData).setGenericData(EIDAS_BIND, "");
+
+      final String value = attrBuilde.build(spConfig, authData, gen);
+      Assert.fail("Attr. Builder provide no 'UnavailableAttributeException'");
+
+    } catch (final Exception e) {
+      Assert.assertTrue("Attr. builder provide wrong exception",
+                        e instanceof UnavailableAttributeException);
+      Assert.assertEquals("Attr. name in exception does NOT match",
+                          ExtendedPvpAttributeDefinitions.EID_EIDBIND_NAME,
+                          ((UnavailableAttributeException) e).getAttributeName());    }
+  }
+
+
+}