Merge branch 'feature/requesterId_and_lu' into 'nightlybuild'

Feature/requester id and lu See merge request egiz/eidas_at_proxy!10
author: Thomas Lenz <thomas.lenz@egiz.gv.at> 2021-03-12 09:34:28 +0100
committer: Thomas Lenz <thomas.lenz@egiz.gv.at> 2021-03-12 09:34:28 +0100
commit: f1aa50e7284b982c8ffa48a1783bdb5600efa3d7 (patch)
tree: 1eacaf9063fde65ecabf612f8a839254a6cbda99 /connector/src/test
parent: 285dc40bf344433514c10c4bfad7cbd864550311 (diff)
parent: ddf39a5b497925204be868a77bcb746277bb2c8b (diff)
download: National_eIDAS_Gateway-f1aa50e7284b982c8ffa48a1783bdb5600efa3d7.tar.gz
National_eIDAS_Gateway-f1aa50e7284b982c8ffa48a1783bdb5600efa3d7.tar.bz2
National_eIDAS_Gateway-f1aa50e7284b982c8ffa48a1783bdb5600efa3d7.zip
9 files changed, 62 insertions, 9 deletions
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
index 77037415..f50829c7 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
@@ -6,6 +6,7 @@ import static org.powermock.api.mockito.PowerMockito.when;
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.UnsupportedEncodingException;
+import java.lang.reflect.Field;
 import java.net.URISyntaxException;
 import java.util.Map;
 import java.util.Timer;
@@ -61,6 +62,7 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
 import at.gv.egiz.components.spring.api.SpringBootApplicationContextInitializer;
 import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
 import at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController;
 import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
@@ -71,6 +73,7 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.OpenSaml3ResourceAdapter;
 import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
 import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
 import at.gv.egiz.eaaf.modules.pvp2.sp.impl.utils.AssertionAttributeExtractor;
+import eu.eidas.auth.cache.IgniteInstanceInitializerSpecificCommunication;
 import eu.eidas.auth.commons.attribute.AttributeDefinition;
 import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
 import eu.eidas.auth.commons.light.ILightRequest;
@@ -97,7 +100,7 @@ import szrservices.SignContentResponseType;
 @ActiveProfiles(profiles = {"JUNIT", "jUnitTestMode"})
 public class FullStartUpAndProcessTest {
 
-  private static final String FINAL_REDIRECT = "http://localhost/finalizeAuthProtocol?pendingid=";
+  private static final String FINAL_REDIRECT = "http://localhost/public/secure/finalizeAuthProtocol?pendingid=";
   
   @Autowired private WebApplicationContext wac;
   @Autowired private PvpEndPointCredentialProvider credentialProvider;
@@ -151,13 +154,19 @@ public class FullStartUpAndProcessTest {
   /**
    * Test shut-down.
    *
-   * @throws IOException In case of an error
+   * @throws Exception In case of an error
    */
   @AfterClass
-  public static void closeIgniteNode() throws IOException {
+  public static void closeIgniteNode() throws Exception {
     System.out.println("Closiong Ignite Node ... ");
     Ignition.stopAll(true);
 
+    
+    //set Ignite-node holder to 'null' because static holders are shared between different tests
+    final Field field = IgniteInstanceInitializerSpecificCommunication.class.getDeclaredField("instance");
+    field.setAccessible(true);
+    field.set(null, null);
+    
   }
 
   /**
@@ -371,7 +380,7 @@ public class FullStartUpAndProcessTest {
     Assert.assertEquals("SAML2 status", Constants.SUCCESS_URI, saml2.getStatus().getStatusCode().getValue());
     
     final AssertionAttributeExtractor extractor = new AssertionAttributeExtractor(saml2);
-    Assert.assertEquals("wrong resp attr. size", 6, extractor.getAllIncludeAttributeNames().size());
+    Assert.assertEquals("wrong resp attr. size", 7, extractor.getAllIncludeAttributeNames().size());
     Assert.assertEquals("Wrong attr: LoA ", "http://eidas.europa.eu/LoA/high", 
         extractor.getSingleAttributeValue("urn:oid:1.2.40.0.10.2.1.1.261.108"));
     Assert.assertEquals("Wrong attr: PVP_VERSION ", "2.2", 
@@ -384,6 +393,8 @@ public class FullStartUpAndProcessTest {
         extractor.getSingleAttributeValue("urn:eidgvat:attributes.authblock.signed"));
     Assert.assertNotNull("Wrong attr: piiTras.Id ", 
         extractor.getSingleAttributeValue("urn:eidgvat:attributes.piiTransactionId"));
+    Assert.assertEquals("Wrong attr:EID_STATUS_LEVEL ", "http://eid.gv.at/eID/status/identity",
+        extractor.getSingleAttributeValue(PvpAttributeDefinitions.EID_IDENTITY_STATUS_LEVEL_NAME));
     
   }
 
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java
index 86df55df..708560b2 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java
@@ -22,6 +22,7 @@ import org.junit.runners.BlockJUnit4ClassRunner;
 import at.asitplus.eidas.specific.connector.SpringBootApplicationInitializer;
 import at.gv.egiz.eaaf.core.impl.logging.DummyStatusMessager;
 import at.gv.egiz.eaaf.core.impl.logging.LogMessageProviderFactory;
+import eu.eidas.auth.cache.IgniteInstanceInitializerSpecificCommunication;
 import lombok.extern.slf4j.Slf4j;
 
 @Slf4j
@@ -50,17 +51,22 @@ public class MainClassExecutableModeTest {
 
   /**
    * Initializer.
-   * @throws InterruptedException In case of an error 
+   * @throws Exception In case of an error 
    *
    */
   @AfterClass
-  public static void closeIgniteNode() throws InterruptedException {
+  public static void closeIgniteNode() throws Exception {
     System.out.println("Closing Ignite Node ... ");
     
     log.info("Stopping already running Apache Ignite nodes ... ");
     Ignition.stopAll(true);    
     Thread.sleep(1000);
     
+    //set Ignite-node holder to 'null' because static holders are shared between different tests
+    final Field field = IgniteInstanceInitializerSpecificCommunication.class.getDeclaredField("instance");
+    field.setAccessible(true);
+    field.set(null, null);
+            
   }
   
   /**
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java
index 07ef4968..79d062ae 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java
@@ -22,6 +22,7 @@ import org.junit.runners.BlockJUnit4ClassRunner;
 import at.asitplus.eidas.specific.connector.SpringBootApplicationInitializer;
 import at.gv.egiz.eaaf.core.impl.logging.DummyStatusMessager;
 import at.gv.egiz.eaaf.core.impl.logging.LogMessageProviderFactory;
+import eu.eidas.auth.cache.IgniteInstanceInitializerSpecificCommunication;
 
 @RunWith(BlockJUnit4ClassRunner.class)
 public class MainClassWebAppModeTest {
@@ -68,6 +69,12 @@ public class MainClassWebAppModeTest {
 
     System.clearProperty("eidas.ms.configuration");
     SpringBootApplicationInitializer.exit();
+    
+    
+    //set Ignite-node holder to 'null' because static holders are shared between different tests
+    final Field field1 = IgniteInstanceInitializerSpecificCommunication.class.getDeclaredField("instance");
+    field1.setAccessible(true);
+    field1.set(null, null);
        
   }
   
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java
index d2c4aff2..5b612036 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java
@@ -69,7 +69,7 @@ public class ProcessEngineSignalControllerTest {
     Assert.assertEquals("http StatusCode", 302, httpResp.getStatus());
     Assert.assertNotNull("redirect header", httpResp.getHeaderValue("Location"));
     Assert.assertTrue("wrong redirect header", 
-        httpResp.getHeader("Location").startsWith("http://localhost/errorHandling?errorid="));
+        httpResp.getHeader("Location").startsWith("http://localhost/public/secure/errorHandling?errorid="));
   
   }
   
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
index 5f1c5dcf..52932c8c 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
@@ -11,6 +11,7 @@ import java.util.Map;
 import javax.xml.transform.TransformerException;
 
 import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.RandomUtils;
 import org.junit.Assert;
 import org.junit.Before;
 import org.junit.BeforeClass;
@@ -35,6 +36,7 @@ import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
 import at.gv.egiz.eaaf.core.api.data.EaafConstants;
 import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions;
 import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions.EidIdentityStatusLevelValues;
 import at.gv.egiz.eaaf.core.api.idp.IAuthData;
 import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
@@ -42,8 +44,10 @@ import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException;
 import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException;
 import at.gv.egiz.eaaf.core.exceptions.EaafParserException;
 import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
-import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder;
+import at.gv.egiz.eaaf.core.impl.builder.BpkBuilder;
+import at.gv.egiz.eaaf.core.impl.idp.EidAuthenticationData;
 import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper;
 import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
 import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
 import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
@@ -118,8 +122,10 @@ public class AuthenticationDataBuilderTest {
   @Test
   public void eidMode() throws EaafAuthenticationException {
     // initialize state
+    boolean isTestIdentity = RandomUtils.nextBoolean();
     pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true);
-
+    pendingReq.getSessionData(EidAuthProcessDataWrapper.class).setTestIdentity(isTestIdentity);
+    
     // execute
     IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq);
 
@@ -128,6 +134,9 @@ public class AuthenticationDataBuilderTest {
     Assert.assertNotNull("authBlock null", authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class));
     Assert.assertNotNull("eidasBind null", authData.getGenericData(Constants.EIDAS_BIND, String.class));
     Assert.assertNotNull("LoA null", authData.getEidasQaaLevel());
+    Assert.assertEquals("testIdentity flag", 
+        isTestIdentity ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY, 
+        ((EidAuthenticationData)authData).getEidStatus());
 
     String authBlock = authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class);
     String eidasBind = authData.getGenericData(Constants.EIDAS_BIND, String.class);
@@ -159,6 +168,8 @@ public class AuthenticationDataBuilderTest {
   @Test
   public void moaIdMode() throws EaafAuthenticationException, EaafBuilderException {
     //initialize state
+    boolean isTestIdentity = RandomUtils.nextBoolean();
+    pendingReq.getSessionData(EidAuthProcessDataWrapper.class).setTestIdentity(true);    
     pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(false);
     IIdentityLink idl = buildDummyIdl();
     pendingReq.getSessionData(AuthProcessDataWrapper.class).setIdentityLink(idl);
@@ -173,6 +184,9 @@ public class AuthenticationDataBuilderTest {
     Assert.assertNull("piiTransactionId", 
         authData.getGenericData(ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, String.class));
     
+    Assert.assertEquals("testIdentity flag", 
+        isTestIdentity ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY, 
+        ((EidAuthenticationData)authData).getEidStatus());
     
     Assert.assertNotNull("assertion validTo", authData.getSsoSessionValidTo());
     Assert.assertNotNull("LoA null", authData.getEidasQaaLevel());
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java
index 9aafb4b6..c57515a0 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java
@@ -214,6 +214,11 @@ public class AuthnRequestValidatorTest {
         
     Assert.assertEquals("wrong transactionId", "transId_11223344556677aabbcc", 
         pendingReq.getUniqueTransactionIdentifier());
+   
+    Assert.assertEquals("wrong binding pubkey", "binding_pubKey_1144225247125dsfasfasdf", 
+        pendingReq.getRawData(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME, String.class));
+    
+    
     
   }
   
diff --git a/connector/src/test/resources/data/metadata_valid_without_encryption.xml b/connector/src/test/resources/data/metadata_valid_without_encryption.xml
index b224c336..32b24e91 100644
--- a/connector/src/test/resources/data/metadata_valid_without_encryption.xml
+++ b/connector/src/test/resources/data/metadata_valid_without_encryption.xml
@@ -71,6 +71,7 @@ ANsmjI2azWiTSFjb7Ou5fnCfbeiJUP0s66m8qS4rYl9L</ds:X509Certificate>
       <md:RequestedAttribute FriendlyName="userAuthBlock" Name="urn:eidgvat:attributes.authblock.signed" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/>
       <md:RequestedAttribute FriendlyName="eidBind" Name="urn:eidgvat:attributes.eidbind" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/>
       <md:RequestedAttribute FriendlyName="piiTransactionId" Name="urn:eidgvat:attributes.piiTransactionId" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/>
+      <md:RequestedAttribute FriendlyName="EID-IDENTITY-STATUS-LEVEL" Name="urn:oid:1.2.40.0.10.2.1.1.261.109" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/>
     </md:AttributeConsumingService>
   </md:SPSSODescriptor>
   <md:Organization>
diff --git a/connector/src/test/resources/data/pvp2_authn_3.xml b/connector/src/test/resources/data/pvp2_authn_3.xml
index 35e49b0f..5352c441 100644
--- a/connector/src/test/resources/data/pvp2_authn_3.xml
+++ b/connector/src/test/resources/data/pvp2_authn_3.xml
@@ -31,6 +31,9 @@
       <eid:RequestedAttribute FriendlyName="transactionId" Name="urn:eidgvat:attributes.transactionId" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
         <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">transId_11223344556677aabbcc</eid:AttributeValue>
       </eid:RequestedAttribute>
+      <eid:RequestedAttribute FriendlyName="Binding-PublicKey" Name="urn:eidgvat:attributes.binding.pubkey" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
+        <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">binding_pubKey_1144225247125dsfasfasdf</eid:AttributeValue>
+      </eid:RequestedAttribute>
     </eid:RequestedAttributes>
   </saml2p:Extensions>
   <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/>
diff --git a/connector/src/test/resources/spring/SpringTest_connector.beans.xml b/connector/src/test/resources/spring/SpringTest_connector.beans.xml
index ba385cb9..83acf445 100644
--- a/connector/src/test/resources/spring/SpringTest_connector.beans.xml
+++ b/connector/src/test/resources/spring/SpringTest_connector.beans.xml
@@ -41,6 +41,9 @@
     <property name="pvpIdpCredentials">
       <ref bean="PVPEndPointCredentialProvider" />
     </property>
+    <property name="metadataProvider">
+      <ref bean="PVPMetadataProvider" />
+    </property>       
   </bean>
 
   <bean id="AuthnRequestValidator"
@@ -61,6 +64,9 @@
     <property name="pvpIdpCredentials">
       <ref bean="PVPEndPointCredentialProvider" />
     </property>
+    <property name="metadataProvider">
+      <ref bean="PVPMetadataProvider" />
+    </property>     
   </bean>
 
   <bean id="eaafProtocolAuthenticationService"
author	Thomas Lenz <thomas.lenz@egiz.gv.at>	2021-03-12 09:34:28 +0100
committer	Thomas Lenz <thomas.lenz@egiz.gv.at>	2021-03-12 09:34:28 +0100
commit	f1aa50e7284b982c8ffa48a1783bdb5600efa3d7 (patch)
tree	1eacaf9063fde65ecabf612f8a839254a6cbda99 /connector/src/test
parent	285dc40bf344433514c10c4bfad7cbd864550311 (diff)
parent	ddf39a5b497925204be868a77bcb746277bb2c8b (diff)
download	National_eIDAS_Gateway-f1aa50e7284b982c8ffa48a1783bdb5600efa3d7.tar.gz National_eIDAS_Gateway-f1aa50e7284b982c8ffa48a1783bdb5600efa3d7.tar.bz2 National_eIDAS_Gateway-f1aa50e7284b982c8ffa48a1783bdb5600efa3d7.zip