diff options
| author | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2019-12-11 12:45:58 +0100 | 
|---|---|---|
| committer | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2019-12-11 12:45:58 +0100 | 
| commit | 3734d910935f34427632a36206aa3b6b0822c9bf (patch) | |
| tree | 4a834c00ea143eb331ae633d847e47a051408a17 /connector | |
| parent | 7bdb891ffe9e14e86b23a10579c8d97759ba4830 (diff) | |
| download | National_eIDAS_Gateway-3734d910935f34427632a36206aa3b6b0822c9bf.tar.gz National_eIDAS_Gateway-3734d910935f34427632a36206aa3b6b0822c9bf.tar.bz2 National_eIDAS_Gateway-3734d910935f34427632a36206aa3b6b0822c9bf.zip | |
fix LoA level validation error in AuthnRequestValidator.java
Diffstat (limited to 'connector')
23 files changed, 2146 insertions, 6 deletions
| diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java index 0230521c..87c23dee 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java @@ -103,12 +103,13 @@ public class AuthnRequestValidator implements IAuthnRequestValidator {        if (StringUtils.isEmpty(providerName)) {          log.info("Authn. request contains NO SP friendlyName");        } else { -        pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_PROVIDERNAME, spEntityId); +        pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_PROVIDERNAME, providerName);        }        // post-process requested LoA        final List<String> reqLoA = extractLoA(authnReq); - +      log.trace("SP requests LoA with: {}", String.join(", ",reqLoA)); +              LevelOfAssurance minimumLoAFromConfig = LevelOfAssurance.fromString(basicConfig.getBasicConfiguration(            MsEidasNodeConstants.PROP_EIDAS_REQUEST_LOA_MINIMUM_LEVEL,            EaafConstants.EIDAS_LOA_HIGH)); @@ -118,21 +119,21 @@ public class AuthnRequestValidator implements IAuthnRequestValidator {          minimumLoAFromConfig = LevelOfAssurance.HIGH;        } - +                    log.trace("Validate requested LoA to connector configuration minimum LoA: {} ...", -          minimumLoAFromConfig); +          minimumLoAFromConfig);              final List<String> allowedLoA = new ArrayList<>();        for (final String loa : reqLoA) {          try {            final LevelOfAssurance intLoa = LevelOfAssurance.fromString(loa);            String selectedLoA = EaafConstants.EIDAS_LOA_HIGH;            if (intLoa != null  -              && intLoa.numericValue() >= minimumLoAFromConfig.numericValue()) { +              && intLoa.numericValue() <= minimumLoAFromConfig.numericValue()) {              log.info("Client: {} requested LoA: {} will be upgraded to: {}",                  pendingReq.getServiceProviderConfiguration().getUniqueIdentifier(),                  loa,                  minimumLoAFromConfig); -            selectedLoA = intLoa.getValue(); +            selectedLoA = minimumLoAFromConfig.getValue();            } diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthnRequestValidatorTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthnRequestValidatorTest.java new file mode 100644 index 00000000..56d257b5 --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthnRequestValidatorTest.java @@ -0,0 +1,211 @@ +package at.asitplus.eidas.specific.connector.test; + +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; + +import javax.xml.parsers.ParserConfigurationException; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Assert; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.opensaml.saml2.core.AuthnRequest; +import org.opensaml.xml.ConfigurationException; +import org.opensaml.xml.io.Unmarshaller; +import org.opensaml.xml.io.UnmarshallerFactory; +import org.opensaml.xml.io.UnmarshallingException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.test.context.web.WebAppConfiguration; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; +import org.w3c.dom.Element; +import org.xml.sax.SAXException; + +import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; +import at.asitplus.eidas.specific.connector.config.ServiceProviderConfiguration; +import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.utils.DomUtils; +import at.gv.egiz.eaaf.modules.pvp2.api.validation.IAuthnRequestValidator; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafDefaultSaml2Bootstrap; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ +    "/applicationContext.xml", +    "/specific_eIDAS_connector.beans.xml", +    "/eaaf_core.beans.xml", +    "/eaaf_pvp.beans.xml", +    "/eaaf_pvp_idp.beans.xml", +    "/spring/SpringTest-context_simple_storage.xml" }) +@WebAppConfiguration +public class AuthnRequestValidatorTest { + +  @Autowired private IConfiguration basicConfig; +  @Autowired protected IAuthnRequestValidator authRequestValidator; +   +  private MockHttpServletRequest httpReq; +  private MockHttpServletResponse httpResp; +  private TestRequestImpl pendingReq; +   +  /** +   * jUnit class initializer. +   * @throws ConfigurationException In case of an error +   *  +   */ +  @BeforeClass +  public static void classInitializer() throws ConfigurationException { +    final String current = new java.io.File(".").toURI().toString(); +    System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1.properties"); +     +    EaafDefaultSaml2Bootstrap.bootstrap(); +  } +   +  /** +   * jUnit test set-up. +   *  +   */ +  @Before +  public void initialize() { +    httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); +    httpResp = new MockHttpServletResponse(); +    RequestContextHolder.resetRequestAttributes(); +    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); +     +    Map<String, String> spConfig = new HashMap<>(); +    spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphabetic(10)); +     +    pendingReq = new TestRequestImpl(); +    pendingReq.setAuthUrl("https://localhost/ms_connector"); +    pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); +    pendingReq.setSpConfig(new ServiceProviderConfiguration(spConfig, basicConfig)); +  } +   +  @Test +  public void loaLowRequested() throws AuthnRequestValidatorException, ParserConfigurationException,  +      SAXException, IOException, UnmarshallingException { +    AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_1.xml"); +     +    //test +    authRequestValidator.validate(httpReq, pendingReq, authReq, null); +         +    //validate +    Assert.assertNotNull("spEntityId is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); +    Assert.assertEquals("SP EntityId not match",  +        "https://demo.egiz.gv.at/demoportal-openID_demo",  +        pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); +     +    Assert.assertNotNull("SP ProviderName  is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); +    Assert.assertEquals("SP ProviderName not match",  +        "OpenID Connect Demo",  +        pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); +     +    Assert.assertNotNull("Requested SP LoA is null",  +        pendingReq.getServiceProviderConfiguration().getRequiredLoA()); +    Assert.assertFalse("Requested SP LoA is null",  +        pendingReq.getServiceProviderConfiguration().getRequiredLoA().isEmpty()); +    Assert.assertEquals("SP LoA count not match", 1,  +        pendingReq.getServiceProviderConfiguration().getRequiredLoA().size()); +    Assert.assertEquals("SP LoA  not match",  +        "http://eidas.europa.eu/LoA/substantial",  +        pendingReq.getServiceProviderConfiguration().getRequiredLoA().get(0)); +     +    Assert.assertNotNull("bPK Target is null",  +        pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); +    Assert.assertEquals("bPK target not match", "urn:publicid:gv.at:cdid+BF",  +        pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); +         +  } +   +  @Test +  public void loaSubstentialRequested() throws AuthnRequestValidatorException, ParserConfigurationException,  +      SAXException, IOException, UnmarshallingException { +    AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_2.xml"); +     +    //test +    authRequestValidator.validate(httpReq, pendingReq, authReq, null); +         +    //validate +    Assert.assertNotNull("spEntityId is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); +    Assert.assertEquals("SP EntityId not match",  +        "https://demo.egiz.gv.at/demoportal-openID_demo",  +        pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); +     +    Assert.assertNotNull("SP ProviderName  is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); +    Assert.assertEquals("SP ProviderName not match",  +        "OpenID Connect Demo",  +        pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); +     +    Assert.assertNotNull("Requested SP LoA is null",  +        pendingReq.getServiceProviderConfiguration().getRequiredLoA()); +    Assert.assertFalse("Requested SP LoA is null",  +        pendingReq.getServiceProviderConfiguration().getRequiredLoA().isEmpty()); +    Assert.assertEquals("SP LoA count not match", 1,  +        pendingReq.getServiceProviderConfiguration().getRequiredLoA().size()); +    Assert.assertEquals("SP LoA  not match",  +        "http://eidas.europa.eu/LoA/substantial",  +        pendingReq.getServiceProviderConfiguration().getRequiredLoA().get(0)); +     +    Assert.assertNotNull("bPK Target is null",  +        pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); +    Assert.assertEquals("bPK target not match", "urn:publicid:gv.at:cdid+BF",  +        pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); +         +  } +   +  @Test +  public void loaHighRequested() throws AuthnRequestValidatorException, ParserConfigurationException,  +      SAXException, IOException, UnmarshallingException { +    AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_3.xml"); +     +    //test +    authRequestValidator.validate(httpReq, pendingReq, authReq, null); +         +    //validate +    Assert.assertNotNull("spEntityId is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); +    Assert.assertEquals("SP EntityId not match",  +        "https://demo.egiz.gv.at/demoportal-openID_demo",  +        pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); +     +    Assert.assertNotNull("SP ProviderName  is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); +    Assert.assertEquals("SP ProviderName not match",  +        "OpenID Connect Demo",  +        pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); +     +    Assert.assertNotNull("Requested SP LoA is null",  +        pendingReq.getServiceProviderConfiguration().getRequiredLoA()); +    Assert.assertFalse("Requested SP LoA is null",  +        pendingReq.getServiceProviderConfiguration().getRequiredLoA().isEmpty()); +    Assert.assertEquals("SP LoA count not match", 1,  +        pendingReq.getServiceProviderConfiguration().getRequiredLoA().size()); +    Assert.assertEquals("SP LoA  not match",  +        "http://eidas.europa.eu/LoA/high",  +        pendingReq.getServiceProviderConfiguration().getRequiredLoA().get(0)); +     +    Assert.assertNotNull("bPK Target is null",  +        pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); +    Assert.assertEquals("bPK target not match", "urn:publicid:gv.at:cdid+XX",  +        pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); +         +  } +   +  private AuthnRequest getAuthRequest(String resource) throws  +      ParserConfigurationException, SAXException, IOException, UnmarshallingException { +    final Element authBlockDom = +        DomUtils.parseXmlValidating(AuthnRequestValidatorTest.class.getResourceAsStream(resource)); + +    final UnmarshallerFactory unmarshallerFactory = +        org.opensaml.xml.Configuration.getUnmarshallerFactory(); +    final Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(authBlockDom); +    return (AuthnRequest) unmarshaller.unmarshall(authBlockDom); +     +  } +} diff --git a/connector/src/test/resources/config/eIDAS/additional-attributes.xml b/connector/src/test/resources/config/eIDAS/additional-attributes.xml new file mode 100644 index 00000000..6510546e --- /dev/null +++ b/connector/src/test/resources/config/eIDAS/additional-attributes.xml @@ -0,0 +1,39 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!--  +#   Copyright (c) 2017 European Commission   +#   Licensed under the EUPL, Version 1.2 or – as soon they will be  +#   approved by the European Commission - subsequent versions of the  +#    EUPL (the "Licence");  +#    You may not use this work except in compliance with the Licence.  +#    You may obtain a copy of the Licence at:  +#    * https://joinup.ec.europa.eu/page/eupl-text-11-12   +#    * +#    Unless required by applicable law or agreed to in writing, software  +#    distributed under the Licence is distributed on an "AS IS" basis,  +#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  +#    See the Licence for the specific language governing permissions and limitations under the Licence. + --> + +<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> +<properties> +    <comment>Dynamic attributes</comment> + +    <entry key="1.NameUri">http://eidas.europa.eu/attributes/naturalperson/AdditionalAttribute</entry> +    <entry key="1.FriendlyName">AdditionalAttribute</entry> +    <entry key="1.PersonType">NaturalPerson</entry> +    <entry key="1.Required">false</entry> +    <entry key="1.XmlType.NamespaceUri">http://www.w3.org/2001/XMLSchema</entry> +    <entry key="1.XmlType.LocalPart">string</entry> +    <entry key="1.XmlType.NamespacePrefix">xs</entry> +    <entry key="1.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="2.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalAdditionalAttribute</entry> +    <entry key="2.FriendlyName">LegalAdditionalAttribute</entry> +    <entry key="2.PersonType">LegalPerson</entry> +    <entry key="2.Required">false</entry> +    <entry key="2.XmlType.NamespaceUri">http://www.w3.org/2001/XMLSchema</entry> +    <entry key="2.XmlType.LocalPart">string</entry> +    <entry key="2.XmlType.NamespacePrefix">xs</entry> +    <entry key="2.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +</properties> diff --git a/connector/src/test/resources/config/eIDAS/eidas-attributes.xml b/connector/src/test/resources/config/eIDAS/eidas-attributes.xml new file mode 100644 index 00000000..cbae35db --- /dev/null +++ b/connector/src/test/resources/config/eIDAS/eidas-attributes.xml @@ -0,0 +1,376 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!--  +#   Copyright (c) 2017 European Commission   +#   Licensed under the EUPL, Version 1.2 or – as soon they will be  +#   approved by the European Commission - subsequent versions of the  +#    EUPL (the "Licence");  +#    You may not use this work except in compliance with the Licence.  +#    You may obtain a copy of the Licence at:  +#    * https://joinup.ec.europa.eu/page/eupl-text-11-12   +#    * +#    Unless required by applicable law or agreed to in writing, software  +#    distributed under the Licence is distributed on an "AS IS" basis,  +#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  +#    See the Licence for the specific language governing permissions and limitations under the Licence. + --> + +<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> +<properties> +    <comment>eIDAS attributes</comment> + +    <entry key="1.NameUri">http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</entry> +    <entry key="1.FriendlyName">PersonIdentifier</entry> +    <entry key="1.PersonType">NaturalPerson</entry> +    <entry key="1.Required">true</entry> +    <entry key="1.UniqueIdentifier">true</entry> +    <entry key="1.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> +    <entry key="1.XmlType.LocalPart">PersonIdentifierType</entry> +    <entry key="1.XmlType.NamespacePrefix">eidas-natural</entry> +    <entry key="1.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="2.NameUri">http://eidas.europa.eu/attributes/naturalperson/CurrentFamilyName</entry> +    <entry key="2.FriendlyName">FamilyName</entry> +    <entry key="2.PersonType">NaturalPerson</entry> +    <entry key="2.Required">true</entry> +    <entry key="2.TransliterationMandatory">true</entry> +    <entry key="2.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> +    <entry key="2.XmlType.LocalPart">CurrentFamilyNameType</entry> +    <entry key="2.XmlType.NamespacePrefix">eidas-natural</entry> +    <entry key="2.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="3.NameUri">http://eidas.europa.eu/attributes/naturalperson/CurrentGivenName</entry> +    <entry key="3.FriendlyName">FirstName</entry> +    <entry key="3.PersonType">NaturalPerson</entry> +    <entry key="3.Required">true</entry> +    <entry key="3.TransliterationMandatory">true</entry> +    <entry key="3.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> +    <entry key="3.XmlType.LocalPart">CurrentGivenNameType</entry> +    <entry key="3.XmlType.NamespacePrefix">eidas-natural</entry> +    <entry key="3.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="4.NameUri">http://eidas.europa.eu/attributes/naturalperson/DateOfBirth</entry> +    <entry key="4.FriendlyName">DateOfBirth</entry> +    <entry key="4.PersonType">NaturalPerson</entry> +    <entry key="4.Required">true</entry> +    <entry key="4.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> +    <entry key="4.XmlType.LocalPart">DateOfBirthType</entry> +    <entry key="4.XmlType.NamespacePrefix">eidas-natural</entry> +    <entry key="4.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.DateTimeAttributeValueMarshaller</entry> + +    <entry key="5.NameUri">http://eidas.europa.eu/attributes/naturalperson/BirthName</entry> +    <entry key="5.FriendlyName">BirthName</entry> +    <entry key="5.PersonType">NaturalPerson</entry> +    <entry key="5.Required">false</entry> +    <entry key="5.TransliterationMandatory">true</entry> +    <entry key="5.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> +    <entry key="5.XmlType.LocalPart">BirthNameType</entry> +    <entry key="5.XmlType.NamespacePrefix">eidas-natural</entry> +    <entry key="5.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="6.NameUri">http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth</entry> +    <entry key="6.FriendlyName">PlaceOfBirth</entry> +    <entry key="6.PersonType">NaturalPerson</entry> +    <entry key="6.Required">false</entry> +    <entry key="6.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> +    <entry key="6.XmlType.LocalPart">PlaceOfBirthType</entry> +    <entry key="6.XmlType.NamespacePrefix">eidas-natural</entry> +    <entry key="6.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="7.NameUri">http://eidas.europa.eu/attributes/naturalperson/CurrentAddress</entry> +    <entry key="7.FriendlyName">CurrentAddress</entry> +    <entry key="7.PersonType">NaturalPerson</entry> +    <entry key="7.Required">false</entry> +    <entry key="7.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> +    <entry key="7.XmlType.LocalPart">CurrentAddressType</entry> +    <entry key="7.XmlType.NamespacePrefix">eidas-natural</entry> +    <entry key="7.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.CurrentAddressAttributeValueMarshaller</entry> + +    <entry key="8.NameUri">http://eidas.europa.eu/attributes/naturalperson/Gender</entry> +    <entry key="8.FriendlyName">Gender</entry> +    <entry key="8.PersonType">NaturalPerson</entry> +    <entry key="8.Required">false</entry> +    <entry key="8.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> +    <entry key="8.XmlType.LocalPart">GenderType</entry> +    <entry key="8.XmlType.NamespacePrefix">eidas-natural</entry> +    <entry key="8.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.GenderAttributeValueMarshaller</entry> + +    <entry key="9.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalPersonIdentifier</entry> +    <entry key="9.FriendlyName">LegalPersonIdentifier</entry> +    <entry key="9.PersonType">LegalPerson</entry> +    <entry key="9.Required">true</entry> +    <entry key="9.UniqueIdentifier">true</entry> +    <entry key="9.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> +    <entry key="9.XmlType.LocalPart">LegalPersonIdentifierType</entry> +    <entry key="9.XmlType.NamespacePrefix">eidas-legal</entry> +    <entry key="9.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="10.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalName</entry> +    <entry key="10.FriendlyName">LegalName</entry> +    <entry key="10.PersonType">LegalPerson</entry> +    <entry key="10.Required">true</entry> +    <entry key="10.TransliterationMandatory">true</entry> +    <entry key="10.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> +    <entry key="10.XmlType.LocalPart">LegalNameType</entry> +    <entry key="10.XmlType.NamespacePrefix">eidas-legal</entry> +    <entry key="10.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="11.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalPersonAddress</entry> +    <entry key="11.FriendlyName">LegalAddress</entry> +    <entry key="11.PersonType">LegalPerson</entry> +    <entry key="11.Required">false</entry> +    <entry key="11.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> +    <entry key="11.XmlType.LocalPart">LegalPersonAddressType</entry> +    <entry key="11.XmlType.NamespacePrefix">eidas-legal</entry> +    <entry key="11.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.LegalAddressAttributeValueMarshaller</entry> + +    <entry key="12.NameUri">http://eidas.europa.eu/attributes/legalperson/VATRegistrationNumber</entry> +    <entry key="12.FriendlyName">VATRegistration</entry> +    <entry key="12.PersonType">LegalPerson</entry> +    <entry key="12.Required">false</entry> +    <entry key="12.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> +    <entry key="12.XmlType.LocalPart">VATRegistrationNumberType</entry> +    <entry key="12.XmlType.NamespacePrefix">eidas-legal</entry> +    <entry key="12.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="13.NameUri">http://eidas.europa.eu/attributes/legalperson/TaxReference</entry> +    <entry key="13.FriendlyName">TaxReference</entry> +    <entry key="13.PersonType">LegalPerson</entry> +    <entry key="13.Required">false</entry> +    <entry key="13.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> +    <entry key="13.XmlType.LocalPart">TaxReferenceType</entry> +    <entry key="13.XmlType.NamespacePrefix">eidas-legal</entry> +    <entry key="13.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="14.NameUri">http://eidas.europa.eu/attributes/legalperson/D-2012-17-EUIdentifier</entry> +    <entry key="14.FriendlyName">D-2012-17-EUIdentifier</entry> +    <entry key="14.PersonType">LegalPerson</entry> +    <entry key="14.Required">false</entry> +    <entry key="14.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> +    <entry key="14.XmlType.LocalPart">D-2012-17-EUIdentifierType</entry> +    <entry key="14.XmlType.NamespacePrefix">eidas-legal</entry> +    <entry key="14.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="15.NameUri">http://eidas.europa.eu/attributes/legalperson/LEI</entry> +    <entry key="15.FriendlyName">LEI</entry> +    <entry key="15.PersonType">LegalPerson</entry> +    <entry key="15.Required">false</entry> +    <entry key="15.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> +    <entry key="15.XmlType.LocalPart">LEIType</entry> +    <entry key="15.XmlType.NamespacePrefix">eidas-legal</entry> +    <entry key="15.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="16.NameUri">http://eidas.europa.eu/attributes/legalperson/EORI</entry> +    <entry key="16.FriendlyName">EORI</entry> +    <entry key="16.PersonType">LegalPerson</entry> +    <entry key="16.Required">false</entry> +    <entry key="16.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> +    <entry key="16.XmlType.LocalPart">EORIType</entry> +    <entry key="16.XmlType.NamespacePrefix">eidas-legal</entry> +    <entry key="16.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="17.NameUri">http://eidas.europa.eu/attributes/legalperson/SEED</entry> +    <entry key="17.FriendlyName">SEED</entry> +    <entry key="17.PersonType">LegalPerson</entry> +    <entry key="17.Required">false</entry> +    <entry key="17.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> +    <entry key="17.XmlType.LocalPart">SEEDType</entry> +    <entry key="17.XmlType.NamespacePrefix">eidas-legal</entry> +    <entry key="17.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="18.NameUri">http://eidas.europa.eu/attributes/legalperson/SIC</entry> +    <entry key="18.FriendlyName">SIC</entry> +    <entry key="18.PersonType">LegalPerson</entry> +    <entry key="18.Required">false</entry> +    <entry key="18.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> +    <entry key="18.XmlType.LocalPart">SICType</entry> +    <entry key="18.XmlType.NamespacePrefix">eidas-legal</entry> +    <entry key="18.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="19.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/PersonIdentifier</entry> +    <entry key="19.FriendlyName">RepresentativePersonIdentifier</entry> +    <entry key="19.PersonType">RepresentativeNaturalPerson</entry> +    <entry key="19.Required">false</entry> +    <entry key="19.UniqueIdentifier">true</entry> +    <entry key="19.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> +    <entry key="19.XmlType.LocalPart">PersonIdentifierType</entry> +    <entry key="19.XmlType.NamespacePrefix">eidas-natural</entry> +    <entry key="19.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="20.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/CurrentFamilyName</entry> +    <entry key="20.FriendlyName">RepresentativeFamilyName</entry> +    <entry key="20.PersonType">RepresentativeNaturalPerson</entry> +    <entry key="20.Required">false</entry> +    <entry key="20.TransliterationMandatory">true</entry> +    <entry key="20.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> +    <entry key="20.XmlType.LocalPart">CurrentFamilyNameType</entry> +    <entry key="20.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> +    <entry key="20.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="21.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/CurrentGivenName</entry> +    <entry key="21.FriendlyName">RepresentativeFirstName</entry> +    <entry key="21.PersonType">RepresentativeNaturalPerson</entry> +    <entry key="21.Required">false</entry> +    <entry key="21.TransliterationMandatory">true</entry> +    <entry key="21.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> +    <entry key="21.XmlType.LocalPart">CurrentGivenNameType</entry> +    <entry key="21.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> +    <entry key="21.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="22.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/DateOfBirth</entry> +    <entry key="22.FriendlyName">RepresentativeDateOfBirth</entry> +    <entry key="22.PersonType">RepresentativeNaturalPerson</entry> +    <entry key="22.Required">false</entry> +    <entry key="22.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> +    <entry key="22.XmlType.LocalPart">DateOfBirthType</entry> +    <entry key="22.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> +    <entry key="22.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.DateTimeAttributeValueMarshaller</entry> + +    <entry key="23.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/BirthName</entry> +    <entry key="23.FriendlyName">RepresentativeBirthName</entry> +    <entry key="23.PersonType">RepresentativeNaturalPerson</entry> +    <entry key="23.Required">false</entry> +    <entry key="23.TransliterationMandatory">true</entry> +    <entry key="23.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> +    <entry key="23.XmlType.LocalPart">BirthNameType</entry> +    <entry key="23.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> +    <entry key="23.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="24.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/PlaceOfBirth</entry> +    <entry key="24.FriendlyName">RepresentativePlaceOfBirth</entry> +    <entry key="24.PersonType">RepresentativeNaturalPerson</entry> +    <entry key="24.Required">false</entry> +    <entry key="24.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> +    <entry key="24.XmlType.LocalPart">PlaceOfBirthType</entry> +    <entry key="24.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> +    <entry key="24.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="25.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/CurrentAddress</entry> +    <entry key="25.FriendlyName">RepresentativeCurrentAddress</entry> +    <entry key="25.PersonType">RepresentativeNaturalPerson</entry> +    <entry key="25.Required">false</entry> +    <entry key="25.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> +    <entry key="25.XmlType.LocalPart">CurrentAddressType</entry> +    <entry key="25.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> +    <entry key="25.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.RepvCurrentAddressAttributeValueMarshaller</entry> + +    <entry key="26.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/Gender</entry> +    <entry key="26.FriendlyName">RepresentativeGender</entry> +    <entry key="26.PersonType">RepresentativeNaturalPerson</entry> +    <entry key="26.Required">false</entry> +    <entry key="26.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> +    <entry key="26.XmlType.LocalPart">GenderType</entry> +    <entry key="26.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> +    <entry key="26.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.GenderAttributeValueMarshaller</entry> + +    <entry key="27.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalPersonIdentifier</entry> +    <entry key="27.FriendlyName">RepresentativeLegalPersonIdentifier</entry> +    <entry key="27.PersonType">RepresentativeLegalPerson</entry> +    <entry key="27.Required">false</entry> +    <entry key="27.UniqueIdentifier">true</entry> +    <entry key="27.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> +    <entry key="27.XmlType.LocalPart">LegalPersonIdentifierType</entry> +    <entry key="27.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> +    <entry key="27.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="28.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalName</entry> +    <entry key="28.FriendlyName">RepresentativeLegalName</entry> +    <entry key="28.PersonType">RepresentativeLegalPerson</entry> +    <entry key="28.Required">false</entry> +    <entry key="28.TransliterationMandatory">true</entry> +    <entry key="28.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> +    <entry key="28.XmlType.LocalPart">LegalNameType</entry> +    <entry key="28.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> +    <entry key="28.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="29.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalPersonAddress</entry> +    <entry key="29.FriendlyName">RepresentativeLegalAddress</entry> +    <entry key="29.PersonType">RepresentativeLegalPerson</entry> +    <entry key="29.Required">false</entry> +    <entry key="29.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> +    <entry key="29.XmlType.LocalPart">LegalPersonAddressType</entry> +    <entry key="29.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> +    <entry key="29.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.RepvLegalAddressAttributeValueMarshaller</entry> + +    <entry key="30.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/VATRegistrationNumber</entry> +    <entry key="30.FriendlyName">RepresentativeVATRegistration</entry> +    <entry key="30.PersonType">RepresentativeLegalPerson</entry> +    <entry key="30.Required">false</entry> +    <entry key="30.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> +    <entry key="30.XmlType.LocalPart">VATRegistrationNumberType</entry> +    <entry key="30.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> +    <entry key="30.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="31.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/TaxReference</entry> +    <entry key="31.FriendlyName">RepresentativeTaxReference</entry> +    <entry key="31.PersonType">RepresentativeLegalPerson</entry> +    <entry key="31.Required">false</entry> +    <entry key="31.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> +    <entry key="31.XmlType.LocalPart">TaxReferenceType</entry> +    <entry key="31.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> +    <entry key="31.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="32.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/D-2012-17-EUIdentifier</entry> +    <entry key="32.FriendlyName">RepresentativeD-2012-17-EUIdentifier</entry> +    <entry key="32.PersonType">RepresentativeLegalPerson</entry> +    <entry key="32.Required">false</entry> +    <entry key="32.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> +    <entry key="32.XmlType.LocalPart">D-2012-17-EUIdentifierType</entry> +    <entry key="32.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> +    <entry key="32.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="33.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LEI</entry> +    <entry key="33.FriendlyName">RepresentativeLEI</entry> +    <entry key="33.PersonType">RepresentativeLegalPerson</entry> +    <entry key="33.Required">false</entry> +    <entry key="33.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> +    <entry key="33.XmlType.LocalPart">LEIType</entry> +    <entry key="33.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> +    <entry key="33.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="34.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/EORI</entry> +    <entry key="34.FriendlyName">RepresentativeEORI</entry> +    <entry key="34.PersonType">RepresentativeLegalPerson</entry> +    <entry key="34.Required">false</entry> +    <entry key="34.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> +    <entry key="34.XmlType.LocalPart">EORIType</entry> +    <entry key="34.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> +    <entry key="34.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="35.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/SEED</entry> +    <entry key="35.FriendlyName">RepresentativeSEED</entry> +    <entry key="35.PersonType">RepresentativeLegalPerson</entry> +    <entry key="35.Required">false</entry> +    <entry key="35.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> +    <entry key="35.XmlType.LocalPart">SEEDType</entry> +    <entry key="35.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> +    <entry key="35.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="36.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/SIC</entry> +    <entry key="36.FriendlyName">RepresentativeSIC</entry> +    <entry key="36.PersonType">RepresentativeLegalPerson</entry> +    <entry key="36.Required">false</entry> +    <entry key="36.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> +    <entry key="36.XmlType.LocalPart">SICType</entry> +    <entry key="36.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> +    <entry key="36.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + +    <entry key="39.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalPersonAddress</entry> +    <entry key="39.FriendlyName">RepresentativeLegalAddress</entry> +    <entry key="39.PersonType">RepresentativeLegalPerson</entry> +    <entry key="39.Required">false</entry> +    <entry key="39.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> +    <entry key="39.XmlType.LocalPart">LegalPersonAddressType</entry> +    <entry key="39.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> +    <entry key="39.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.RepvLegalAddressAttributeValueMarshaller</entry> + +    <entry key="40.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/VATRegistrationNumber</entry> +    <entry key="40.FriendlyName">RepresentativeVATRegistration</entry> +    <entry key="40.PersonType">RepresentativeLegalPerson</entry> +    <entry key="40.Required">false</entry> +    <entry key="40.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> +    <entry key="40.XmlType.LocalPart">VATRegistrationNumberType</entry> +    <entry key="40.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> +    <entry key="40.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + +</properties> diff --git a/connector/src/test/resources/config/eIDAS/igniteSpecificCommunication.xml b/connector/src/test/resources/config/eIDAS/igniteSpecificCommunication.xml new file mode 100644 index 00000000..f817f5a4 --- /dev/null +++ b/connector/src/test/resources/config/eIDAS/igniteSpecificCommunication.xml @@ -0,0 +1,109 @@ +<?xml version="1.0" encoding="UTF-8"?> + +<!-- +  ~ Copyright (c) 2018 by European Commission +  ~ +  ~ Licensed under the EUPL, Version 1.2 or - as soon they will be +  ~ approved by the European Commission - subsequent versions of the +  ~ EUPL (the "Licence"); +  ~ You may not use this work except in compliance with the Licence. +  ~ You may obtain a copy of the Licence at: +  ~ https://joinup.ec.europa.eu/page/eupl-text-11-12 +  ~ +  ~ Unless required by applicable law or agreed to in writing, software +  ~ distributed under the Licence is distributed on an "AS IS" basis, +  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +  ~ implied. +  ~ See the Licence for the specific language governing permissions and +  ~ limitations under the Licence. +  --> + +<!-- +    Ignite Spring configuration file to startup Ignite cache. + +    This file demonstrates how to configure cache using Spring. Provided cache +    will be created on node startup. + +    Use this configuration file when running HTTP REST examples (see 'examples/rest' folder). + +    When starting a standalone node, you need to execute the following command: +    {IGNITE_HOME}/bin/ignite.{bat|sh} examples/config/ignite-cache.xml + +    When starting Ignite from Java IDE, pass path to this file to Ignition: +    Ignition.start("examples/config/ignite-cache.xml"); +--> + + +<beans xmlns="http://www.springframework.org/schema/beans" +       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" +       xsi:schemaLocation=" +        http://www.springframework.org/schema/beans +        http://www.springframework.org/schema/beans/spring-beans.xsd"> + +    <bean id="igniteSpecificCommunication.cfg" class="org.apache.ignite.configuration.IgniteConfiguration"> + +        <property name="igniteInstanceName" value="igniteSpecificCommunication"/> + +        <property name="cacheConfiguration"> +            <list> + +                <!--Specific Communication Caches--> +                <!-- Partitioned cache example configuration (Atomic mode). --> +                <bean class="org.apache.ignite.configuration.CacheConfiguration"> +                    <property name="name" value="specificNodeConnectorRequestCache"/> +                    <property name="atomicityMode" value="ATOMIC"/> +                    <property name="backups" value="1"/> +                </bean> +                <!-- Partitioned cache example configuration (Atomic mode). --> +                <bean class="org.apache.ignite.configuration.CacheConfiguration"> +                    <property name="name" value="nodeSpecificProxyserviceRequestCache"/> +                    <property name="atomicityMode" value="ATOMIC"/> +                    <property name="backups" value="1"/> +                </bean> +                <!-- Partitioned cache example configuration (Atomic mode). --> +                <bean class="org.apache.ignite.configuration.CacheConfiguration"> +                    <property name="name" value="specificNodeProxyserviceResponseCache"/> +                    <property name="atomicityMode" value="ATOMIC"/> +                    <property name="backups" value="1"/> +                </bean> +                <!-- Partitioned cache example configuration (Atomic mode). --> +                <bean class="org.apache.ignite.configuration.CacheConfiguration"> +                    <property name="name" value="nodeSpecificConnectorResponseCache"/> +                    <property name="atomicityMode" value="ATOMIC"/> +                    <property name="backups" value="1"/> +                </bean> +                <!-- Partitioned cache example configuration (Atomic mode). --> +                <bean class="org.apache.ignite.configuration.CacheConfiguration"> +                    <property name="name" value="msConnectorCache"/> +                    <property name="atomicityMode" value="ATOMIC"/> +                    <property name="backups" value="1"/> +                </bean> + +            </list> +        </property> + +        <!--Multicast discover of other nodes in the grid configuration--> +        <property name="discoverySpi"> +            <bean class="org.apache.ignite.spi.discovery.tcp.TcpDiscoverySpi"> +                <property name="ipFinder"> +                    <bean class="org.apache.ignite.spi.discovery.tcp.ipfinder.multicast.TcpDiscoveryMulticastIpFinder"> +                        <property name="multicastGroup" value="228.10.10.157"/> +                    </bean> +                </property> +            </bean> +        </property> + +        <!-- how frequently Ignite will output basic node metrics into the log--> +        <property name="metricsLogFrequency" value="#{60 * 10 * 1000}"/> + +    </bean> + +    <!-- +        Initialize property configurer so we can reference environment variables. +    --> +    <bean id="propertyConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"> +        <property name="systemPropertiesModeName" value="SYSTEM_PROPERTIES_MODE_FALLBACK"/> +        <property name="searchSystemEnvironment" value="true"/> +    </bean> + +</beans> diff --git a/connector/src/test/resources/config/eIDAS/specificCommunicationDefinitionConnector.xml b/connector/src/test/resources/config/eIDAS/specificCommunicationDefinitionConnector.xml new file mode 100644 index 00000000..d1fc042d --- /dev/null +++ b/connector/src/test/resources/config/eIDAS/specificCommunicationDefinitionConnector.xml @@ -0,0 +1,37 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!--  +#   Copyright (c) 2017 European Commission   +#   Licensed under the EUPL, Version 1.2 or – as soon they will be  +#   approved by the European Commission - subsequent versions of the  +#    EUPL (the "Licence");  +#    You may not use this work except in compliance with the Licence.  +#    You may obtain a copy of the Licence at:  +#    * https://joinup.ec.europa.eu/page/eupl-text-11-12   +#    * +#    Unless required by applicable law or agreed to in writing, software  +#    distributed under the Licence is distributed on an "AS IS" basis,  +#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  +#    See the Licence for the specific language governing permissions and limitations under the Licence. + --> + +<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> +<properties> +  <!-- issuer name --> +  <entry key="lightToken.connector.request.issuer.name">specificCommunicationDefinitionConnectorRequest</entry> +  <entry key="lightToken.connector.request.node.id">specificConnector</entry>  + +	<!--secrets and algorithms for request consent token--> +	<entry key="lightToken.connector.request.secret">mySecretConnectorRequest</entry> +	<entry key="lightToken.connector.request.algorithm">SHA-256</entry> + +	<!-- issuer name --> +	<entry key="lightToken.connector.response.issuer.name">specificCommunicationDefinitionConnectorResponse</entry> +  <entry key="lightToken.connector.response.node.id">specificConnector</entry> +   +	<!--secrets and algorithms for response consent token--> +	<entry key="lightToken.connector.response.secret">mySecretConnectorResponse</entry> +	<entry key="lightToken.connector.response.algorithm">SHA-256</entry> +   +  <!--The value of incoming lightRequest maximum number characters allowed--> +	<entry key="incoming.lightRequest.max.number.characters">65535</entry> +</properties> diff --git a/connector/src/test/resources/config/eIDAS/specificCommunicationDefinitionProxyservice.xml b/connector/src/test/resources/config/eIDAS/specificCommunicationDefinitionProxyservice.xml new file mode 100644 index 00000000..c8caf16b --- /dev/null +++ b/connector/src/test/resources/config/eIDAS/specificCommunicationDefinitionProxyservice.xml @@ -0,0 +1,37 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!--  +#   Copyright (c) 2017 European Commission   +#   Licensed under the EUPL, Version 1.2 or – as soon they will be  +#   approved by the European Commission - subsequent versions of the  +#    EUPL (the "Licence");  +#    You may not use this work except in compliance with the Licence.  +#    You may obtain a copy of the Licence at:  +#    * https://joinup.ec.europa.eu/page/eupl-text-11-12   +#    * +#    Unless required by applicable law or agreed to in writing, software  +#    distributed under the Licence is distributed on an "AS IS" basis,  +#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  +#    See the Licence for the specific language governing permissions and limitations under the Licence. + --> + +<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> +<properties> +  <entry key="distributedCommunicationMaps">true</entry>  + +	<!-- issuer name --> +	<entry key="lightToken.proxyservice.request.issuer.name">specificCommunicationDefinitionProxyserviceRequest</entry> +  <entry key="lightToken.proxyservice.request.node.id">specificProxyService</entry> +	<!--secrets and algorithms for request consent token--> +	<entry key="lightToken.proxyservice.request.secret">mySecretProxyserviceRequest</entry> +	<entry key="lightToken.proxyservice.request.algorithm">SHA-256</entry> + +	<!-- issuer name --> +	<entry key="lightToken.proxyservice.response.issuer.name">specificCommunicationDefinitionProxyserviceResponse</entry> +  <entry key="lightToken.proxyservice.response.node.id">specificProxyService</entry> +	<!--secrets and algorithms for response consent token--> +	<entry key="lightToken.proxyservice.response.secret">mySecretProxyserviceResponse</entry> +	<entry key="lightToken.proxyservice.response.algorithm">SHA-256</entry> +   +  <!--The value of incoming Light Response maximum number characters allowed--> +	<entry key="incoming.lightResponse.max.number.characters">65535</entry> +</properties> diff --git a/connector/src/test/resources/config/junit_config_1.properties b/connector/src/test/resources/config/junit_config_1.properties new file mode 100644 index 00000000..3f290948 --- /dev/null +++ b/connector/src/test/resources/config/junit_config_1.properties @@ -0,0 +1,107 @@ +## Basic service configuration +eidas.ms.context.url.prefix= +eidas.ms.context.url.request.validation=false + +eidas.ms.context.use.clustermode=true + +##Monitoring +eidas.ms.monitoring.eIDASNode.metadata.url= + + +##Specific logger configuration +eidas.ms.technicallog.write.MDS.into.techlog=true +eidas.ms.revisionlog.write.MDS.into.revisionlog=true +eidas.ms.revisionlog.logIPAddressOfUser=true + +##Directory for static Web content +eidas.ms.webcontent.static.directory=webcontent/ +eidas.ms.webcontent.templates=templates/ +eidas.ms.webcontent.properties=properties/messages +eidas.ms.webcontent.templates.countryselection=countrySelection.html + +## extended validation of pending-request Id's +eidas.ms.core.pendingrequestid.maxlifetime=300 +eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256 +eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret + +## eIDAS Ref. Implementation connector ### +eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector +eidas.ms.auth.eIDAS.node_v2.forward.endpoint= +eidas.ms.auth.eIDAS.node_v2.forward.method=POST +eidas.ms.auth.eIDAS.node_v2.countrycode=AT +eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.* +eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true +eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true +eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true + +eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/substantial + +eidas.ms.auth.eIDAS.szrclient.useTestService=true +eidas.ms.auth.eIDAS.szrclient.endpoint.prod= +eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/..... +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password= +eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path= +eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password= +eidas.ms.auth.eIDAS.szrclient.timeout.connection=15 +eidas.ms.auth.eIDAS.szrclient.timeout.response=30 +eidas.ms.auth.eIDAS.szrclient.params.vkz= + +eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation=false + + +#Raw eIDAS Id data storage +eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true + +eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true +eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true + +eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true +eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=true + +##without mandates +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true + +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.4=PlaceOfBirth,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.5=BirthName,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.6=Gender,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.7=CurrentAddress,false + +##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT ----- +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.1=FamilyName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.2=FirstName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.3=DateOfBirth,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true + + +## PVP2 S-Profile end-point configuration +eidas.ms.pvp2.keystore.path=keys/..... +eidas.ms.pvp2.keystore.password= +eidas.ms.pvp2.key.metadata.alias= +eidas.ms.pvp2.key.metadata.password= +eidas.ms.pvp2.key.signing.alias= +eidas.ms.pvp2.key.signing.password= +eidas.ms.pvp2.metadata.validity=24 + +## Service Provider configuration +eidas.ms.sp.0.uniqueID= +eidas.ms.sp.0.pvp2.metadata.truststore= +eidas.ms.sp.0.pvp2.metadata.truststore.password= + +#eidas.ms.sp.0.friendlyName= +#eidas.ms.sp.0.pvp2.metadata.url= +#eidas.ms.sp.0.policy.allowed.requested.targets=.* +#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false + + +##only for advanced config +eidas.ms.configuration.sp.disableRegistrationRequirement= +eidas.ms.configuration.restrictions.baseID.spTransmission= +eidas.ms.configuration.auth.default.countrycode= +eidas.ms.configuration.pvp.scheme.validation= +eidas.ms.configuration.pvp.enable.entitycategories=
\ No newline at end of file diff --git a/connector/src/test/resources/config/log4j.properties b/connector/src/test/resources/config/log4j.properties new file mode 100644 index 00000000..4426ea7e --- /dev/null +++ b/connector/src/test/resources/config/log4j.properties @@ -0,0 +1,54 @@ +# commons-logging setup +org.apache.commons.logging.LogFactory=org.apache.commons.logging.impl.Log4jFactory + +# define log4j root loggers +log4j.rootLogger=warn,stdout, console + +log4j.logger.at.gv.egiz.eidas.specific=info, msnode +log4j.logger.at.gv.egiz.eidas.specific.connector.logger.RevisionLogger=info, reversion +log4j.logger.at.gv.egiz.eidas.specific.connector.logger.StatisticLogger=info, statistic +log4j.logger.eu.eidas=info, EIDASNODE + +log4j.additivity.at.gv.egiz.eidas.specific=false +log4j.additivity.at.gv.egiz.eidas.specific.connector.logger.RevisionLogger=false +log4j.additivity.at.gv.egiz.eidas.specific.connector.logger.StatisticLogger=false +log4j.additivity.eu.eidas=false + +log4j.appender.console=org.apache.log4j.ConsoleAppender +log4j.appender.console.layout=org.apache.log4j.PatternLayout +log4j.appender.console.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %20c |  %10t | %m%n + +log4j.appender.stdout=org.apache.log4j.RollingFileAppender +log4j.appender.stdout.File=${catalina.base}/logs/console.log +log4j.appender.stdout.MaxFileSize=10000KB +log4j.appender.stdout.MaxBackupIndex=9999 +log4j.appender.stdout.layout=org.apache.log4j.PatternLayout +log4j.appender.stdout.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n + +log4j.appender.msnode=org.apache.log4j.RollingFileAppender +log4j.appender.msnode.File=${catalina.base}/logs/eidas-ms-reversion.log +log4j.appender.msnode.MaxFileSize=10000KB +log4j.appender.msnode.MaxBackupIndex=9999 +log4j.appender.msnode.layout=org.apache.log4j.PatternLayout +log4j.appender.msnode.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n + +log4j.appender.reversion=org.apache.log4j.RollingFileAppender +log4j.appender.reversion.File=${catalina.base}/logs/eidas-ms-reversion.log +log4j.appender.reversion.MaxFileSize=10000KB +log4j.appender.reversion.MaxBackupIndex=9999 +log4j.appender.reversion.layout=org.apache.log4j.PatternLayout +log4j.appender.reversion.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n + +log4j.appender.statistic=org.apache.log4j.RollingFileAppender +log4j.appender.statistic.File=${catalina.base}/logs/eidas-ms-statistic.log +log4j.appender.statistic.MaxFileSize=10000KB +log4j.appender.statistic.MaxBackupIndex=9999 +log4j.appender.statistic.layout=org.apache.log4j.PatternLayout +log4j.appender.statistic.layout.ConversionPattern=%m%n + +log4j.appender.EIDASNODE=org.apache.log4j.RollingFileAppender +log4j.appender.EIDASNODE.File=${catalina.base}/logs/eIDAS_node.log +log4j.appender.EIDASNODE.MaxFileSize=10000KB +log4j.appender.EIDASNODE.MaxBackupIndex=9999 +log4j.appender.EIDASNODE.layout=org.apache.log4j.PatternLayout +log4j.appender.EIDASNODE.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n
\ No newline at end of file diff --git a/connector/src/test/resources/config/logback_config.xml b/connector/src/test/resources/config/logback_config.xml new file mode 100644 index 00000000..fa27a46a --- /dev/null +++ b/connector/src/test/resources/config/logback_config.xml @@ -0,0 +1,102 @@ +<?xml version="1.0" encoding="UTF-8"?> + +<!-- For assistance related to logback-translator or configuration  --> +<!-- files in general, please contact the logback user mailing list --> +<!-- at http://www.qos.ch/mailman/listinfo/logback-user             --> +<!--                                                                --> +<!-- For professional support please see                            --> +<!--    http://www.qos.ch/shop/products/professionalSupport         --> +<!--                                                                --> +<configuration> +  <appender name="EIDASNODE" class="ch.qos.logback.core.rolling.RollingFileAppender"> +    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender--> +    <File>${catalina.base}/logs/eIDAS_node.log</File> +    <encoder> +      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n</pattern> +    </encoder> +    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> +      <maxIndex>9999</maxIndex> +      <FileNamePattern>${catalina.base}/logs/eIDAS_node.log.%i</FileNamePattern> +    </rollingPolicy> +    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> +      <MaxFileSize>10000KB</MaxFileSize> +    </triggeringPolicy> +  </appender> +  <appender name="msnode" class="ch.qos.logback.core.rolling.RollingFileAppender"> +    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender--> +    <File>${catalina.base}/logs/eidas-ms-reversion.log</File> +    <encoder> +      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n</pattern> +    </encoder> +    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> +      <maxIndex>9999</maxIndex> +      <FileNamePattern>${catalina.base}/logs/eidas-ms-reversion.log.%i</FileNamePattern> +    </rollingPolicy> +    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> +      <MaxFileSize>10000KB</MaxFileSize> +    </triggeringPolicy> +  </appender> +  <appender name="reversion" class="ch.qos.logback.core.rolling.RollingFileAppender"> +    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender--> +    <File>${catalina.base}/logs/eidas-ms-reversion.log</File> +    <encoder> +      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n</pattern> +    </encoder> +    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> +      <maxIndex>9999</maxIndex> +      <FileNamePattern>${catalina.base}/logs/eidas-ms-reversion.log.%i</FileNamePattern> +    </rollingPolicy> +    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> +      <MaxFileSize>10000KB</MaxFileSize> +    </triggeringPolicy> +  </appender> +  <appender name="statistic" class="ch.qos.logback.core.rolling.RollingFileAppender"> +    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender--> +    <File>${catalina.base}/logs/eidas-ms-statistic.log</File> +    <encoder> +      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n</pattern> +    </encoder> +    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> +      <maxIndex>9999</maxIndex> +      <FileNamePattern>${catalina.base}/logs/eidas-ms-statistic.log.%i</FileNamePattern> +    </rollingPolicy> +    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> +      <MaxFileSize>10000KB</MaxFileSize> +    </triggeringPolicy> +  </appender> +  <appender name="stdout" class="ch.qos.logback.core.rolling.RollingFileAppender"> +    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender--> +    <File>${catalina.base}/logs/console.log</File> +    <encoder> +      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n</pattern> +    </encoder> +    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> +      <maxIndex>9999</maxIndex> +      <FileNamePattern>${catalina.base}/logs/console.log.%i</FileNamePattern> +    </rollingPolicy> +    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> +      <MaxFileSize>10000KB</MaxFileSize> +    </triggeringPolicy> +  </appender> +  <appender name="console" class="ch.qos.logback.core.ConsoleAppender"> +    <encoder> +      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %20c | %10t | %m%n</pattern> +    </encoder> +  </appender> +  <logger name="eu.eidas" additivity="false" level="info"> +    <appender-ref ref="EIDASNODE"/> +  </logger> +  <logger name="at.gv.egiz.eidas.specific" additivity="false" level="info"> +    <appender-ref ref="msnode"/> +  </logger> +  <logger name="at.gv.egiz.eidas.specific.connector.logger.RevisionLogger" additivity="false" level="info"> +    <appender-ref ref="reversion"/> +  </logger> +  <logger name="at.gv.egiz.eidas.specific.connector.logger.StatisticLogger" additivity="false" level="info"> +    <appender-ref ref="statistic"/> +  </logger> +  <root level="warn"> +    <appender-ref ref="stdout"/> +    <appender-ref ref="console"/> +  </root> +</configuration> diff --git a/connector/src/test/resources/config/properties/messages.properties b/connector/src/test/resources/config/properties/messages.properties new file mode 100644 index 00000000..ea604cda --- /dev/null +++ b/connector/src/test/resources/config/properties/messages.properties @@ -0,0 +1,98 @@ +####### GUI elements #### +gui.general.language.selection.title=Language selection +gui.general.language.selection.de=Deutsch +gui.general.language.selection.en=English + +##Errorpage template +gui.errorpage.msg.title=Authentication error arise +gui.errorpage.msg.information=The authentication stops on account of a process error: +gui.errorpage.msg.errorcode=Error    Code: +gui.errorpage.msg.errormsg=Error Message: +gui.errorpage.msg.stacktrace=Stacktrace: + +##Country-Selection page +gui.countryselection.title=eIDAS-Login Countryselection +gui.countryselection.logo.bmi.alt=Logo BMI +gui.countryselection.link.bmi=Mainpage BMI +gui.countryselection.header1=Federal Ministry of Internal Affairs +gui.countryselection.header2=Austrian Central eIDAS Node +gui.countryselection.header3=Operated by Federal Ministry of Internal Affairs +gui.countryselection.header.selection=Select your country +gui.countryselection.cancle=Cancel +gui.countryselection.notsupportedinfo=If you cannot find your country in this list then your electronic identity (eID) is not yet supported. + +gui.countryselection.infos.general.header=Information on Logins with European eIDs +gui.countryselection.infos.general.link.1=eIDAS regulation of the European Union +gui.countryselection.infos.general.link.2=Austrian Supplementary Register for Natural Persons (ERnP) +gui.countryselection.infos.general.part.1=This is the central eIDAS node of the Republic of Austria, operated by the   +gui.countryselection.infos.general.part.2=It enables logins at Austrian online services using an electronic identity (eID) of another EU member state. You have been redirected to this page, as you have initiated a login to an online service using the option "EU Login". +gui.countryselection.infos.general.part.3=The central eIDAS node of the Republic of Austria allows you to login to Austrian online services using the eID of your home country. This way, compliance with the  +gui.countryselection.infos.general.part.4=, which regulates the mutual cross-border acceptance of national eIDs, is achieved. The mutual cross-border acceptance of national eIDs is implemented successively within the EU. Currently, the central eIDAS node of the Republic of Austria supports logins using the eID systems of the Member States mentioned above. More Member States will be added according to availability of their respective eID solutions. +gui.countryselection.infos.general.part.5=After selecting your home country on this page, you are forwarded to the familiar login environment of the selected member state. There, you can login with your eID as usual. After successful completion of the login process, you are automatically forwarded and logged in to the online service, from which you have been redirected to this page. During your first login, your eID data is also registered in the  +gui.countryselection.infos.general.part.6=This ensures that you will also be successfully and uniquely identified in subsequent logins at Austrian online services. + +gui.countryselection.country.be=Belgium +gui.countryselection.country.be.logo.alt=Belgium-eID +gui.countryselection.country.hr=Croatia +gui.countryselection.country.hr.logo.alt=Croatia-eID +gui.countryselection.country.cy=Cyprus +gui.countryselection.country.cy.logo.alt=Cyprus-eID +gui.countryselection.country.cz=Czech Republic +gui.countryselection.country.cz.logo.alt=Czech Republic-eID +gui.countryselection.country.ee=Estonia +gui.countryselection.country.ee.logo.alt=Estonia-eID +gui.countryselection.country.de=Germany +gui.countryselection.country.de.logo.alt=German-eID +gui.countryselection.country.is=Iceland +gui.countryselection.country.is.logo.alt=Iceland-eID +gui.countryselection.country.it=Italy +gui.countryselection.country.it.logo.alt=Italy-eID +gui.countryselection.country.lt=Lithuania +gui.countryselection.country.lt.logo.alt=Lithuania-eID +gui.countryselection.country.lv=Latvia +gui.countryselection.country.lv.logo.alt=Latvia-eID +gui.countryselection.country.nl=Netherlands +gui.countryselection.country.nl.logo.alt=Netherlands-eID +gui.countryselection.country.pl=Poland +gui.countryselection.country.pl.logo.alt=Poland-eID +gui.countryselection.country.pt=Portugal +gui.countryselection.country.pt.logo.alt=Portugal-eID +gui.countryselection.country.si=Slovenia +gui.countryselection.country.si.logo.alt=Slovenia-eID +gui.countryselection.country.es=SSpain +gui.countryselection.country.es.logo.alt=Spain-eID + +gui.countryselection.country.bg=Bulgaria +gui.countryselection.country.bg.logo.alt=Bulgaria-eID +gui.countryselection.country.dk=Denmark +gui.countryselection.country.dk.logo.alt=Denmark-eID +gui.countryselection.country.fi=Finland +gui.countryselection.country.fi.logo.alt=Finland-eID +gui.countryselection.country.fr=France +gui.countryselection.country.fr.logo.alt=France-eID +gui.countryselection.country.gr=Greece +gui.countryselection.country.gr.logo.alt=Greece-eID +gui.countryselection.country.hu=Hungary +gui.countryselection.country.hu.logo.alt=Hungary-eID +gui.countryselection.country.ir=Ireland +gui.countryselection.country.ir.logo.alt=Ireland-eID +gui.countryselection.country.lu=Luxembourg +gui.countryselection.country.lu.logo.alt=Luxembourg-eID +gui.countryselection.country.mt=Malta +gui.countryselection.country.mt.logo.alt=Malta-eID +gui.countryselection.country.ro=Romania +gui.countryselection.country.ro.logo.alt=Romania-eID +gui.countryselection.country.sk=Slovakia +gui.countryselection.country.sk.logo.alt=Slovakia-eID +gui.countryselection.country.sw=Sweden +gui.countryselection.country.sw.logo.alt=Sweden-eID +gui.countryselection.country.uk=United Kingdom +gui.countryselection.country.uk.logo.alt=United Kingdom-eID + +gui.countryselection.country.testcountry=TestCountry +gui.countryselection.country.testcountry.logo.alt=Testcountry-eID + +gui.countryselection.mode.prod=Production +gui.countryselection.mode.qs=QS +gui.countryselection.mode.test=Test +gui.countryselection.mode.dev=Development
\ No newline at end of file diff --git a/connector/src/test/resources/config/properties/messages_de.properties b/connector/src/test/resources/config/properties/messages_de.properties new file mode 100644 index 00000000..989b8d9c --- /dev/null +++ b/connector/src/test/resources/config/properties/messages_de.properties @@ -0,0 +1,100 @@ +####### GUI elements #### +gui.general.language.selection.title=Sprachauswahl +gui.general.language.selection.de=Deutsch +gui.general.language.selection.en=English + +##Errorpage template +gui.errorpage.msg.title=Es ist ein Fehler aufgetreten +gui.errorpage.msg.information=Der Anmeldevorgang wurde aufgrund eines Fehlers beendet: +gui.errorpage.msg.errorcode=Fehlercode   : +gui.errorpage.msg.errormsg=Fehlermeldung: +gui.errorpage.msg.stacktrace=Stacktrace: + +##Country-Selection page +gui.countryselection.title=eIDAS-Login Länderauswahl +gui.countryselection.logo.bmi.alt=Logo BMI +gui.countryselection.link.bmi=Startseite BMI +gui.countryselection.header1=Bundesministerium für Inneres +gui.countryselection.header2=Zentraler eIDAS Knoten der Republik Österreich +gui.countryselection.header3=Betrieben durch das Bundesministerium für Inneres +gui.countryselection.header.selection=Wählen Sie Ihr Land +gui.countryselection.cancle=Abbrechen +gui.countryselection.notsupportedinfo=Wenn Sie Ihr Land in dieser Aufzählung nicht entdecken, dann wird Ihre elektronische Identität (eID) leider noch nicht unterstützt. + +gui.countryselection.infos.general.header=Information zur Anmeldung über Europäische eIDs +gui.countryselection.infos.general.link.1=eIDAS-Verordnung der Europäischen Union +gui.countryselection.infos.general.link.2=Ergänzungsregister für natürliche Personen (ERnP) +gui.countryselection.infos.general.part.1=Sie befinden sich am zentralen eIDAS-Knoten der Republik Österreich. Dieser wird vom Österreichischen  +gui.countryselection.infos.general.part.2=betrieben und ermöglicht eine Anmeldungen zu österreichischen Online-Anwendungen unter Verwendung einer elektronischen Identität (eID) anderer EU-Mitgliedstaaten. Sie wurden hierher weitergeleitet, da Sie in einer Online-Anwendung eine Anmeldung via EU-Login initiiert haben. +gui.countryselection.infos.general.part.3=Der zentrale eIDAS-Knoten der Republik Österreich ermöglicht Ihnen eine Anmeldung zu österreichischen Online-Anwendungen mit der eID Ihres Herkunftsstaates. Damit werden die Vorgaben der  +gui.countryselection.infos.general.part.4=erfüllt, die eine staatenübergreifende Akzeptanz nationaler eIDs vorsieht. Die wechselseitige Anerkennung nationaler eIDs erfolgt in der EU schrittweise. Aktuell unterstützt der zentrale eIDAS-Knoten der Republik Österreich Anmeldungen mit den eID-Systemen der oben angeführten Mitgliedstaaten. Diese Liste wird laufend erweitert. +gui.countryselection.infos.general.part.5=Nachdem Sie auf dieser Seite einen Mitgliedsstaat ausgewählt haben, werden Sie an die gewohnte Anmeldeumgebung des jeweiligen Mitgliedsstaats weitergeleitet. Dort können Sie sich mit Ihrer eID wie gewohnt anmelden. Haben Sie den Anmeldeprozess erfolgreich abgeschlossen, werden Sie automatisch an die Online-Anwendung, von der aus Sie auf diese Auswahlseite gelangt sind, weitergeleitet und dort mit den Identitätsdaten Ihrer eID angemeldet. Gleichzeitig werden Sie bei Ihrer ersten Anmeldung auf diesem Weg mit Ihren eID-Daten in das österreichische +gui.countryselection.infos.general.part.6=eingetragen. Damit wird sichergestellt, dass Sie auch im Rahmen zukünftiger Anmeldeprozesse zu österreichischen Online-Anwendungen erfolgreich und eindeutig identifiziert werden können. + + +gui.countryselection.country.be=Belgien +gui.countryselection.country.be.logo.alt=Belgische-eID +gui.countryselection.country.hr=Kroatien +gui.countryselection.country.hr.logo.alt=Kroatische-eID +gui.countryselection.country.cy=Zypern +gui.countryselection.country.cy.logo.alt=Zypriotische-eID +gui.countryselection.country.cz=Tschechische Republik +gui.countryselection.country.cz.logo.alt=Tschechische Republik-eID +gui.countryselection.country.ee=Estland +gui.countryselection.country.ee.logo.alt=Estländische-eID +gui.countryselection.country.de=Deutschland +gui.countryselection.country.de.logo.alt=Deutsche-eID +gui.countryselection.country.is=Island +gui.countryselection.country.is.logo.alt=Isländische-eID +gui.countryselection.country.it=Italien +gui.countryselection.country.it.logo.alt=Italienische-eID +gui.countryselection.country.lt=Litauen +gui.countryselection.country.lt.logo.alt=Litauische-eID +gui.countryselection.country.lv=Lettland +gui.countryselection.country.lv.logo.alt=Lettländische-eID +gui.countryselection.country.nl=Niederlande +gui.countryselection.country.nl.logo.alt=Niederländische-eID +gui.countryselection.country.pl=Polen +gui.countryselection.country.pl.logo.alt=Polnische-eID +gui.countryselection.country.pt=Portugal +gui.countryselection.country.pt.logo.alt=Portugisische-eID +gui.countryselection.country.si=Slovenien +gui.countryselection.country.si.logo.alt=Slovenische-eID +gui.countryselection.country.es=Spanien +gui.countryselection.country.es.logo.alt=Spanische-eID + +gui.countryselection.country.bg=Bulgarien +gui.countryselection.country.bg.logo.alt=Bulgarische-eID +gui.countryselection.country.dk=Dänemark +gui.countryselection.country.dk.logo.alt=Dänische-eID +gui.countryselection.country.fi=Finnland +gui.countryselection.country.fi.logo.alt=Finische-eID +gui.countryselection.country.fr=Frankreich +gui.countryselection.country.fr.logo.alt=Französiche-eID +gui.countryselection.country.gr=Grichenland +gui.countryselection.country.gr.logo.alt=Grichische-eID +gui.countryselection.country.hu=Ungarn +gui.countryselection.country.hu.logo.alt=Ungarische-eID +gui.countryselection.country.ir=Irland +gui.countryselection.country.ir.logo.alt=Irische-eID +gui.countryselection.country.lu=Luxenburg +gui.countryselection.country.lu.logo.alt=Luxenburgische-eID +gui.countryselection.country.mt=Malta +gui.countryselection.country.mt.logo.alt=Malta-eID +gui.countryselection.country.ro=Romänien +gui.countryselection.country.ro.logo.alt=Romänische-eID +gui.countryselection.country.sk=Slovakei +gui.countryselection.country.sk.logo.alt=Slovakische-eID +gui.countryselection.country.sw=Schweden +gui.countryselection.country.sw.logo.alt=Schwedische-eID +gui.countryselection.country.uk=Großbritanien +gui.countryselection.country.uk.logo.alt=Britische-eID + +gui.countryselection.country.testcountry=Testland +gui.countryselection.country.testcountry.logo.alt=Testland-eID + +gui.countryselection.mode.prod=Produktion +gui.countryselection.mode.qs=Qualitätsicherung +gui.countryselection.mode.test=Test +gui.countryselection.mode.dev=Development + diff --git a/connector/src/test/resources/config/templates/countrySelection.html b/connector/src/test/resources/config/templates/countrySelection.html new file mode 100644 index 00000000..7fbc9464 --- /dev/null +++ b/connector/src/test/resources/config/templates/countrySelection.html @@ -0,0 +1,236 @@ +<!DOCTYPE html> +<html xmlns:th="http://www.thymeleaf.org" +      xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout" +      layout:decorator="fragments/base" +      th:with="lang=${#locale.language}" th:lang="${lang}">       +<head> +  <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> +  <meta name="viewport" content="width=device-width, initial-scale=1"> +  <link rel="stylesheet" href="$contextPath/static/css/css_country.css" th:href="@{/static/css/css_country.css}"/> +  <title th:text="#{gui.countryselection.title}">eIDAS-Login Länderauswahl</title> +<script type="text/javascript"> +</script> +<style> +body { +	background-image: none; +	margin:		0px; +	font-family:	"Helvetica Neue", Helvetica, Arial, sans-serif; +} + +div.header {  +	background-color: #e9ecef; +	padding-top: 28px; +	padding-left: 137px; +	padding-right: 137px; +	padding-bottom: 12px; +} +div.titlebar {  +	padding: 0px; +} +div.titlebar div {  +} +.hidden { +	display: none; +} +ul.nav_oben { +	padding: 0px; +	margin: 0px; +	text-align: right; +	text-transform: uppercase; +} +li { +	display: inline-block; +}	 +div.header a { +	text-decoration: none; +	color: black; +} +a { +	text-decoration: none; +	color: #a22c1c; +} +.block { +	/* override country.css */ +	width: 200px; +	padding-bottom: 20px; +} +@media only screen and (min-width: 1000px) { +	div.header {  +		padding-left: 137px; +		padding-right: 137px; +	} +	.content { +		padding-left: 137px; +		padding-right: 137px; +	} +	footer { +		padding-left: 137px; +		padding-right: 137px; +	} +} +@media only screen and (max-width: 999px) { +	div.header {  +		padding-left: 1em; +		padding-right: 1em; +	} +	.content { +		padding-left: 1em; +		padding-right: 1em; +	} +	footer { +		padding-left: 1em; +		padding-right: 1em; +	} +} + +div.subtitle h1 { +	padding: 0px; +	margin: 0px; +	font-size: 130%; +	align: right; +} +div.subtitle h2 { +	padding: 0px; +	margin: 0px; +	font-size: 115%; +} +footer { +    left: 0; +    padding-top: 1em; +    bottom: 0; +    width: 100%; +    height: 2em; +    background-color: rgb(162,44,28); +    color: white; +} +.float { +	float: left; +} +.floatright { +	float: right; +} +.copyright { +	width: 66%; +	font-size: 80%; +} +#countries { +	padding-bottom: 40px;  +} +#country { +	padding-bottom: 20px;  +} +input[type=submit] { +	width: inherit; +/*	text-align: left; */ +} +form { +	justify-content: center; +} +</style> +<script type="text/javascript"> + +/* Element.closest polyfill - https://developer.mozilla.org/en-US/docs/Web/API/Element/closest License: public domain*/ +if (!Element.prototype.matches) +    Element.prototype.matches = Element.prototype.msMatchesSelector ||  +                                Element.prototype.webkitMatchesSelector; + +if (!Element.prototype.closest) +    Element.prototype.closest = function(s) { +        var el = this; +        if (!document.documentElement.contains(el)) return null; +        do { +            if (el.matches(s)) return el; +            el = el.parentElement || el.parentNode; +        } while (el !== null && el.nodeType === 1);  +        return null; +    }; + + +function clickCountryFlag(element) { +	if (!element) return false; + +	var form = element.closest("form");  + +	if (!form) return false; + +	form.submit(); +	return false; +} +</script> +</head> +<body> +  <div class="header container"> +    <div class="titlebar"> +      <div> +	     <a href="https://www.bmi.gv.at/" target="_blank" title="Home"> +	       <img class="toplogo img-responsive" src="/static/BMI.png" alt="Logo BMI" +              th:attr="alt=#{gui.countryselection.logo.bmi.alt}"> +	       <h1 class="hidden" th:text="#{gui.countryselection.header1}"> Bundesministerium für Inneres </h1> +	     </a> +      </div> +      <ul class="nav_oben"> +        <li> +          <div class="languageselection" th:include="language_selection :: selectlanguage"> +            LanguageSelectionBlock +          </div> +        </li> +            +        <li><a href="https://www.bmi.gv.at/" target="_blank" th:text="#{gui.countryselection.link.bmi}" > Startseite BMI </a></li> +      </ul> +    </div> +  </div> +  <div class="content"> +    <div class="subtitle"> +      <h1 th:text="#{gui.countryselection.header2}" > Zentraler eIDAS Knoten der Republik Österreich </h1> +      <h2 th:text="#{gui.countryselection.header3}" > Betrieben durch das Bundesministerium für Inneres </h2> +    </div> + +    <h1 th:text="#{gui.countryselection.header.selection}"> Wählen Sie Ihr Land / Select your country </h1> + +    <div id="country"> +    <!-- Active countries -->             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img class="countryimage" src="$contextPath/img/countries/germany-eu_.png" alt="Germany-eID" +                        th:attr="src=@{/img/countries/germany-eu_.png},alt=#{gui.countryselection.country.de.logo.alt}"/></a> +                <input type="submit" role="button" value="Deutschland / Germany" th:attr="value=#{gui.countryselection.country.de}" /> +                <input type="hidden" name="selectedCountry" value="XX">               +                <input  type="hidden" name="pendingid"  value="$pendingid" th:attr="value=${pendingid}" />                 +            </form> +                                                +    </div> + +    <!-- Abbrechen Button --> +    <form   class="block" method="post"  action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}">  +      <input  type="submit" class="btn btn-outline-primary btn-block" value="Abbrechen/Cancel" th:attr="value=#{gui.countryselection.cancle}">                                     +      <input  type="hidden" name="stopAuthProcess" value="true" > +      <input  type="hidden" name="pendingid"  value="$pendingid" th:attr="value=${pendingid}"> +    </form> + +    <p th:text="#{gui.countryselection.notsupportedinfo}" >Wenn Sie Ihr Land in dieser Aufzählung nicht entdecken ... </p>  +    +<h2 th:text="#{gui.countryselection.infos.general.header}" > Information zur Anmeldung über Europäische eIDs </h2> +<p> +  <span th:text="#{gui.countryselection.infos.general.part.1}"> first part </span>         +  <a href="https://www.bmi.gv.at/" target="_blank" th:text="#{gui.countryselection.header1}" > Bundesministerium für Inneres </a>  +  <span th:text="#{gui.countryselection.infos.general.part.2}"> second part </span> +</p> +                                                                                                                +<p> +  <span th:text="#{gui.countryselection.infos.general.part.3}"> third part </span> +  <a href="https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32014R0910&from=DE" target="_blank" th:text="#{gui.countryselection.infos.general.link.1}"> eIDAS-Verordnung der Europäischen Union </a>   +  <span th:text="#{gui.countryselection.infos.general.part.4}"> fourth part </span> +</p> + +<p +  <span th:text="#{gui.countryselection.infos.general.part.5}"> fived part </span> +  <a href="https://www.dsb.gv.at/-/das-erganzungsregister-fur-naturliche-personen-ernp-" target="_blank" th:text="#{gui.countryselection.infos.general.link.2}" ></a> +  <span th:text="#{gui.countryselection.infos.general.part.6}"> sixed part </span>   +</p> + +  </div> +  <footer> +	<div class="copyright">© BUNDESMINISTERIUM FÜR INNERES</div> +	<div></div> + </footer> +</body> +</html> diff --git a/connector/src/test/resources/config/templates/countrySelection_example.html b/connector/src/test/resources/config/templates/countrySelection_example.html new file mode 100644 index 00000000..3b7c2d50 --- /dev/null +++ b/connector/src/test/resources/config/templates/countrySelection_example.html @@ -0,0 +1,210 @@ +<!DOCTYPE html> +<html xmlns:th="http://www.thymeleaf.org" +      xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout" +      layout:decorator="fragments/base" +      th:with="lang=${#locale.language}" th:lang="${lang}"> +       +<head> +  <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> +  <meta name="viewport" content="width=device-width, initial-scale=1"> +  <link rel="stylesheet" href="$contextPath/static/css/css_country.css" th:href="@{/static/css/css_country.css}"/> +  <script type="text/javascript" src="$contextPath/static/js/js_country.js" th:attr="src=@{/static/js/js_country.js}"></script>   +  <title th:text="#{gui.countryselection.title}">eIDAS-Login Länderauswahl</title> +</head> + +<body> +    <div id="page"> +      <div class="languageselection" th:include="language_selection :: selectlanguage"> +          LanguageSelectionBlock +      </div> +     +        <h2 th:text="#{gui.countryselection.header.selection}"> Select your country </h2> +        <div id="country"> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img class="countryimage" src="$contextPath/img/countries/germany-eu_.png" alt="Germany-eID" +                        th:attr="src=@{/img/countries/germany-eu_.png},alt=#{gui.countryselection.country.de.logo.alt}"/></a> +                <input type="submit" role="button" value="Deutschland / Germany" th:attr="value=#{gui.countryselection.country.de}" /> +                <input type="hidden" name="selectedCountry" value="DE">               +                <input  type="hidden" name="pendingid"  value="$pendingid" th:attr="value=${pendingid}" /> +                <select id="testEnvironment" name="selectedEnvironment">  +                       <option value="prod" th:text="#{gui.countryselection.mode.prod}">Production</option>  +                       <option value="qs" th:text="#{gui.countryselection.mode.qs}">QS</option> +                       <option value="test" th:text="#{gui.countryselection.mode.test}">Testing</option> +                       <option value="dev" th:text="#{gui.countryselection.mode.dev}">Development</option> +                </select> +            </form> +                        +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img class="countryimage" src="$contextPath/img/countries/Belgium-EU_gray.png" alt="Belgium-eID" +                        th:attr="src=@{img/countries/Belgium-EU_gray.png},alt=#{gui.countryselection.country.be.logo.alt}"/></a> +                <input type="submit" value="Belgium" th:attr="value=#{gui.countryselection.country.be}">  +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img disabled class="countryimage" src="$contextPath/img/countries/Bulgaria-EU_gray.png" alt="Bulgaria-eID" +                        th:attr="src=@{/img/countries/Bulgaria-EU_gray.png},alt=#{gui.countryselection.country.bg.logo.alt}"/></a> +                <input type="submit" value="Bulgaria" th:attr="value=#{gui.countryselection.country.bg}" disabled>  +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img class="countryimage" src="$contextPath/img/countries/Croatia-EU_gray.png" alt="Croatia-eID" +                        th:attr="src=@{/img/countries/Croatia-EU_gray.png},alt=#{gui.countryselection.country.hr.logo.alt}"/></a> +                <input type="submit" value="Croatia" th:attr="value=#{gui.countryselection.country.hr}">  +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img disabled class="countryimage" src="$contextPath/img/countries/Cyprus-EU_gray.png" alt="Cyprus-eID" +                        th:attr="src=@{/img/countries/Cyprus-EU_gray.png},alt=#{gui.countryselection.country.cy.logo.alt}"/></a>  +                <input type="submit" value="Cyprus" th:attr="value=#{gui.countryselection.country.cy}" disabled>  +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img class="countryimage" src="$contextPath/img/countries/CzechRepublic-EU_gray.png" alt="CzechRepublic-eID" +                        th:attr="src=@{/img/countries/CzechRepublic-EU_gray.png},alt=#{gui.countryselection.country.cz.logo.alt}"/></a> +                <input type="submit" value="CzechRepublic" th:attr="value=#{gui.countryselection.country.cz}">  +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img disabled class="countryimage" src="$contextPath/img/countries/Denmark-EU_gray.png" alt="Denmark-eID" +                        th:attr="src=@{/img/countries/Denmark-EU_gray.png},alt=#{gui.countryselection.country.dk.logo.alt}"/></a> +                <input type="submit" value="Denmark" th:attr="value=#{gui.countryselection.country.dk}" disabled>     +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img class="countryimage" src="$contextPath/img/countries/Estonia-EU_gray.png" alt="Estonia-eID" +                        th:attr="src=@{/img/countries/Estonia-EU_gray.png},alt=#{gui.countryselection.country.ee.logo.alt}"/></a> +                <input type="submit" value="Estonia" th:attr="value=#{gui.countryselection.country.ee}"> +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img disabled class="countryimage" src="$contextPath/img/countries/Finland-EU_gray.png" alt="Finland-eID" +                        th:attr="src=@{/img/countries/Finland-EU_gray.png},alt=#{gui.countryselection.country.fi.logo.alt}"/></a> +                <input type="submit" value="Finland" th:attr="value=#{gui.countryselection.country.fi}" disabled> +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img disabled class="countryimage" src="$contextPath/img/countries/France-EU_gray.png" alt="France-eID" +                        th:attr="src=@{/img/countries/France-EU_gray.png},alt=#{gui.countryselection.country.fr.logo.alt}"/></a> +                <input type="submit" value="France" th:attr="value=#{gui.countryselection.country.fr}" disabled> +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img disabled class="countryimage" src="$contextPath/img/countries/Greece-EU_gray.png" alt="Greece-eID" +                        th:attr="src=@{/img/countries/Greece-EU_gray.png},alt=#{gui.countryselection.country.gr.logo.alt}"/></a>  +                <input type="submit" value="Greece" th:attr="value=#{gui.countryselection.country.gr}" disabled>     +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img disabled class="countryimage" src="$contextPath/img/countries/Hungary-EU_gray.png" alt="Hungary-eID" +                        th:attr="src=@{/img/countries/Hungary-EU_gray.png},alt=#{gui.countryselection.country.hu.logo.alt}"/></a>  +                <input type="submit" value="Hungary" th:attr="value=#{gui.countryselection.country.hu}" disabled> +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img disabled class="countryimage" src="$contextPath/img/countries/Ireland-EU_gray.png" alt="Ireland-eID" +                        th:attr="src=@{/img/countries/Ireland-EU_gray.png},alt=#{gui.countryselection.country.ir.logo.alt}"/></a> +                <input type="submit" value="Ireland" th:attr="value=#{gui.countryselection.country.ir}" disabled> +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img class="countryimage" src="$contextPath/img/countries/Italy-EU_gray.png" alt="Italy-eID" +                        th:attr="src=@{/img/countries/Italy-EU_gray.png},alt=#{gui.countryselection.country.it.logo.alt}"/></a> +                <input type="submit" value="Italy" th:attr="value=#{gui.countryselection.country.it}"> +                <select id="testEnvironment" name="selectedEnvironment">  +                       <option value="prod" th:text="#{gui.countryselection.mode.prod}">Production</option>  +                       <option value="qs" th:text="#{gui.countryselection.mode.qs}">QS</option> +                       <option value="test" th:text="#{gui.countryselection.mode.test}">Testing</option> +                       <option value="dev" th:text="#{gui.countryselection.mode.dev}">Development</option> +                </select> +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img disabled class="countryimage" src="$contextPath/img/countries/Latvia-EU_gray.png" alt="Latvia-eID" +                        th:attr="src=@{/img/countries/Latvia-EU_gray.png},alt=#{gui.countryselection.country.lv.logo.alt}"/></a> +                <input type="submit" value="Latvia" th:attr="value=#{gui.countryselection.country.lv}" disabled>    +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img disabled class="countryimage" src="$contextPath/img/countries/Luxembourg-EU_gray.png" alt="Luxembourg-eID" +                        th:attr="src=@{/img/countries/Luxembourg-EU_gray.png},alt=#{gui.countryselection.country.lu.logo.alt}"/></a> +                <input type="submit" value="Luxembourg" th:attr="value=#{gui.countryselection.country.lu}" disabled> +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img disabled class="countryimage" src="$contextPath/img/countries/Malta-EU_gray.png" alt="Malta-eID" +                        th:attr="src=@{/img/countries/Malta-EU_gray.png},alt=#{gui.countryselection.country.mt.logo.alt}"/></a> +                <input type="submit" value="Malta" th:attr="value=#{gui.countryselection.country.mt}" disabled> +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img class="countryimage" src="$contextPath/img/countries/Poland-EU_gray.png" alt="Poland-eID" +                        th:attr="src=@{/img/countries/Poland-EU_gray.png},alt=#{gui.countryselection.country.pl.logo.alt}"/></a> +                <input type="submit" value="Poland" th:attr="value=#{gui.countryselection.country.pl}"> +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img class="countryimage" src="$contextPath/img/countries/Portugal-EU_gray.png" alt="Portugal-eID" +                        th:attr="src=@{/img/countries/Portugal-EU_gray.png},alt=#{gui.countryselection.country.pt.logo.alt}"/></a>  +                <input type="submit" value="Portugal" th:attr="value=#{gui.countryselection.country.pt}">    +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img disabled class="countryimage" src="$contextPath/img/countries/Romania-EU_gray.png" alt="Romania-eID" +                        th:attr="src=@{/img/countries/Romania-EU_gray.png},alt=#{gui.countryselection.country.ro.logo.alt}"/></a>  +                <input type="submit" value="Romania" th:attr="value=#{gui.countryselection.country.ro}" disabled>    +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img disabled class="countryimage" src="$contextPath/img/countries/Slovakia-EU_gray.png" alt="Slovakia-eID" +                        th:attr="src=@{/img/countries/Slovakia-EU_gray.png},alt=#{gui.countryselection.country.sk.logo.alt}"/></a> +                <input type="submit" value="Slovakia" th:attr="value=#{gui.countryselection.country.sk}" disabled>    +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img class="countryimage" src="$contextPath/img/countries/Slovenia-EU_gray.png" alt="Slovenia-eID" +                        th:attr="src=@{/img/countries/Slovenia-EU_gray.png},alt=#{gui.countryselection.country.si.logo.alt}"/></a> +                <input type="submit" value="Slovenia" th:attr="value=#{gui.countryselection.country.si}">    +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img class="countryimage" src="$contextPath/img/countries/Spain-EU_gray.png" alt="Spain-eID" +                        th:attr="src=@{/img/countries/Spain-EU_gray.png},alt=#{gui.countryselection.country.es.logo.alt}"/></a> +                <input type="submit" value="Spain" th:attr="value=#{gui.countryselection.country.es}">    +                <select id="testEnvironment" name="selectedEnvironment">  +                       <option value="prod" th:text="#{gui.countryselection.mode.prod}">Production</option>  +                       <option value="qs" th:text="#{gui.countryselection.mode.qs}">QS</option> +                       <option value="test" th:text="#{gui.countryselection.mode.test}">Testing</option> +                       <option value="dev" th:text="#{gui.countryselection.mode.dev}">Development</option> +                </select> +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img disabled class="countryimage" src="$contextPath/img/countries/Sweden-EU_gray.png" alt="Sweden-eID" +                        th:attr="src=@{/img/countries/Sweden-EU_gray.png},alt=#{gui.countryselection.country.se.logo.alt}"/></a> +                <input type="submit" value="Sweden" th:attr="value=#{gui.countryselection.country.se}" disabled>    +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img class="countryimage" src="$contextPath/img/countries/TheNetherlands-EU_gray.jpg" alt="TheNetherlands-eID" +                        th:attr="src=@{/img/countries/TheNetherlands-EU_gray.jpg},alt=#{gui.countryselection.country.nl.logo.alt}"/></a>  +                <input type="submit" value="Netherlands" th:attr="value=#{gui.countryselection.country.nl}">    +            </form> +             +            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> +                <a><img disabled class="countryimage" src="$contextPath/img/countries/UnitedKingdom-EU_gray.png" alt="UnitedKingdom-eID" +                        th:attr="src=@{/img/countries/UnitedKingdom-EU_gray.png},alt=#{gui.countryselection.country.uk.logo.alt}"/></a> +                <input type="submit" value="United Kingdom" th:attr="value=#{gui.countryselection.country.uk}" disabled> +            </form> +             +        </div> +         +        <form   class="block" method="post"  action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}">  +          <input  type="submit" class="btn btn-outline-primary btn-block" value="Abbrechen/Cancel" th:attr="value=#{gui.countryselection.cancle}">                                     +          <input  type="hidden" name="stopAuthProcess" value="true" > +          <input  type="hidden" name="pendingid"  value="$pendingid" th:attr="value=${pendingid}"> +        </form> +         +    </div> +</body> +</html> diff --git a/connector/src/test/resources/config/templates/eidas_node_forward.html b/connector/src/test/resources/config/templates/eidas_node_forward.html new file mode 100644 index 00000000..186937d7 --- /dev/null +++ b/connector/src/test/resources/config/templates/eidas_node_forward.html @@ -0,0 +1,36 @@ +<!DOCTYPE html> +<html xmlns:th="http://www.thymeleaf.org" +      xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout" +      layout:decorator="fragments/base" +      th:with="lang=${#locale.language}" th:lang="${lang}"> +<head> +  <script src="$contextPath/autocommit.js" +          th:attr="src=@{/autocommit.js}"></script> +</head> +<body> +	<noscript> +		<p> +			<strong>Note:</strong> Since your browser does not support +			JavaScript, you must press the Continue button once to proceed. +		</p> +	</noscript> + +	<div id="alert">Your login is being processed. Thank you for +		waiting.</div> + +	<form 	action="${endPoint}" method="post" target="_parent" +			th:attr="action=@{${endPoint}}"> +		<div> +			<input type="hidden" name="${tokenName}" value="${tokenValue}" +			 	   th:attr="value=${tokenValue},name=${tokenName}" /> +		</div> +		<noscript> +			<div> +				<p>Your browser does not support JavaScript. Click the button to continuing the process .</p> +				<input type="submit" value="Continue" /> +			</div> +		</noscript> +	</form> + +</body> +</html>
\ No newline at end of file diff --git a/connector/src/test/resources/config/templates/error_message.html b/connector/src/test/resources/config/templates/error_message.html new file mode 100644 index 00000000..da423592 --- /dev/null +++ b/connector/src/test/resources/config/templates/error_message.html @@ -0,0 +1,37 @@ +<!DOCTYPE HTML> +<html xmlns:th="http://www.thymeleaf.org" +      xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout" +      layout:decorator="fragments/base" +      th:with="lang=${#locale.language}" th:lang="${lang}"> +       +  <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> +  <link rel="stylesheet" href="$contextPath/css/css_error.css"  th:href="@{/css/css_error.css}" /> +   +  <title th:text="#{gui.errorpage.msg.title}">An error arise ...  </title> +</head> + +<body> +  <div id="page"> +		<div id="page1" class="case selected-case" role="main"> +			<h2 class="OA_header" role="heading">Authentication error arise</h2> +	         +	        <div class="hell" role="application" > +            <h2 class="OA_header" role="heading" th:text="#{gui.errorpage.msg.title}">Error Header</h2> +             +              <div id="alert_area" class="hell" role="application" > +                <p th:text="#{gui.errorpage.msg.information}">Error Information</p> +                  <br/> +		              <p><b th:text="#{gui.errorpage.msg.errorcode}">Code :</b> <span th:text="${msg.errorCode}"></span></p>  +                  <p><b th:text="#{gui.errorpage.msg.errormsg}">Msg   :</b > <span th:text="${#messages.msgWithParams('__${msg.errorCode}__', '__${msg.errorParams}__')}"></span></p> +	            </div>	 +                                                                                                      <!-- errorMsg -->	 +	        </div>	 + +	        <div th:if="${stacktrace}"> +            <p><b th:text="#{gui.errorpage.msg.stacktrace}">fullError</b> <span th:text="${stacktrace}"></span></p>  +	        </div> + +		</div> +	</div> +</body> +</html>
\ No newline at end of file diff --git a/connector/src/test/resources/config/templates/language_selection.html b/connector/src/test/resources/config/templates/language_selection.html new file mode 100644 index 00000000..a268eb17 --- /dev/null +++ b/connector/src/test/resources/config/templates/language_selection.html @@ -0,0 +1,15 @@ +<!DOCTYPE html SYSTEM "http://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-4.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" +      xmlns:th="http://www.thymeleaf.org"> + +  <body> +   +    <div th:fragment="selectlanguage"> +        <a th:href="@{|${submitEndpoint}?pendingid=${pendingid}|(lang='de')}" th:text="#{gui.general.language.selection.de}">Spache1</a> +        <span>    </span> +        <a th:href="@{|${submitEndpoint}?pendingid=${pendingid}|(lang='en')}" th:text="#{gui.general.language.selection.en}">Spache2</a> +    </div> +   +  </body> +   +</html>
\ No newline at end of file diff --git a/connector/src/test/resources/config/templates/pvp2_post_binding.html b/connector/src/test/resources/config/templates/pvp2_post_binding.html new file mode 100644 index 00000000..90858237 --- /dev/null +++ b/connector/src/test/resources/config/templates/pvp2_post_binding.html @@ -0,0 +1,36 @@ +## ## Velocity Template for SAML 2 HTTP-POST binding ## ## Velocity +##context may contain the following properties ## action - String - the +##action URL for the form ## RelayState - String - the relay state for the +##message ## SAMLRequest - String - the Base64 encoded SAML Request ## +##SAMLResponse - String - the Base64 encoded SAML Response +<!DOCTYPE html> +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> +<head> +  <script src="$contextPath/autocommit.js"></script> +</head> +<body> +	<noscript> +		<p> +			<strong>Note:</strong> Since your browser does not support +			JavaScript, you must press the Continue button once to proceed. +		</p> +	</noscript> + +	<div id="alert">Your login is being processed. Thank you for +		waiting.</div> + +	<form action="${action}" method="post" target="_parent"> +		<div> +			#if($RelayState)   <input type="hidden" name="RelayState" value="${RelayState}"/>     #end  +			#if($SAMLRequest)  <input type="hidden" name="SAMLRequest" value="${SAMLRequest}" />  #end +			#if($SAMLResponse) <input type="hidden" name="SAMLResponse" value="${SAMLResponse}" /> #end +		</div> +		<noscript> +			<div> +				<input type="submit" value="Continue" /> +			</div> +		</noscript> +	</form> + +</body> +</html>
\ No newline at end of file diff --git a/connector/src/test/resources/config/webcontent/css/css_country.css b/connector/src/test/resources/config/webcontent/css/css_country.css new file mode 100644 index 00000000..4091955f --- /dev/null +++ b/connector/src/test/resources/config/webcontent/css/css_country.css @@ -0,0 +1,137 @@ +@charset "utf-8"; +    body { +         background-image: none; +	       margin:		0px; +      	 font-family:	"Helvetica Neue", Helvetica, Arial, sans-serif; +    } +    #page { +        padding-top: 2%; +        padding-left: 10%; +    } +     +    #country { +        display: flex; +        flex-direction: row; +        flex-wrap: wrap; +        align-items: center; +    } + +    .block { +        display: flex; +        flex-direction: row; +        flex-wrap: wrap; +        cursor: pointer; +        text-decoration: none; +        padding-right:2%; +        width: 250px; +    } +     +    .countryimage { +        width:50px; +        height:50px; +        padding-right: 2%; +        padding-bottom: 4%; +    } + +    input[type=button], input[type=submit], input[type=reset] { +       display:flex; +        background-color:transparent; +        border:none; +        color: black; +        text-decoration: none; +        cursor: pointer;   +    } +    #testEnvironment { +        border: none; +        color: black; +        padding: 10px 20px; +        text-decoration: none; +        margin: 4px 2px; +        height: 3%; +        display: inline-block; +        vertical-align: middle; +        width: 40%;   +    } +    #button{ +        background-color: transparent; +        border:none; +    } +    div.header {  +	      background-color: #e9ecef; +	      padding-top: 28px; +      	padding-left: 137px; +      	padding-right: 137px; +      	padding-bottom: 12px; +    } +    div.titlebar {  +        padding: 0px; +    } +    div.titlebar div {  +    } +    .hidden { +        display: none; +    } +    ul.nav_oben { +      	padding: 0px; +      	margin: 0px; +      	text-align: right; +      	text-transform: uppercase; +    } +    li { +      	display: inline-block; +    }	 +    div.header a { +      	text-decoration: none; +      	color: black; +    } +    a { +      	text-decoration: none; +      	color: #a22c1c; +    } +    .content { +      	padding-left: 137px; +        padding-right: 137px; +    } +    div.subtitle h1 { +      	padding: 0px; +      	margin: 0px; +      	font-size: 130%; +      	align: right; +    } +    div.subtitle h2 { +      	padding: 0px; +      	margin: 0px; +      	font-size: 115%; +    } +    footer { +        position: fixed; +        left: 0; +        padding-left: 137px; +        padding-right: 137px; +        padding-top: 1em; +        bottom: 0; +        width: 100%; +        height: 2em; +        background-color: rgb(162,44,28); +        color: white; +    } +    .float { +      	float: left; +    } +    .floatright { +      	float: right; +    } +    .copyright { +      	width: 66%; +      	font-size: 80%; +    } +    #countries,#country { +      	padding-bottom: 40px;  +    } +    input[type=submit] { +      	width: inherit; +        /*	text-align: left; */ +    } +    form { +      	justify-content: center; +    }
\ No newline at end of file diff --git a/connector/src/test/resources/config/webcontent/js/js_country.js b/connector/src/test/resources/config/webcontent/js/js_country.js new file mode 100644 index 00000000..5dcea90e --- /dev/null +++ b/connector/src/test/resources/config/webcontent/js/js_country.js @@ -0,0 +1,42 @@ +function clickCountryFlag(element) { +	if (!element) return false; + +	var form = element.target.closest("form");  + +	if (!form) return false; + +	form.submit(); +	return false; +} + + +/* Set JS events by EventListener to prevent problems with CSP*/ +document.addEventListener("DOMContentLoaded", function(event) { + +  /* Element.closest polyfill - https://developer.mozilla.org/en-US/docs/Web/API/Element/closest License: public domain*/ +  if (!Element.prototype.matches) +      Element.prototype.matches = Element.prototype.msMatchesSelector ||  +                                Element.prototype.webkitMatchesSelector; + +  if (!Element.prototype.closest) +      Element.prototype.closest = function(s) { +        var el = this; +        if (!document.documentElement.contains(el)) return null; +        do { +            if (el.matches(s)) return el; +            el = el.parentElement || el.parentNode; +        } while (el !== null && el.nodeType === 1);  +        return null; +    }; + +  /* set Click events by EventListener to prevent JavaScript in HTML which can be a problem with CSP*/ +  var allFlags = document.getElementsByClassName("countryimage"); +  for (i=0;i<allFlags.length;i++) { +    if(allFlags[i].getAttribute("disabled") == null) { +      allFlags[i].closest("a").addEventListener('click', clickCountryFlag, false); +    } +  } +}); + + + diff --git a/connector/src/test/resources/data/pvp2_authn_1.xml b/connector/src/test/resources/data/pvp2_authn_1.xml new file mode 100644 index 00000000..ff5f08a5 --- /dev/null +++ b/connector/src/test/resources/data/pvp2_authn_1.xml @@ -0,0 +1,40 @@ +<?xml version="1.0" encoding="UTF-8"?> +<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceIndex="0" Destination="https://vidp.gv.at/ms_connector/pvp/post" ID="_27f4ce57e524e483446654a34cf886e2" IsPassive="false" IssueInstant="2019-12-11T10:50:19.032Z" ProviderName="OpenID Connect Demo" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema"> +  <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata</saml2:Issuer> +  <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> +    <ds:SignedInfo> +      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> +      <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> +      <ds:Reference URI="#_27f4ce57e524e483446654a34cf886e2"> +        <ds:Transforms> +          <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> +          <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> +            <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/> +          </ds:Transform> +        </ds:Transforms> +        <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> +        <ds:DigestValue>OTDjTr2Y/xyuiHiisFcjOUlEcOCRxdgZfukAV8g7WnQ=</ds:DigestValue> +      </ds:Reference> +    </ds:SignedInfo> +    <ds:SignatureValue>BPvuK5PY1Sjp96U4Xt/153XfGqGegYJlndjiKfZLSG5tZC/mYLE6HCsRtm9a71pbOpuVwBMkTIclVuAskEfRBxLEZyb04xENUY6fMbypdGMXsBCO3Dn46XuEibLmkLJFoIRQKoejmR3uJKvOKrJtsY7xDXvOT8GZehYJlK2Qcr3V7fZu93ZrISnhFRZVkcBWRk6BOTgtHuDK+QjEa81UNijNWoaQcKfXZkUIOX9ge+2hWF75CTsxHUmDg/E9neAgzRfozGcvmdo6BZHXbFRekoHozMBEtg7qy4HWMUz2ckz7xNnHcb0H8QGIioOTqzozegiDfZfX/Q3h8ZPOjKoapw==</ds:SignatureValue> +    <ds:KeyInfo> +      <ds:X509Data> +        <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate> +      </ds:X509Data> +    </ds:KeyInfo> +  </ds:Signature> +  <saml2p:Extensions> +    <eid:RequestedAttributes xmlns:eid="http://eid.gv.at/eID/attributes/saml-extensions"> +      <eid:RequestedAttribute FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"> +        <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">urn:publicid:gv.at:cdid+BF</eid:AttributeValue> +      </eid:RequestedAttribute> +    </eid:RequestedAttributes> +  </saml2p:Extensions> +  <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/> +  <saml2p:RequestedAuthnContext Comparison="minimum"> +    <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://eidas.europa.eu/LoA/low</saml2:AuthnContextClassRef> +  </saml2p:RequestedAuthnContext> +  <saml2p:Scoping> +    <saml2p:RequesterID>https://demo.egiz.gv.at/demoportal-openID_demo</saml2p:RequesterID> +  </saml2p:Scoping> +</saml2p:AuthnRequest>
\ No newline at end of file diff --git a/connector/src/test/resources/data/pvp2_authn_2.xml b/connector/src/test/resources/data/pvp2_authn_2.xml new file mode 100644 index 00000000..5f21af05 --- /dev/null +++ b/connector/src/test/resources/data/pvp2_authn_2.xml @@ -0,0 +1,40 @@ +<?xml version="1.0" encoding="UTF-8"?> +<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceIndex="0" Destination="https://vidp.gv.at/ms_connector/pvp/post" ID="_27f4ce57e524e483446654a34cf886e2" IsPassive="false" IssueInstant="2019-12-11T10:50:19.032Z" ProviderName="OpenID Connect Demo" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema"> +  <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata</saml2:Issuer> +  <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> +    <ds:SignedInfo> +      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> +      <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> +      <ds:Reference URI="#_27f4ce57e524e483446654a34cf886e2"> +        <ds:Transforms> +          <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> +          <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> +            <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/> +          </ds:Transform> +        </ds:Transforms> +        <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> +        <ds:DigestValue>OTDjTr2Y/xyuiHiisFcjOUlEcOCRxdgZfukAV8g7WnQ=</ds:DigestValue> +      </ds:Reference> +    </ds:SignedInfo> +    <ds:SignatureValue>BPvuK5PY1Sjp96U4Xt/153XfGqGegYJlndjiKfZLSG5tZC/mYLE6HCsRtm9a71pbOpuVwBMkTIclVuAskEfRBxLEZyb04xENUY6fMbypdGMXsBCO3Dn46XuEibLmkLJFoIRQKoejmR3uJKvOKrJtsY7xDXvOT8GZehYJlK2Qcr3V7fZu93ZrISnhFRZVkcBWRk6BOTgtHuDK+QjEa81UNijNWoaQcKfXZkUIOX9ge+2hWF75CTsxHUmDg/E9neAgzRfozGcvmdo6BZHXbFRekoHozMBEtg7qy4HWMUz2ckz7xNnHcb0H8QGIioOTqzozegiDfZfX/Q3h8ZPOjKoapw==</ds:SignatureValue> +    <ds:KeyInfo> +      <ds:X509Data> +        <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate> +      </ds:X509Data> +    </ds:KeyInfo> +  </ds:Signature> +  <saml2p:Extensions> +    <eid:RequestedAttributes xmlns:eid="http://eid.gv.at/eID/attributes/saml-extensions"> +      <eid:RequestedAttribute FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"> +        <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">urn:publicid:gv.at:cdid+BF</eid:AttributeValue> +      </eid:RequestedAttribute> +    </eid:RequestedAttributes> +  </saml2p:Extensions> +  <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/> +  <saml2p:RequestedAuthnContext Comparison="minimum"> +    <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://eidas.europa.eu/LoA/substantial</saml2:AuthnContextClassRef> +  </saml2p:RequestedAuthnContext> +  <saml2p:Scoping> +    <saml2p:RequesterID>https://demo.egiz.gv.at/demoportal-openID_demo</saml2p:RequesterID> +  </saml2p:Scoping> +</saml2p:AuthnRequest>
\ No newline at end of file diff --git a/connector/src/test/resources/data/pvp2_authn_3.xml b/connector/src/test/resources/data/pvp2_authn_3.xml new file mode 100644 index 00000000..bf356da7 --- /dev/null +++ b/connector/src/test/resources/data/pvp2_authn_3.xml @@ -0,0 +1,40 @@ +<?xml version="1.0" encoding="UTF-8"?> +<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceIndex="0" Destination="https://vidp.gv.at/ms_connector/pvp/post" ID="_27f4ce57e524e483446654a34cf886e2" IsPassive="false" IssueInstant="2019-12-11T10:50:19.032Z" ProviderName="OpenID Connect Demo" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema"> +  <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata</saml2:Issuer> +  <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> +    <ds:SignedInfo> +      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> +      <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> +      <ds:Reference URI="#_27f4ce57e524e483446654a34cf886e2"> +        <ds:Transforms> +          <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> +          <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> +            <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/> +          </ds:Transform> +        </ds:Transforms> +        <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> +        <ds:DigestValue>OTDjTr2Y/xyuiHiisFcjOUlEcOCRxdgZfukAV8g7WnQ=</ds:DigestValue> +      </ds:Reference> +    </ds:SignedInfo> +    <ds:SignatureValue>BPvuK5PY1Sjp96U4Xt/153XfGqGegYJlndjiKfZLSG5tZC/mYLE6HCsRtm9a71pbOpuVwBMkTIclVuAskEfRBxLEZyb04xENUY6fMbypdGMXsBCO3Dn46XuEibLmkLJFoIRQKoejmR3uJKvOKrJtsY7xDXvOT8GZehYJlK2Qcr3V7fZu93ZrISnhFRZVkcBWRk6BOTgtHuDK+QjEa81UNijNWoaQcKfXZkUIOX9ge+2hWF75CTsxHUmDg/E9neAgzRfozGcvmdo6BZHXbFRekoHozMBEtg7qy4HWMUz2ckz7xNnHcb0H8QGIioOTqzozegiDfZfX/Q3h8ZPOjKoapw==</ds:SignatureValue> +    <ds:KeyInfo> +      <ds:X509Data> +        <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate> +      </ds:X509Data> +    </ds:KeyInfo> +  </ds:Signature> +  <saml2p:Extensions> +    <eid:RequestedAttributes xmlns:eid="http://eid.gv.at/eID/attributes/saml-extensions"> +      <eid:RequestedAttribute FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"> +        <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">urn:publicid:gv.at:cdid+XX</eid:AttributeValue> +      </eid:RequestedAttribute> +    </eid:RequestedAttributes> +  </saml2p:Extensions> +  <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/> +  <saml2p:RequestedAuthnContext Comparison="minimum"> +    <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://eidas.europa.eu/LoA/high</saml2:AuthnContextClassRef> +  </saml2p:RequestedAuthnContext> +  <saml2p:Scoping> +    <saml2p:RequesterID>https://demo.egiz.gv.at/demoportal-openID_demo</saml2p:RequesterID> +  </saml2p:Scoping> +</saml2p:AuthnRequest>
\ No newline at end of file | 
