stuck on how to test

1 files changed, 98 insertions, 21 deletions

diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java
index 763d8dab..5a551649 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java
@@ -33,9 +33,7 @@ import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
 import java.security.UnrecoverableKeyException;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Map;
+import java.util.*;
 
 import javax.annotation.PostConstruct;
 import javax.net.ssl.KeyManager;
@@ -56,7 +54,10 @@ import javax.xml.ws.BindingProvider;
 import javax.xml.ws.Dispatch;
 import javax.xml.ws.handler.Handler;
 
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.lang3.time.StopWatch;
 import org.apache.cxf.configuration.jsse.TLSClientParameters;
 import org.apache.cxf.endpoint.Client;
 import org.apache.cxf.frontend.ClientProxy;
@@ -79,15 +80,7 @@ import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
 import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
 import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
 import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils;
-import szrservices.GetBPK;
-import szrservices.GetBPKResponse;
-import szrservices.GetIdentityLinkEidas;
-import szrservices.GetIdentityLinkEidasResponse;
-import szrservices.IdentityLinkType;
-import szrservices.ObjectFactory;
-import szrservices.PersonInfoType;
-import szrservices.SZR;
-import szrservices.SZRException_Exception;
+import szrservices.*;
 
 @Service("SZRClientForeIDAS")
 public class SzrClient {
@@ -109,9 +102,11 @@ public class SzrClient {
   private String szrUrl = null;
   private QName qname = null;
 
+  final ObjectMapper mapper = new ObjectMapper();
+
   /**
    * Get IdentityLink of a person.
-   * 
+   *
    * @param personInfo Person identification information
    * @return IdentityLink
    * @throws SzrCommunicationException In case of a SZR error
@@ -165,7 +160,7 @@ public class SzrClient {
 
     } catch (final Exception e) {
       log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e);
-      throw new SzrCommunicationException("ernb.02", new Object[] { e.getMessage() }, e);
+      throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e);
 
     }
 
@@ -173,19 +168,19 @@ public class SzrClient {
 
   /**
    * Get bPK of person.
-   * 
+   *
    * @param personInfo Person identification information
-   * @param target requested bPK target
-   * @param vkz Verfahrenskennzeichen
+   * @param target     requested bPK target
+   * @param vkz        Verfahrenskennzeichen
    * @return bPK for this person
    * @throws SzrCommunicationException In case of a SZR error
    */
-  public String getBpk(PersonInfoType personInfo, String target, String vkz)
+  public List<String> getBpk(PersonInfoType personInfo, String target, String vkz)
       throws SzrCommunicationException {
     try {
       final GetBPK parameters = new GetBPK();
       parameters.setPersonInfo(personInfo);
-      parameters.setBereichsKennung(target);
+      parameters.getBereichsKennung().add(target);
       parameters.setVKZ(vkz);
       final GetBPKResponse result = this.szr.getBPK(parameters);
 
@@ -193,16 +188,98 @@ public class SzrClient {
 
     } catch (final SZRException_Exception e) {
       log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e);
-      throw new SzrCommunicationException("ernb.02", new Object[] { e.getMessage() }, e);
+      throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e);
 
     }
 
   }
 
+  /**
+   * Request a encryped baseId from SRZ.
+   *
+   * @param personInfo Minimum dataset of person
+   * @return encrypted baseId
+   * @throws SzrCommunicationException    In case of a SZR error
+   */
+  public String getEncryptedStammzahl(final PersonInfoType personInfo)
+      throws SzrCommunicationException {
+
+    final String resp;
+    try {
+      resp = this.szr.getStammzahlEncrypted(personInfo, false);
+    } catch (SZRException_Exception e) {
+      throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e);
+    }
+
+    if (resp == null || StringUtils.isEmpty(resp)) {
+      throw new SzrCommunicationException("ernb.01", new Object[]{"Stammzahl response empty"}); // TODO error handling
+    }
+
+    return resp;
+
+  }
+
+
+  /**
+   * Signs content.
+   *
+   * @param vsz ? TODO
+   * @param bindingPubKey  binding PublikKey as PKCS1# (ASN.1) container
+   * @param eidStatus Status of the E-ID
+   * @return bPK for this person
+   * @throws SzrCommunicationException In case of a SZR error
+   */
+  public String getBcBind(final String vsz, final String bindingPubKey, final String eidStatus)
+      throws SzrCommunicationException {
+
+    final String ATTR_NAME_VSZ = "urn:eidgvat:attributes.vsz.value";
+    final String ATTR_NAME_PUBKEYS = "urn:eidgvat:attributes.user.pubkeys";
+    final String ATTR_NAME_STATUS = "urn:eidgvat:attributes.eid.status";
+    final String KEY_BC_BIND = "bcBindReq";
+    final String JOSE_HEADER_USERCERTPINNING_TYPE = "urn:at.gv.eid:bindtype";
+    final String JOSE_HEADER_USERCERTPINNING_EIDASBIND = "urn:at.gv.eid:eidasBind";
+
+    final Map<String, Object> bcBindMap = new HashMap<>();
+    bcBindMap.put(ATTR_NAME_VSZ, vsz);
+    bcBindMap.put(ATTR_NAME_STATUS, eidStatus);
+    bcBindMap.put(ATTR_NAME_PUBKEYS, Arrays.asList(bindingPubKey));
+
+    try {
+      final String serializedBcBind = mapper.writeValueAsString(bcBindMap);
+      final SignContent req = new SignContent();
+      final SignContentEntry bcBindInfo = new SignContentEntry();
+      bcBindInfo.setKey(KEY_BC_BIND);
+      bcBindInfo.setValue(serializedBcBind);
+      req.getIn().add(bcBindInfo);
+      req.setAppendCert(false);
+      final JwsHeaderParam bcBindJoseHeader = new JwsHeaderParam();
+      bcBindJoseHeader.setKey(JOSE_HEADER_USERCERTPINNING_TYPE);
+      bcBindJoseHeader.setValue(JOSE_HEADER_USERCERTPINNING_EIDASBIND);
+      req.getJWSHeaderParam().add(bcBindJoseHeader);
+
+      log.trace("Requesting SZR to sign bcBind datastructure ... ");
+      final SignContentResponseType resp = szr.signContent(req.isAppendCert(), req.getJWSHeaderParam(), req.getIn());
+      log.trace("Receive SZR response on bcBind siging operation ");
+
+      if (resp == null
+          || resp.getOut().isEmpty()
+          || resp.getOut().get(0).getValue() == null) {
+        throw new SzrCommunicationException("ernb.01", new Object[]{"BcBind response empty"}); //TODO check error handling
+      }
+
+      return resp.getOut().get(0).getValue();
+
+    } catch (final JsonProcessingException | SZRException_Exception e) {
+      log.warn("Requesting bcBind by using SZR FAILED. Reason: {}", e.getMessage(), null, e);
+      throw new SzrCommunicationException("ernb.02",
+          new Object[]{e.getMessage()}, e);
+    }
+  }
+
   @PostConstruct
   private void initialize() {
     log.info("Starting SZR-Client initialization .... ");
-    final URL url = SzrClient.class.getResource("/szr_client/SZR-1.1.WSDL");
+    final URL url = SzrClient.class.getResource("/szr_client/SZR_v4.0.wsdl");
 
     final boolean useTestSzr = basicConfig.getBasicConfigurationBoolean(
         Constants.CONIG_PROPS_EIDAS_SZRCLIENT_USETESTSERVICE,