Refactor tasks for MobilePhoneSignature login and tests

3 files changed, 65 insertions, 60 deletions

diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleMobileSignatureData.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleMobileSignatureData.java
index 2a7beb3b..e7a5547a 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleMobileSignatureData.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleMobileSignatureData.java
@@ -24,12 +24,12 @@
 package at.asitplus.eidas.specific.modules.auth.eidas.v2.dao;
 
 import lombok.Data;
+import org.apache.commons.lang3.builder.EqualsBuilder;
 
 @Data
 public class SimpleMobileSignatureData {
 
   private String citizenCountryCode;
-
   private String bpk;
   private String givenName;
   private String familyName;
@@ -37,19 +37,15 @@ public class SimpleMobileSignatureData {
 
   /**
    * Compares the received authentication data from the mobile phone signature with the eid data received via eIDAS.
+   *
    * @param simpleEidasData The extracted eIDAS data
    * @return Returns true, if the eIDAS data matches the mobile phone signature data and false otherwise.
    */
   public boolean equalsSimpleEidasData(SimpleEidasData simpleEidasData) {
-    if (!simpleEidasData.getGivenName().equals(givenName)) {
-      return false;
-    }
-    if (!simpleEidasData.getFamilyName().equals(familyName)) {
-      return false;
-    }
-    if (!simpleEidasData.getDateOfBirth().equals(dateOfBirth)) {
-      return false;
-    }
-    return true;
+    return new EqualsBuilder()
+        .append(simpleEidasData.getGivenName(), givenName)
+        .append(simpleEidasData.getFamilyName(), familyName)
+        .append(simpleEidasData.getDateOfBirth(), dateOfBirth)
+        .isEquals();
   }
 }
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java
index 81be04b5..0f40b337 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java
@@ -64,7 +64,6 @@ import org.opensaml.messaging.decoder.MessageDecodingException;
 import org.opensaml.saml.saml2.core.Response;
 import org.opensaml.saml.saml2.core.StatusCode;
 import org.opensaml.saml.saml2.metadata.IDPSSODescriptor;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
 import javax.servlet.http.HttpServletRequest;
@@ -86,16 +85,12 @@ import static at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.I
  */
 @Slf4j
 @Component("ReceiveMobilePhoneSignatureResponseTask")
-public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends AbstractAuthServletTask {
+public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServletTask {
 
-  @Autowired
-  private SamlVerificationEngine samlVerificationEngine;
-  @Autowired
-  private RegisterSearchService registerSearchService;
-  @Autowired
-  private IdAustriaClientAuthCredentialProvider credentialProvider;
-  @Autowired
-  IdAustriaClientAuthMetadataProvider metadataProvider;
+  private final SamlVerificationEngine samlVerificationEngine;
+  private final RegisterSearchService registerSearchService;
+  private final IdAustriaClientAuthCredentialProvider credentialProvider;
+  private final IdAustriaClientAuthMetadataProvider metadataProvider;
 
   private static final String ERROR_PVP_03 = "sp.pvp2.03";
   private static final String ERROR_PVP_05 = "sp.pvp2.05";
@@ -107,9 +102,22 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends
 
   private static final String ERROR_MSG_00 = "Receive INVALID PVP Response from ID Austria system";
   private static final String ERROR_MSG_01 = "Processing PVP response from 'ID Austria system' FAILED.";
-  private static final String ERROR_MSG_02 = "PVP response decrytion FAILED. No credential found.";
+  private static final String ERROR_MSG_02 = "PVP response decryption FAILED. No credential found.";
   private static final String ERROR_MSG_03 = "PVP response validation FAILED.";
 
+  /**
+   * Creates the new task, with autowired dependencies from Spring.
+   */
+  public ReceiveMobilePhoneSignatureResponseTask(SamlVerificationEngine samlVerificationEngine,
+                                                 RegisterSearchService registerSearchService,
+                                                 IdAustriaClientAuthCredentialProvider credentialProvider,
+                                                 IdAustriaClientAuthMetadataProvider metadataProvider) {
+    this.samlVerificationEngine = samlVerificationEngine;
+    this.registerSearchService = registerSearchService;
+    this.credentialProvider = credentialProvider;
+    this.metadataProvider = metadataProvider;
+  }
+
   @Override
   public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
       throws TaskExecutionException {
@@ -118,7 +126,7 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends
       IDecoder decoder = loadDecoder(request);
       EaafUriCompare comparator = loadComparator(request);
       InboundMessage inboundMessage = decodeAndVerifyMessage(request, response, decoder, comparator);
-      final Pair<PvpSProfileResponse, Boolean> processedMsg = validateAssertion((PvpSProfileResponse) inboundMessage);
+      Pair<PvpSProfileResponse, Boolean> processedMsg = validateAssertion((PvpSProfileResponse) inboundMessage);
       if (processedMsg.getSecond()) {
         stopProcessFromUserDecision(executionContext, request, response);
         return;
@@ -138,30 +146,22 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends
        *
        */
 
-      final AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+      AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
       MergedRegisterSearchResult initialSearchResult =
           authProcessData.getGenericDataFromSession(DATA_INITIAL_REGISTER_RESULT, MergedRegisterSearchResult.class);
       SimpleEidasData eidasData = authProcessData.getGenericDataFromSession(DATA_SIMPLE_EIDAS, SimpleEidasData.class);
+      String bpkZp = extractBpkZp(extractor, authProcessData, eidasData);
 
-      SimpleMobileSignatureData simpleMobileSignatureData = getAuthDataFromInterfederation(extractor, authProcessData);
-      if (!simpleMobileSignatureData.equalsSimpleEidasData(eidasData)) {
-        //TODO User has cheated?
-        throw new InvalidUserInputException();
-      }
-
-      String bpkZp = simpleMobileSignatureData.getBpk();
       MergedRegisterSearchResult result = registerSearchService.searchWithBpkZp(bpkZp);
       if (result.getResultCount() == 0) {
-        //go to step 16
         executionContext.put(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK, true);
         return;
       } else if (result.getResultCount() == 1) {
         String bpk = registerSearchService.step7aKittProcess(initialSearchResult, result, eidasData, pendingReq);
         authProcessData.setGenericDataToSession(Constants.DATA_RESULT_MATCHING_BPK, bpk);
         return;
-        //node 110
       } else if (result.getResultCount() > 1) {
-        throw new ManualFixNecessaryException("bpkZp: " + bpkZp);// node 108
+        throw new ManualFixNecessaryException("bpkZp: " + bpkZp);
       }
 
       // set NeedConsent to false, because user gives consent during authentication
@@ -180,7 +180,7 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends
       throw new TaskExecutionException(pendingReq, ERROR_MSG_01,
           new AuthnResponseValidationException(ERROR_PVP_12, new Object[]{MODULE_NAME_FOR_LOGGING, e.getMessage()}, e));
     } catch (final CredentialsNotAvailableException e) {
-      log.debug("PVP response decrytion FAILED. No credential found.", e);
+      log.debug("PVP response decryption FAILED. No credential found.", e);
       throw new TaskExecutionException(pendingReq, ERROR_MSG_02,
           new AuthnResponseValidationException(ERROR_PVP_10, new Object[]{MODULE_NAME_FOR_LOGGING}, e));
     } catch (final Exception e) {
@@ -191,6 +191,17 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends
     }
   }
 
+  private String extractBpkZp(AssertionAttributeExtractor extractor,
+                              AuthProcessDataWrapper authProcessData,
+                              SimpleEidasData eidasData) throws EaafBuilderException, InvalidUserInputException {
+    SimpleMobileSignatureData simpleMobileSignatureData = getAuthDataFromInterfederation(extractor, authProcessData);
+    if (!simpleMobileSignatureData.equalsSimpleEidasData(eidasData)) {
+      //TODO User has cheated?
+      throw new InvalidUserInputException();
+    }
+    return simpleMobileSignatureData.getBpk();
+  }
+
   @NotNull
   private InboundMessage decodeAndVerifyMessage(HttpServletRequest request, HttpServletResponse response,
                                                 IDecoder decoder, EaafUriCompare comparator) throws Exception {
@@ -297,33 +308,31 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask extends
       throws EaafBuilderException {
     List<String> requiredAttributes = IdAustriaClientAuthConstants.DEFAULT_REQUIRED_PVP_ATTRIBUTE_NAMES;
     SimpleMobileSignatureData result = new SimpleMobileSignatureData();
-    try {
-      if (!extractor.containsAllRequiredAttributes(requiredAttributes)) {
-        log.warn("PVP Response from 'ID Austria node' contains not all requested attributes.");
-        throw new AssertionValidationExeption(ERROR_PVP_06, new Object[]{MODULE_NAME_FOR_LOGGING});
+    if (!extractor.containsAllRequiredAttributes(requiredAttributes)) {
+      log.warn("PVP Response from 'ID Austria node' contains not all requested attributes.");
+      AssertionValidationExeption e = new AssertionValidationExeption(ERROR_PVP_06,
+          new Object[]{MODULE_NAME_FOR_LOGGING});
+      throw new EaafBuilderException(ERROR_PVP_06, null, e.getMessage(), e);
+    }
+    final Set<String> includedAttrNames = extractor.getAllIncludeAttributeNames();
+    for (final String attrName : includedAttrNames) {
+      if (PvpAttributeDefinitions.BPK_NAME.equals(attrName)) {
+        result.setBpk(extractor.getSingleAttributeValue(attrName));
       }
-      final Set<String> includedAttrNames = extractor.getAllIncludeAttributeNames();
-      for (final String attrName : includedAttrNames) {
-        if (PvpAttributeDefinitions.BPK_NAME.equals(attrName)) {
-          result.setBpk(extractor.getSingleAttributeValue(attrName));
-        }
-        if (PvpAttributeDefinitions.GIVEN_NAME_NAME.equals(attrName)) {
-          result.setGivenName(extractor.getSingleAttributeValue(attrName));
-        }
-        if (PvpAttributeDefinitions.PRINCIPAL_NAME_NAME.equals(attrName)) {
-          result.setFamilyName(extractor.getSingleAttributeValue(attrName));
-        }
-        if (PvpAttributeDefinitions.BIRTHDATE_NAME.equals(attrName)) {
-          result.setDateOfBirth(extractor.getSingleAttributeValue(attrName));
-        }
-        if (PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME.equals(attrName)) {
-          authProcessData.setQaaLevel(extractor.getSingleAttributeValue(attrName));
-        }
+      if (PvpAttributeDefinitions.GIVEN_NAME_NAME.equals(attrName)) {
+        result.setGivenName(extractor.getSingleAttributeValue(attrName));
+      }
+      if (PvpAttributeDefinitions.PRINCIPAL_NAME_NAME.equals(attrName)) {
+        result.setFamilyName(extractor.getSingleAttributeValue(attrName));
+      }
+      if (PvpAttributeDefinitions.BIRTHDATE_NAME.equals(attrName)) {
+        result.setDateOfBirth(extractor.getSingleAttributeValue(attrName));
+      }
+      if (PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME.equals(attrName)) {
+        authProcessData.setQaaLevel(extractor.getSingleAttributeValue(attrName));
       }
-      authProcessData.setIssueInstant(extractor.getAssertionIssuingDate());
-    } catch (final AssertionValidationExeption e) {
-      throw new EaafBuilderException(ERROR_PVP_06, null, e.getMessage(), e);
     }
+    authProcessData.setIssueInstant(extractor.getAssertionIssuingDate());
     return result;
   }
 
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
index 34046e55..ed086493 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
@@ -121,7 +121,7 @@
         scope="prototype" />
 
   <bean id="ReceiveMobilePhoneSignatureResponseTask"
-        class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask"
+        class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveMobilePhoneSignatureResponseTask"
         scope="prototype" />
 
   <bean id="GenerateAustrianResidenceGuiTask"