refactoring of ID Austria connection client and add/update of jUnit tests

9 files changed, 1342 insertions, 597 deletions

diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/config/EidasConnectorMessageSourceTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/config/EidasConnectorMessageSourceTest.java
new file mode 100644
index 00000000..1f96b25c
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/config/EidasConnectorMessageSourceTest.java
@@ -0,0 +1,43 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.config;
+
+import java.util.List;
+
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.io.Resource;
+import org.springframework.core.io.ResourceLoader;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.logging.IMessageSourceLocation;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"})
+@DirtiesContext
+public class EidasConnectorMessageSourceTest {
+
+  @Autowired
+  private ResourceLoader loader;
+  @Autowired(required = false)
+  private List<IMessageSourceLocation> messageSources;
+
+  @Test
+  public void checkMessageSources() {
+    Assert.assertNotNull("No messageSource", messageSources);
+
+    for (final IMessageSourceLocation messageSource : messageSources) {
+      Assert.assertNotNull("No sourcePath", messageSource.getMessageSourceLocation());
+
+      for (final String el : messageSource.getMessageSourceLocation()) {
+        final Resource messages = loader.getResource(el + ".properties");
+        Assert.assertTrue("Source not exist", messages.exists());
+
+      }
+    }
+  }
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaAuthSignalControllerTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaAuthSignalControllerTest.java
new file mode 100644
index 00000000..cddcd11c
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaAuthSignalControllerTest.java
@@ -0,0 +1,197 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.idaustriaclient;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.util.SerializationUtils;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.controller.IdAustriaClientAuthSignalController;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.ExceptionContainer;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
+import at.gv.egiz.eaaf.core.api.utils.IPendingRequestIdGenerationStrategy;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyProtocolAuthService;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.spring.test.DummyTransactionStorage.DummyDbEntry;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"
+})
+public class IdAustriaAuthSignalControllerTest {
+
+  @Autowired(required = true)
+  private IdAustriaClientAuthSignalController controller;
+  @Autowired(required = true)
+  private ITransactionStorage cache;
+  @Autowired(required = true)
+  private IPendingRequestIdGenerationStrategy pendingReqGeneration;
+  @Autowired(required = true)
+  private IRequestStorage reqStorage;
+  @Autowired(required = true)
+  private IConfiguration basicConfig;
+  @Autowired private ITransactionStorage transactionStorage;
+  
+  @Autowired private DummyProtocolAuthService protAuthService;
+
+  @Test
+  public void noRelayState() throws IOException, EaafException {
+    final MockHttpServletRequest httpReq =
+        new MockHttpServletRequest("POST", "https://localhost/authhandler");
+    final MockHttpServletResponse httpResp = new MockHttpServletResponse();
+
+    controller.performAuthentication(httpReq, httpResp);
+    Assert.assertEquals("httpStausCode", 200, httpResp.getStatus());
+
+    final String errorId = protAuthService.getErrorKey();
+    final Object error = cache.get(errorId);
+    Assert.assertNotNull("Error is null", error);
+    org.springframework.util.Assert.isInstanceOf(byte[].class,
+        ((DummyDbEntry) error).getObj());
+    final Object errorObj = SerializationUtils.deserialize((byte[]) ((DummyDbEntry) error).getObj());
+    org.springframework.util.Assert.isInstanceOf(ExceptionContainer.class, errorObj);
+    org.springframework.util.Assert.isInstanceOf(EaafException.class,
+        ((ExceptionContainer) errorObj).getExceptionThrown());
+
+  }
+
+  @Test
+  public void validRelayStateNoPendingReqId() throws EaafException, IOException {
+    final String pendingReqId = pendingReqGeneration.generateExternalPendingRequestId();
+    final MockHttpServletRequest httpReq =
+        new MockHttpServletRequest("POST", "https://localhost/authhandler");
+    httpReq.addParameter(IdAustriaClientAuthSignalController.HTTP_PARAM_RELAYSTATE, pendingReqId);
+    final MockHttpServletResponse httpResp = new MockHttpServletResponse();
+
+    controller.performAuthentication(httpReq, httpResp);
+    Assert.assertEquals("httpStausCode", 200, httpResp.getStatus());
+
+    final String errorId = protAuthService.getErrorKey();
+    final Object error = cache.get(errorId);
+    Assert.assertNotNull("Error is null", error);
+    org.springframework.util.Assert.isInstanceOf(byte[].class,
+        ((DummyDbEntry) error).getObj());
+    final Object errorObj = SerializationUtils.deserialize((byte[]) ((DummyDbEntry) error).getObj());
+    org.springframework.util.Assert.isInstanceOf(ExceptionContainer.class, errorObj);
+    org.springframework.util.Assert.isInstanceOf(EaafException.class,
+        ((ExceptionContainer) errorObj).getExceptionThrown());
+    //TODO:
+    Assert.assertEquals("ErrorCode not match", "auth.26",
+        ((EaafException) ((ExceptionContainer) errorObj).getExceptionThrown()).getErrorId());
+
+  }
+
+  @Test
+  public void validRelayStateSuspectPendingReqId() throws EaafException, IOException {
+    String relayState = RandomStringUtils.randomAlphanumeric(10);    
+    transactionStorage.put(relayState, false, -1);
+    
+    final MockHttpServletRequest httpReq =
+        new MockHttpServletRequest("POST", "https://localhost/authhandler");
+    httpReq.addParameter(IdAustriaClientAuthSignalController.HTTP_PARAM_RELAYSTATE, relayState);
+    final MockHttpServletResponse httpResp = new MockHttpServletResponse();
+
+    controller.performAuthentication(httpReq, httpResp);
+    Assert.assertEquals("httpStausCode", 200, httpResp.getStatus());
+
+    final String errorId = protAuthService.getErrorKey();
+    final Object error = cache.get(errorId);
+    Assert.assertNotNull("Error is null", error);
+    org.springframework.util.Assert.isInstanceOf(byte[].class,
+        ((DummyDbEntry) error).getObj());
+    final Object errorObj = SerializationUtils.deserialize((byte[]) ((DummyDbEntry) error).getObj());
+    org.springframework.util.Assert.isInstanceOf(ExceptionContainer.class, errorObj);
+    org.springframework.util.Assert.isInstanceOf(EaafException.class,
+        ((ExceptionContainer) errorObj).getExceptionThrown());
+    //TODO:
+    Assert.assertEquals("ErrorCode not match", "auth.26",
+        ((EaafException) ((ExceptionContainer) errorObj).getExceptionThrown()).getErrorId());
+    
+    Assert.assertNull("RelayState was not removed", transactionStorage.get(relayState));
+
+  }
+  
+  @Test
+  public void validRelayStateNoPendingReq() throws EaafException, IOException {
+    final String pendingReqId = pendingReqGeneration.generateExternalPendingRequestId();
+    String relayState = RandomStringUtils.randomAlphanumeric(10);    
+    transactionStorage.put(relayState, pendingReqId, -1);
+    
+    final MockHttpServletRequest httpReq =
+        new MockHttpServletRequest("POST", "https://localhost/authhandler");
+    httpReq.addParameter(IdAustriaClientAuthSignalController.HTTP_PARAM_RELAYSTATE, relayState);
+    final MockHttpServletResponse httpResp = new MockHttpServletResponse();
+
+    controller.performAuthentication(httpReq, httpResp);
+    Assert.assertEquals("httpStausCode", 200, httpResp.getStatus());
+
+    final String errorId = protAuthService.getErrorKey();
+    final Object error = cache.get(errorId);
+    Assert.assertNotNull("Error is null", error);
+    org.springframework.util.Assert.isInstanceOf(byte[].class,
+        ((DummyDbEntry) error).getObj());
+    final Object errorObj = SerializationUtils.deserialize((byte[]) ((DummyDbEntry) error).getObj());
+    org.springframework.util.Assert.isInstanceOf(ExceptionContainer.class, errorObj);
+    org.springframework.util.Assert.isInstanceOf(EaafException.class,
+        ((ExceptionContainer) errorObj).getExceptionThrown());
+    Assert.assertEquals("ErrorCode not match", "auth.28",
+        ((EaafException) ((ExceptionContainer) errorObj).getExceptionThrown()).getErrorId());
+
+    Assert.assertNull("RelayState was not removed", transactionStorage.get(relayState));
+    
+  }
+  
+  @Test
+  public void validRelayStateWithPendingReq() throws EaafException, IOException {
+    final String pendingReqId = pendingReqGeneration.generateExternalPendingRequestId();
+
+    String relayState = RandomStringUtils.randomAlphanumeric(10);    
+    transactionStorage.put(relayState, pendingReqId, -1);
+    
+    final TestRequestImpl pendingReq = new TestRequestImpl();
+    pendingReq.setPendingReqId(pendingReqId);
+    pendingReq.setAuthUrl("http://localhost/idp");
+    final Map<String, String> spConfigMap = new HashMap<>();
+    spConfigMap.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "http://test.sp");
+    final DummySpConfiguration spConfig = new DummySpConfiguration(spConfigMap, basicConfig);
+    pendingReq.setSpConfig(spConfig);
+    reqStorage.storePendingRequest(pendingReq);
+
+    final MockHttpServletRequest httpReq =
+        new MockHttpServletRequest("POST", "https://localhost/authhandler");
+    httpReq.addParameter(IdAustriaClientAuthSignalController.HTTP_PARAM_RELAYSTATE, relayState);
+    final MockHttpServletResponse httpResp = new MockHttpServletResponse();
+
+    controller.performAuthentication(httpReq, httpResp);
+
+    Assert.assertEquals("httpStausCode", 200, httpResp.getStatus());
+
+    final String errorId = protAuthService.getErrorKey();
+    final Object error = cache.get(errorId);
+    Assert.assertNotNull("Error is null", error);
+    org.springframework.util.Assert.isInstanceOf(byte[].class,
+        ((DummyDbEntry) error).getObj());
+    final Object errorObj = SerializationUtils.deserialize((byte[]) ((DummyDbEntry) error).getObj());
+    org.springframework.util.Assert.isInstanceOf(ExceptionContainer.class, errorObj);
+    org.springframework.util.Assert.isInstanceOf(EaafException.class,
+        ((ExceptionContainer) errorObj).getExceptionThrown());
+    Assert.assertEquals("ErrorCode not match",
+        "PendingRequest object is not of type 'RequestImpl.class'",
+        ((EaafException) ((ExceptionContainer) errorObj).getExceptionThrown()).getErrorId());
+  }
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthHealthCheckTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthHealthCheckTest.java
new file mode 100644
index 00000000..a583ab2a
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthHealthCheckTest.java
@@ -0,0 +1,128 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.idaustriaclient;
+
+import org.joda.time.DateTime;
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
+import org.opensaml.core.xml.io.MarshallingException;
+import org.opensaml.core.xml.io.UnmarshallingException;
+import org.opensaml.core.xml.util.XMLObjectSupport;
+import org.opensaml.saml.saml2.metadata.EntityDescriptor;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.actuate.health.Health;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.w3c.dom.Element;
+
+import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.provider.IdAustriaClientAuthHealthCheck;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.provider.IdAustriaClientAuthMetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.api.utils.IPvp2CredentialProvider;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
+import net.shibboleth.utilities.java.support.resolver.ResolverException;
+import net.shibboleth.utilities.java.support.xml.SerializeSupport;
+import net.shibboleth.utilities.java.support.xml.XMLParserException;
+import okhttp3.HttpUrl;
+import okhttp3.mockwebserver.MockResponse;
+import okhttp3.mockwebserver.MockWebServer;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"
+})
+public class IdAustriaClientAuthHealthCheckTest {
+
+  @Autowired private IdAustriaClientAuthHealthCheck toCheck;
+  @Autowired protected MsConnectorDummyConfigMap config;
+  @Autowired private IPvp2CredentialProvider credentialProvider;
+  @Autowired IdAustriaClientAuthMetadataProvider provider;
+  
+  private static MockWebServer mockWebServer;
+  private static HttpUrl mockServerUrl;
+  
+  /**
+   * JUnit class initializer.
+   *
+   * @throws Exception In case of an OpenSAML3 initialization error
+   */
+  @BeforeClass
+  public static void classInitializer() throws Exception {
+    EaafOpenSaml3xInitializer.eaafInitialize();
+
+    mockWebServer = new MockWebServer();
+    mockServerUrl = mockWebServer.url("/sp/metadata");
+
+  }
+ 
+  @Test
+  public void notActive() {
+    //set-up test
+    config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ID_AUSTRIA_ENTITYID, 
+        null);
+    
+    //perform check
+    Health status = toCheck.health();
+    
+    //evaluate status
+    Assert.assertEquals("wrong status", Health.unknown().build().getStatus(), status.getStatus());
+    
+  }
+  
+  @Test
+  public void success() throws SamlSigningException, CredentialsNotAvailableException, 
+      XMLParserException, UnmarshallingException, MarshallingException {
+
+    //set-up test
+    config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ID_AUSTRIA_ENTITYID, 
+        mockServerUrl.url().toString());
+    injectValidHttpMetadata(mockServerUrl.url().toString());
+    
+    //perform check
+    Health status = toCheck.health();
+    
+    //evaluate status
+    Assert.assertEquals("wrong status", Health.up().build().getStatus(), status.getStatus());
+        
+  }
+  
+  @Test
+  public void invalid() throws SamlSigningException, CredentialsNotAvailableException, 
+      XMLParserException, UnmarshallingException, MarshallingException, ResolverException {
+    //set-up test
+    provider.clear();
+    config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ID_AUSTRIA_ENTITYID, 
+        "http://localhost:1234/junit/metadata");
+        
+    //perform check
+    Health status = toCheck.health();
+    
+    //evaluate status
+    Assert.assertEquals("wrong status", Health.outOfService().build().getStatus(), status.getStatus());
+    
+  }
+  
+  private String injectValidHttpMetadata(String dynEntityId) throws XMLParserException,
+      UnmarshallingException, MarshallingException, SamlSigningException, CredentialsNotAvailableException {
+    final EntityDescriptor metadata = (EntityDescriptor) XMLObjectSupport.unmarshallFromInputStream(
+    XMLObjectProviderRegistrySupport.getParserPool(),
+    IdAustriaClientAuthHealthCheckTest.class.getResourceAsStream("/data/idp_metadata_no_sig.xml"));
+    metadata.setValidUntil(DateTime.now().plusDays(1));
+    metadata.setSignature(null);
+    metadata.setEntityID(dynEntityId);
+    Saml2Utils.signSamlObject(metadata, credentialProvider.getMetaDataSigningCredential(), true);
+    final Element metadataElement = XMLObjectSupport.marshall(metadata);
+    mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+        .setBody(SerializeSupport.nodeToString(metadataElement))
+        .setHeader("Content-Type", "text/html;charset=utf-8"));
+    return dynEntityId;
+
+}
+  
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthMetadataControllerTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthMetadataControllerTest.java
index c99c6e6a..4671684f 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthMetadataControllerTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthMetadataControllerTest.java
@@ -3,18 +3,10 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.idaustriaclient;
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.UnsupportedEncodingException;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.List;
 
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthCredentialProvider;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthMetadataController;
-import at.gv.egiz.eaaf.core.test.dummy.DummyAuthConfigMap;
 import org.junit.Assert;
 import org.junit.Before;
 import org.junit.BeforeClass;
-import org.junit.Ignore;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
@@ -24,16 +16,16 @@ import org.opensaml.saml.common.xml.SAMLConstants;
 import org.opensaml.saml.metadata.resolver.filter.FilterException;
 import org.opensaml.saml.saml2.metadata.EntityDescriptor;
 import org.opensaml.saml.saml2.metadata.SPSSODescriptor;
-import org.opensaml.security.x509.BasicX509Credential;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
 import org.springframework.test.annotation.DirtiesContext;
 import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.TestPropertySource;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 
-import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.controller.IdAustriaClientAuthMetadataController;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.provider.IdAustriaClientAuthCredentialProvider;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
 import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
 import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
@@ -43,14 +35,11 @@ import net.shibboleth.utilities.java.support.xml.XMLParserException;
 
 
 @RunWith(SpringJUnit4ClassRunner.class)
-//@TestPropertySource(locations = {"classpath:/config/junit_config_de_attributes.properties"})
-@TestPropertySource(locations = { "classpath:/config/junit_config_1_springboot.properties" })
 @ContextConfiguration(locations = {
     "/SpringTest-context_tasks_test.xml",
     "/SpringTest-context_basic_mapConfig.xml"
 })
 @DirtiesContext(classMode = DirtiesContext.ClassMode.AFTER_CLASS)
-@Ignore
 public class IdAustriaClientAuthMetadataControllerTest {
 
   private MockHttpServletRequest httpReq;
@@ -58,7 +47,6 @@ public class IdAustriaClientAuthMetadataControllerTest {
 
   @Autowired private IdAustriaClientAuthMetadataController controller;
   @Autowired private IdAustriaClientAuthCredentialProvider credProvider;
-  @Autowired private DummyAuthConfigMap config;
 
   /**
    * JUnit class initializer.
@@ -80,28 +68,17 @@ public class IdAustriaClientAuthMetadataControllerTest {
     httpReq.setContextPath("/authhandler");
     httpResp = new MockHttpServletResponse();
 
-    config.removeConfigValue("core.legacy.allowLegacyMode");
-    config.removeConfigValue("modules.eidascentralauth.semper.mandates.active");
-    config.removeConfigValue("modules.eidascentralauth.required.additional.attributes.1");
-    config.removeConfigValue("modules.eidascentralauth.required.additional.attributes.2");
-    config.removeConfigValue("modules.eidascentralauth.required.additional.attributes.3");
-    config.removeConfigValue("modules.eidascentralauth.required.additional.attributes.4");
-    config.removeConfigValue("modules.eidascentralauth.required.additional.attributes.5");
-    config.removeConfigValue("modules.eidascentralauth.required.additional.attributes.6");
-
   }
 
   @Test
   public void buildMetadataValidInEidMode() throws IOException, EaafException,
       XMLParserException, UnmarshallingException, FilterException {
-    config.putConfigValue("core.legacy.allowLegacyMode", "false");
-    config.putConfigValue("modules.eidascentralauth.semper.mandates.active", "false");
 
     //build metdata
     controller.getSpMetadata(httpReq, httpResp);
 
     //check result
-    validateResponse(6);
+    validateResponse(7);
 
   }
 
@@ -137,10 +114,6 @@ public class IdAustriaClientAuthMetadataControllerTest {
 
     Assert.assertFalse("AssertionConsumerServices",
         spSsoDesc.getAssertionConsumerServices().isEmpty());
-    Assert.assertFalse("ContactPersons",
-        metadata.getContactPersons().isEmpty());
-    Assert.assertNotNull("ContactPersons",
-        metadata.getOrganization());
 
     Assert.assertFalse("KeyDescriptors",
         spSsoDesc.getKeyDescriptors().isEmpty());
@@ -157,13 +130,4 @@ public class IdAustriaClientAuthMetadataControllerTest {
         spSsoDesc.getAttributeConsumingServices().get(0).getRequestAttributes().size());
 
   }
-
-  private List<BasicX509Credential> convertX509Certs(List<X509Certificate> certs) {
-    final List<BasicX509Credential> result = new ArrayList<>();
-    for (final X509Certificate cert : certs) {
-      result.add(new BasicX509Credential(cert));
-
-    }
-    return result;
-  }
 }
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthMetadataProviderFirstTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthMetadataProviderFirstTest.java
new file mode 100644
index 00000000..da10fc54
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthMetadataProviderFirstTest.java
@@ -0,0 +1,238 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.idaustriaclient;
+
+import java.io.IOException;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.joda.time.DateTime;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.opensaml.core.criterion.EntityIdCriterion;
+import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
+import org.opensaml.core.xml.io.MarshallingException;
+import org.opensaml.core.xml.io.UnmarshallingException;
+import org.opensaml.core.xml.util.XMLObjectSupport;
+import org.opensaml.saml.saml2.metadata.EntityDescriptor;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.w3c.dom.Element;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.provider.IdAustriaClientAuthMetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.api.utils.IPvp2CredentialProvider;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException;
+import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
+import at.gv.egiz.eaaf.modules.pvp2.test.metadata.MetadataResolverTest;
+import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
+import net.shibboleth.utilities.java.support.resolver.ResolverException;
+import net.shibboleth.utilities.java.support.xml.SerializeSupport;
+import net.shibboleth.utilities.java.support.xml.XMLParserException;
+import okhttp3.HttpUrl;
+import okhttp3.mockwebserver.MockResponse;
+import okhttp3.mockwebserver.MockWebServer;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"
+})
+public class IdAustriaClientAuthMetadataProviderFirstTest {
+
+  @Autowired
+  IPvp2CredentialProvider credentialProvider;
+  @Autowired
+  IdAustriaClientAuthMetadataProvider provider;
+  @Autowired
+  PvpMetadataResolverFactory resolverFactory;
+
+  private static MockWebServer mockWebServer;
+  private static HttpUrl mockServerUrl;
+
+  /**
+   * JUnit class initializer.
+   *
+   * @throws Exception In case of an OpenSAML3 initialization error
+   */
+  @BeforeClass
+  public static void classInitializer() throws Exception {
+    EaafOpenSaml3xInitializer.eaafInitialize();
+
+    mockWebServer = new MockWebServer();
+    mockServerUrl = mockWebServer.url("/sp/metadata");
+
+  }
+
+  /**
+   * jUnit test set-up.
+   * 
+   * @throws ResolverException
+   *
+   */
+  @Before
+  public void testSetup() {
+    provider.fullyDestroy();
+
+  }
+
+  @Test
+  public void simpleManuelAddingTest() throws Pvp2MetadataException, ResolverException {
+    final IPvp2MetadataProvider resolver1 = resolverFactory.createMetadataProvider(
+        "classpath:/data/idp_metadata_sig_notvalid.xml",
+        null, "junit", null);
+    Assert.assertNotNull("Resolver 1 is null", resolver1);
+    provider.addMetadataResolverIntoChain(resolver1);
+
+    final IPvp2MetadataProvider resolver2 = resolverFactory.createMetadataProvider(
+        "classpath:/data/idp_metadata_sig_valid_wrong_alg.xml",
+        null, "junit", null);
+    Assert.assertNotNull("Resolver 2 is null", resolver2);
+    provider.addMetadataResolverIntoChain(resolver2);
+
+    final EntityDescriptor entity1 = provider.getEntityDescriptor("https://localEntity");
+    Assert.assertNotNull("Entity 1 not found", entity1);
+
+    final EntityDescriptor entity2 = provider.getEntityDescriptor(
+        "https://vidp.gv.at/ms_connector/pvp/metadata");
+    Assert.assertNotNull("Entity 2 not found", entity2);
+
+    final EntityDescriptor entity3 = provider.getEntityDescriptor("https://egiz.gv.at/abababa");
+    Assert.assertNull("Entity 3 found", entity3);
+
+  }
+
+  @Test
+  public void dynamicLoadingNoValidSignature() throws ResolverException {
+    final EntityDescriptor entity = provider.getEntityDescriptor("classpath:/data/idp_metadata_no_sig2.xml");
+    Assert.assertNull("Entity found", entity);
+
+  }
+
+  @Test
+  public void dynamicLoadingValidSignature() throws XMLParserException, UnmarshallingException,
+      SamlSigningException, CredentialsNotAvailableException, MarshallingException, ResolverException {
+
+    final String entityId = injectValidHttpMetadata();
+    final EntityDescriptor entity = provider.getEntityDescriptor(entityId);
+    Assert.assertNotNull("Entity not found", entity);
+
+  }
+
+  @Test
+  public void reloadNotPossible() throws XMLParserException, UnmarshallingException,
+      SamlSigningException, CredentialsNotAvailableException, MarshallingException, ResolverException {
+
+    final String entityId = injectValidHttpMetadata();
+    final EntityDescriptor entity = provider.getEntityDescriptor(entityId);
+    Assert.assertNotNull("Entity not found", entity);
+    Assert.assertNotNull("Entity not found",
+        provider.resolveSingle(generateEntityIdCreteria(entityId)));
+
+    Assert.assertFalse("Refresh should not be possible",
+        provider.refreshMetadataProvider(entityId));
+
+    final EntityDescriptor entity2 = provider.getEntityDescriptor(entityId);
+    Assert.assertNull("Entity not found", entity2);
+    Assert.assertNull("Entity not found",
+        provider.resolveSingle(generateEntityIdCreteria(entityId)));
+
+    Assert.assertFalse("Last refresh", provider.wasLastRefreshSuccess());
+
+  }
+
+  @Test
+  public void refeshTest() throws Pvp2MetadataException, ResolverException {
+    Assert.assertFalse("Last refresh", provider.wasLastRefreshSuccess());
+    Assert.assertNull("LastRefresh", provider.getLastRefresh());
+    Assert.assertNull("LastSuccessfulRefresh", provider.getLastSuccessfulRefresh());
+    Assert.assertNull("LastUpdate", provider.getLastUpdate());
+
+    final IPvp2MetadataProvider resolver1 = resolverFactory.createMetadataProvider(
+        "classpath:/data/idp_metadata_sig_notvalid.xml",
+        null, "junit", null);
+    Assert.assertNotNull("Resolver 1 is null", resolver1);
+    provider.addMetadataResolverIntoChain(resolver1);
+
+    final IPvp2MetadataProvider resolver2 = resolverFactory.createMetadataProvider(
+        "classpath:/data/idp_metadata_sig_valid_wrong_alg.xml",
+        null, "junit", null);
+    Assert.assertNotNull("Resolver 2 is null", resolver2);
+    provider.addMetadataResolverIntoChain(resolver2);
+
+    provider.refresh();
+
+    Assert.assertTrue("Last refresh", provider.wasLastRefreshSuccess());
+    Assert.assertNotNull("LastRefresh", provider.getLastRefresh());
+    Assert.assertNotNull("LastSuccessfulRefresh", provider.getLastSuccessfulRefresh());
+    Assert.assertNotNull("LastUpdate", provider.getLastUpdate());
+
+  }
+
+  @Test
+  public void reloadPossible() throws XMLParserException, UnmarshallingException,
+      SamlSigningException, CredentialsNotAvailableException, MarshallingException, ResolverException,
+      IOException {
+
+    mockWebServer.shutdown();
+    mockWebServer = new MockWebServer();
+    mockServerUrl = mockWebServer.url("/sp/metadata");
+
+    final String entityId = injectValidHttpMetadata();
+    final EntityDescriptor entity = provider.getEntityDescriptor(entityId);
+    Assert.assertNotNull("Entity not found", entity);
+    Assert.assertNotNull("Entity not found",
+        provider.resolveSingle(generateEntityIdCreteria(entityId)));
+
+    Assert.assertFalse("Last refresh", provider.wasLastRefreshSuccess());
+
+    injectValidHttpMetadata(entityId);
+    Assert.assertTrue("Refresh should not be possible",
+        provider.refreshMetadataProvider(entityId));
+
+    final EntityDescriptor entity2 = provider.getEntityDescriptor(entityId);
+    Assert.assertNotNull("Entity not found", entity2);
+    Assert.assertNotNull("Entity not found",
+        provider.resolveSingle(generateEntityIdCreteria(entityId)));
+
+    Assert.assertFalse("Last refresh", provider.wasLastRefreshSuccess());
+
+  }
+
+  private String injectValidHttpMetadata() throws SamlSigningException, CredentialsNotAvailableException,
+      XMLParserException, UnmarshallingException, MarshallingException {
+    return injectValidHttpMetadata(mockServerUrl.url().toString()
+        + "/" + RandomStringUtils.randomAlphabetic(5));
+  }
+
+  private String injectValidHttpMetadata(String dynEntityId) throws XMLParserException,
+      UnmarshallingException,
+      MarshallingException, SamlSigningException, CredentialsNotAvailableException {
+    final EntityDescriptor metadata = (EntityDescriptor) XMLObjectSupport.unmarshallFromInputStream(
+        XMLObjectProviderRegistrySupport.getParserPool(),
+        MetadataResolverTest.class.getResourceAsStream("/data/idp_metadata_no_sig.xml"));
+    metadata.setValidUntil(DateTime.now().plusDays(1));
+    metadata.setSignature(null);
+    metadata.setEntityID(dynEntityId);
+    Saml2Utils.signSamlObject(metadata, credentialProvider.getMetaDataSigningCredential(), true);
+    final Element metadataElement = XMLObjectSupport.marshall(metadata);
+    mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+        .setBody(SerializeSupport.nodeToString(metadataElement))
+        .setHeader("Content-Type", "text/html;charset=utf-8"));
+
+    return dynEntityId;
+
+  }
+
+  private CriteriaSet generateEntityIdCreteria(String entityId) {
+    final CriteriaSet result = new CriteriaSet();
+    result.add(new EntityIdCriterion(entityId));
+    return result;
+
+  }
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthMetadataProviderSecondTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthMetadataProviderSecondTest.java
new file mode 100644
index 00000000..3ee6ddcd
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthMetadataProviderSecondTest.java
@@ -0,0 +1,66 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.idaustriaclient;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.opensaml.saml.saml2.metadata.EntityDescriptor;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.provider.IdAustriaClientAuthMetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
+import net.shibboleth.utilities.java.support.resolver.ResolverException;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"
+})
+public class IdAustriaClientAuthMetadataProviderSecondTest {
+
+  @Autowired
+  IdAustriaClientAuthMetadataProvider provider;
+
+  /**
+   * JUnit class initializer.
+   *
+   * @throws Exception In case of an OpenSAML3 initialization error
+   */
+  @BeforeClass
+  public static void classInitializer() throws Exception {
+    EaafOpenSaml3xInitializer.eaafInitialize();
+
+  }
+
+  /**
+   * jUnit test set-up.
+   *
+   * @throws ResolverException
+   *
+   */
+  @Before
+  public void testSetup() {
+    provider.fullyDestroy();
+
+  }
+
+  @Test
+  public void notTrustedX509CertsInTrustStore() throws ResolverException {
+    final EntityDescriptor entity = provider.getEntityDescriptor("classpath:/data/idp_metadata_no_sig2.xml");
+    Assert.assertNull("Entity found", entity);
+
+  }
+
+  @Test
+  public void readStaticInfos() {
+    Assert.assertEquals("wrong providerId",
+        IdAustriaClientAuthMetadataProvider.PROVIDER_ID, provider.getId());
+
+    provider.runGarbageCollector();
+
+  }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientCredentialProviderTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientCredentialProviderTest.java
new file mode 100644
index 00000000..3e37e1a6
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientCredentialProviderTest.java
@@ -0,0 +1,414 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.idaustriaclient;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.BeansException;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import com.google.common.base.Optional;
+import com.google.common.base.Predicates;
+import com.google.common.base.Throwables;
+import com.google.common.collect.FluentIterable;
+
+import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.provider.IdAustriaClientAuthCredentialProvider;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafFactoryException;
+import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_basic_lazy.xml",
+    "/SpringTest-context_basic_mapConfig.xml"
+})
+@DirtiesContext
+public class IdAustriaClientCredentialProviderTest {
+
+  private static final String PATH_JKS = "../keystore/junit_test.jks";
+  private static final String ALIAS_METADATA = "meta";
+  private static final String ALIAS_SIGN = "sig";
+  private static final String ALIAS_ENC = "enc";
+  private static final String PASSWORD = "password";
+
+  @Autowired
+  private ApplicationContext context;
+  @Autowired(required = true)
+  protected MsConnectorDummyConfigMap config;
+
+  /**
+   * jUnit test initializer.
+   */
+  @Before
+  public void initialize() {
+    config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_KEYSTORE_PATH, PATH_JKS);
+    config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_KEYSTORE_PASSWORD, PASSWORD);
+
+    config.removeConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_METADATA_ALIAS);
+    config.removeConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_METADATA_KEY_PASSWORD);
+
+    config.removeConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_ALIAS);
+    config.removeConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_KEY_PASSWORD);
+
+    config.removeConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ENCRYPTION_ALIAS);
+    config.removeConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ENCRYPTION_KEY_PASSWORD);
+
+  }
+
+  @Test
+  @DirtiesContext
+  public void noKeyStoreUrl() {
+    config.removeConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_KEYSTORE_PATH);
+    try {
+      context.getBean(IdAustriaClientAuthCredentialProvider.class);
+      Assert.fail("No KeyStore not detected");
+
+    } catch (final BeansException e) {
+      org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class,
+          e.getCause(), "Wrong exception");
+    }
+
+  }
+
+  @Test
+  @DirtiesContext
+  public void noKeyStore() {
+    config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_KEYSTORE_PATH,
+        "src/test/resources/config/notExist.p12");
+    try {
+      context.getBean(IdAustriaClientAuthCredentialProvider.class);
+      Assert.fail("No KeyStore not detected");
+
+    } catch (final BeansException e) {
+      final Optional<Throwable> eaafException = FluentIterable.from(
+          Throwables.getCausalChain(e)).filter(
+              Predicates.instanceOf(EaafConfigurationException.class)).first();
+      Assert.assertTrue("Wrong exception", eaafException.isPresent());
+      Assert.assertEquals("Wrong errorId", "internal.keystore.06",
+          ((EaafException) eaafException.get()).getErrorId());
+
+    }
+
+  }
+
+  @Test
+  @DirtiesContext
+  public void noWrongKeyStorePassword() {
+    config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_KEYSTORE_PASSWORD, "test");
+    try {
+      context.getBean(IdAustriaClientAuthCredentialProvider.class);
+      Assert.fail("No KeyStore not detected");
+
+    } catch (final BeansException e) {
+      final Optional<Throwable> eaafException = FluentIterable.from(
+          Throwables.getCausalChain(e)).filter(
+              Predicates.instanceOf(EaafFactoryException.class)).first();
+      Assert.assertTrue("Wrong exception", eaafException.isPresent());
+      Assert.assertEquals("Wrong errorId", "internal.keystore.06",
+          ((EaafException) eaafException.get()).getErrorId());
+
+    }
+
+  }
+
+  @Test
+  @DirtiesContext
+  public void notKeyConfigurationWrongAlias() {
+    final IdAustriaClientAuthCredentialProvider credential = context.getBean(
+        IdAustriaClientAuthCredentialProvider.class);
+
+    Assert.assertNotNull("Credetialprovider", credential);
+    Assert.assertNotNull("Friendlyname", credential.getFriendlyName());
+
+    try {
+      config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_METADATA_ALIAS,
+          RandomStringUtils.randomAlphabetic(5));
+      credential.getMetaDataSigningCredential();
+      Assert.fail("No Metadata signing credentials not detected");
+
+    } catch (final CredentialsNotAvailableException e) {
+      Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+    }
+
+    try {
+      config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_ALIAS,
+          RandomStringUtils.randomAlphabetic(5));
+      credential.getMessageSigningCredential();
+      Assert.fail("No Metadata signing credentials not detected");
+
+    } catch (final CredentialsNotAvailableException e) {
+      Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+    }
+
+    try {
+      config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ENCRYPTION_ALIAS,
+          RandomStringUtils.randomAlphabetic(5));
+      credential.getMessageEncryptionCredential();
+      Assert.fail("No Metadata signing credentials not detected");
+
+    } catch (final CredentialsNotAvailableException e) {
+      Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+    }
+
+  }
+
+  @Test
+  @DirtiesContext
+  public void notKeyConfigurationWrongPassword() {
+    final IdAustriaClientAuthCredentialProvider credential = context.getBean(
+        IdAustriaClientAuthCredentialProvider.class);
+
+    Assert.assertNotNull("Credetialprovider", credential);
+    Assert.assertNotNull("Friendlyname", credential.getFriendlyName());
+
+    try {
+      config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_METADATA_KEY_PASSWORD,
+          RandomStringUtils.randomAlphabetic(5));
+      credential.getMetaDataSigningCredential();
+      Assert.fail("No Metadata signing credentials not detected");
+
+    } catch (final CredentialsNotAvailableException e) {
+      Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+    }
+
+    try {
+      config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_KEY_PASSWORD,
+          RandomStringUtils.randomAlphabetic(5));
+      credential.getMessageSigningCredential();
+      Assert.fail("No message signing credentials not detected");
+
+    } catch (final CredentialsNotAvailableException e) {
+      Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+    }
+
+    try {
+      config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ENCRYPTION_KEY_PASSWORD,
+          RandomStringUtils.randomAlphabetic(5));
+      final EaafX509Credential encCred = credential.getMessageEncryptionCredential();
+      Assert.assertNull("No encryption signing credentials not detected", encCred);
+
+    } catch (final CredentialsNotAvailableException e) {
+      Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+    }
+
+  }
+
+  @Test
+  @DirtiesContext
+  public void notKeyConfigurationValidAliasWrongPassword() {
+    final IdAustriaClientAuthCredentialProvider credential = context.getBean(
+        IdAustriaClientAuthCredentialProvider.class);
+
+    Assert.assertNotNull("Credetialprovider", credential);
+    Assert.assertNotNull("Friendlyname", credential.getFriendlyName());
+
+    try {
+      config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_METADATA_ALIAS,
+          ALIAS_METADATA);
+      config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_METADATA_KEY_PASSWORD,
+          RandomStringUtils.randomAlphabetic(5));
+      credential.getMetaDataSigningCredential();
+      Assert.fail("No Metadata signing credentials not detected");
+
+    } catch (final CredentialsNotAvailableException e) {
+      Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+    }
+
+    try {
+      config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_ALIAS,
+          ALIAS_SIGN);
+      config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_KEY_PASSWORD,
+          RandomStringUtils.randomAlphabetic(5));
+      credential.getMessageSigningCredential();
+      Assert.fail("No Metadata signing credentials not detected");
+
+    } catch (final CredentialsNotAvailableException e) {
+      Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+    }
+
+    try {
+      config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ENCRYPTION_ALIAS,
+          ALIAS_ENC);
+      config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ENCRYPTION_KEY_PASSWORD,
+          RandomStringUtils.randomAlphabetic(5));
+      credential.getMessageEncryptionCredential();
+      Assert.fail("No Metadata signing credentials not detected");
+
+    } catch (final CredentialsNotAvailableException e) {
+      Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+    }
+  }
+
+  @Test
+  @DirtiesContext
+  public void notKeyConfigurationWrongAliasValidPassword() {
+    final IdAustriaClientAuthCredentialProvider credential = context.getBean(
+        IdAustriaClientAuthCredentialProvider.class);
+
+    Assert.assertNotNull("Credetialprovider", credential);
+    Assert.assertNotNull("Friendlyname", credential.getFriendlyName());
+
+    try {
+      config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_METADATA_ALIAS,
+          RandomStringUtils.randomAlphabetic(5));
+      config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_METADATA_KEY_PASSWORD,
+          PASSWORD);
+      credential.getMetaDataSigningCredential();
+      Assert.fail("No Metadata signing credentials not detected");
+
+    } catch (final CredentialsNotAvailableException e) {
+      Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+    }
+
+    try {
+      config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_ALIAS,
+          RandomStringUtils.randomAlphabetic(5));
+      config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_KEY_PASSWORD,
+          PASSWORD);
+      credential.getMessageSigningCredential();
+      Assert.fail("No Metadata signing credentials not detected");
+
+    } catch (final CredentialsNotAvailableException e) {
+      Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+    }
+
+    try {
+      config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ENCRYPTION_ALIAS,
+          RandomStringUtils.randomAlphabetic(5));
+      config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ENCRYPTION_KEY_PASSWORD,
+          PASSWORD);
+      credential.getMessageEncryptionCredential();
+      Assert.fail("No Metadata signing credentials not detected");
+
+    } catch (final CredentialsNotAvailableException e) {
+      Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+    }
+  }
+
+  @Test
+  @DirtiesContext
+  public void validonfiguration() throws CredentialsNotAvailableException {
+    final IdAustriaClientAuthCredentialProvider credential = context.getBean(
+        IdAustriaClientAuthCredentialProvider.class);
+
+    Assert.assertNotNull("Credetialprovider", credential);
+    Assert.assertNotNull("Friendlyname", credential.getFriendlyName());
+
+    config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_METADATA_ALIAS,
+        ALIAS_METADATA);
+    config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_METADATA_KEY_PASSWORD,
+        PASSWORD);
+    credential.getMetaDataSigningCredential();
+
+    config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_ALIAS,
+        ALIAS_SIGN);
+    config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_KEY_PASSWORD,
+        PASSWORD);
+    credential.getMessageSigningCredential();
+
+    config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ENCRYPTION_ALIAS,
+        ALIAS_ENC);
+    config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ENCRYPTION_KEY_PASSWORD,
+        PASSWORD);
+    credential.getMessageEncryptionCredential();
+
+  }
+
+  @Test
+  @DirtiesContext
+  public void notKeyConfiguration() {
+    final IdAustriaClientAuthCredentialProvider credential = context.getBean(
+        IdAustriaClientAuthCredentialProvider.class);
+
+    Assert.assertNotNull("Credetialprovider", credential);
+    Assert.assertNotNull("Friendlyname", credential.getFriendlyName());
+
+    try {
+      credential.getMetaDataSigningCredential();
+      Assert.fail("No Metadata signing credentials not detected");
+
+    } catch (final CredentialsNotAvailableException e) {
+      Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+    }
+
+    try {
+      credential.getMessageSigningCredential();
+      Assert.fail("No message signing credentials not detected");
+
+    } catch (final CredentialsNotAvailableException e) {
+      Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+    }
+
+    try {
+      final EaafX509Credential encCred = credential.getMessageEncryptionCredential();
+      Assert.assertNull("No encryption signing credentials not detected", encCred);
+
+    } catch (final CredentialsNotAvailableException e) {
+      Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+    }
+
+  }
+
+  @Test
+  @DirtiesContext
+  public void notKeyConfigurationPkcs12() {
+    config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_KEYSTORE_PATH,
+        "../keystore/pvp.p12");
+    final IdAustriaClientAuthCredentialProvider credential = context.getBean(
+        IdAustriaClientAuthCredentialProvider.class);
+
+    Assert.assertNotNull("Credetialprovider", credential);
+    Assert.assertNotNull("Friendlyname", credential.getFriendlyName());
+
+    try {
+      credential.getMetaDataSigningCredential();
+      Assert.fail("No Metadata signing credentials not detected");
+
+    } catch (final CredentialsNotAvailableException e) {
+      Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+    }
+
+    try {
+      credential.getMessageSigningCredential();
+      Assert.fail("No message signing credentials not detected");
+
+    } catch (final CredentialsNotAvailableException e) {
+      Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+    }
+
+    try {
+      final EaafX509Credential encCred = credential.getMessageEncryptionCredential();
+      Assert.assertNull("No encryption signing credentials not detected", encCred);
+
+    } catch (final CredentialsNotAvailableException e) {
+      Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+    }
+  }
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateMobilePhoneSignatureRequestTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateMobilePhoneSignatureRequestTaskTest.java
index 2579bb40..4fb05a35 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateMobilePhoneSignatureRequestTaskTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateMobilePhoneSignatureRequestTaskTest.java
@@ -1,38 +1,19 @@
 package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
 
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthMetadataProvider;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateMobilePhoneSignatureRequestTask;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummyAuthConfigMap;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummyOA;
-import at.gv.egiz.eaaf.core.api.data.EaafConstants;
-import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration;
-import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
-import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
-import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
-import at.gv.egiz.eaaf.core.impl.idp.module.gui.DummyGuiBuilderConfigurationFactory;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
-import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
-import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute;
-import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttributes;
-import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2InternalErrorException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest;
-import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory;
-import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
-import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
-import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory;
-import at.gv.egiz.eaaf.modules.pvp2.impl.verification.SamlVerificationEngine;
+import static org.junit.Assert.assertThrows;
+
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
+import java.util.Base64;
+import java.util.Map;
+
 import org.apache.commons.lang3.RandomStringUtils;
-import org.apache.commons.lang3.StringUtils;
 import org.junit.Assert;
 import org.junit.Before;
 import org.junit.BeforeClass;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
-import org.opensaml.core.xml.schema.XSString;
 import org.opensaml.core.xml.util.XMLObjectSupport;
 import org.opensaml.saml.common.xml.SAMLConstants;
 import org.opensaml.saml.saml2.core.AuthnRequest;
@@ -41,23 +22,38 @@ import org.springframework.context.ApplicationContext;
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
 import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.TestPropertySource;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 
-import java.io.ByteArrayInputStream;
-import java.io.InputStream;
-import java.util.Base64;
-import java.util.Map;
+import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.provider.IdAustriaClientAuthMetadataProvider;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateMobilePhoneSignatureRequestTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummyOA;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.module.gui.DummyGuiBuilderConfigurationFactory;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest;
+import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
+import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory;
+import at.gv.egiz.eaaf.modules.pvp2.impl.verification.SamlVerificationEngine;
 
 @RunWith(SpringJUnit4ClassRunner.class)
-@TestPropertySource(locations = {"classpath:/config/junit_config_1-.properties" })
-//@ContextConfiguration({"/spring/SpringTest-context_mapConfig_full.xml", "classpath:/spring/test_eaaf_core.beans.xml"})
-//@TestPropertySource(locations = { "classpath:/config/junit_config_1_springboot.properties" })
 @ContextConfiguration(locations = {
-    "/SpringTest-context_tasks_test1.xml",
-    "/SpringTest-context_basic_mapConfig1.xml"
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml",
+    "classpath:/eaaf_pvp_sp.beans.xml"
 })
 
 public class GenerateMobilePhoneSignatureRequestTaskTest {
@@ -68,7 +64,7 @@ public class GenerateMobilePhoneSignatureRequestTaskTest {
   @Autowired(required = true)
   private ApplicationContext context;
   @Autowired(required = true)
-  protected DummyAuthConfigMap authConfig;
+  protected MsConnectorDummyConfigMap authConfig;
   @Autowired
   private IdAustriaClientAuthMetadataProvider metadataProvider;
   @Autowired
@@ -77,8 +73,8 @@ public class GenerateMobilePhoneSignatureRequestTaskTest {
   private DummyGuiBuilderConfigurationFactory guiBuilderConfigFactory;
   @Autowired
   private SamlVerificationEngine samlVerifyEngine;
-//  @Autowired
-//  private ITransactionStorage transactionStorage;
+  @Autowired
+  private ITransactionStorage transactionStorage;
 
   final ExecutionContext executionContext = new ExecutionContextImpl();
   private MockHttpServletRequest httpReq;
@@ -106,27 +102,26 @@ public class GenerateMobilePhoneSignatureRequestTaskTest {
    */
   @Before
   public void setUp() throws Exception {
-    task = (GenerateMobilePhoneSignatureRequestTask) context.getBean("GenerateMobilePhoneSignatureRequestTask");
+    task = (GenerateMobilePhoneSignatureRequestTask) context.getBean(
+        "GenerateMobilePhoneSignatureRequestTask");
 
     httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
     httpResp = new MockHttpServletResponse();
     RequestContextHolder.resetRequestAttributes();
     RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
 
-    authConfig.putConfigValue("modules.idaustriaclient.request.sign.alias", "sig");
+    authConfig.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ID_AUSTRIA_ENTITYID,
+        METADATA_PATH);
+    authConfig.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_ALIAS,
+        "sig");
 
     oaParam = new DummyOA();
     oaParam.setUniqueAppId("http://test.com/test");
-    oaParam.setBmiUniqueIdentifier(oaParam.getUniqueIdentifier() + "#" + RandomStringUtils.randomAlphanumeric(5));
+    oaParam.setBmiUniqueIdentifier(oaParam.getUniqueIdentifier() + "#" + RandomStringUtils.randomAlphanumeric(
+        5));
     oaParam.setTargetIdentifier(
         EaafConstants.URN_PREFIX_CDID + RandomStringUtils.randomAlphabetic(2));
     oaParam.setEidasEnabled(true);
-    oaParam.putGenericConfigurationKey(
-        IdAustriaClientAuthConstants.CONFIG_PROPS_APPSPECIFIC_EIDAS_NODE_URL, null);
-    //    oaParam.setMandateProfilesCsv(
-    //        RandomStringUtils.randomAlphabetic(5)
-    //            + "," + RandomStringUtils.randomAlphabetic(5)
-    //            + "," + RandomStringUtils.randomAlphabetic(5));
 
     pendingReq = new TestRequestImpl();
     pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
@@ -140,108 +135,69 @@ public class GenerateMobilePhoneSignatureRequestTaskTest {
 
   @Test
   public void noMetadataAvailableOnGlobalConfig() {
-    authConfig.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_NODE_ENTITYID,
-        RandomStringUtils.randomAlphabetic(10));
-
-    try {
-      task.execute(pendingReq, executionContext);
-      Assert.fail();
-
-    } catch (final TaskExecutionException e) {
-      Assert.assertNotNull(e.getPendingRequestID());
-      Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
-      Assert.assertNotNull(e.getOriginalException());
-      org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class,
-          e.getOriginalException());
-      Assert.assertEquals("module.eidasauth.02",
-          ((EaafConfigurationException) e.getOriginalException()).getErrorId());
-
-    }
+    authConfig.removeConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ID_AUSTRIA_ENTITYID);
+
+    final TaskExecutionException e = assertThrows(TaskExecutionException.class,
+        () -> task.execute(pendingReq, executionContext));
+
+    Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+    Assert.assertNotNull(e.getOriginalException());
+    org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class,
+        e.getOriginalException());
+    Assert.assertEquals("module.eidasauth.00",
+        ((EaafConfigurationException) e.getOriginalException()).getErrorId());
+    
   }
 
   @Test
-  public void noMetadataAvailableOnSpConfig() {
-    oaParam.putGenericConfigurationKey(IdAustriaClientAuthConstants.CONFIG_PROPS_APPSPECIFIC_EIDAS_NODE_URL,
-        RandomStringUtils.randomAlphabetic(10));
-
-    try {
-      task.execute(pendingReq, executionContext);
-      Assert.fail();
-
-    } catch (final TaskExecutionException e) {
-      Assert.assertNotNull(e.getPendingRequestID());
-      Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
-      Assert.assertNotNull(e.getOriginalException());
-      org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class,
-          e.getOriginalException());
-      Assert.assertEquals("module.eidasauth.02",
-          ((EaafConfigurationException) e.getOriginalException()).getErrorId());
-
-    }
+  public void wrongMetadataAvailableOnGlobalConfig() {
+    authConfig.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ID_AUSTRIA_ENTITYID,
+        "http://wrong.path/" + RandomStringUtils.randomAlphabetic(5));
+
+    final TaskExecutionException e = assertThrows(TaskExecutionException.class,
+        () -> task.execute(pendingReq, executionContext));
+    Assert.assertNotNull(e.getPendingRequestID());
+    Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+    Assert.assertNotNull(e.getOriginalException());
+    org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class,
+        e.getOriginalException());
+    Assert.assertEquals("module.eidasauth.idaustria.02",
+        ((EaafConfigurationException) e.getOriginalException()).getErrorId());
+
   }
 
   @Test
   public void noMetadataSigningKeyStore() throws Pvp2MetadataException {
-    oaParam.putGenericConfigurationKey(IdAustriaClientAuthConstants.CONFIG_PROPS_APPSPECIFIC_EIDAS_NODE_URL,
-        METADATA_PATH);
-
-    authConfig.removeConfigValue("modules.idaustriaclient.request.sign.alias");
+    authConfig.removeConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_ALIAS);
 
     metadataProvider.addMetadataResolverIntoChain(
         metadataFactory.createMetadataProvider(METADATA_PATH, null, "jUnitTest", null));
 
-    try {
-      task.execute(pendingReq, executionContext);
-      Assert.fail();
-
-    } catch (final TaskExecutionException e) {
-      Assert.assertNotNull(e.getPendingRequestID());
-      Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
-      Assert.assertNotNull(e.getOriginalException());
-      org.springframework.util.Assert.isInstanceOf(CredentialsNotAvailableException.class,
-          e.getOriginalException());
-      Assert.assertEquals("internal.pvp.01",
-          ((CredentialsNotAvailableException) e.getOriginalException()).getErrorId());
+    final TaskExecutionException e = assertThrows(TaskExecutionException.class,
+        () -> task.execute(pendingReq, executionContext));
+    Assert.assertNotNull(e.getPendingRequestID());
+    Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+    Assert.assertNotNull(e.getOriginalException());
+    org.springframework.util.Assert.isInstanceOf(CredentialsNotAvailableException.class,
+        e.getOriginalException());
+    Assert.assertEquals("internal.pvp.01",
+        ((CredentialsNotAvailableException) e.getOriginalException()).getErrorId());
 
-    }
   }
 
   @Test
   public void success() throws Exception {
-    oaParam.putGenericConfigurationKey(IdAustriaClientAuthConstants.CONFIG_PROPS_APPSPECIFIC_EIDAS_NODE_URL,
-        METADATA_PATH);
     metadataProvider.addMetadataResolverIntoChain(
         metadataFactory.createMetadataProvider(METADATA_PATH, null, "jUnitTest", null));
     pendingReq.setTransactionId(RandomStringUtils.randomAlphanumeric(10));
 
     task.execute(pendingReq, executionContext);
 
-    final EaafRequestedAttributes reqAttr = validate();
-    Assert.assertEquals("#Req Attribute", 2, reqAttr.getAttributes().size());
-
-    Assert.assertEquals("Wrong req attr.", "urn:eidgvat:attributes.transactionId",
-        reqAttr.getAttributes().get(0).getName());
-    Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(0).getAttributeValues());
-    Assert.assertEquals("#Req. Attr value", 1,
-        reqAttr.getAttributes().get(0).getAttributeValues().size());
-    org.springframework.util.Assert.isInstanceOf(XSString.class,
-        reqAttr.getAttributes().get(0).getAttributeValues().get(0), "Wrong requested Attributes Value type");
-    Assert.assertEquals("Req. Attr. Value", pendingReq.getUniqueTransactionIdentifier(),
-        ((XSString) reqAttr.getAttributes().get(0).getAttributeValues().get(0)).getValue());
-
-    Assert.assertEquals("Wrong req attr.", "urn:oid:1.2.40.0.10.2.1.1.261.34",
-        reqAttr.getAttributes().get(1).getName());
-    Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(1).getAttributeValues());
-    Assert.assertEquals("#Req. Attr value", 1,
-        reqAttr.getAttributes().get(1).getAttributeValues().size());
-    org.springframework.util.Assert.isInstanceOf(XSString.class,
-        reqAttr.getAttributes().get(1).getAttributeValues().get(0), "Wrong requested Attributes Value type");
-    Assert.assertEquals("Req. Attr. Value", oaParam.getAreaSpecificTargetIdentifier(),
-        ((XSString) reqAttr.getAttributes().get(1).getAttributeValues().get(0)).getValue());
+    validate();
 
   }
 
-  private EaafRequestedAttributes validate() throws Exception {
+  private void validate() throws Exception {
     Assert.assertEquals("HTTP Statuscode", 200, httpResp.getStatus());
     Assert.assertEquals("ContentType", "text/html;charset=UTF-8", httpResp.getContentType());
     Assert.assertEquals("ContentEncoding", "UTF-8", httpResp.getCharacterEncoding());
@@ -252,18 +208,15 @@ public class GenerateMobilePhoneSignatureRequestTaskTest {
     final int startIndex = html.indexOf("SAMLRequest=");
     Assert.assertTrue("No SAMLRequest in html", startIndex >= 0);
     final String authnXml = html.substring(startIndex + "SAMLRequest=".length());
-    //TODO why do i have to do that?? => remove "} from end
-//    String authnXml2 = authnXml1.substring(0,authnXml1.length()-2);
 
-    //check if relaystate was stored
+    // check if relaystate was stored
     final int startIndexRelayState = html.indexOf("RelayState=");
     Assert.assertTrue("wrong RelayState in HTML",
         startIndexRelayState >= 0);
-    String relayState = html.substring(startIndexRelayState + "RelayState=".length(), startIndex);
-//    String storedPendingReqId = transactionStorage.get(relayState, String.class);
-//    Assert.assertEquals("relayStore not map to pendingRequestId",
-//        pendingReq.getPendingRequestId(), storedPendingReqId);
-
+    final String relayState = html.substring(startIndexRelayState + "RelayState=".length(), startIndex);
+    final String storedPendingReqId = transactionStorage.get(relayState, String.class);
+    Assert.assertEquals("relayStore not map to pendingRequestId",
+        pendingReq.getPendingRequestId(), storedPendingReqId);
 
     final AuthnRequest authnRequest = (AuthnRequest) XMLObjectSupport.unmarshallFromInputStream(
         XMLObjectProviderRegistrySupport.getParserPool(), new ByteArrayInputStream(
@@ -275,25 +228,17 @@ public class GenerateMobilePhoneSignatureRequestTaskTest {
         "https://localhost/authhandler" + IdAustriaClientAuthConstants.ENDPOINT_METADATA,
         authnRequest.getIssuer().getValue());
 
-    //check XML scheme
+    // check XML scheme
     Saml2Utils.schemeValidation(authnRequest);
 
-
-    //check signature
+    // check signature
     final PvpSProfileRequest msg = new PvpSProfileRequest(
         authnRequest,
         SAMLConstants.SAML2_POST_BINDING_URI);
     msg.setEntityID(authnRequest.getIssuer().getValue());
     metadataProvider.addMetadataResolverIntoChain(
         metadataFactory.createMetadataProvider(METADATA_SP_PATH, null, "jUnit SP", null));
-    //samlVerifyEngine.verify(msg, TrustEngineFactory.getSignatureKnownKeysTrustEngine(metadataProvider));
-//TODO
-    //check other elements
-//    Assert.assertNotNull("Proxy-Scope", authnRequest.getScoping());
-//    Assert.assertNotNull("RequesterIds", authnRequest.getScoping().getRequesterIDs());
-//    Assert.assertEquals("#RequesterIds", 1, authnRequest.getScoping().getRequesterIDs().size());
-//    Assert.assertEquals("RequesterId", oaParam.getUniqueApplicationRegisterIdentifier(),
-//        authnRequest.getScoping().getRequesterIDs().get(0).getRequesterID());
+    samlVerifyEngine.verify(msg, TrustEngineFactory.getSignatureKnownKeysTrustEngine(metadataProvider));
 
     Assert.assertNotNull("RequestedAuthnContext", authnRequest.getRequestedAuthnContext());
     Assert.assertNotNull("AuthnContextClassRef",
@@ -303,15 +248,6 @@ public class GenerateMobilePhoneSignatureRequestTaskTest {
     Assert.assertEquals("LoA", "http://eidas.europa.eu/LoA/high",
         authnRequest.getRequestedAuthnContext().getAuthnContextClassRefs().get(0).getAuthnContextClassRef());
 
-    Assert.assertNotNull("Extensions", authnRequest.getExtensions());
-    Assert.assertFalse("No Requested attributes",
-        authnRequest.getExtensions().getUnknownXMLObjects().isEmpty());
-
-    Assert.assertEquals("#ReqAttributes", 1, authnRequest.getExtensions().getUnknownXMLObjects().size());
-    org.springframework.util.Assert.isInstanceOf(EaafRequestedAttributes.class,
-        authnRequest.getExtensions().getUnknownXMLObjects().get(0), "No Requested Attributes object");
-
-    return (EaafRequestedAttributes) authnRequest.getExtensions().getUnknownXMLObjects().get(0);
   }
 
   private IVelocityGuiBuilderConfiguration createDummyGuiConfig() {
@@ -334,7 +270,8 @@ public class GenerateMobilePhoneSignatureRequestTaskTest {
 
       @Override
       public InputStream getTemplate(String viewName) {
-        return GenerateMobilePhoneSignatureRequestTaskTest.class.getResourceAsStream("/data/pvp_postbinding_template.html");
+        return GenerateMobilePhoneSignatureRequestTaskTest.class.getResourceAsStream(
+            "/data/pvp_postbinding_template.html");
       }
 
       @Override
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest.java
index 550c2f13..fb34a2dd 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest.java
@@ -1,24 +1,12 @@
 package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
 
+import static org.junit.Assert.assertThrows;
 
 import java.io.IOException;
 import java.util.Base64;
 
 import javax.xml.transform.TransformerException;
 
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MergedRegisterSearchResult;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.InvalidUserInputException;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthCredentialProvider;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthMetadataProvider;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummyAuthConfigMap;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummyOA;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummyPendingRequest;
-import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
-import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
 import org.apache.commons.io.IOUtils;
 import org.apache.commons.lang3.RandomStringUtils;
 import org.joda.time.DateTime;
@@ -42,11 +30,22 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 
+import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.InvalidUserInputException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.provider.IdAustriaClientAuthCredentialProvider;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.provider.IdAustriaClientAuthMetadataProvider;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummyOA;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummyPendingRequest;
 import at.gv.egiz.eaaf.core.api.data.EaafConstants;
-import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
 import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
 import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
 import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
@@ -60,29 +59,24 @@ import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AuthnResponseValidationExceptio
 import net.shibboleth.utilities.java.support.xml.XMLParserException;
 
 @RunWith(SpringJUnit4ClassRunner.class)
-//@ContextConfiguration({"/spring/SpringTest-context_mapConfig_full.xml", "classpath:/spring/test_eaaf_core.beans.xml"})
 @ContextConfiguration(locations = {
-    "/SpringTest-context_tasks_test1.xml",
-    "/SpringTest-context_basic_mapConfig1.xml"
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"
 })
 public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
 
   private static final String METADATA_PATH = "classpath:/data/idp_metadata_classpath_entity.xml";
-  private static final String METADATA_PATH1 = "classpath:/data/idp_metadata_classpath_entity1.xml";
-  private static final String TEST_SIGNED_AUTHBLOCK = "MIIBbjCCARSgAwIBAgIEXh7TNzAKBggqhkjOPQQDAjA/MQswCQYDVQQG"
-      + "EwJBVDENMAsGA1UECgwERUdJWjEOMAwGA1UECwwFalVuaXQxETAPBgNVBAMMCG1ldGFkYXRhMB4XDTIwMDExNTA4NTQxNVoXDTMw"
-      + "MDExNDA4NTQxNVowPzELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVHSVoxDjAMBgNVBAsMBWpVbml0MREwDwYDVQQDDAhtZXRhZGF0"
-      + "YTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBdBkaxt31p++aZeP3SmlWITj9SYO4McV2ccXFsH4X4QMHuKAMUvjxPm1kdU01eT"
-      + "OWdiQX0GpDIBspYMZh8ZKcwwCgYIKoZIzj0EAwIDSAAwRQIhAJ3QKlk9cd90s+i8y62fvmGF6LtfNO+JvkWqDUBeQImnAiA2KwFt"
-      + "zO7STAp9MEwQGe0vt0F8mO1ttrLE+rr6YxdwGA==";
 
   @Autowired(required = true)
   private ApplicationContext context;
   @Autowired(required = true)
-  protected DummyAuthConfigMap authConfig;
-  @Autowired private IdAustriaClientAuthMetadataProvider metadataProvider;
-  @Autowired private IdAustriaClientAuthCredentialProvider credentialProvider;
-  @Autowired private PvpMetadataResolverFactory metadataFactory;
+  protected MsConnectorDummyConfigMap authConfig;
+  @Autowired
+  private IdAustriaClientAuthMetadataProvider metadataProvider;
+  @Autowired
+  private IdAustriaClientAuthCredentialProvider credentialProvider;
+  @Autowired
+  private PvpMetadataResolverFactory metadataFactory;
 
   final ExecutionContext executionContext = new ExecutionContextImpl();
   private MockHttpServletRequest httpReq;
@@ -110,7 +104,8 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
    */
   @Before
   public void setUp() throws Exception {
-    task = (ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask) context.getBean("ReceiveMobilePhoneSignatureResponseTask");
+    task = (ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask) context.getBean(
+        "ReceiveMobilePhoneSignatureResponseTask");
 
     httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
     httpReq.setScheme("https");
@@ -120,28 +115,18 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
     RequestContextHolder.resetRequestAttributes();
     RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
 
-    authConfig.putConfigValue("modules.eidascentralauth.request.sign.alias", "sig");
-//    authConfig.putConfigValue(AuthHandlerConstants.PROP_CONFIG_LEGACY_ALLOW, "false");
+    authConfig.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ID_AUSTRIA_ENTITYID,
+        METADATA_PATH);
 
     oaParam = new DummyOA();
     oaParam.setUniqueAppId("http://test.com/test");
     oaParam.setTargetIdentifier(
         EaafConstants.URN_PREFIX_CDID + RandomStringUtils.randomAlphabetic(2));
-    oaParam.setEidasEnabled(true);
-    oaParam.putGenericConfigurationKey(
-        IdAustriaClientAuthConstants.CONFIG_PROPS_APPSPECIFIC_EIDAS_NODE_URL, METADATA_PATH);
-    oaParam.putGenericConfigurationKey(
-        IdAustriaClientAuthConstants.CONFIG_PROPS_APPSPECIFIC_EIDAS_NODE_URL, null);
-    oaParam.setMandateProfilesCsv(
-        RandomStringUtils.randomAlphabetic(5)
-            + "," + RandomStringUtils.randomAlphabetic(5)
-            + "," + RandomStringUtils.randomAlphabetic(5));
 
     pendingReq = new DummyPendingRequest();
     pendingReq.initialize(httpReq, authConfig);
     pendingReq.setPendingRequestId(RandomStringUtils.randomAlphanumeric(10));
     pendingReq.setOnlineApplicationConfiguration(oaParam);
-    //pendingReq.setAuthUrl("https://localhost/authhandler");
 
     metadataProvider.fullyDestroy();
 
@@ -153,20 +138,17 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
     RequestContextHolder.resetRequestAttributes();
     RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
 
-    try {
-      task.execute(pendingReq, executionContext);
-      Assert.fail("Invalid response not detected");
+    final TaskExecutionException e = assertThrows(TaskExecutionException.class,
+        () -> task.execute(pendingReq, executionContext));
 
-    } catch (final TaskExecutionException e) {
-      Assert.assertNotNull(e.getPendingRequestID());
-      Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
-      Assert.assertNotNull(e.getOriginalException());
-      org.springframework.util.Assert.isInstanceOf(AuthnResponseValidationException.class,
-          e.getOriginalException());
-      Assert.assertEquals("sp.pvp2.03",
-          ((AuthnResponseValidationException) e.getOriginalException()).getErrorId());
+    Assert.assertNotNull(e.getPendingRequestID());
+    Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+    Assert.assertNotNull(e.getOriginalException());
+    org.springframework.util.Assert.isInstanceOf(AuthnResponseValidationException.class,
+        e.getOriginalException());
+    Assert.assertEquals("sp.pvp2.03",
+        ((AuthnResponseValidationException) e.getOriginalException()).getErrorId());
 
-    }
   }
 
   @Test
@@ -175,61 +157,52 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
     RequestContextHolder.resetRequestAttributes();
     RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
 
-    try {
-      task.execute(pendingReq, executionContext);
-      Assert.fail("Invalid response not detected");
+    final TaskExecutionException e = assertThrows(TaskExecutionException.class,
+        () -> task.execute(pendingReq, executionContext));
 
-    } catch (final TaskExecutionException e) {
-      Assert.assertNotNull(e.getPendingRequestID());
-      Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
-      Assert.assertNotNull(e.getOriginalException());
-      org.springframework.util.Assert.isInstanceOf(AuthnResponseValidationException.class,
-          e.getOriginalException());
-      Assert.assertEquals("sp.pvp2.12",
-          ((AuthnResponseValidationException) e.getOriginalException()).getErrorId());
+    Assert.assertNotNull(e.getPendingRequestID());
+    Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+    Assert.assertNotNull(e.getOriginalException());
+    org.springframework.util.Assert.isInstanceOf(AuthnResponseValidationException.class,
+        e.getOriginalException());
+    Assert.assertEquals("sp.pvp2.12",
+        ((AuthnResponseValidationException) e.getOriginalException()).getErrorId());
 
-    }
   }
 
   @Test
   public void httpPostNoMessage() {
-    try {
-      task.execute(pendingReq, executionContext);
-      Assert.fail("Invalid response not detected");
+    final TaskExecutionException e = assertThrows(TaskExecutionException.class,
+        () -> task.execute(pendingReq, executionContext));
 
-    } catch (final TaskExecutionException e) {
-      Assert.assertNotNull(e.getPendingRequestID());
-      Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
-      Assert.assertNotNull(e.getOriginalException());
-      org.springframework.util.Assert.isInstanceOf(AuthnResponseValidationException.class,
-          e.getOriginalException());
-      Assert.assertEquals("sp.pvp2.12",
-          ((AuthnResponseValidationException) e.getOriginalException()).getErrorId());
+    Assert.assertNotNull(e.getPendingRequestID());
+    Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+    Assert.assertNotNull(e.getOriginalException());
+    org.springframework.util.Assert.isInstanceOf(AuthnResponseValidationException.class,
+        e.getOriginalException());
+    Assert.assertEquals("sp.pvp2.12",
+        ((AuthnResponseValidationException) e.getOriginalException()).getErrorId());
 
-    }
   }
 
   @Test
   public void httpPostMessageNotSigned() throws IOException {
 
     httpReq.addParameter("SAMLResponse", Base64.getEncoder().encodeToString(
-        IOUtils.toByteArray(ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask.class.getResourceAsStream(
-            "/data/Response_without_sig_classpath_entityid.xml"))));
-
-    try {
-      task.execute(pendingReq, executionContext);
-      Assert.fail("Invalid response not detected");
+        IOUtils.toByteArray(ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTask.class
+            .getResourceAsStream(
+                "/data/Response_without_sig_classpath_entityid.xml"))));
+
+    final TaskExecutionException e = assertThrows(TaskExecutionException.class,
+        () -> task.execute(pendingReq, executionContext));
+    Assert.assertNotNull(e.getPendingRequestID());
+    Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+    Assert.assertNotNull(e.getOriginalException());
+    org.springframework.util.Assert.isInstanceOf(AuthnResponseValidationException.class,
+        e.getOriginalException());
+    Assert.assertEquals("sp.pvp2.12",
+        ((AuthnResponseValidationException) e.getOriginalException()).getErrorId());
 
-    } catch (final TaskExecutionException e) {
-      Assert.assertNotNull(e.getPendingRequestID());
-      Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
-      Assert.assertNotNull(e.getOriginalException());
-      org.springframework.util.Assert.isInstanceOf(AuthnResponseValidationException.class,
-          e.getOriginalException());
-      Assert.assertEquals("sp.pvp2.12",
-          ((AuthnResponseValidationException) e.getOriginalException()).getErrorId());
-
-    }
   }
 
   @Test
@@ -242,22 +215,20 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
         "/data/Response_with_wrong_destination_endpoint.xml",
         credentialProvider.getMessageSigningCredential(), true);
     httpReq.addParameter("SAMLResponse", Base64.getEncoder().encodeToString(
-        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes("UTF-8")));
+        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes(
+            "UTF-8")));
 
-    try {
-      task.execute(pendingReq, executionContext);
-      Assert.fail("Invalid response not detected");
+    final TaskExecutionException e = assertThrows(TaskExecutionException.class,
+        () -> task.execute(pendingReq, executionContext));
 
-    } catch (final TaskExecutionException e) {
-      Assert.assertNotNull(e.getPendingRequestID());
-      Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
-      Assert.assertNotNull(e.getOriginalException());
-      org.springframework.util.Assert.isInstanceOf(AuthnResponseValidationException.class,
-          e.getOriginalException());
-      Assert.assertEquals("sp.pvp2.12",
-          ((AuthnResponseValidationException) e.getOriginalException()).getErrorId());
+    Assert.assertNotNull(e.getPendingRequestID());
+    Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+    Assert.assertNotNull(e.getOriginalException());
+    org.springframework.util.Assert.isInstanceOf(AuthnResponseValidationException.class,
+        e.getOriginalException());
+    Assert.assertEquals("sp.pvp2.12",
+        ((AuthnResponseValidationException) e.getOriginalException()).getErrorId());
 
-    }
   }
 
   @Test
@@ -270,22 +241,19 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
         "/data/Response_without_sig_classpath_entityid.xml",
         credentialProvider.getMessageSigningCredential(), true);
     httpReq.addParameter("SAMLResponse", Base64.getEncoder().encodeToString(
-        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes("UTF-8")));
+        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes(
+            "UTF-8")));
+
+    final TaskExecutionException e = assertThrows(TaskExecutionException.class,
+        () -> task.execute(pendingReq, executionContext));
+    Assert.assertNotNull(e.getPendingRequestID());
+    Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+    Assert.assertNotNull(e.getOriginalException());
+    org.springframework.util.Assert.isInstanceOf(AuthnResponseValidationException.class,
+        e.getOriginalException());
+    Assert.assertEquals("sp.pvp2.11",
+        ((EaafException) e.getOriginalException()).getErrorId());
 
-    try {
-      task.execute(pendingReq, executionContext);
-      Assert.fail("Invalid response not detected");
-
-    } catch (final TaskExecutionException e) {
-      Assert.assertNotNull(e.getPendingRequestID());
-      Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
-      Assert.assertNotNull(e.getOriginalException());
-      org.springframework.util.Assert.isInstanceOf(AuthnResponseValidationException.class,
-          e.getOriginalException());
-      Assert.assertEquals("sp.pvp2.11",
-          ((EaafException) e.getOriginalException()).getErrorId());
-
-    }
   }
 
   @Test
@@ -301,22 +269,20 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
         "/data/Response_without_sig_classpath_entityid.xml",
         credentialProvider.getMessageSigningCredential(), false);
     httpReq.addParameter("SAMLResponse", Base64.getEncoder().encodeToString(
-        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes("UTF-8")));
+        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes(
+            "UTF-8")));
 
-    try {
-      task.execute(pendingReq, executionContext);
-      Assert.fail("Invalid response not detected");
+    final TaskExecutionException e = assertThrows(TaskExecutionException.class,
+        () -> task.execute(pendingReq, executionContext));
 
-    } catch (final TaskExecutionException e) {
-      Assert.assertNotNull(e.getPendingRequestID());
-      Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
-      Assert.assertNotNull(e.getOriginalException());
-      org.springframework.util.Assert.isInstanceOf(AuthnResponseValidationException.class,
-          e.getOriginalException());
-      Assert.assertEquals("sp.pvp2.12",
-          ((EaafException) e.getOriginalException()).getErrorId());
+    Assert.assertNotNull(e.getPendingRequestID());
+    Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+    Assert.assertNotNull(e.getOriginalException());
+    org.springframework.util.Assert.isInstanceOf(AuthnResponseValidationException.class,
+        e.getOriginalException());
+    Assert.assertEquals("sp.pvp2.12",
+        ((EaafException) e.getOriginalException()).getErrorId());
 
-    }
   }
 
   @Test
@@ -324,36 +290,32 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
       Pvp2MetadataException, CredentialsNotAvailableException, XMLParserException, UnmarshallingException,
       MarshallingException, TransformerException {
 
-    oaParam.putGenericConfigurationKey(
-        IdAustriaClientAuthConstants.CONFIG_PROPS_APPSPECIFIC_EIDAS_NODE_URL, "http://wrong.idp");
-
+    authConfig.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ID_AUSTRIA_ENTITYID,
+        "http://wrong.idp/" + RandomStringUtils.randomAlphabetic(5));
+    
     metadataProvider.addMetadataResolverIntoChain(metadataFactory.createMetadataProvider(
         METADATA_PATH, null, "jUnit IDP", null));
-    metadataProvider.addMetadataResolverIntoChain(metadataFactory.createMetadataProvider(
-        METADATA_PATH1, null, "jUnit IDP", null));
 
     final Response response = initializeResponse(
-        "classpath:/data/idp_metadata_classpath_entity1.xml",
+        "classpath:/data/idp_metadata_classpath_entity.xml",
         "/data/Response_without_sig_classpath_entityid.xml",
         credentialProvider.getMessageSigningCredential(),
         true);
     httpReq.addParameter("SAMLResponse", Base64.getEncoder().encodeToString(
-        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes("UTF-8")));
+        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes(
+            "UTF-8")));
 
-    try {
-      task.execute(pendingReq, executionContext);
-      Assert.fail("Invalid response not detected");
+    final TaskExecutionException e = assertThrows(TaskExecutionException.class,
+        () -> task.execute(pendingReq, executionContext));
 
-    } catch (final TaskExecutionException e) {
-      Assert.assertNotNull(e.getPendingRequestID());
-      Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
-      Assert.assertNotNull(e.getOriginalException());
-      org.springframework.util.Assert.isInstanceOf(AuthnResponseValidationException.class,
-          e.getOriginalException());
-      Assert.assertEquals("sp.pvp2.08",
-          ((EaafException) e.getOriginalException()).getErrorId());
+    Assert.assertNotNull(e.getPendingRequestID());
+    Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+    Assert.assertNotNull(e.getOriginalException());
+    org.springframework.util.Assert.isInstanceOf(AuthnResponseValidationException.class,
+        e.getOriginalException());
+    Assert.assertEquals("sp.pvp2.08",
+        ((EaafException) e.getOriginalException()).getErrorId());
 
-    }
   }
 
   @Test
@@ -361,9 +323,6 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
       Pvp2MetadataException, CredentialsNotAvailableException, XMLParserException, UnmarshallingException,
       MarshallingException, TransformerException {
 
-    oaParam.putGenericConfigurationKey(
-        IdAustriaClientAuthConstants.CONFIG_PROPS_APPSPECIFIC_EIDAS_NODE_URL, METADATA_PATH);
-
     metadataProvider.addMetadataResolverIntoChain(metadataFactory.createMetadataProvider(
         METADATA_PATH, null, "jUnit IDP", null));
 
@@ -373,22 +332,20 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
         credentialProvider.getMessageSigningCredential(),
         true);
     httpReq.addParameter("SAMLResponse", Base64.getEncoder().encodeToString(
-        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes("UTF-8")));
+        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes(
+            "UTF-8")));
 
-    try {
-      task.execute(pendingReq, executionContext);
-      Assert.fail("Invalid response not detected");
+    final TaskExecutionException e = assertThrows(TaskExecutionException.class,
+        () -> task.execute(pendingReq, executionContext));
 
-    } catch (final TaskExecutionException e) {
-      Assert.assertNotNull(e.getPendingRequestID());
-      Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
-      Assert.assertNotNull(e.getOriginalException());
-      org.springframework.util.Assert.isInstanceOf(AuthnResponseValidationException.class,
-          e.getOriginalException());
-      Assert.assertEquals("sp.pvp2.12",
-          ((EaafException) e.getOriginalException()).getErrorId());
+    Assert.assertNotNull(e.getPendingRequestID());
+    Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+    Assert.assertNotNull(e.getOriginalException());
+    org.springframework.util.Assert.isInstanceOf(AuthnResponseValidationException.class,
+        e.getOriginalException());
+    Assert.assertEquals("sp.pvp2.12",
+        ((EaafException) e.getOriginalException()).getErrorId());
 
-    }
   }
 
   @Test
@@ -396,9 +353,6 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
       Pvp2MetadataException, CredentialsNotAvailableException, XMLParserException, UnmarshallingException,
       MarshallingException, TransformerException {
 
-    oaParam.putGenericConfigurationKey(
-        IdAustriaClientAuthConstants.CONFIG_PROPS_APPSPECIFIC_EIDAS_NODE_URL, METADATA_PATH);
-
     metadataProvider.addMetadataResolverIntoChain(metadataFactory.createMetadataProvider(
         METADATA_PATH, null, "jUnit IDP", null));
 
@@ -408,22 +362,20 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
         credentialProvider.getMessageSigningCredential(),
         true);
     httpReq.addParameter("SAMLResponse", Base64.getEncoder().encodeToString(
-        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes("UTF-8")));
+        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes(
+            "UTF-8")));
 
-    try {
-      task.execute(pendingReq, executionContext);
-      Assert.fail("Invalid response not detected");
+    final TaskExecutionException e = assertThrows(TaskExecutionException.class,
+        () -> task.execute(pendingReq, executionContext));
 
-    } catch (final TaskExecutionException e) {
-      Assert.assertNotNull(e.getPendingRequestID());
-      Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
-      Assert.assertNotNull(e.getOriginalException());
-      org.springframework.util.Assert.isInstanceOf(AuthnResponseValidationException.class,
-          e.getOriginalException());
-      Assert.assertEquals("sp.pvp2.05",
-          ((EaafException) e.getOriginalException()).getErrorId());
+    Assert.assertNotNull(e.getPendingRequestID());
+    Assert.assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+    Assert.assertNotNull(e.getOriginalException());
+    org.springframework.util.Assert.isInstanceOf(AuthnResponseValidationException.class,
+        e.getOriginalException());
+    Assert.assertEquals("sp.pvp2.05",
+        ((EaafException) e.getOriginalException()).getErrorId());
 
-    }
   }
 
   @Test
@@ -431,9 +383,6 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
       Pvp2MetadataException, CredentialsNotAvailableException, XMLParserException, UnmarshallingException,
       MarshallingException, TransformerException, TaskExecutionException {
 
-    oaParam.putGenericConfigurationKey(
-        IdAustriaClientAuthConstants.CONFIG_PROPS_APPSPECIFIC_EIDAS_NODE_URL, METADATA_PATH);
-
     metadataProvider.addMetadataResolverIntoChain(metadataFactory.createMetadataProvider(
         METADATA_PATH, null, "jUnit IDP", null));
 
@@ -443,12 +392,13 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
         credentialProvider.getMessageSigningCredential(),
         true);
     httpReq.addParameter("SAMLResponse", Base64.getEncoder().encodeToString(
-        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes("UTF-8")));
+        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes(
+            "UTF-8")));
 
-    //perform test
+    // perform test
     task.execute(pendingReq, executionContext);
 
-    //validate state
+    // validate state
     Assert.assertTrue("process not cancelled", executionContext.isProcessCancelled());
     Assert.assertTrue("process not stopped by user", pendingReq.isAbortedByUser());
     Assert.assertFalse("should not authenticated", pendingReq.isAuthenticated());
@@ -460,9 +410,6 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
       Pvp2MetadataException, CredentialsNotAvailableException, XMLParserException, UnmarshallingException,
       MarshallingException, TransformerException {
 
-    oaParam.putGenericConfigurationKey(
-        IdAustriaClientAuthConstants.CONFIG_PROPS_APPSPECIFIC_EIDAS_NODE_URL, METADATA_PATH);
-
     metadataProvider.addMetadataResolverIntoChain(metadataFactory.createMetadataProvider(
         METADATA_PATH, null, "jUnit IDP", null));
 
@@ -472,7 +419,8 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
         credentialProvider.getMessageSigningCredential(),
         true);
     httpReq.addParameter("SAMLResponse", Base64.getEncoder().encodeToString(
-        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes("UTF-8")));
+        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes(
+            "UTF-8")));
 
     try {
       task.execute(pendingReq, executionContext);
@@ -495,9 +443,6 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
       Pvp2MetadataException, CredentialsNotAvailableException, XMLParserException, UnmarshallingException,
       MarshallingException, TransformerException {
 
-    oaParam.putGenericConfigurationKey(
-        IdAustriaClientAuthConstants.CONFIG_PROPS_APPSPECIFIC_EIDAS_NODE_URL, METADATA_PATH);
-
     metadataProvider.addMetadataResolverIntoChain(metadataFactory.createMetadataProvider(
         METADATA_PATH, null, "jUnit IDP", null));
 
@@ -507,7 +452,8 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
         credentialProvider.getMessageSigningCredential(),
         true);
     httpReq.addParameter("SAMLResponse", Base64.getEncoder().encodeToString(
-        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes("UTF-8")));
+        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes(
+            "UTF-8")));
 
     try {
       task.execute(pendingReq, executionContext);
@@ -530,9 +476,6 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
       Pvp2MetadataException, CredentialsNotAvailableException, XMLParserException, UnmarshallingException,
       MarshallingException, TransformerException, TaskExecutionException, EaafStorageException {
 
-    oaParam.putGenericConfigurationKey(
-        IdAustriaClientAuthConstants.CONFIG_PROPS_APPSPECIFIC_EIDAS_NODE_URL, METADATA_PATH);
-
     metadataProvider.addMetadataResolverIntoChain(metadataFactory.createMetadataProvider(
         METADATA_PATH, null, "jUnit IDP", null));
 
@@ -542,57 +485,27 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
         credentialProvider.getMessageSigningCredential(),
         true);
     httpReq.addParameter("SAMLResponse", Base64.getEncoder().encodeToString(
-        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes("UTF-8")));
+        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes(
+            "UTF-8")));
 
-    //put SimpleEidasData in session
+    // put SimpleEidasData in session
     final AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
-    SimpleEidasData eidData = new SimpleEidasData();
+    final SimpleEidasData eidData = new SimpleEidasData();
     eidData.setFamilyName("Mustermann");
     eidData.setGivenName("Max");
     eidData.setDateOfBirth("1940-01-01");
     authProcessData.setGenericDataToSession(Constants.DATA_SIMPLE_EIDAS, eidData);
 
-    //perform task
+    // perform task
     task.execute(pendingReq, executionContext);
 
-    //validate state
-//    Assert.assertTrue("Wrong EID-Process flag",
-//        (boolean) executionContext.get(AuthHandlerConstants.PROCESSCONTEXT_WAS_EID_PROCESS));
-//    Assert.assertFalse("Wrong Mandate flag",
-//        (boolean) executionContext.get(AuthHandlerConstants.HTTP_PARAM_USE_MANDATES));
-
-//    Assert.assertEquals("piiTransactionId", "piiId_112233445566", pendingReq.getUniquePiiTransactionIdentifier());
-
+    // validate state
     final AuthProcessDataWrapper session = pendingReq.getSessionData(AuthProcessDataWrapper.class);
-
-//    Assert.assertTrue("E-ID flag", session.isEidProcess());
-//    Assert.assertTrue("Foreign flag", session.isForeigner());
-//    Assert.assertEquals("eidasBind", EIDAS_BIND, session.getQcBind());
-//    Assert.assertEquals("vsz",
-//        "OD/kCGIFbjLTW0po6IZSmoaz3uhPYlO3S5bs9JnK0A5DHtufM3APLuDc3Llp4PeNdEa4NrCmgHr1YUiHT5irT8eDAfGpIbQHJg==",
-//        session.getVsz());
-//    Assert.assertArrayEquals("signedConsent",
-//        Base64.getDecoder().decode(TEST_SIGNED_AUTHBLOCK), session.getSignedAuthBlock());
-//    Assert.assertEquals("AuthBlockType", AuthHandlerConstants.AuthBlockType.JWS, session.getSignedAuthBlockType());
-
     Assert.assertEquals("LoA", "http://eidas.europa.eu/LoA/low", session.getQaaLevel());
-//    Assert.assertEquals("CountryCode", "IT", session.getGenericDataFromSession(
-//        ExtendedPvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
     Assert.assertEquals("IssueInstant", "2014-03-05T06:39:51Z", session.getIssueInstantString());
 
-//    Assert.assertNull("SigCert", session.getEncodedSignerCertificate());
-
-//    Assert.assertFalse("Mandate flag", session.isMandateUsed());
-//    Assert.assertNull("MandateInfos", session.getMandateDate());
+    //TODO:
 
-    Assert.assertNull("MandateType", session.getGenericDataFromSession(
-        ExtendedPvpAttributeDefinitions.MANDATE_TYPE_NAME, String.class));
-    Assert.assertNull("Legal Person CommonName", session.getGenericDataFromSession(
-        ExtendedPvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, String.class));
-    Assert.assertNull("Legal Person SourcePin",session.getGenericDataFromSession(
-        ExtendedPvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, String.class));
-    Assert.assertNull("Legal Person SourcePinType", session.getGenericDataFromSession(
-        ExtendedPvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, String.class));
   }
 
   @Test
@@ -600,9 +513,6 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
       Pvp2MetadataException, CredentialsNotAvailableException, XMLParserException, UnmarshallingException,
       MarshallingException, TransformerException, TaskExecutionException, EaafStorageException {
 
-    oaParam.putGenericConfigurationKey(
-        IdAustriaClientAuthConstants.CONFIG_PROPS_APPSPECIFIC_EIDAS_NODE_URL, METADATA_PATH);
-
     metadataProvider.addMetadataResolverIntoChain(metadataFactory.createMetadataProvider(
         METADATA_PATH, null, "jUnit IDP", null));
 
@@ -612,17 +522,18 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
         credentialProvider.getMessageSigningCredential(),
         true);
     httpReq.addParameter("SAMLResponse", Base64.getEncoder().encodeToString(
-        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes("UTF-8")));
+        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes(
+            "UTF-8")));
 
-    //put SimpleEidasData in session
+    // put SimpleEidasData in session
     final AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
-    SimpleEidasData eidData = new SimpleEidasData();
+    final SimpleEidasData eidData = new SimpleEidasData();
     eidData.setFamilyName("Mustermann1");
     eidData.setGivenName("Max");
     eidData.setDateOfBirth("1940-01-01");
     authProcessData.setGenericDataToSession(Constants.DATA_SIMPLE_EIDAS, eidData);
 
-    //perform task
+    // perform task
     try {
       task.execute(pendingReq, executionContext);
       Assert.fail("Invalid response not detected");
@@ -634,171 +545,18 @@ public class ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest {
       org.springframework.util.Assert.isInstanceOf(AuthnResponseValidationException.class,
           e.getOriginalException());
       Assert.assertTrue(e.getOriginalException().getCause() instanceof InvalidUserInputException);
-      }
-
-  }
-
-  @Test
-  public void httpPostValidSignedAssertionLegacyValid() throws IOException, SamlSigningException,
-      Pvp2MetadataException, CredentialsNotAvailableException, XMLParserException, UnmarshallingException,
-      MarshallingException, TransformerException, TaskExecutionException, EaafStorageException {
-//    authConfig.putConfigValue(AuthHandlerConstants.PROP_CONFIG_LEGACY_ALLOW, "true");
-    oaParam.putGenericConfigurationKey(
-        IdAustriaClientAuthConstants.CONFIG_PROPS_APPSPECIFIC_EIDAS_NODE_URL, METADATA_PATH);
-
-    metadataProvider.addMetadataResolverIntoChain(metadataFactory.createMetadataProvider(
-        METADATA_PATH, null, "jUnit IDP", null));
-
-    //put SimpleEidasData in session
-    final AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
-    SimpleEidasData eidData = new SimpleEidasData();
-    eidData.setFamilyName("Mustermann");
-    eidData.setGivenName("Max");
-    eidData.setDateOfBirth("1940-01-01");
-    authProcessData.setGenericDataToSession(Constants.DATA_SIMPLE_EIDAS, eidData);
-
-    final Response response = initializeResponse(
-        "classpath:/data/idp_metadata_classpath_entity.xml",
-        "/data/Response_with_legacy.xml",
-        credentialProvider.getMessageSigningCredential(),
-        true);
-    httpReq.addParameter("SAMLResponse", Base64.getEncoder().encodeToString(
-        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes("UTF-8")));
-
-    String piiTransId = pendingReq.getUniquePiiTransactionIdentifier();
-
-    //perform task
-    task.execute(pendingReq, executionContext);
-
-    //validate state
-//    Assert.assertFalse("Wrong EID-Process flag",
-//        (boolean) executionContext.get(AuthHandlerConstants.PROCESSCONTEXT_WAS_EID_PROCESS));
-//    Assert.assertFalse("Wrong Mandate flag",
-//        (boolean) executionContext.get(AuthHandlerConstants.HTTP_PARAM_USE_MANDATES));
-
-    Assert.assertEquals("piiTransactionId", piiTransId, pendingReq.getUniquePiiTransactionIdentifier());
-
-    final AuthProcessDataWrapper session = pendingReq.getSessionData(AuthProcessDataWrapper.class);
-
-    Assert.assertFalse("E-ID flag", session.isEidProcess());
-//    Assert.assertTrue("Foreign flag", session.isForeigner());
-    Assert.assertEquals("LoA", "http://eidas.europa.eu/LoA/test", session.getQaaLevel());
-//    Assert.assertEquals("CountryCode", "AB", session.getGenericDataFromSession(
-//        ExtendedPvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
-    Assert.assertEquals("IssueInstant", "2014-03-05T06:39:51Z", session.getIssueInstantString());
-
-//    Assert.assertEquals("FamilyName", "Mustermann", session.getGenericDataFromSession(
-//        ExtendedPvpAttributeDefinitions.PRINCIPAL_NAME_NAME, String.class));
-//    Assert.assertEquals("Givenname", "Max", session.getGenericDataFromSession(
-//        ExtendedPvpAttributeDefinitions.GIVEN_NAME_NAME, String.class));
-//    Assert.assertEquals("DateOfBirth", "1940-01-01", session.getGenericDataFromSession(
-//        ExtendedPvpAttributeDefinitions.BIRTHDATE_NAME, String.class));
-//
-//    Assert.assertEquals("bPK", "BF:QVGm48cqcM4UcyhDTNGYmVdrIoY=", session.getGenericDataFromSession(
-//        ExtendedPvpAttributeDefinitions.BPK_NAME, String.class));
-//    Assert.assertEquals("bPK-Target", "urn:publicid:gv.at:cdid+BF", session.getGenericDataFromSession(
-//        ExtendedPvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME, String.class));
-//    Assert.assertEquals("AuthBlock", TEST_SIGNED_AUTHBLOCK, session.getGenericDataFromSession(
-//        ExtendedPvpAttributeDefinitions.EID_IDENTITY_LINK_NAME, String.class));
-
-//    Assert.assertNull("SigCert", session.getEncodedSignerCertificate());
-//    Assert.assertNull("eidasBind", session.getQcBind());
-//    Assert.assertNull("signedConsent", session.getSignedAuthBlock());
-//    Assert.assertEquals("signedConsentType", AuthBlockType.NONE, session.getSignedAuthBlockType());
-
-    Assert.assertFalse("Mandate flag", session.isMandateUsed());
-//    Assert.assertNull("MandateInfos", session.getMandateDate());
-
-  }
-
-  @Test
-  public void httpPostValidSignedAssertionWithLegacyAndEid() throws IOException, SamlSigningException,
-      Pvp2MetadataException, CredentialsNotAvailableException, XMLParserException, UnmarshallingException,
-      MarshallingException, TransformerException, TaskExecutionException, EaafStorageException {
-
-    oaParam.putGenericConfigurationKey(
-        IdAustriaClientAuthConstants.CONFIG_PROPS_APPSPECIFIC_EIDAS_NODE_URL, METADATA_PATH);
-
-    metadataProvider.addMetadataResolverIntoChain(metadataFactory.createMetadataProvider(
-        METADATA_PATH, null, "jUnit IDP", null));
-
-    //put SimpleEidasData in session
-    final AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
-    SimpleEidasData eidData = new SimpleEidasData();
-    eidData.setFamilyName("Mustermann");
-    eidData.setGivenName("Max");
-    eidData.setDateOfBirth("1940-01-01");
-    authProcessData.setGenericDataToSession(Constants.DATA_SIMPLE_EIDAS, eidData);
-
-    final Response response = initializeResponse(
-        "classpath:/data/idp_metadata_classpath_entity.xml",
-        "/data/Response_with_legacy_and_EID.xml",
-        credentialProvider.getMessageSigningCredential(),
-        true);
-    httpReq.addParameter("SAMLResponse", Base64.getEncoder().encodeToString(
-        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes("UTF-8")));
-
-    //perform task
-    task.execute(pendingReq, executionContext);
-
-    //validate state
-//    Assert.assertTrue("Wrong EID-Process flag",
-//        (boolean) executionContext.get(AuthHandlerConstants.PROCESSCONTEXT_WAS_EID_PROCESS));
-    final AuthProcessDataWrapper session = pendingReq.getSessionData(AuthProcessDataWrapper.class);
-//    Assert.assertFalse("Wrong Mandate flag",
-//        (boolean) executionContext.get(AuthHandlerConstants.HTTP_PARAM_USE_MANDATES));
-
-//    Assert.assertTrue("E-ID flag", session.isEidProcess());
-//    Assert.assertTrue("Foreign flag", session.isForeigner());
-    Assert.assertEquals("LoA", "http://eidas.europa.eu/LoA/test", session.getQaaLevel());
-//    Assert.assertEquals("CountryCode", "AB", session.getGenericDataFromSession(
-//        ExtendedPvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
-    Assert.assertEquals("IssueInstant", "2014-03-05T06:39:51Z", session.getIssueInstantString());
-
-//    Assert.assertEquals("eidasBind", EIDAS_BIND, session.getQcBind());
-//    Assert.assertArrayEquals("signedConsent",
-//        Base64.getDecoder().decode(TEST_SIGNED_AUTHBLOCK), session.getSignedAuthBlock());
-
-//    Assert.assertEquals("FamilyName", "Mustermann", session.getGenericDataFromSession(
-//        ExtendedPvpAttributeDefinitions.PRINCIPAL_NAME_NAME, String.class));
-//    Assert.assertEquals("Givenname", "Max", session.getGenericDataFromSession(
-//        ExtendedPvpAttributeDefinitions.GIVEN_NAME_NAME, String.class));
-//    Assert.assertEquals("DateOfBirth", "1940-01-01", session.getGenericDataFromSession(
-//        ExtendedPvpAttributeDefinitions.BIRTHDATE_NAME, String.class));
-//
-//    Assert.assertEquals("FamilyName", "BF:QVGm48cqcM4UcyhDTNGYmVdrIoY=", session.getGenericDataFromSession(
-//        ExtendedPvpAttributeDefinitions.BPK_NAME, String.class));
-//    Assert.assertEquals("FamilyName", "urn:publicid:gv.at:cdid+BF", session.getGenericDataFromSession(
-//        ExtendedPvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME, String.class));
-//    Assert.assertEquals("FamilyName", TEST_SIGNED_AUTHBLOCK, session.getGenericDataFromSession(
-//        ExtendedPvpAttributeDefinitions.EID_IDENTITY_LINK_NAME, String.class));
-
-//    Assert.assertNull("SigCert", session.getEncodedSignerCertificate());
-
-    Assert.assertFalse("Mandate flag", session.isMandateUsed());
-//    Assert.assertNull("MandateInfos", session.getMandateDate());
-
-    Assert.assertNull("MandateType", session.getGenericDataFromSession(
-        ExtendedPvpAttributeDefinitions.MANDATE_TYPE_NAME, String.class));
-    Assert.assertNull("Legal Person CommonName", session.getGenericDataFromSession(
-        ExtendedPvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, String.class));
-    Assert.assertNull("Legal Person SourcePin",session.getGenericDataFromSession(
-        ExtendedPvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, String.class));
-    Assert.assertNull("Legal Person SourcePinType", session.getGenericDataFromSession(
-        ExtendedPvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, String.class));
+    }
 
   }
 
-
-
-
   private Response initializeResponse(String idpEntityId, String responsePath, EaafX509Credential credential,
-                                      boolean validConditions) throws SamlSigningException, XMLParserException, UnmarshallingException,
+      boolean validConditions) throws SamlSigningException, XMLParserException, UnmarshallingException,
       Pvp2MetadataException {
 
     final Response response = (Response) XMLObjectSupport.unmarshallFromInputStream(
         XMLObjectProviderRegistrySupport.getParserPool(),
-        ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest.class.getResourceAsStream(responsePath));
+        ReceiveMobilePhoneSignatureResponseAndSearchInRegistersTaskTest.class.getResourceAsStream(
+            responsePath));
     response.setIssueInstant(DateTime.now());
     final Issuer issuer = Saml2Utils.createSamlObject(Issuer.class);
     issuer.setValue(idpEntityId);