aboutsummaryrefslogtreecommitdiff
path: root/eidas_modules/authmodule-eIDAS-v2/src/test/java/at
diff options
context:
space:
mode:
authorThomas Lenz <thomas.lenz@egiz.gv.at>2020-12-21 18:10:37 +0100
committerThomas Lenz <thomas.lenz@egiz.gv.at>2020-12-22 08:31:36 +0100
commitf2430c98c248907d27207dba30da96483f6db45e (patch)
tree681bca8c2697e1bba57f51be2605e31539f03424 /eidas_modules/authmodule-eIDAS-v2/src/test/java/at
parentd8a6a3a0fa27f6ea487c9fc4006f705383780917 (diff)
downloadNational_eIDAS_Gateway-f2430c98c248907d27207dba30da96483f6db45e.tar.gz
National_eIDAS_Gateway-f2430c98c248907d27207dba30da96483f6db45e.tar.bz2
National_eIDAS_Gateway-f2430c98c248907d27207dba30da96483f6db45e.zip
add jUnit tests improve test coverage
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2/src/test/java/at')
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java4
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java244
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java18
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java4
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java178
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java464
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskSecondTest.java140
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java416
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskThirdTest.java106
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java193
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java139
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java6
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java8
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java31
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java333
15 files changed, 1921 insertions, 363 deletions
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java
index c66d8ec0..088c835c 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java
@@ -30,7 +30,9 @@ import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
public class EidasAuthenticationModulImplTest {
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java
new file mode 100644
index 00000000..d2973e1d
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java
@@ -0,0 +1,244 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+
+import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+
+import java.io.IOException;
+import java.net.URISyntaxException;
+import java.util.Arrays;
+import java.util.Base64;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+
+import at.asitplus.eidas.specific.connector.test.config.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.connector.test.config.MsConnectorDummySpConfiguration;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyProtocolAuthService;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import eu.eidas.auth.commons.EidasParameterKeys;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse.Builder;
+import eu.eidas.auth.commons.tx.BinaryLightToken;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@PrepareForTest(CreateIdentityLinkTask.class)
+@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
+@EnableWebMvc
+public class EidasSignalServletTest {
+
+ @Autowired private MsConnectorDummyConfigMap basicConfig;
+ @Autowired private EidasSignalServlet controller;
+ @Autowired private IRequestStorage storage;
+ @Autowired private ITransactionStorage transStore;
+ @Autowired private DummyProtocolAuthService protAuthService;
+ @Autowired private DummySpecificCommunicationService connector;
+
+
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+ private TestRequestImpl pendingReq;
+ private MsConnectorDummySpConfiguration oaParam;
+
+
+ /**
+ * jUnit test set-up.
+ */
+ @Before
+ public void setUp() throws EaafStorageException, URISyntaxException {
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ final Map<String, String> spConfig = new HashMap<>();
+ spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+ spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+ spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true");
+ oaParam = new MsConnectorDummySpConfiguration(spConfig, basicConfig);
+ oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH));
+ pendingReq = new TestRequestImpl();
+
+ pendingReq.setSpConfig(oaParam);
+ pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+ pendingReq.setAuthUrl("http://test.com/");
+ pendingReq.setTransactionId("avaasbav");
+ pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
+
+ connector.setiLightResponse(null);
+
+
+ }
+
+ @Test
+ public void noResponsToken() throws IOException, EaafException {
+ //set-up
+
+ //execute test
+ controller.restoreEidasAuthProcess(httpReq, httpResp);
+
+ //validate state
+ Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+ Assert.assertNotNull("missing error", protAuthService.getException());
+ Assert.assertEquals("Wrong errorId", "auth.26",
+ ((EaafException) protAuthService.getException()).getErrorId());
+
+ }
+
+ @Test
+ public void unknownResponseToken() throws IOException, EaafException {
+ //set-up
+ httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),
+ RandomStringUtils.randomAlphanumeric(10));
+
+ //execute test
+ controller.restoreEidasAuthProcess(httpReq, httpResp);
+
+ //validate state
+ Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+ Assert.assertNotNull("missing error", protAuthService.getException());
+ Assert.assertEquals("Wrong errorId", "auth.26",
+ ((EaafException) protAuthService.getException()).getErrorId());
+
+ }
+
+ @Test
+ public void withRelayState() throws IOException, EaafException, SpecificCommunicationException {
+ //set-up
+ String relayState = RandomStringUtils.randomAlphanumeric(10);
+ pendingReq.setPendingReqId(relayState);
+ storage.storePendingRequest(pendingReq);
+
+ Builder iLightResponse = new AuthenticationResponse.Builder();
+ iLightResponse.id("_".concat(Random.nextHexRandom16()))
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .subject(RandomStringUtils.randomAlphabetic(10))
+ .statusCode(Constants.SUCCESS_URI)
+ .inResponseTo("_".concat(Random.nextHexRandom16()))
+ .subjectNameIdFormat("afaf")
+ .relayState(relayState);
+
+ AuthenticationResponse eidasResp = iLightResponse.build();
+ BinaryLightToken token = connector.putResponse(eidasResp);
+ httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),
+ Base64.getEncoder().encodeToString(token.getTokenBytes()));
+
+
+ //execute test
+ controller.restoreEidasAuthProcess(httpReq, httpResp);
+
+
+ //validate state
+ Assert.assertNotNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+ Assert.assertEquals("wrong eIDAS response", eidasResp,
+ httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+
+ Assert.assertNotNull("missing error", protAuthService.getException());
+ Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'",
+ ((EaafException) protAuthService.getException()).getErrorId());
+
+ }
+
+ @Test
+ public void withOutRelayStateMissingPendingReq() throws IOException, EaafException, SpecificCommunicationException {
+ //set-up
+ String pendingReqId = RandomStringUtils.randomAlphanumeric(10);
+ pendingReq.setPendingReqId(pendingReqId);
+ storage.storePendingRequest(pendingReq);
+
+ String inResponseTo = "_".concat(Random.nextHexRandom16());
+
+ Builder iLightResponse = new AuthenticationResponse.Builder();
+ iLightResponse.id("_".concat(Random.nextHexRandom16()))
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .subject(RandomStringUtils.randomAlphabetic(10))
+ .statusCode(Constants.SUCCESS_URI)
+ .inResponseTo(inResponseTo)
+ .subjectNameIdFormat("afaf");
+
+ AuthenticationResponse eidasResp = iLightResponse.build();
+ BinaryLightToken token = connector.putResponse(eidasResp);
+ httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),
+ Base64.getEncoder().encodeToString(token.getTokenBytes()));
+
+
+ //execute test
+ controller.restoreEidasAuthProcess(httpReq, httpResp);
+
+
+ //validate state
+ Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+ Assert.assertNotNull("missing error", protAuthService.getException());
+ Assert.assertEquals("Wrong errorId", "auth.26",
+ ((EaafException) protAuthService.getException()).getErrorId());
+
+ }
+
+ @Test
+ public void withInResponseToElement() throws IOException, EaafException, SpecificCommunicationException {
+ //set-up
+ String pendingReqId = RandomStringUtils.randomAlphanumeric(10);
+ pendingReq.setPendingReqId(pendingReqId);
+ storage.storePendingRequest(pendingReq);
+
+ String inResponseTo = "_".concat(Random.nextHexRandom16());
+ transStore.put(inResponseTo, pendingReqId, -1);
+
+ Builder iLightResponse = new AuthenticationResponse.Builder();
+ iLightResponse.id("_".concat(Random.nextHexRandom16()))
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .subject(RandomStringUtils.randomAlphabetic(10))
+ .statusCode(Constants.SUCCESS_URI)
+ .inResponseTo(inResponseTo)
+ .subjectNameIdFormat("afaf");
+
+ AuthenticationResponse eidasResp = iLightResponse.build();
+ BinaryLightToken token = connector.putResponse(eidasResp);
+ httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),
+ Base64.getEncoder().encodeToString(token.getTokenBytes()));
+
+
+ //execute test
+ controller.restoreEidasAuthProcess(httpReq, httpResp);
+
+
+ //validate state
+ Assert.assertNotNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+ Assert.assertEquals("wrong eIDAS response", eidasResp,
+ httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+
+ Assert.assertNotNull("missing error", protAuthService.getException());
+ Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'",
+ ((EaafException) protAuthService.getException()).getErrorId());
+
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java
index 9709aeb9..b54b8800 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java
@@ -31,7 +31,6 @@ import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchProviderException;
-import java.util.Arrays;
import java.util.List;
import javax.xml.bind.JAXBContext;
@@ -45,7 +44,6 @@ import org.apache.commons.lang3.StringUtils;
import org.apache.cxf.binding.soap.SoapFault;
import org.junit.Assert;
import org.junit.Before;
-import org.junit.BeforeClass;
import org.junit.Ignore;
import org.junit.Rule;
import org.junit.Test;
@@ -88,7 +86,9 @@ import szrservices.SignContentResponseType;
import szrservices.TravelDocumentType;
@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
public class SzrClientTest {
private static final Logger log = LoggerFactory.getLogger(SzrClientTest.class);
@@ -110,18 +110,6 @@ public class SzrClientTest {
public SoapServiceRule soap = SoapServiceRule.newInstance();
/**
- * jUnit class initializer.
- *
- * @throws IOException In case of an error
- */
- @BeforeClass
- public static void classInitializer() throws IOException {
- final String current = new java.io.File(".").toURI().toString();
- System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties");
-
- }
-
- /**
* Initialize jUnit test.
*/
@Before
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java
index 2f573f53..f9a134a6 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java
@@ -61,7 +61,9 @@ import szrservices.TravelDocumentType;
@Ignore
@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_basic_test.xml")
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_realConfig.xml"})
public class SzrClientTestProduction {
private static final Logger log = LoggerFactory.getLogger(SzrClientTestProduction.class);
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
index 44fa01e8..8cda745a 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
@@ -6,8 +6,6 @@ import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify;
import static org.powermock.api.mockito.PowerMockito.when;
-import java.io.IOException;
-import java.net.URI;
import java.net.URISyntaxException;
import java.security.KeyStore;
import java.security.Provider;
@@ -19,8 +17,6 @@ import java.util.Iterator;
import java.util.List;
import java.util.Map;
-import javax.xml.namespace.QName;
-
import org.apache.commons.lang3.RandomStringUtils;
import org.jetbrains.annotations.NotNull;
import org.jose4j.jwa.AlgorithmConstraints;
@@ -28,7 +24,6 @@ import org.jose4j.jwa.AlgorithmConstraints.ConstraintType;
import org.jose4j.jws.AlgorithmIdentifiers;
import org.junit.Assert;
import org.junit.Before;
-import org.junit.BeforeClass;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
@@ -48,6 +43,7 @@ import com.fasterxml.jackson.databind.ObjectMapper;
import com.skjolberg.mockito.soap.SoapServiceRule;
import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.connector.test.config.MsConnectorDummyConfigMap;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
@@ -59,7 +55,6 @@ import at.gv.egiz.eaaf.core.api.IRequestStorage;
import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
@@ -75,7 +70,7 @@ import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
import at.gv.egiz.eaaf.core.impl.utils.Random;
import eu.eidas.auth.commons.attribute.AttributeDefinition;
import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
-import eu.eidas.auth.commons.attribute.PersonType;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap.Builder;
import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
import lombok.val;
import szrservices.JwsHeaderParam;
@@ -85,18 +80,18 @@ import szrservices.SignContentEntry;
import szrservices.SignContentResponseType;
@RunWith(SpringJUnit4ClassRunner.class)
-//@RunWith(PowerMockRunner.class)
-//@PowerMockRunnerDelegate(SpringJUnit4ClassRunner.class)
@PrepareForTest(CreateIdentityLinkTask.class)
@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
public class CreateIdentityLinkTaskEidNewTest {
@Autowired(required = true)
private CreateIdentityLinkTask task;
@Autowired(required = true)
- private IConfiguration basicConfig;
+ private MsConnectorDummyConfigMap basicConfig;
@Autowired
protected EidasAttributeRegistry attrRegistry;
@@ -129,18 +124,6 @@ public class CreateIdentityLinkTaskEidNewTest {
public final SoapServiceRule soap = SoapServiceRule.newInstance();
/**
- * jUnit class initializer.
- *
- * @throws IOException In case of an error
- */
- @BeforeClass
- public static void classInitializer() throws IOException {
- final String current = new java.io.File(".").toURI().toString();
- System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_3.properties");
-
- }
-
- /**
* jUnit test set-up.
*/
@Before
@@ -150,7 +133,9 @@ public class CreateIdentityLinkTaskEidNewTest {
httpResp = new MockHttpServletResponse();
RequestContextHolder.resetRequestAttributes();
RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
-
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+
final Map<String, String> spConfig = new HashMap<>();
spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
@@ -158,10 +143,11 @@ public class CreateIdentityLinkTaskEidNewTest {
oaParam = new DummySpConfiguration(spConfig, basicConfig);
pendingReq = new TestRequestImpl();
- response = buildDummyAuthResponse();
-
+ response = buildDummyAuthResponse(false);
pendingReq.getSessionData(AuthProcessDataWrapper.class)
.setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+
+
pendingReq.setSpConfig(oaParam);
pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
pendingReq.setAuthUrl("http://test.com/");
@@ -175,8 +161,12 @@ public class CreateIdentityLinkTaskEidNewTest {
}
@Test
- public void successfulProcess() throws Exception {
+ public void successfulProcessWithDeInfos() throws Exception {
//initialize test
+ response = buildDummyAuthResponse(true);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+
String vsz = RandomStringUtils.randomNumeric(10);
when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz);
val signContentResp = new SignContentResponseType();
@@ -255,6 +245,15 @@ public class CreateIdentityLinkTaskEidNewTest {
.toString().split("T")[0],
person.getPerson().getDateOfBirth());
+ Assert.assertEquals("PlaceOfBirth",
+ response.getAttributes().getAttributeValuesByFriendlyName("PlaceOfBirth").getFirstValue(
+ response.getAttributes().getDefinitionsByFriendlyName("PlaceOfBirth").iterator().next()),
+ person.getPerson().getPlaceOfBirth());
+ Assert.assertEquals("BirthName",
+ response.getAttributes().getAttributeValuesByFriendlyName("BirthName").getFirstValue(
+ response.getAttributes().getDefinitionsByFriendlyName("BirthName").iterator().next()),
+ person.getPerson().getAlternativeName().getFamilyName());
+
Assert.assertEquals("CitizenCountry", "LU", person.getTravelDocument().getIssuingCountry());
Assert.assertEquals("DocumentType", "ELEKTR_DOKUMENT", person.getTravelDocument().getDocumentType());
@@ -304,6 +303,81 @@ public class CreateIdentityLinkTaskEidNewTest {
}
@Test
+ public void successfulProcessWithStandardInfos() throws Exception {
+ //initialize test
+ String vsz = RandomStringUtils.randomNumeric(10);
+ when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz);
+ val signContentResp = new SignContentResponseType();
+ final SignContentEntry signContentEntry = new SignContentEntry();
+ signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10));
+ signContentResp.getOut().add(signContentEntry);
+ when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp);
+
+ String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ // check if pendingRequest was stored
+ IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+
+ //check data in session
+ final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+ Assert.assertNotNull("AuthProcessData", authProcessData);
+ Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class));
+
+ String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);
+ Assert.assertNotNull("AuthBlock", authBlock);
+
+ Assert.assertTrue("EID process", authProcessData.isEidProcess());
+ Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+ Assert.assertEquals("EID-ISSUING_NATION", "LU",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+ Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+ Assert.assertEquals("LoA", response.getLevelOfAssurance(),
+ authProcessData.getQaaLevel());
+
+ // check vsz request
+ ArgumentCaptor<PersonInfoType> argument4 = ArgumentCaptor.forClass(PersonInfoType.class);
+ ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class);
+ verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture());
+
+ Boolean param5 = argument5.getValue();
+ Assert.assertTrue("insertERnP flag", param5);
+ PersonInfoType person = argument4.getValue();
+ Assert.assertEquals("FamilyName",
+ response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue(
+ response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()),
+ person.getPerson().getName().getFamilyName());
+ Assert.assertEquals("GivenName",
+ response.getAttributes().getAttributeValuesByFriendlyName("FirstName").getFirstValue(
+ response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()),
+ person.getPerson().getName().getGivenName());
+ Assert.assertEquals("DateOfBirth",
+ response.getAttributes().getAttributeValuesByFriendlyName("DateOfBirth").getFirstValue(
+ response.getAttributes().getDefinitionsByFriendlyName("DateOfBirth").iterator().next())
+ .toString().split("T")[0],
+ person.getPerson().getDateOfBirth());
+
+ Assert.assertNull("PlaceOfBirth", person.getPerson().getPlaceOfBirth());
+ Assert.assertNull("BirthName", person.getPerson().getAlternativeName());
+
+ Assert.assertEquals("CitizenCountry", "LU", person.getTravelDocument().getIssuingCountry());
+ Assert.assertEquals("DocumentType", "ELEKTR_DOKUMENT", person.getTravelDocument().getDocumentType());
+
+ Assert.assertEquals("Identifier",
+ response.getAttributes().getAttributeValuesByFriendlyName("PersonIdentifier").getFirstValue(
+ response.getAttributes().getDefinitionsByFriendlyName("PersonIdentifier").iterator().next())
+ .toString().split("/")[2],
+ person.getTravelDocument().getDocumentNumber());
+
+
+ }
+
+ @Test
public void getStammzahlEncryptedExceptionTest() throws Exception {
try {
when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(null);
@@ -355,38 +429,40 @@ public class CreateIdentityLinkTaskEidNewTest {
}
@NotNull
- private AuthenticationResponse buildDummyAuthResponse() throws URISyntaxException {
- final AttributeDefinition attributeDef = AttributeDefinition.builder()
- .friendlyName(Constants.eIDAS_ATTR_PERSONALIDENTIFIER).nameUri(new URI("ad", "sd", "ff"))
- .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", "af"))
- .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller").build();
- final AttributeDefinition attributeDef2 = AttributeDefinition.builder()
- .friendlyName(Constants.eIDAS_ATTR_CURRENTFAMILYNAME).nameUri(new URI("ad", "sd", "fff"))
- .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", "aff"))
- .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller").build();
- final AttributeDefinition attributeDef3 = AttributeDefinition.builder()
- .friendlyName(Constants.eIDAS_ATTR_CURRENTGIVENNAME).nameUri(new URI("ad", "sd", "ffff"))
- .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", "afff"))
- .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller").build();
- final AttributeDefinition attributeDef4 = AttributeDefinition.builder()
- .friendlyName(Constants.eIDAS_ATTR_DATEOFBIRTH).nameUri(new URI("ad", "sd", "fffff"))
- .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", "affff"))
- .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.DateTimeAttributeValueMarshaller").build();
-
- final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder()
- .put(attributeDef, "LU/ST/" + RandomStringUtils.randomNumeric(64))
- .put(attributeDef2, RandomStringUtils.randomAlphabetic(10))
- .put(attributeDef3, RandomStringUtils.randomAlphabetic(10)).put(attributeDef4, "2001-01-01").build();
+ private AuthenticationResponse buildDummyAuthResponse(boolean withAll) throws URISyntaxException {
+ final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+ final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first();
+ final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_CURRENTGIVENNAME).first();
+ final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_DATEOFBIRTH).first();
+ final AttributeDefinition attributeDef5 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_PLACEOFBIRTH).first();
+ final AttributeDefinition attributeDef6 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_BIRTHNAME).first();
+
+ final Builder attributeMap = ImmutableAttributeMap.builder();
+ attributeMap.put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64));
+ attributeMap.put(attributeDef2, RandomStringUtils.randomAlphabetic(10));
+ attributeMap.put(attributeDef3, RandomStringUtils.randomAlphabetic(10));
+ attributeMap.put(attributeDef4, "2001-01-01");
+ if (withAll) {
+ attributeMap.put(attributeDef5, RandomStringUtils.randomAlphabetic(10));
+ attributeMap.put(attributeDef6, RandomStringUtils.randomAlphabetic(10));
+
+ }
val b = new AuthenticationResponse.Builder();
return b.id("_".concat(Random.nextHexRandom16()))
.issuer(RandomStringUtils.randomAlphabetic(10))
.subject(RandomStringUtils.randomAlphabetic(10))
- .statusCode("200")
+ .statusCode(Constants.SUCCESS_URI)
.inResponseTo("_".concat(Random.nextHexRandom16()))
.subjectNameIdFormat("afaf")
.levelOfAssurance(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5))
- .attributes(attributeMap)
+ .attributes(attributeMap.build())
.build();
}
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
new file mode 100644
index 00000000..382041e5
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
@@ -0,0 +1,464 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+import static org.mockito.ArgumentMatchers.any;
+
+import java.net.URISyntaxException;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Unmarshaller;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.jetbrains.annotations.NotNull;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import com.skjolberg.mockito.soap.SoapServiceRule;
+
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.connector.test.config.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
+import lombok.val;
+import szrservices.GetBPK;
+import szrservices.GetBPKResponse;
+import szrservices.GetIdentityLinkEidasResponse;
+import szrservices.PersonInfoType;
+import szrservices.SZR;
+import szrservices.SZRException_Exception;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@PrepareForTest(CreateIdentityLinkTask.class)
+@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
+public class CreateIdentityLinkTaskTest {
+
+ @Autowired(required = true)
+ private CreateIdentityLinkTask task;
+
+ @Autowired(required = true)
+ private MsConnectorDummyConfigMap basicConfig;
+ @Autowired
+ protected EidasAttributeRegistry attrRegistry;
+
+ @Autowired
+ EaafKeyStoreFactory keyStoreFactory;
+
+ @Autowired
+ private IRequestStorage requestStorage;
+
+ final ExecutionContext executionContext = new ExecutionContextImpl();
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+ private TestRequestImpl pendingReq;
+ private DummySpConfiguration oaParam;
+ private SZR szrMock;
+
+ private AuthenticationResponse response;
+ private Map<String, String> spConfig;
+
+ @Rule
+ public final SoapServiceRule soap = SoapServiceRule.newInstance();
+
+ /**
+ * jUnit test set-up.
+ */
+ @Before
+ public void setUp() throws EaafStorageException, URISyntaxException {
+
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "false");
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "false");
+
+ spConfig = new HashMap<>();
+ spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+ spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+ spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "false");
+ oaParam = new DummySpConfiguration(spConfig, basicConfig);
+ pendingReq = new TestRequestImpl();
+
+ response = buildDummyAuthResponse();
+
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+ pendingReq.setSpConfig(oaParam);
+ pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+ pendingReq.setAuthUrl("http://test.com/");
+ pendingReq.setTransactionId("avaasbav");
+ pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
+
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "XX");
+ executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true);
+
+ szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr");
+ }
+
+
+ @Test
+ public void buildIdentityLink() throws Exception {
+ //initialize test
+ setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+
+ String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+
+
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+
+ //validate state
+ // check if pendingRequest was stored
+ IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+
+ //check data in session
+ final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+ Assert.assertNotNull("AuthProcessData", authProcessData);
+ Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class));
+
+ String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);
+ Assert.assertNull("AuthBlock", authBlock);
+
+ Assert.assertFalse("EID process", authProcessData.isEidProcess());
+ Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+ Assert.assertEquals("EID-ISSUING_NATION", "LU",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+ Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+ Assert.assertEquals("LoA", response.getLevelOfAssurance(),
+ authProcessData.getQaaLevel());
+
+ Assert.assertNotNull("IDL", authProcessData.getIdentityLink());
+ checkElement("Mustermann", authProcessData.getIdentityLink().getFamilyName());
+ checkElement("Hans", authProcessData.getIdentityLink().getGivenName());
+ checkElement("1989-05-05", authProcessData.getIdentityLink().getDateOfBirth());
+ checkElement("urn:publicid:gv.at:baseid", authProcessData.getIdentityLink().getIdentificationType());
+ checkElement("k+zDM1BVpN1WJO4x7ZQ3ng==", authProcessData.getIdentityLink().getIdentificationValue());
+ Assert.assertNotNull(authProcessData.getIdentityLink().getSerializedSamlAssertion());
+ Assert.assertNotNull(authProcessData.getIdentityLink().getSamlAssertion());
+
+ Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+ Assert.assertEquals("wrong bPK", "XX:FkXtOaSSeR3elyL9KLLvijIYDMU=",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+
+ }
+
+ @Test
+ public void buildIdentityLinkWithWbpk() throws Exception {
+ //initialize test
+ setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+ spConfig.put("target", EaafConstants.URN_PREFIX_WBPK + "FN+123456i");
+
+ String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
+
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+
+ //validate state
+ // check if pendingRequest was stored
+ IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+
+ //check data in session
+ final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+ Assert.assertNotNull("AuthProcessData", authProcessData);
+ Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class));
+
+ String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);
+ Assert.assertNull("AuthBlock", authBlock);
+
+ Assert.assertFalse("EID process", authProcessData.isEidProcess());
+ Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+ Assert.assertEquals("EID-ISSUING_NATION", "LU",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+ Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+ Assert.assertEquals("LoA", response.getLevelOfAssurance(),
+ authProcessData.getQaaLevel());
+
+ Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+ Assert.assertEquals("wrong bPK", "FN+123456i:D26vJncPS2W790RH/LP04V+vNOQ=",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+
+ }
+
+ @Test
+ public void buildIdentityLinkWithEidasBpk() throws Exception {
+ //initialize test
+ setSzrResponseIdentityLink("/data/szr/szr_resp_valid_2.xml");
+ spConfig.put("target", EaafConstants.URN_PREFIX_EIDAS + "AT+EU");
+
+ String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
+
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+
+ //validate state
+ // check if pendingRequest was stored
+ IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+
+ //check data in session
+ final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+ Assert.assertNotNull("AuthProcessData", authProcessData);
+ Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class));
+
+ String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);
+ Assert.assertNull("AuthBlock", authBlock);
+
+ Assert.assertFalse("EID process", authProcessData.isEidProcess());
+ Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+ Assert.assertEquals("EID-ISSUING_NATION", "LU",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+ Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+ Assert.assertEquals("LoA", response.getLevelOfAssurance(),
+ authProcessData.getQaaLevel());
+
+ Assert.assertNotNull("IDL", authProcessData.getIdentityLink());
+ checkElement("Musterfrau", authProcessData.getIdentityLink().getFamilyName());
+ checkElement("Martina", authProcessData.getIdentityLink().getGivenName());
+ checkElement("1991-04-15", authProcessData.getIdentityLink().getDateOfBirth());
+ checkElement("urn:publicid:gv.at:baseid", authProcessData.getIdentityLink().getIdentificationType());
+ checkElement("k+zDM1BV1312312332x7ZQ3ng==", authProcessData.getIdentityLink().getIdentificationValue());
+
+ Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+ Assert.assertEquals("wrong bPK", "AT+EU:AT/EU/1+wqDl059/02Ptny0g+LyuLDJV0=",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+
+ }
+
+ @Test
+ public void buildIdentityLinkWithUnknownBpk() throws Exception {
+ //initialize test
+ setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+ spConfig.put("target", "urn:notextis:1234");
+
+ String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
+
+ try {
+ task.execute(pendingReq, executionContext);
+ Assert.fail("unknown bPKType not detected");
+
+ } catch (TaskExecutionException e) {
+ Assert.assertEquals("ErrorId", "builder.33",
+ ((EaafException) e.getOriginalException()).getErrorId());
+ Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())
+ .getParams().length);
+
+ }
+ }
+
+ @Test
+ public void noBpkResult() throws Exception {
+ //initialize test
+ setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+ GetBPKResponse getBpkResp = new GetBPKResponse();
+ org.mockito.Mockito.when(szrMock.getBPK(any(GetBPK.class))).thenReturn(getBpkResp );
+
+ spConfig.put("target", "urn:notextis:1234");
+
+ String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "true");
+
+ try {
+ task.execute(pendingReq, executionContext);
+ Assert.fail("unknown bPKType not detected");
+
+ } catch (TaskExecutionException e) {
+ Assert.assertEquals("ErrorId", "ernb.01",
+ ((EaafException) e.getOriginalException()).getErrorId());
+
+ }
+ }
+
+ @Test
+ public void bPKFromSzr() throws Exception {
+ //initialize test
+ setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+ String bpk = RandomStringUtils.randomAlphanumeric(10);
+ GetBPKResponse getBpkResp = new GetBPKResponse();
+ getBpkResp.getGetBPKReturn().add(bpk);
+ org.mockito.Mockito.when(szrMock.getBPK(any(GetBPK.class))).thenReturn(getBpkResp );
+
+ spConfig.put("target", "urn:notextis:1234");
+
+ String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "true");
+
+ //execute test
+ task.execute(pendingReq, executionContext);
+
+
+ //validate state
+ // check if pendingRequest was stored
+ IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+
+ //check data in session
+ final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+ Assert.assertNotNull("AuthProcessData", authProcessData);
+ Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class));
+
+ String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);
+ Assert.assertNull("AuthBlock", authBlock);
+
+ Assert.assertFalse("EID process", authProcessData.isEidProcess());
+ Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+ Assert.assertEquals("EID-ISSUING_NATION", "LU",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+ Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+ Assert.assertEquals("LoA", response.getLevelOfAssurance(),
+ authProcessData.getQaaLevel());
+
+ Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+ Assert.assertEquals("wrong bPK", bpk,
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+ }
+
+ @Test
+ public void buildDummyIdl() throws Exception {
+ //initialize test
+ String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "true");
+
+
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+
+ //validate state
+ // check if pendingRequest was stored
+ IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+
+ //check data in session
+ final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+ Assert.assertNotNull("AuthProcessData", authProcessData);
+ Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class));
+
+ String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);
+ Assert.assertNull("AuthBlock", authBlock);
+
+ Assert.assertFalse("EID process", authProcessData.isEidProcess());
+ Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+ Assert.assertEquals("EID-ISSUING_NATION", "LU",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+ Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+ Assert.assertEquals("LoA", response.getLevelOfAssurance(),
+ authProcessData.getQaaLevel());
+
+ Assert.assertNotNull("IDL", authProcessData.getIdentityLink());
+
+ }
+
+ private void setSzrResponseIdentityLink(String responseXmlPath) throws JAXBException, SZRException_Exception {
+ final JAXBContext jaxbContext = JAXBContext
+ .newInstance(szrservices.ObjectFactory.class, org.w3._2001._04.xmldsig_more.ObjectFactory.class,
+ org.w3._2000._09.xmldsig.ObjectFactory.class,
+ at.gv.e_government.reference.namespace.persondata._20020228.ObjectFactory.class);
+ final Unmarshaller jaxbUnmarshaller = jaxbContext.createUnmarshaller();
+ final GetIdentityLinkEidasResponse szrResponse = (GetIdentityLinkEidasResponse) jaxbUnmarshaller
+ .unmarshal(this.getClass().getResourceAsStream(responseXmlPath));
+ org.mockito.Mockito.when(szrMock.getIdentityLinkEidas(any(PersonInfoType.class))).thenReturn(szrResponse.getGetIdentityLinkReturn());
+
+ }
+ private void checkElement(String expected, String value) {
+ Assert.assertNotNull(value);
+ Assert.assertEquals(expected, value);
+
+ }
+
+ @NotNull
+ private AuthenticationResponse buildDummyAuthResponse() throws URISyntaxException {
+ final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+ final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first();
+ final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_CURRENTGIVENNAME).first();
+ final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_DATEOFBIRTH).first();
+
+ final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder()
+ .put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64))
+ .put(attributeDef2, RandomStringUtils.randomAlphabetic(10))
+ .put(attributeDef3, RandomStringUtils.randomAlphabetic(10)).put(attributeDef4, "2001-01-01").build();
+
+ val b = new AuthenticationResponse.Builder();
+ return b.id("_".concat(Random.nextHexRandom16()))
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .subject(RandomStringUtils.randomAlphabetic(10))
+ .statusCode("200")
+ .inResponseTo("_".concat(Random.nextHexRandom16()))
+ .subjectNameIdFormat("afaf")
+ .levelOfAssurance(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5))
+ .attributes(attributeMap)
+ .build();
+ }
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskSecondTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskSecondTest.java
deleted file mode 100644
index 10896f48..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskSecondTest.java
+++ /dev/null
@@ -1,140 +0,0 @@
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
-
-import java.io.IOException;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.test.annotation.DirtiesContext;
-import org.springframework.test.annotation.DirtiesContext.ClassMode;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-import org.springframework.web.context.request.RequestContextHolder;
-import org.springframework.web.context.request.ServletRequestAttributes;
-
-import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService;
-import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
-import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
-import at.gv.egiz.eaaf.core.exceptions.EaafException;
-import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
-import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
-import eu.eidas.auth.commons.light.ILightRequest;
-import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
-
-@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
-@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
-public class GenerateAuthnRequestTaskSecondTest {
-
- @Autowired(required = true)
- private GenerateAuthnRequestTask task;
- @Autowired(required = true)
- private DummySpecificCommunicationService commService;
- @Autowired(required = true)
- private IConfiguration basicConfig;
-
- final ExecutionContext executionContext = new ExecutionContextImpl();
- private MockHttpServletRequest httpReq;
- private MockHttpServletResponse httpResp;
- private TestRequestImpl pendingReq;
- private DummySpConfiguration oaParam;
-
- /**
- * jUnit class initializer.
- *
- * @throws IOException In case of an error
- */
- @BeforeClass
- public static void classInitializer() throws IOException {
- final String current = new java.io.File(".").toURI().toString();
- System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties");
-
- }
-
- /**
- * jUnit test set-up.
- *
- */
- @Before
- public void setUp() {
-
- httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
- httpResp = new MockHttpServletResponse();
- RequestContextHolder.resetRequestAttributes();
- RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
-
- final Map<String, String> spConfig = new HashMap<>();
- spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
- spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
- oaParam = new DummySpConfiguration(spConfig, basicConfig);
-
- pendingReq = new TestRequestImpl();
- pendingReq.setSpConfig(oaParam);
- pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
- pendingReq.setAuthUrl("http://test.com/");
-
- }
-
- @Test
- public void noCountryCode() {
- try {
- task.execute(pendingReq, executionContext);
- Assert.fail("No countryCode not detected");
-
- } catch (final TaskExecutionException e) {
- Assert.assertEquals("wrong pendingReqId", pendingReq.getPendingRequestId(), e.getPendingRequestID());
- org.springframework.util.Assert.isInstanceOf(EidasSAuthenticationException.class, e
- .getOriginalException(), "Wrong exception");
- Assert.assertEquals("wrong errorCode", "eidas.03", ((EaafException) e.getOriginalException())
- .getErrorId());
-
- }
-
- }
-
- @Test
- @DirtiesContext
- public void withStaticProviderNameForPublicSPs() throws TaskExecutionException,
- SpecificCommunicationException {
- executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
-
- try {
- task.execute(pendingReq, executionContext);
-
- } catch (final TaskExecutionException e) {
- // forward URL is not set in example config
- org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(),
- "Wrong exception");
- Assert.assertEquals("wrong errorCode", "config.08", ((EaafException) e.getOriginalException())
- .getErrorId());
- Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())
- .getParams().length);
- Assert.assertEquals("wrong errorMsg", Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL, ((EaafException) e
- .getOriginalException()).getParams()[0]);
-
- }
-
- final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
-
- Assert.assertEquals("ProviderName is not Static",
- Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, eidasReq.getProviderName());
- Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
- Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java
index e8fcdd3d..83ac6044 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java
@@ -1,12 +1,12 @@
package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
-import java.io.IOException;
+import java.io.UnsupportedEncodingException;
import java.util.HashMap;
import java.util.Map;
+import org.apache.commons.lang3.RandomStringUtils;
import org.junit.Assert;
import org.junit.Before;
-import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
@@ -20,14 +20,18 @@ import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.connector.test.config.MsConnectorDummyConfigMap;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService;
import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.exceptions.GuiBuildException;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
@@ -36,36 +40,27 @@ import eu.eidas.auth.commons.light.ILightRequest;
import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
-public class GenerateAuthnRequestTaskFirstTest {
+public class GenerateAuthnRequestTaskTest {
@Autowired(required = true)
private GenerateAuthnRequestTask task;
@Autowired(required = true)
private DummySpecificCommunicationService commService;
@Autowired(required = true)
- private IConfiguration basicConfig;
+ private MsConnectorDummyConfigMap basicConfig;
final ExecutionContext executionContext = new ExecutionContextImpl();
private MockHttpServletRequest httpReq;
private MockHttpServletResponse httpResp;
private TestRequestImpl pendingReq;
private DummySpConfiguration oaParam;
-
- /**
- * jUnit class initializer.
- *
- * @throws IOException In case of an error
- */
- @BeforeClass
- public static void classInitializer() throws IOException {
- final String current = new java.io.File(".").toURI().toString();
- System.setProperty("eidas.ms.configuration", current
- + "src/test/resources/config/junit_config_1.properties");
-
- }
-
+ private Map<String, String> spConfig;
+
+
/**
* jUnit test set-up.
*
@@ -78,7 +73,7 @@ public class GenerateAuthnRequestTaskFirstTest {
RequestContextHolder.resetRequestAttributes();
RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
- final Map<String, String> spConfig = new HashMap<>();
+ spConfig = new HashMap<>();
spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
oaParam = new DummySpConfiguration(spConfig, basicConfig);
@@ -88,16 +83,47 @@ public class GenerateAuthnRequestTaskFirstTest {
pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
pendingReq.setAuthUrl("http://test.com/");
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.entityId",
+ RandomStringUtils.randomAlphabetic(10));
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.endpoint",
+ "http://test/" + RandomStringUtils.randomAlphabetic(5));
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+
}
-
+
@Test
- @DirtiesContext
- public void withCustomStaticProviderNameForPublicSPs() throws TaskExecutionException,
- SpecificCommunicationException {
- executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+ public void missingIssuer() {
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+ basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.entityId");
+
+ //execute test
+ try {
+ task.execute(pendingReq, executionContext);
+ Assert.fail("Missing Issuer not detected");
+ } catch (final TaskExecutionException e) {
+ // forward URL is not set in example config
+ org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(),
+ "Wrong exception");
+ Assert.assertEquals("wrong errorCode", "config.27", ((EaafException) e.getOriginalException())
+ .getErrorId());
+ Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())
+ .getParams().length);
+
+ }
+ }
+
+ @Test
+ public void missingForwardUrl() {
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+ basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.forward.endpoint");
+
+ //execute test
try {
task.execute(pendingReq, executionContext);
+ Assert.fail("Missing Forward-URL not detected");
} catch (final TaskExecutionException e) {
// forward URL is not set in example config
@@ -111,12 +137,350 @@ public class GenerateAuthnRequestTaskFirstTest {
.getOriginalException()).getParams()[0]);
}
+ }
+
+ @Test
+ public void selectUnknownStage() {
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+ String stage = RandomStringUtils.randomAlphabetic(5);
+ executionContext.put("selectedEnvironment", stage);
+
+ //execute test
+ try {
+ task.execute(pendingReq, executionContext);
+ Assert.fail("Missing Forward-URL not detected");
+
+ } catch (final TaskExecutionException e) {
+ // forward URL is not set in example config
+ org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(),
+ "Wrong exception");
+ Assert.assertEquals("wrong errorCode", "config.08", ((EaafException) e.getOriginalException())
+ .getErrorId());
+ Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())
+ .getParams().length);
+ Assert.assertEquals("wrong errorMsg", Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL + "." + stage, ((EaafException) e
+ .getOriginalException()).getParams()[0]);
+
+ }
+ }
+
+ @Test
+ public void selectQsEndpoint() throws TaskExecutionException,
+ SpecificCommunicationException, EaafStorageException {
+ //set-up test
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+ executionContext.put("selectedEnvironment", "qs");
+
+ String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.endpoint.qs", dynEndPoint);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+
+
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+ Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+ Assert.assertTrue("Wrong redirect endpoint",
+ ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+
+ }
+
+ @Test
+ public void selectTestEndpoint() throws TaskExecutionException,
+ SpecificCommunicationException, EaafStorageException {
+ //set-up test
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+ executionContext.put("selectedEnvironment", "test");
+
+ String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.endpoint.test", dynEndPoint);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+
+
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+ Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+ Assert.assertTrue("Wrong redirect endpoint",
+ ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+
+ }
+
+ @Test
+ public void selectDevEndpoint() throws TaskExecutionException,
+ SpecificCommunicationException, EaafStorageException {
+ //set-up test
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+ executionContext.put("selectedEnvironment", "dev");
+
+ String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.endpoint.dev", dynEndPoint);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+
+
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+ Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+ Assert.assertTrue("Wrong redirect endpoint",
+ ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+
+ }
+
+ @Test
+ public void noCountryCode() {
+ try {
+ task.execute(pendingReq, executionContext);
+ Assert.fail("No countryCode not detected");
+
+ } catch (final TaskExecutionException e) {
+ Assert.assertEquals("wrong pendingReqId", pendingReq.getPendingRequestId(), e.getPendingRequestID());
+ org.springframework.util.Assert.isInstanceOf(EidasSAuthenticationException.class, e
+ .getOriginalException(), "Wrong exception");
+ Assert.assertEquals("wrong errorCode", "eidas.03", ((EaafException) e.getOriginalException())
+ .getErrorId());
+
+ }
+ }
+
+ @Test
+ public void withStaticProviderNameForPublicSPs() throws TaskExecutionException,
+ SpecificCommunicationException {
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.publicSectorTargets", ".*");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true");
+ basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs");
+
+ //execute test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+ Assert.assertEquals("ProviderName is not Static",
+ Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, eidasReq.getProviderName());
+ Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
+ Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
+
+ }
+
+ @Test
+ public void withCustomStaticProviderNameForPublicSPs() throws TaskExecutionException,
+ SpecificCommunicationException {
+ String cc = RandomStringUtils.randomAlphabetic(2);
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, cc);
+
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.publicSectorTargets", ".*");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs", "myNode");
+
+ //execute test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+ Assert.assertEquals("wrong issuer",
+ basicConfig.getBasicConfiguration("eidas.ms.auth.eIDAS.node_v2.entityId"), eidasReq.getIssuer());
Assert.assertEquals("ProviderName is not Static", "myNode", eidasReq.getProviderName());
Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
+ Assert.assertEquals("wrong CC", cc, eidasReq.getCitizenCountryCode());
+ Assert.assertEquals("NameIdFormat", Constants.eIDAS_REQ_NAMEID_FORMAT, eidasReq.getNameIdFormat());
+
+
+ }
+
+ @Test
+ public void withDynamicProviderNameForPublicSPs() throws TaskExecutionException,
+ SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException {
+ //set-up test
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+ executionContext.put("selectedEnvironment", "prod");
+
+ String providerName = RandomStringUtils.randomAlphanumeric(10);
+ pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+
+ basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false");
+
+ String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+
+ //execute test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+ Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+ Assert.assertTrue("Wrong redirect endpoint",
+ ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+
+
+ final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+ Assert.assertNotNull("ProviderName found", eidasReq.getProviderName());
+ Assert.assertEquals("PrividerName", providerName, eidasReq.getProviderName());
+ Assert.assertNull("RequesterId found", eidasReq.getRequesterId());
+ Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
+ Assert.assertEquals("wrong LoA", EaafConstants.EIDAS_LOA_HIGH,
+ eidasReq.getLevelOfAssurance());
+
+ Assert.assertEquals("Wrong req. attr. size", 4, eidasReq.getRequestedAttributes().size());
+
+ }
+
+ @Test
+ public void withEidasNodePostReqNotValidTemplate() throws TaskExecutionException,
+ SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException {
+ //set-up test
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+ String providerName = RandomStringUtils.randomAlphanumeric(10);
+ pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+
+ basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false");
+
+
+ String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.method", "POST");
+
+ //execute test
+ try {
+ task.execute(pendingReq, executionContext);
+ Assert.fail("Missing template not detected");
+
+ } catch (TaskExecutionException e) {
+ Assert.assertEquals("ErrorCode", "Could not resolve view with name 'eidas_node_forward.html' ",
+ ((GuiBuildException) e.getOriginalException()).getMessage());
+
+ }
+ }
+
+ @Test
+ public void withDynamicProviderNameForPrivateSPs() throws TaskExecutionException,
+ SpecificCommunicationException, EaafStorageException {
+ //set-up test
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+ spConfig.put("target",
+ EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+" + RandomStringUtils.randomNumeric(6));
+ String providerName = RandomStringUtils.randomAlphanumeric(10);
+ pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+
+ basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false");
+
+ String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+
+
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+ Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+ Assert.assertTrue("Wrong redirect endpoint",
+ ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+
+
+ final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+ Assert.assertEquals("PrividerName", providerName, eidasReq.getProviderName());
+ Assert.assertEquals("RequesterId", providerName, eidasReq.getRequesterId());
+ Assert.assertEquals("no PublicSP", "private", eidasReq.getSpType());
+ Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
+
}
+
+ @Test
+ public void withoutProviderNameForPublicSPs() throws TaskExecutionException,
+ SpecificCommunicationException, EaafStorageException {
+ //set-up test
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+ String providerName = RandomStringUtils.randomAlphanumeric(10);
+ pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+
+ basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "false");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "false");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false");
+
+
+ String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+
+
+ //execute test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+
+ final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+ Assert.assertNull("ProviderName found", eidasReq.getProviderName());
+ Assert.assertNull("RequesterId found", eidasReq.getRequesterId());
+ Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
+ Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
+
+ }
+
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskThirdTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskThirdTest.java
deleted file mode 100644
index f2e44ed1..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskThirdTest.java
+++ /dev/null
@@ -1,106 +0,0 @@
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
-
-import java.io.IOException;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.test.annotation.DirtiesContext;
-import org.springframework.test.annotation.DirtiesContext.ClassMode;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-import org.springframework.web.context.request.RequestContextHolder;
-import org.springframework.web.context.request.ServletRequestAttributes;
-
-import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService;
-import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
-import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
-import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
-import eu.eidas.auth.commons.light.ILightRequest;
-import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
-
-@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
-@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
-public class GenerateAuthnRequestTaskThirdTest {
-
- @Autowired(required = true)
- private GenerateAuthnRequestTask task;
- @Autowired(required = true)
- private DummySpecificCommunicationService commService;
- @Autowired(required = true)
- private IConfiguration basicConfig;
-
- final ExecutionContext executionContext = new ExecutionContextImpl();
- private MockHttpServletRequest httpReq;
- private MockHttpServletResponse httpResp;
- private TestRequestImpl pendingReq;
- private DummySpConfiguration oaParam;
-
- /**
- * jUnit class initializer.
- *
- * @throws IOException In case of an error
- */
- @BeforeClass
- public static void classInitializer() throws IOException {
- final String current = new java.io.File(".").toURI().toString();
- System.setProperty("eidas.ms.configuration", current
- + "src/test/resources/config/junit_config_2.properties");
-
- }
-
- /**
- * jUnit test set-up.
- *
- */
- @Before
- public void setUp() {
-
- httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
- httpResp = new MockHttpServletResponse();
- RequestContextHolder.resetRequestAttributes();
- RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
-
- final Map<String, String> spConfig = new HashMap<>();
- spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
- spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
- oaParam = new DummySpConfiguration(spConfig, basicConfig);
-
- pendingReq = new TestRequestImpl();
- pendingReq.setSpConfig(oaParam);
- pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
- pendingReq.setAuthUrl("http://test.com/");
-
- }
-
- @Test
- @DirtiesContext
- public void withDynamicProviderNameForPublicSPs() throws TaskExecutionException,
- SpecificCommunicationException {
- executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
-
- task.execute(pendingReq, executionContext);
- Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
-
- final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
-
- Assert.assertNull("ProviderName found", eidasReq.getProviderName());
- Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
- Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java
new file mode 100644
index 00000000..f5ae9b01
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java
@@ -0,0 +1,193 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+
+import java.net.URISyntaxException;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.jetbrains.annotations.NotNull;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.connector.test.config.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.connector.test.config.MsConnectorDummySpConfiguration;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveAuthnResponseTask;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
+import lombok.val;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@PrepareForTest(CreateIdentityLinkTask.class)
+@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
+public class ReceiveEidasResponseTaskTest {
+
+ @Autowired(required = true)
+ private ReceiveAuthnResponseTask task;
+
+ @Autowired(required = true)
+ private MsConnectorDummyConfigMap basicConfig;
+ @Autowired
+ protected EidasAttributeRegistry attrRegistry;
+
+ @Autowired private IRequestStorage storage;
+
+ final ExecutionContext executionContext = new ExecutionContextImpl();
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+ private TestRequestImpl pendingReq;
+ private MsConnectorDummySpConfiguration oaParam;
+
+ /**
+ * jUnit test set-up.
+ */
+ @Before
+ public void setUp() throws EaafStorageException, URISyntaxException {
+
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+
+ final Map<String, String> spConfig = new HashMap<>();
+ spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+ spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+ spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true");
+ oaParam = new MsConnectorDummySpConfiguration(spConfig, basicConfig);
+ oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH));
+ pendingReq = new TestRequestImpl();
+
+ pendingReq.setSpConfig(oaParam);
+ pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+ pendingReq.setAuthUrl("http://test.com/");
+ pendingReq.setTransactionId("avaasbav");
+ pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
+
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");
+ executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true);
+
+ }
+
+ @Test
+ public void missingEidasResponse() {
+ try {
+ task.execute(pendingReq, executionContext);
+ Assert.fail("No eIDAS response not detected");
+
+ } catch (TaskExecutionException e) {
+ Assert.assertEquals("ErrorId", "eidas.01",
+ ((EaafException) e.getOriginalException()).getErrorId());
+
+ }
+ }
+
+ @Test
+ public void notSuccessEidasResponse() throws URISyntaxException {
+ String statusCode = RandomStringUtils.randomAlphabetic(10);
+ httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE,
+ buildDummyAuthResponse(statusCode));
+
+
+ try {
+ task.execute(pendingReq, executionContext);
+ Assert.fail("No eIDAS response not detected");
+
+ } catch (TaskExecutionException e) {
+ Assert.assertEquals("ErrorId", "eidas.02",
+ ((EaafException) e.getOriginalException()).getErrorId());
+ Assert.assertEquals("wrong parameter size", 2, ((EaafException) e.getOriginalException())
+ .getParams().length);
+ Assert.assertEquals("wrong errorMsg", statusCode, ((EaafException) e
+ .getOriginalException()).getParams()[0]);
+
+ }
+ }
+
+ @Test
+ public void success() throws URISyntaxException, TaskExecutionException, PendingReqIdValidationException {
+ @NotNull
+ AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI);
+ httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");
+
+ //execute test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedReq);
+
+ final AuthProcessDataWrapper authProcessData = storedReq.getSessionData(AuthProcessDataWrapper.class);
+ Assert.assertEquals("LoA", eidasResponse.getLevelOfAssurance(), authProcessData.getQaaLevel());
+ Assert.assertNotNull("eIDAS response",
+ authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+ Assert.assertEquals("eIDAS response", eidasResponse,
+ authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+
+ }
+
+ @NotNull
+ private AuthenticationResponse buildDummyAuthResponse(String statusCode) throws URISyntaxException {
+ final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+ final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first();
+ final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_CURRENTGIVENNAME).first();
+ final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_DATEOFBIRTH).first();
+
+ final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder()
+ .put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64))
+ .put(attributeDef2, RandomStringUtils.randomAlphabetic(10))
+ .put(attributeDef3, RandomStringUtils.randomAlphabetic(10)).put(attributeDef4, "2001-01-01").build();
+
+ val b = new AuthenticationResponse.Builder();
+ return b.id("_".concat(Random.nextHexRandom16()))
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .subject(RandomStringUtils.randomAlphabetic(10))
+ .statusCode(statusCode)
+ .inResponseTo("_".concat(Random.nextHexRandom16()))
+ .subjectNameIdFormat("afaf")
+ .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+ .attributes(attributeMap)
+ .build();
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java
new file mode 100644
index 00000000..ad38e371
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java
@@ -0,0 +1,139 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.utils;
+
+import java.io.IOException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.Provider;
+import java.security.cert.X509Certificate;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.jose4j.jwa.AlgorithmConstraints;
+import org.jose4j.jwa.AlgorithmConstraints.ConstraintType;
+import org.jose4j.jws.AlgorithmIdentifiers;
+import org.jose4j.lang.JoseException;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils.JwsResult;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreUtils;
+import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration;
+import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@PrepareForTest(CreateIdentityLinkTask.class)
+@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
+public class JoseUtilsTest {
+
+ @Autowired private EaafKeyStoreFactory keyStoreFactory;
+
+ private static final List<String> AUTH_ALGORITHM_WHITELIST_SIGNING = Collections.unmodifiableList(
+ Arrays.asList(
+ AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256,
+ AlgorithmIdentifiers.ECDSA_USING_P521_CURVE_AND_SHA512,
+ AlgorithmIdentifiers.RSA_PSS_USING_SHA256,
+ AlgorithmIdentifiers.RSA_PSS_USING_SHA512));
+
+
+ @Test
+ public void missingKey() throws EaafException, JoseException, KeyStoreException, IOException {
+
+ KeyStoreConfiguration config = new KeyStoreConfiguration();
+ config.setFriendlyName("jUnittest");
+ config.setKeyStoreType(KeyStoreType.JKS);
+ config.setSoftKeyStoreFilePath("../data/junit.jks");
+ config.setSoftKeyStorePassword("password");
+
+ Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config);
+ String payLoad = RandomStringUtils.randomAlphanumeric(100);
+
+ //check signing
+ try {
+ JoseUtils.createSignature(keyStore, "notExist", "password".toCharArray(), payLoad , true, "jUnitTest");
+ Assert.fail("missing Key not detected");
+
+ } catch (EaafException e) {
+ Assert.assertEquals("ErrorId", "internal.keystore.09", e.getErrorId());
+
+ }
+ }
+
+ @Test
+ public void createRsaSignature() throws EaafException, JoseException, KeyStoreException, IOException {
+
+ KeyStoreConfiguration config = new KeyStoreConfiguration();
+ config.setFriendlyName("jUnittest");
+ config.setKeyStoreType(KeyStoreType.JKS);
+ config.setSoftKeyStoreFilePath("../data/junit.jks");
+ config.setSoftKeyStorePassword("password");
+
+ Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config);
+ String payLoad = RandomStringUtils.randomAlphanumeric(100);
+
+ //check signing
+ String result = JoseUtils.createSignature(keyStore, "meta", "password".toCharArray(), payLoad , true, "jUnitTest");
+
+ Assert.assertNotNull("signed message", result);
+ Assert.assertFalse("signed msg empty", result.isEmpty());
+
+
+ //validate
+ List<X509Certificate> trustedCerts = EaafKeyStoreUtils.readCertsFromKeyStore(keyStore.getFirst());
+ final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT,
+ AUTH_ALGORITHM_WHITELIST_SIGNING
+ .toArray(new String[AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));
+ JwsResult verify = JoseUtils.validateSignature(result, trustedCerts, constraints);
+
+ Assert.assertTrue("sig. verify", verify.isValid());
+ Assert.assertEquals("payload", payLoad, verify.getPayLoad());
+
+ }
+
+ @Test
+ public void createEccSignature() throws EaafException, JoseException, KeyStoreException, IOException {
+
+ KeyStoreConfiguration config = new KeyStoreConfiguration();
+ config.setFriendlyName("jUnittest");
+ config.setKeyStoreType(KeyStoreType.JKS);
+ config.setSoftKeyStoreFilePath("../data/junit.jks");
+ config.setSoftKeyStorePassword("password");
+
+ Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config);
+ String payLoad = RandomStringUtils.randomAlphanumeric(100);
+
+ //check signing
+ String result = JoseUtils.createSignature(keyStore, "sig", "password".toCharArray(), payLoad , true, "jUnitTest");
+
+ Assert.assertNotNull("signed message", result);
+ Assert.assertFalse("signed msg empty", result.isEmpty());
+
+
+ //validate
+ List<X509Certificate> trustedCerts = EaafKeyStoreUtils.readCertsFromKeyStore(keyStore.getFirst());
+ final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT,
+ AUTH_ALGORITHM_WHITELIST_SIGNING
+ .toArray(new String[AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));
+ JwsResult verify = JoseUtils.validateSignature(result, trustedCerts, constraints);
+
+ Assert.assertTrue("sig. verify", verify.isValid());
+ Assert.assertEquals("payload", payLoad, verify.getPayLoad());
+
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java
index 55a3ce99..9bb51cd9 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java
@@ -21,7 +21,7 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation;
import static org.junit.Assert.fail;
@@ -45,7 +45,9 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService;
@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
public class EidasAttributePostProcessingTest {
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java
index 880c32ae..b4c8f20c 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java
@@ -21,7 +21,7 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation;
import java.io.IOException;
import java.util.HashMap;
@@ -43,6 +43,7 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService;
import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
@@ -50,7 +51,9 @@ import eu.eidas.auth.commons.light.impl.LightRequest;
import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_realConfig.xml"})
@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
public class EidasRequestPreProcessingFirstTest {
@@ -95,6 +98,7 @@ public class EidasRequestPreProcessingFirstTest {
authnRequestBuilder = LightRequest.builder();
authnRequestBuilder.id(UUID.randomUUID().toString());
authnRequestBuilder.issuer("Test");
+ authnRequestBuilder.levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH);
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java
index da7e3d85..6d46f6e0 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java
@@ -21,16 +21,14 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation;
-import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
import org.junit.Assert;
import org.junit.Before;
-import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
@@ -39,22 +37,25 @@ import org.springframework.test.annotation.DirtiesContext.ClassMode;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import at.asitplus.eidas.specific.connector.test.config.MsConnectorDummyConfigMap;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService;
import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
import eu.eidas.auth.commons.light.impl.LightRequest;
import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
public class EidasRequestPreProcessingSecondTest {
@Autowired
- private IConfigurationWithSP basicConfig;
+ private MsConnectorDummyConfigMap basicConfig;
@Autowired
private CcSpecificEidProcessingService preProcessor;
@@ -62,18 +63,6 @@ public class EidasRequestPreProcessingSecondTest {
private DummySpConfiguration oaParam;
private Builder authnRequestBuilder;
- /**
- * jUnit class initializer.
- *
- * @throws IOException In case of an error
- */
- @BeforeClass
- public static void classInitializer() throws IOException {
- final String current = new java.io.File(".").toURI().toString();
- System.setProperty("eidas.ms.configuration", current
- + "src/test/resources/config/junit_config_1.properties");
-
- }
/**
* jUnit test set-up.
@@ -95,12 +84,16 @@ public class EidasRequestPreProcessingSecondTest {
authnRequestBuilder = LightRequest.builder();
authnRequestBuilder.id(UUID.randomUUID().toString());
authnRequestBuilder.issuer("Test");
+ authnRequestBuilder.levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH);
}
@Test
public void prePreProcessDeUnknownAttribute() throws EidPostProcessingException {
-
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs", "myNode");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true");
+
final String testCountry = "DE";
authnRequestBuilder.citizenCountryCode(testCountry);
preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java
new file mode 100644
index 00000000..d0e7a804
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java
@@ -0,0 +1,333 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation;
+
+import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+
+import java.net.URISyntaxException;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import com.google.common.collect.ImmutableSet;
+
+import at.asitplus.eidas.specific.connector.test.config.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.connector.test.config.MsConnectorDummySpConfiguration;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasValidationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.validator.EidasResponseValidator;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap.Builder;
+import eu.eidas.auth.commons.attribute.impl.StringAttributeValue;
+import eu.eidas.auth.commons.light.ILightResponse;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
+import lombok.val;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@PrepareForTest(CreateIdentityLinkTask.class)
+@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
+public class EidasResponseValidatorTest {
+
+ @Autowired private MsConnectorDummyConfigMap basicConfig;
+ @Autowired protected EidasAttributeRegistry attrRegistry;
+
+ private TestRequestImpl pendingReq;
+ private MsConnectorDummySpConfiguration oaParam;
+
+
+ /**
+ * jUnit test set-up.
+ */
+ @Before
+ public void setUp() throws EaafStorageException, URISyntaxException {
+
+ final Map<String, String> spConfig = new HashMap<>();
+ spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+ spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+ spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true");
+ oaParam = new MsConnectorDummySpConfiguration(spConfig, basicConfig);
+ oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH));
+ pendingReq = new TestRequestImpl();
+
+ pendingReq.setSpConfig(oaParam);
+ pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+ pendingReq.setAuthUrl("http://test.com/");
+ pendingReq.setTransactionId("avaasbav");
+ pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
+
+ }
+
+
+ @Test
+ public void loaFromResponseToLow() throws URISyntaxException {
+ //set-up
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ "LU/AT/" + RandomStringUtils.randomNumeric(10),
+ EaafConstants.EIDAS_LOA_LOW,
+ false);
+ String spCountry = "AT";
+ String citizenCountryCode = "XX";
+
+ //execute test
+ try {
+ EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+ Assert.fail("Wrong eIDAS response not detected");
+
+ } catch (EidasValidationException e) {
+ Assert.assertEquals("ErrorId", "eidas.06", e.getErrorId());
+ Assert.assertEquals("wrong parameter size", 1, e.getParams().length);
+ Assert.assertEquals("wrong errorMsg", "http://eidas.europa.eu/LoA/low",
+ e.getParams()[0]);
+
+ }
+ }
+
+ @Test
+ public void noEidasSpCountry() throws URISyntaxException {
+ //set-up
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ "LU/AT/" + RandomStringUtils.randomNumeric(10),
+ EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+ false);
+ String spCountry = null;
+ String citizenCountryCode = "LU";
+
+ oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+
+
+ //execute test
+ try {
+ EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+ Assert.fail("Wrong eIDAS response not detected");
+
+ } catch (EidasValidationException e) {
+ Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());
+ Assert.assertEquals("wrong parameter size", 2, e.getParams().length);
+ Assert.assertEquals("wrong errorMsg", "PersonIdentifier",
+ e.getParams()[0]);
+ Assert.assertEquals("wrong errorMsg",
+ "Destination country does not match to SP country",
+ e.getParams()[1]);
+
+ }
+ }
+
+ @Test
+ public void noEidasResponseCountry() throws URISyntaxException {
+ //set-up
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ "LU/AT/" + RandomStringUtils.randomNumeric(10),
+ EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+ false);
+ String spCountry = "AT";
+ String citizenCountryCode = null;
+
+ oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+
+
+ //execute test
+ try {
+ EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+ Assert.fail("Wrong eIDAS response not detected");
+
+ } catch (EidasValidationException e) {
+ Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());
+ Assert.assertEquals("wrong parameter size", 2, e.getParams().length);
+ Assert.assertEquals("wrong errorMsg", "PersonIdentifier",
+ e.getParams()[0]);
+ Assert.assertEquals("wrong errorMsg",
+ "Citizen country does not match to eIDAS-node country that generates the response",
+ e.getParams()[1]);
+
+ }
+ }
+
+ @Test
+ public void wrongEidasResponseCountry() throws URISyntaxException {
+ //set-up
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ "LU/AT/" + RandomStringUtils.randomNumeric(10),
+ EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+ false);
+ String spCountry = "AT";
+ String citizenCountryCode = "XX";
+
+ oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+
+
+ //execute test
+ try {
+ EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+ Assert.fail("Wrong eIDAS response not detected");
+
+ } catch (EidasValidationException e) {
+ Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());
+ Assert.assertEquals("wrong parameter size", 2, e.getParams().length);
+ Assert.assertEquals("wrong errorMsg", "PersonIdentifier",
+ e.getParams()[0]);
+ Assert.assertEquals("wrong errorMsg",
+ "Citizen country does not match to eIDAS-node country that generates the response",
+ e.getParams()[1]);
+
+ }
+ }
+
+ @Test
+ public void missingPersonalIdentifier() throws URISyntaxException {
+ //set-up
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ null,
+ EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+ false);
+ String spCountry = "AT";
+ String citizenCountryCode = "LU";
+
+ oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+
+
+ //execute test
+ try {
+ EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+ Assert.fail("Wrong eIDAS response not detected");
+
+ } catch (EidasValidationException e) {
+ Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId());
+ Assert.assertEquals("wrong parameter size", 1, e.getParams().length);
+ Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte",
+ e.getParams()[0]);
+
+ }
+ }
+
+ @Test
+ public void moreThanOnePersonalIdentifier() throws URISyntaxException {
+ //set-up
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ null,
+ EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+ true);
+ String spCountry = "AT";
+ String citizenCountryCode = "LU";
+
+ oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+
+
+ //execute test
+ try {
+ EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+ Assert.fail("Wrong eIDAS response not detected");
+
+ } catch (EidasValidationException e) {
+ Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId());
+ Assert.assertEquals("wrong parameter size", 1, e.getParams().length);
+ Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte",
+ e.getParams()[0]);
+
+ }
+ }
+
+ @Test
+ public void emptyPersonalIdentifier() throws URISyntaxException {
+ //set-up
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ "",
+ EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+ false);
+ String spCountry = "AT";
+ String citizenCountryCode = "LU";
+
+ oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+
+
+ //execute test
+ try {
+ EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+ Assert.fail("Wrong eIDAS response not detected");
+
+ } catch (EidasValidationException e) {
+ Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());
+ Assert.assertEquals("wrong parameter size", 2, e.getParams().length);
+ Assert.assertEquals("wrong errorMsg", "PersonIdentifier",
+ e.getParams()[0]);
+ Assert.assertEquals("wrong errorMsg",
+ "Wrong identifier format",
+ e.getParams()[1]);
+
+ }
+ }
+
+ @Test
+ public void validResponse() throws URISyntaxException, EidasValidationException {
+ //set-up
+
+ String spCountry = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+ String cCountry = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ cCountry + "/" + spCountry + "/" + RandomStringUtils.randomAlphanumeric(20),
+ EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+ false);
+
+ oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+
+
+ //execute test
+
+ EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, cCountry, attrRegistry);
+
+ }
+
+
+ private AuthenticationResponse buildDummyAuthResponse(String personalId, String loa, boolean moreThanOnePersonalId)
+ throws URISyntaxException {
+
+
+ final AttributeDefinition personIdattributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+
+ final Builder attributeMap = ImmutableAttributeMap.builder();
+ if (personalId != null) {
+ if (moreThanOnePersonalId) {
+ ImmutableSet values = ImmutableSet.of(new StringAttributeValue(personalId),
+ new StringAttributeValue("XX/YY/" + RandomStringUtils.randomAlphanumeric(10)));
+ attributeMap.put(personIdattributeDef, values);
+
+ } else {
+ attributeMap.put(personIdattributeDef, personalId);
+
+ }
+ }
+
+ val b = new AuthenticationResponse.Builder();
+ return b.id("_".concat(Random.nextHexRandom16()))
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .subject(RandomStringUtils.randomAlphabetic(10))
+ .statusCode(Constants.SUCCESS_URI)
+ .inResponseTo("_".concat(Random.nextHexRandom16()))
+ .subjectNameIdFormat("afaf")
+ .levelOfAssurance(loa)
+ .attributes(attributeMap.build())
+ .build();
+ }
+}
+