diff options
| author | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-12-11 17:50:40 +0100 | 
|---|---|---|
| committer | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-12-11 17:50:40 +0100 | 
| commit | 89cf59a91757d9aa919759d709a04a2257e602fb (patch) | |
| tree | ad66878064b73580e92ed1b11d26bee096287308 /eidas_modules/authmodule-eIDAS-v2/src | |
| parent | edb3c1d835bec492063d36b8c5eb43ae9cdb707e (diff) | |
| download | National_eIDAS_Gateway-89cf59a91757d9aa919759d709a04a2257e602fb.tar.gz National_eIDAS_Gateway-89cf59a91757d9aa919759d709a04a2257e602fb.tar.bz2 National_eIDAS_Gateway-89cf59a91757d9aa919759d709a04a2257e602fb.zip | |
fix wrong flag in SZR client to get encryptedBaseId
extend validation in jUnit test for CreateIdentityLink with E-ID task
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2/src')
2 files changed, 84 insertions, 5 deletions
| diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java index 067825d8..6de5dae9 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java @@ -231,7 +231,7 @@ public class SzrClient {      final String resp;      try { -      resp = this.szr.getStammzahlEncrypted(personInfo, false); +      resp = this.szr.getStammzahlEncrypted(personInfo, true);      } catch (SZRException_Exception e) {        throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e);      } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java index 2bc0c86c..34f641a7 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java @@ -2,6 +2,8 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;  import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;  import static org.mockito.ArgumentMatchers.any; +import static org.mockito.Mockito.times; +import static org.mockito.Mockito.verify;  import static org.powermock.api.mockito.PowerMockito.when;  import java.io.IOException; @@ -13,6 +15,7 @@ import java.security.cert.X509Certificate;  import java.util.Arrays;  import java.util.Collections;  import java.util.HashMap; +import java.util.Iterator;  import java.util.List;  import java.util.Map; @@ -29,6 +32,7 @@ import org.junit.BeforeClass;  import org.junit.Rule;  import org.junit.Test;  import org.junit.runner.RunWith; +import org.mockito.ArgumentCaptor;  import org.powermock.core.classloader.annotations.PrepareForTest;  import org.springframework.beans.factory.annotation.Autowired;  import org.springframework.mock.web.MockHttpServletRequest; @@ -71,6 +75,8 @@ import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;  import eu.eidas.auth.commons.attribute.PersonType;  import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;  import lombok.val; +import szrservices.JwsHeaderParam; +import szrservices.PersonInfoType;  import szrservices.SZR;  import szrservices.SignContentEntry;  import szrservices.SignContentResponseType; @@ -112,7 +118,9 @@ public class CreateIdentityLinkTaskEidNewTest {            AlgorithmIdentifiers.ECDSA_USING_P521_CURVE_AND_SHA512, AlgorithmIdentifiers.RSA_PSS_USING_SHA256,            AlgorithmIdentifiers.RSA_PSS_USING_SHA512)); -  private ObjectMapper mapper = new ObjectMapper(); +  private static ObjectMapper mapper = new ObjectMapper(); +   +  private AuthenticationResponse response;    @Rule    public final SoapServiceRule soap = SoapServiceRule.newInstance(); @@ -147,7 +155,7 @@ public class CreateIdentityLinkTaskEidNewTest {      oaParam = new DummySpConfiguration(spConfig, basicConfig);      pendingReq = new TestRequestImpl(); -    final AuthenticationResponse response = buildDummyAuthResponse(); +    response = buildDummyAuthResponse();      pendingReq.getSessionData(AuthProcessDataWrapper.class)          .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); @@ -166,7 +174,8 @@ public class CreateIdentityLinkTaskEidNewTest {    @Test    public void successfulProcess() throws Exception {      //initialize test -    when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(RandomStringUtils.randomNumeric(10)); +    String vsz = RandomStringUtils.randomNumeric(10); +    when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz);      val signContentResp = new SignContentResponseType();      final SignContentEntry signContentEntry = new SignContentEntry();      signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10)); @@ -207,6 +216,76 @@ public class CreateIdentityLinkTaskEidNewTest {      Assert.assertFalse("'timestamp' is null", authBlockJson.get("timestamp").asText().isEmpty()); +    //check vsz request +    ArgumentCaptor<PersonInfoType> argument4 = ArgumentCaptor.forClass(PersonInfoType.class); +    ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class);         +    verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture()); +     +    Boolean param5 = argument5.getValue(); +    Assert.assertTrue("insertERnP flag", param5);     +    PersonInfoType person = argument4.getValue(); +    Assert.assertEquals("FamilyName",  +        response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue( +            response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()),  +        person.getPerson().getName().getFamilyName()); +    Assert.assertEquals("GivenName",  +        response.getAttributes().getAttributeValuesByFriendlyName("FirstName").getFirstValue( +            response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()),  +        person.getPerson().getName().getGivenName()); +    Assert.assertEquals("DateOfBirth",  +        response.getAttributes().getAttributeValuesByFriendlyName("DateOfBirth").getFirstValue( +            response.getAttributes().getDefinitionsByFriendlyName("DateOfBirth").iterator().next()) +            .toString().split("T")[0],  +        person.getPerson().getDateOfBirth()); +     +    Assert.assertEquals("CitizenCountry", "LU", person.getTravelDocument().getIssuingCountry()); +    Assert.assertEquals("DocumentType", "ELEKTR_DOKUMENT", person.getTravelDocument().getDocumentType()); +     +    Assert.assertEquals("Identifier",  +        response.getAttributes().getAttributeValuesByFriendlyName("PersonIdentifier").getFirstValue( +            response.getAttributes().getDefinitionsByFriendlyName("PersonIdentifier").iterator().next()) +            .toString().split("/")[2],  +        person.getTravelDocument().getDocumentNumber()); +     +     +     +    //check bcBind singing request +    ArgumentCaptor<Boolean> argument1 = ArgumentCaptor.forClass(Boolean.class); +    ArgumentCaptor<List<JwsHeaderParam>> argument2 = ArgumentCaptor.forClass(List.class); +    ArgumentCaptor<List<SignContentEntry>> argument3 = ArgumentCaptor.forClass(List.class); +    verify(szrMock, times(1)).signContent(argument1.capture(), argument2.capture(), argument3.capture()); +    Boolean param1 = argument1.getValue(); +    Assert.assertFalse("addCert flag", param1); +     +    List<JwsHeaderParam> param2 = argument2.getValue(); +    Assert.assertNotNull("JWS Headers", param2);  +    Assert.assertFalse("JWS Headers empty", param2.isEmpty()); +    Assert.assertEquals("Wrong JWS header size", 1, param2.size()); +    Assert.assertEquals("Missing JWS header key", "urn:at.gv.eid:bindtype", param2.get(0).getKey()); +    Assert.assertEquals("Missing JWS header value", "urn:at.gv.eid:eidasBind", param2.get(0).getValue()); +     +    List<SignContentEntry> param3 = argument3.getValue(); +    Assert.assertNotNull("sign Payload", param3); +    Assert.assertEquals("wrong sign-payload size", 1, param3.size());     +    Assert.assertNotNull("payload", param3.get(0).getValue().getBytes());     +    JsonNode bcBind = mapper.readTree(param3.get(0).getValue().getBytes()); +    Assert.assertNotNull("bcbind req", bcBind); +     +    Assert.assertEquals("vsz", vsz, bcBind.get("urn:eidgvat:attributes.vsz.value").asText()); +    Assert.assertEquals("eid status", "urn:eidgvat:eid.status.eidas",  +        bcBind.get("urn:eidgvat:attributes.eid.status").asText()); +    Assert.assertTrue("pubKeys", bcBind.has("urn:eidgvat:attributes.user.pubkeys")); +    Assert.assertTrue("pubKeys", bcBind.get("urn:eidgvat:attributes.user.pubkeys").isArray());     +    Iterator<JsonNode> pubKeys = bcBind.get("urn:eidgvat:attributes.user.pubkeys").elements(); +    Assert.assertTrue("No PubKey", pubKeys.hasNext()); +    Assert.assertEquals("Wrong pubKey",  +        "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxcB5jnrAwGn7xjgVFv1UBUv1pluwDRFQx7x5O6rSn7pblYfwaWeKa8y" +        + "jS5BDDaZ00mhhnSlm2XByNrkg5yBGetTgBGtQVAxV5apfuAWN8TS3uSXgdZol7Khd6kraUITtnulvLe8tNaboom5P0zN6UxbJN" +        + "NVLishVp80HiRXiDbplCTUk8b5cYtmivdb0+5JBTa7L5N/anRVnHHoJCXgNPTouO8daUHZbG1mPk0HgqD8rhZ+OBzE+APKH9No" +        + "agedSrGRDLdIgZxkrg0mxmfsZQIi2wdJSi3y0PAjEps/s4j0nmw9bPRgCMNLBqqjxtN5JKC8E1yyLm7YefXv/nPaMwIDAQAB",  +        pubKeys.next().asText()); +    Assert.assertFalse("More than one PubKey", pubKeys.hasNext()); +        }    @Test @@ -280,7 +359,7 @@ public class CreateIdentityLinkTaskEidNewTest {          .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.DateTimeAttributeValueMarshaller").build();      final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder() -        .put(attributeDef, "de/st/" + RandomStringUtils.randomNumeric(64)) +        .put(attributeDef, "LU/ST/" + RandomStringUtils.randomNumeric(64))          .put(attributeDef2, RandomStringUtils.randomAlphabetic(10))          .put(attributeDef3, RandomStringUtils.randomAlphabetic(10)).put(attributeDef4, "2001-01-01").build(); | 
