diff options
author | Thomas <> | 2021-06-15 18:15:19 +0200 |
---|---|---|
committer | Thomas <> | 2021-06-15 18:15:19 +0200 |
commit | 6e1a69773284177a0f6c7233c4bcdf7f4bd96681 (patch) | |
tree | 0729c907f8902618bb980eeaa3c6e17c3eac0bd4 /eidas_modules/authmodule-eIDAS-v2/src | |
parent | 1c6eba08f2a1c8008b85a71bc2c5d0a9d5e50361 (diff) | |
download | National_eIDAS_Gateway-6e1a69773284177a0f6c7233c4bcdf7f4bd96681.tar.gz National_eIDAS_Gateway-6e1a69773284177a0f6c7233c4bcdf7f4bd96681.tar.bz2 National_eIDAS_Gateway-6e1a69773284177a0f6c7233c4bcdf7f4bd96681.zip |
further optimizations and bug fixing in matching code
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2/src')
25 files changed, 1130 insertions, 398 deletions
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java index 3e20a132..48c114a8 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java @@ -49,14 +49,14 @@ public class Constants { public static final String DATA_SIMPLE_EIDAS = "matching_simple_eidas_data"; /** - * Stored after Step 2 from Matching Concept, first results from search with Person Identifier. + * Stored intermediate mathing results where matching is still on-going. */ - public static final String DATA_INITIAL_REGISTER_RESULT = "matching_initial_register_result"; + public static final String DATA_INTERMEDIATE_RESULT = "matching_intermediate_result"; /** * Stored after Step 8 from Matching Concept, results from search in registers with MDS. */ - public static final String DATA_FURTHER_REGISTER_RESULT = "matching_further_register_result"; + public static final String DATA_PERSON_MATCH_RESULT = "matching_result"; // templates for post-binding forwarding public static final String TEMPLATE_POST_FORWARD_NAME = "eidas_node_forward.html"; @@ -224,6 +224,10 @@ public class Constants { public static final String eIDAS_ATTRURN_PERSONALIDENTIFIER = eIDAS_ATTRURN_PREFIX_NATURAL + eIDAS_ATTR_PERSONALIDENTIFIER; + public static final String eIDAS_ATTRURN_PLACEOFBIRTH = + eIDAS_ATTRURN_PREFIX_NATURAL + eIDAS_ATTR_PLACEOFBIRTH; + public static final String eIDAS_ATTRURN_BIRTHNAME = + eIDAS_ATTRURN_PREFIX_NATURAL + eIDAS_ATTR_BIRTHNAME; public static final String eIDAS_REQ_PARAM_SECTOR_PUBLIC = "public"; diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java index 2230f30a..397cbe46 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java @@ -60,11 +60,14 @@ import com.fasterxml.jackson.databind.ObjectMapper; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.AbstractSoapClient; import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.AbstractSoapClient.HttpClientConfig.HttpClientConfigBuilder; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException; import at.gv.e_government.reference.namespace.persondata._20020228.AlternativeNameType; +import at.gv.e_government.reference.namespace.persondata._20020228.IdentificationType; import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType; import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.data.XmlNamespaceConstants; import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; @@ -122,55 +125,38 @@ public class SzrClient extends AbstractSoapClient { final GetIdentityLinkEidas getIdl = new GetIdentityLinkEidas(); getIdl.setPersonInfo(generateSzrRequest(eidData)); - final JAXBContext jaxbContext = JAXBContext.newInstance(ObjectFactory.class); - final Marshaller jaxbMarshaller = jaxbContext.createMarshaller(); + return getIdentityLinkGeneric(getIdl); - final ByteArrayOutputStream outputStream = new ByteArrayOutputStream(); - jaxbMarshaller.marshal(getIdl, outputStream); - outputStream.flush(); - - final Source source = new StreamSource(new ByteArrayInputStream(outputStream.toByteArray())); - outputStream.close(); - - log.trace("Requesting SZR ... "); - final Source response = dispatch.invoke(source); - log.trace("Receive RAW response from SZR"); - - final byte[] szrResponse = sourceToByteArray(response); - final GetIdentityLinkEidasResponse jaxbElement = (GetIdentityLinkEidasResponse) jaxbContext - .createUnmarshaller().unmarshal(new ByteArrayInputStream(szrResponse)); - - // build response - log.trace(new String(szrResponse, StandardCharsets.UTF_8)); - - // ok, we have success - final Document doc = DomUtils.parseDocument( - new ByteArrayInputStream(szrResponse), - true, - XmlNamespaceConstants.ALL_SCHEMA_LOCATIONS + " " + Constants.SZR_SCHEMA_LOCATIONS, - null, null); - final String xpathExpression = "//saml:Assertion"; - final Element nsNode = doc.createElementNS("urn:oasis:names:tc:SAML:1.0:assertion", "saml:NSNode"); + } catch (final Exception e) { + log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e); + throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e); - log.trace("Selecting signed doc " + xpathExpression); - final Element documentNode = (Element) XPathAPI.selectSingleNode(doc, - xpathExpression, nsNode); - log.trace("Signed document: " + DomUtils.serializeNode(documentNode)); + } + } - final IdentityLinkType idl = new IdentityLinkType(); - idl.setAssertion(documentNode); - idl.setPersonInfo(jaxbElement.getGetIdentityLinkReturn().getPersonInfo()); + /** + * Get IdentityLink of a person. + * + * + * @param matchedPersonData eID information of an already matched person. + * @return IdentityLink + * @throws SzrCommunicationException In case of a SZR error + */ + public IdentityLinkType getIdentityLinkInRawMode(MatchedPersonResult matchedPersonData) + throws SzrCommunicationException { + try { + final GetIdentityLinkEidas getIdl = new GetIdentityLinkEidas(); + getIdl.setPersonInfo(generateSzrRequest(matchedPersonData)); - return idl; + return getIdentityLinkGeneric(getIdl); } catch (final Exception e) { log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e); throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e); } - } - + /** * Get bPK of person. * @@ -247,7 +233,33 @@ public class SzrClient extends AbstractSoapClient { return resp; } + + /** + * Request a encrypted baseId from SZR. + * + * @param matchedPersonData eID information of an already matched person. + * @return encrypted baseId + * @throws SzrCommunicationException In case of a SZR error + */ + public String getEncryptedStammzahl(MatchedPersonResult matchedPersonData) throws SzrCommunicationException { + final String resp; + try { + resp = this.szr.getStammzahlEncrypted(generateSzrRequest(matchedPersonData), false); + + } catch (SZRException_Exception e) { + throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e); + + } + + if (StringUtils.isEmpty(resp)) { + throw new SzrCommunicationException("ernb.01", new Object[]{"Stammzahl response empty"}); // TODO error handling + + } + return resp; + + } + /** * Sign an eidasBind data-structure that combines vsz with user's pubKey and E-ID status. * @@ -300,8 +312,29 @@ public class SzrClient extends AbstractSoapClient { } } + private PersonInfoType generateSzrRequest(MatchedPersonResult matchedPersonData) { + log.trace("Starting connecting SZR Gateway"); + final PersonInfoType personInfo = new PersonInfoType(); + final PersonNameType personName = new PersonNameType(); + final PhysicalPersonType naturalPerson = new PhysicalPersonType(); + IdentificationType bpk = new IdentificationType(); + + naturalPerson.setName(personName); + personInfo.setPerson(naturalPerson); + naturalPerson.setIdentification(bpk); + + // person information + personName.setFamilyName(matchedPersonData.getFamilyName()); + personName.setGivenName(matchedPersonData.getGivenName()); + naturalPerson.setDateOfBirth(matchedPersonData.getDateOfBirth()); + bpk.setValue(matchedPersonData.getBpk()); + bpk.setType(EaafConstants.URN_PREFIX_CDID + "ZP"); + + return personInfo; + } + private PersonInfoType generateSzrRequest(SimpleEidasData eidData) { - log.debug("Starting connecting SZR Gateway"); + log.trace("Starting connecting SZR Gateway"); final PersonInfoType personInfo = new PersonInfoType(); final PersonNameType personName = new PersonNameType(); final PhysicalPersonType naturalPerson = new PhysicalPersonType(); @@ -315,6 +348,8 @@ public class SzrClient extends AbstractSoapClient { personName.setFamilyName(eidData.getFamilyName()); personName.setGivenName(eidData.getGivenName()); naturalPerson.setDateOfBirth(eidData.getDateOfBirth()); + + //TODO: need to be updated to new eIDAS document interface!!!! eDocument.setIssuingCountry(eidData.getCitizenCountryCode()); eDocument.setDocumentNumber(eidData.getPseudonym()); @@ -351,6 +386,50 @@ public class SzrClient extends AbstractSoapClient { return personInfo; } + private IdentityLinkType getIdentityLinkGeneric(GetIdentityLinkEidas getIdl) throws Exception { + final JAXBContext jaxbContext = JAXBContext.newInstance(ObjectFactory.class); + final Marshaller jaxbMarshaller = jaxbContext.createMarshaller(); + + final ByteArrayOutputStream outputStream = new ByteArrayOutputStream(); + jaxbMarshaller.marshal(getIdl, outputStream); + outputStream.flush(); + + final Source source = new StreamSource(new ByteArrayInputStream(outputStream.toByteArray())); + outputStream.close(); + + log.trace("Requesting SZR ... "); + final Source response = dispatch.invoke(source); + log.trace("Receive RAW response from SZR"); + + final byte[] szrResponse = sourceToByteArray(response); + final GetIdentityLinkEidasResponse jaxbElement = (GetIdentityLinkEidasResponse) jaxbContext + .createUnmarshaller().unmarshal(new ByteArrayInputStream(szrResponse)); + + // build response + log.trace(new String(szrResponse, StandardCharsets.UTF_8)); + + // ok, we have success + final Document doc = DomUtils.parseDocument( + new ByteArrayInputStream(szrResponse), + true, + XmlNamespaceConstants.ALL_SCHEMA_LOCATIONS + " " + Constants.SZR_SCHEMA_LOCATIONS, + null, null); + final String xpathExpression = "//saml:Assertion"; + final Element nsNode = doc.createElementNS("urn:oasis:names:tc:SAML:1.0:assertion", "saml:NSNode"); + + log.trace("Selecting signed doc " + xpathExpression); + final Element documentNode = (Element) XPathAPI.selectSingleNode(doc, + xpathExpression, nsNode); + log.trace("Signed document: " + DomUtils.serializeNode(documentNode)); + + final IdentityLinkType idl = new IdentityLinkType(); + idl.setAssertion(documentNode); + idl.setPersonInfo(jaxbElement.getGetIdentityLinkReturn().getPersonInfo()); + + return idl; + + } + @PostConstruct private void initialize() throws EaafConfigurationException { log.info("Starting SZR-Client initialization .... "); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/IZmrClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/IZmrClient.java index 18bcbacc..e98573d4 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/IZmrClient.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/IZmrClient.java @@ -41,12 +41,13 @@ public interface IZmrClient { * * @param zmrProzessId ProcessId from ZMR or <code>null</code> if no processId exists * @param personIdentifier Full eIDAS personal identifier with prefix + * @param citizenCountryCode CountryCode of the eIDAS proxy-service * @return Search result but never <code>null</code> * @throws EidasSAuthenticationException In case of a communication error */ @Nonnull - ZmrRegisterResult searchWithPersonIdentifier(@Nullable BigInteger zmrProzessId, @Nonnull String personIdentifier) - throws EidasSAuthenticationException; + ZmrRegisterResult searchWithPersonIdentifier(@Nullable BigInteger zmrProzessId, @Nonnull String personIdentifier, + @Nonnull String citizenCountryCode) throws EidasSAuthenticationException; /** * Search person based on eIDSA MDS information. diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/ZmrSoapClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/ZmrSoapClient.java index 014d202b..60e88dca 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/ZmrSoapClient.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/ZmrSoapClient.java @@ -24,7 +24,6 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ZmrCommunicationException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils; import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.VersionHolder; import at.gv.bmi.namespace.zmr_su.base._20040201.ClientInfoType; import at.gv.bmi.namespace.zmr_su.base._20040201.Organisation; @@ -100,8 +99,8 @@ public class ZmrSoapClient extends AbstractSoapClient implements IZmrClient { } @Override - public ZmrRegisterResult searchWithPersonIdentifier(BigInteger zmrProzessId, String personIdentifier) - throws EidasSAuthenticationException { + public ZmrRegisterResult searchWithPersonIdentifier(BigInteger zmrProzessId, String personPseudonym, + String citizenCountryCode) throws EidasSAuthenticationException { try { // build search request @@ -113,7 +112,7 @@ public class ZmrSoapClient extends AbstractSoapClient implements IZmrClient { final EidasSuchdatenType eidasInfos = new EidasSuchdatenType(); searchPersonReq.setEidasSuchdaten(eidasInfos); eidasInfos.setEidasArt(Constants.eIDAS_ATTRURN_PERSONALIDENTIFIER); - eidasInfos.setEidasNummer(personIdentifier); + eidasInfos.setEidasNummer(personPseudonym); // set work-flow client information req.setWorkflowInfoClient(generateWorkFlowInfos(PROCESS_SEARCH_PERSONAL_IDENTIFIER, null)); @@ -127,9 +126,7 @@ public class ZmrSoapClient extends AbstractSoapClient implements IZmrClient { final ResponseType resp = zmrClient.service(req, null); // parse ZMR response - return processZmrResponse(resp, EidasResponseUtils.parseEidasPersonalIdentifier(personIdentifier) - .getFirst(), - true, PROCESS_SEARCH_PERSONAL_IDENTIFIER); + return processZmrResponse(resp, citizenCountryCode, true, PROCESS_SEARCH_PERSONAL_IDENTIFIER); } catch (final ServiceFault e) { final String errorMsg = extractReasonFromError(e); @@ -496,9 +493,9 @@ public class ZmrSoapClient extends AbstractSoapClient implements IZmrClient { .dateOfBirth(person.getNatuerlichePerson().getGeburtsdatum()) .bpk(extractBpkZp(person.getNatuerlichePerson())) .placeOfBirth(selectSingleEidasDocument(person, citizenCountryCode, - Constants.eIDAS_ATTRURN_PERSONALIDENTIFIER)) + Constants.eIDAS_ATTRURN_PLACEOFBIRTH)) .birthName(selectSingleEidasDocument(person, citizenCountryCode, - Constants.eIDAS_ATTRURN_PERSONALIDENTIFIER)) + Constants.eIDAS_ATTRURN_BIRTHNAME)) .build(); } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MatchedPersonResult.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MatchedPersonResult.java new file mode 100644 index 00000000..1e8fcecf --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MatchedPersonResult.java @@ -0,0 +1,41 @@ +package at.asitplus.eidas.specific.modules.auth.eidas.v2.dao; + +import lombok.Builder; +import lombok.Getter; + +/** + * Information about a natural person that is already matched. + * + * @author tlenz + * + */ +@Getter +@Builder +public class MatchedPersonResult { + + /** + * Matched person result from matching result. + * + * @param matchingResult Result of the matching process + * @param citizenCountryCode Country-Code of the eIDAS Proxy-Service + */ + public static MatchedPersonResult generateFormMatchingResult(RegisterResult matchingResult, + String citizenCountryCode) { + return MatchedPersonResult.builder() + .familyName(matchingResult.getFamilyName()) + .givenName(matchingResult.getGivenName()) + .dateOfBirth(matchingResult.getDateOfBirth()) + .bpk(matchingResult.getBpk()) + .countryCode(citizenCountryCode) + .build(); + } + + private final String countryCode; + private final String givenName; + private final String familyName; + private final String dateOfBirth; + private final String bpk; + + private String vsz; + +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java index 4959d72f..aa82d806 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java @@ -32,7 +32,7 @@ import lombok.Getter; @Builder @Getter public class RegisterResult { - + // MDS private final List<String> pseudonym; private final String givenName; diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java index ab84a45f..cedf01e3 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java @@ -26,7 +26,6 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.dao; import org.apache.commons.lang3.builder.EqualsBuilder; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterSearchResult; import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType; import lombok.Builder; import lombok.Data; @@ -67,20 +66,20 @@ public class SimpleEidasData { * @return true or false depending of the data matches * @throws WorkflowException if multiple results have been found */ - public boolean equalsRegisterData(RegisterSearchResult result) throws WorkflowException { + public boolean equalsRegisterData(RegisterResult result) throws WorkflowException { /*TODO: maybe this is check is not valid, because only the minimum data-set (personalIdentifer, givenName, * familyName, dateOfBirth) has to be always available. Any other attributes are optional. * This check will always evaluate to false if register has more information as current eIDAS process!!! */ return new EqualsBuilder() - .append(result.getResult().getGivenName(), givenName) - .append(result.getResult().getFamilyName(), familyName) - .append(result.getResult().getDateOfBirth(), dateOfBirth) - .append(result.getResult().getPlaceOfBirth(), placeOfBirth) - .append(result.getResult().getBirthName(), birthName) - .append(result.getResult().getTaxNumber(), taxNumber) - .isEquals() && result.getResult().getPseudonym().stream() + .append(result.getGivenName(), givenName) + .append(result.getFamilyName(), familyName) + .append(result.getDateOfBirth(), dateOfBirth) + .append(result.getPlaceOfBirth(), placeOfBirth) + .append(result.getBirthName(), birthName) + .append(result.getTaxNumber(), taxNumber) + .isEquals() && result.getPseudonym().stream() .filter(el -> el.equals(pseudonym)) .findFirst() .isPresent(); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeSpecificDetailSearchProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeSpecificDetailSearchProcessor.java index 802fde14..471cb115 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeSpecificDetailSearchProcessor.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeSpecificDetailSearchProcessor.java @@ -29,6 +29,8 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; import at.gv.bmi.namespace.zmr_su.zmr._20040201.EidasSuchdatenType; import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest; +import at.gv.e_government.reference.namespace.persondata.de._20040201.NatuerlichePersonTyp; +import at.gv.e_government.reference.namespace.persondata.de._20040201.PersonenNameTyp; public class DeSpecificDetailSearchProcessor implements CountrySpecificDetailSearchProcessor { @@ -46,15 +48,23 @@ public class DeSpecificDetailSearchProcessor implements CountrySpecificDetailSea } @Override - public PersonSuchenRequest generateSearchRequest(SimpleEidasData eidData) { - + public PersonSuchenRequest generateSearchRequest(SimpleEidasData eidData) { PersonSuchenRequest req = new PersonSuchenRequest(); - EidasSuchdatenType eidasInfos = new EidasSuchdatenType(); - req.setEidasSuchdaten(eidasInfos); + + //set basic MDS information + final NatuerlichePersonTyp searchNatPerson = new NatuerlichePersonTyp(); + req.setNatuerlichePerson(searchNatPerson); + final PersonenNameTyp searchNatPersonName = new PersonenNameTyp(); + searchNatPerson.setPersonenName(searchNatPersonName); + searchNatPersonName.setFamilienname(eidData.getFamilyName()); + searchNatPersonName.setVorname(eidData.getGivenName()); + searchNatPerson.setGeburtsdatum(eidData.getDateOfBirth()); //TODO: how we can search for more than one eIDAS attribute as a Set - + EidasSuchdatenType eidasInfos = new EidasSuchdatenType(); + req.setEidasSuchdaten(eidasInfos); + return req; } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/RegisterSearchService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/RegisterSearchService.java index 166ffafb..bcee0f0f 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/RegisterSearchService.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/RegisterSearchService.java @@ -21,7 +21,6 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.CountrySpecificD import lombok.AllArgsConstructor; import lombok.Getter; import lombok.RequiredArgsConstructor; -import lombok.Setter; import lombok.extern.slf4j.Slf4j; @Slf4j @@ -60,7 +59,7 @@ public class RegisterSearchService { throws WorkflowException { try { final ZmrRegisterResult resultsZmr = zmrClient.searchWithPersonIdentifier( - null, eidasData.getPersonalIdentifier()); + null, eidasData.getPseudonym(), eidasData.getCitizenCountryCode()); final List<RegisterResult> resultsErnp = ernpClient.searchWithPersonIdentifier( eidasData.getPersonalIdentifier()); @@ -235,14 +234,7 @@ public class RegisterSearchService { */ @Getter @RequiredArgsConstructor - public static class RegisterSearchResult { - - /** - * Mark the register result finished. - */ - @Setter - private boolean matchingFinished = false; - + public static class RegisterSearchResult { /** * Operation status for this result. */ @@ -272,12 +264,11 @@ public class RegisterSearchService { * Verifies that there is only one match and returns the bpk. * * @return bpk bpk of the match - * @throws WorkflowException if multiple results have been found or matching is not marked as finished + * @throws WorkflowException if multiple results have been found */ public String getBpk() throws WorkflowException { - if (getResultCount() != 1 || !matchingFinished) { - throw new WorkflowException("readRegisterResults", - matchingFinished ? "getResultCount() != 1" : "matching prozess not finished yet"); + if (getResultCount() != 1) { + throw new WorkflowException("readRegisterResults", "getResultCount() != 1"); } return getResult().getBpk(); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java index 41bf4409..35717ae0 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java @@ -25,18 +25,13 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks; import java.io.IOException; import java.io.InputStream; -import java.util.HashMap; import java.util.List; -import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.xml.parsers.ParserConfigurationException; -import org.apache.commons.lang3.StringUtils; -import org.jetbrains.annotations.NotNull; import org.jetbrains.annotations.Nullable; -import org.joda.time.DateTime; import org.jose4j.lang.JoseException; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; @@ -45,19 +40,17 @@ import org.w3c.dom.Node; import org.xml.sax.SAXException; import com.fasterxml.jackson.core.JsonProcessingException; -import com.google.common.collect.ImmutableMap; -import com.google.common.collect.ImmutableSet; import at.asitplus.eidas.specific.connector.MsConnectorEventCodes; import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.szr.SzrClient; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.AuthBlockSigningService; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils; import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.idp.IConfiguration; @@ -66,17 +59,13 @@ import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; +import at.gv.egiz.eaaf.core.impl.builder.BpkBuilder; import at.gv.egiz.eaaf.core.impl.data.Pair; -import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder; import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; import at.gv.egiz.eaaf.core.impl.utils.DomUtils; import at.gv.egiz.eaaf.core.impl.utils.XPathUtils; -import eu.eidas.auth.commons.attribute.AttributeDefinition; -import eu.eidas.auth.commons.attribute.AttributeValue; -import eu.eidas.auth.commons.light.ILightResponse; -import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress; import lombok.Data; import lombok.extern.slf4j.Slf4j; import szrservices.IdentityLinkType; @@ -112,8 +101,6 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { @Autowired private SzrClient szrClient; @Autowired - private ICcSpecificEidProcessingService eidPostProcessor; - @Autowired private AuthBlockSigningService authBlockSigner; private static final String EID_STATUS = "urn:eidgvat:eid.status.eidas"; @@ -129,63 +116,68 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { @Override public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) throws TaskExecutionException { - try { + try { - /*TODO: needs refactoring because we has to be operate on national identifiers - * because matching and insert ERnP was already done!! + /*TODO: needs more re-factoring if we finalize CreateNewErnpEntryTask and we know how add entries into ERnP + * Maybe, we can fully replace eidData by matchedPersonData, + * because matchedPersonData holds the result after a successful matching process. + * + * Currently, we only add a work-around to operate without new ERnP implementation. */ - final ILightResponse eidasResponse = getAuthProcessDataWrapper() - .getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE, ILightResponse.class); - final Map<String, Object> eidasAttributes = convertEidasAttrToSimpleMap( - eidasResponse.getAttributes().getAttributeMap()); - final SimpleEidasData eidData = eidPostProcessor.postProcess(eidasAttributes); - //final SimpleEidasData eidData = - // getAuthProcessDataWrapper().getGenericDataFromSession(Constants.DATA_SIMPLE_EIDAS, SimpleEidasData.class); - final String personalIdentifier = (String) eidasAttributes.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER); + final SimpleEidasData eidData = MatchingTaskUtils.getInitialEidasData(pendingReq); + MatchedPersonResult matchedPersonData = MatchingTaskUtils.getFinalMatchingResult(pendingReq); + writeMdsLogInformation(eidData); if (basicConfig.getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USEDUMMY, false)) { buildDummyIdentityLink(eidData); + } else { //request SZR based on IDL or E-ID mode if (pendingReq.getServiceProviderConfiguration() .isConfigurationValue(MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE, false)) { - executeEidMode(eidData, personalIdentifier); + executeEidMode(eidData, matchedPersonData); + } else { - executeIdlMode(eidData, personalIdentifier); - } + executeIdlMode(eidData, matchedPersonData); + + } } + storeGenericInfoToSession(eidData); requestStoreage.storePendingRequest(pendingReq); + } catch (final EidasAttributeException e) { throw new TaskExecutionException(pendingReq, "Minimum required eIDAS attributeset not found.", e); + } catch (final EaafException e) { throw new TaskExecutionException(pendingReq, "IdentityLink generation for foreign person FAILED.", e); + } catch (final Exception e) { log.error("IdentityLink generation for foreign person FAILED.", e); throw new TaskExecutionException(pendingReq, "IdentityLink generation for foreign person FAILED.", e); + } } private void storeGenericInfoToSession(SimpleEidasData eidData) throws EaafStorageException { - AuthProcessDataWrapper authProcessData = getAuthProcessDataWrapper(); + AuthProcessDataWrapper authProcessData = MatchingTaskUtils.getAuthProcessDataWrapper(pendingReq); authProcessData.setForeigner(true); authProcessData.setGenericDataToSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, eidData.getCitizenCountryCode()); } - private void executeIdlMode(SimpleEidasData eidData, String personalIdentifier) throws EaafException { + private void executeIdlMode(SimpleEidasData eidData, MatchedPersonResult matchedPersonData) throws EaafException { //request SZR - SzrResultHolder idlResult = requestSzrForIdentityLink(eidData); + SzrResultHolder idlResult = requestSzrForIdentityLink(eidData, matchedPersonData); //write revision-Log entry for personal-identifier mapping - writeExtendedRevisionLogEntry(eidData, personalIdentifier); - + writeExtendedRevisionLogEntry(eidData, eidData.getPersonalIdentifier()); //check result-data and write revision-log based on current state checkStateAndWriteRevisionLog(idlResult); //inject personal-data into session - AuthProcessDataWrapper authProcessDataWrapper = getAuthProcessDataWrapper(); + AuthProcessDataWrapper authProcessDataWrapper = MatchingTaskUtils.getAuthProcessDataWrapper(pendingReq); authProcessDataWrapper.setIdentityLink(idlResult.getIdentityLink()); authProcessDataWrapper.setEidProcess(false); @@ -197,20 +189,29 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { .getAreaSpecificTargetIdentifier()); } - private void executeEidMode(SimpleEidasData eidData, String personalIdentifier) + private void executeEidMode(SimpleEidasData eidData, MatchedPersonResult matchedPersonData) throws JsonProcessingException, EaafException, JoseException { // get encrypted baseId - String vsz = szrClient.getEncryptedStammzahl(eidData); - + String vsz; + if (matchedPersonData != null) { + log.debug("Requesting encrypted baseId by already matched person information ... "); + vsz = szrClient.getEncryptedStammzahl(matchedPersonData); + + } else { + log.debug("Requesting encrypted baseId by using eIDAS information directly ... "); + vsz = szrClient.createNewErnpEntry(eidData); + + } + //write revision-Log entry and extended infos personal-identifier mapping revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_VSZ_RECEIVED); - writeExtendedRevisionLogEntry(eidData, personalIdentifier); + writeExtendedRevisionLogEntry(eidData, eidData.getPersonalIdentifier()); // get eIDAS bind String signedEidasBind = szrClient .getEidasBind(vsz, authBlockSigner.getBase64EncodedPublicKey(), EID_STATUS, eidData); revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_EIDASBIND_RECEIVED); - AuthProcessDataWrapper authProcessDataWrapper = getAuthProcessDataWrapper(); + AuthProcessDataWrapper authProcessDataWrapper = MatchingTaskUtils.getAuthProcessDataWrapper(pendingReq); authProcessDataWrapper.setGenericDataToSession(Constants.EIDAS_BIND, signedEidasBind); //get signed AuthBlock @@ -220,11 +221,12 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { //inject personal-data into session authProcessDataWrapper.setEidProcess(true); + } private void buildDummyIdentityLink(SimpleEidasData eidData) throws ParserConfigurationException, SAXException, IOException, EaafException { - AuthProcessDataWrapper authProcessDataWrapper = getAuthProcessDataWrapper(); + AuthProcessDataWrapper authProcessDataWrapper = MatchingTaskUtils.getAuthProcessDataWrapper(pendingReq); SzrResultHolder idlResult = createDummyIdentityLinkForTestDeployment(eidData); //inject personal-data into session authProcessDataWrapper.setIdentityLink(idlResult.getIdentityLink()); @@ -247,10 +249,22 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { } } - private SzrResultHolder requestSzrForIdentityLink(SimpleEidasData eidData) throws EaafException { + private SzrResultHolder requestSzrForIdentityLink(SimpleEidasData eidData, + MatchedPersonResult matchedPersonData) throws EaafException { //request IdentityLink from SZR - final IdentityLinkType result = szrClient.getIdentityLinkInRawMode(eidData); + IdentityLinkType result; + if (matchedPersonData != null) { + log.debug("Requesting encrypted baseId by already matched person information ... "); + result = szrClient.getIdentityLinkInRawMode(matchedPersonData); + + } else { + log.debug("Requesting encrypted baseId by using eIDAS information directly ... "); + result = szrClient.getIdentityLinkInRawMode(eidData); + + } + + final Element idlFromSzr = (Element) result.getAssertion(); final IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSzr).parseIdentityLink(); @@ -322,68 +336,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { } } - private Map<String, Object> convertEidasAttrToSimpleMap( - ImmutableMap<AttributeDefinition<?>, ImmutableSet<? extends AttributeValue<?>>> attributeMap) { - final Map<String, Object> result = new HashMap<>(); - for (final AttributeDefinition<?> el : attributeMap.keySet()) { - final Class<?> parameterizedType = el.getParameterizedType(); - if (DateTime.class.equals(parameterizedType)) { - convertDateTime(attributeMap, result, el); - } else if (PostalAddress.class.equals(parameterizedType)) { - convertPostalAddress(attributeMap, result, el); - } else { - convertString(attributeMap, result, el); - } - } - - log.debug("Receive #" + result.size() + " attributes with names: " + result.keySet().toString()); - return result; - } - - private void convertString(ImmutableMap<AttributeDefinition<?>, - ImmutableSet<? extends AttributeValue<?>>> attributeMap, - Map<String, Object> result, AttributeDefinition<?> el) { - final List<String> natPersonIdObj = EidasResponseUtils - .translateStringListAttribute(el, attributeMap.get(el)); - final String stringAttr = natPersonIdObj.get(0); - if (StringUtils.isNotEmpty(stringAttr)) { - result.put(el.getFriendlyName(), stringAttr); - log.trace("Find attr '" + el.getFriendlyName() + "' with value: " + stringAttr); - } else { - log.info("Ignore empty 'String' attribute"); - } - } - - private void convertPostalAddress(ImmutableMap<AttributeDefinition<?>, - ImmutableSet<? extends AttributeValue<?>>> attributeMap, - Map<String, Object> result, AttributeDefinition<?> el) { - final PostalAddress addressAttribute = EidasResponseUtils - .translateAddressAttribute(el, attributeMap.get(el).asList()); - if (addressAttribute != null) { - result.put(el.getFriendlyName(), addressAttribute); - log.trace("Find attr '" + el.getFriendlyName() + "' with value: " + addressAttribute.toString()); - } else { - log.info("Ignore empty 'PostalAddress' attribute"); - } - } - - private void convertDateTime(ImmutableMap<AttributeDefinition<?>, - ImmutableSet<? extends AttributeValue<?>>> attributeMap, - Map<String, Object> result, AttributeDefinition<?> el) { - final DateTime attribute = EidasResponseUtils.translateDateAttribute(el, attributeMap.get(el).asList()); - if (attribute != null) { - result.put(el.getFriendlyName(), attribute); - log.trace("Find attr '" + el.getFriendlyName() + "' with value: " + attribute.toString()); - } else { - log.info("Ignore empty 'DateTime' attribute"); - } - } - - @NotNull - private AuthProcessDataWrapper getAuthProcessDataWrapper() { - return pendingReq.getSessionData(AuthProcessDataWrapper.class); - } - + /** * write MDS into technical log and revision log. */ diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateNewErnpEntryTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateNewErnpEntryTask.java index 69b127d8..6fc6d499 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateNewErnpEntryTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateNewErnpEntryTask.java @@ -29,9 +29,6 @@ import javax.servlet.http.HttpServletResponse; import org.springframework.stereotype.Component; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.szr.SzrClient; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; @@ -56,27 +53,37 @@ import lombok.extern.slf4j.Slf4j; @Component("CreateNewErnbEntryTask") public class CreateNewErnpEntryTask extends AbstractAuthServletTask { - private final SzrClient szrClient; + //private final SzrClient szrClient; - /** - * Constructor. - * @param szrClient SZR client for creating a new ERnP entry - */ - public CreateNewErnpEntryTask(SzrClient szrClient) { - this.szrClient = szrClient; - } + ///** + // * Constructor. + // * @param szrClient SZR client for creating a new ERnP entry + // */ + //public CreateNewErnpEntryTask(SzrClient szrClient) { + // this.szrClient = szrClient; + //} @Override public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) throws TaskExecutionException { try { - SimpleEidasData simpleEidasData = MatchingTaskUtils.getInitialEidasData(pendingReq); + //SimpleEidasData simpleEidasData = MatchingTaskUtils.getInitialEidasData(pendingReq); - // TODO When to do eidPostProcessor.postProcess on the eidas attributes? - String vsz = szrClient.createNewErnpEntry(simpleEidasData); + // insert person into ERnP + //TODO: should we insert it directly into ERnP? + //TODO: has to updated to new eIDAS document model in ERnP + //String vsz = szrClient.createNewErnpEntry(simpleEidasData); + + // finish matching process, because new user-entry uniquly matches + //log.info("User successfully registerred into ERnP and matching tasks are finished "); + //MatchingTaskUtils.storeFinalMatchingResult(pendingReq, + // MatchedPersonResult.builder() + // .vsz(vsz) + // .build()); + + log.warn("Skipping new insert ERnP task, because it's currently unknown who we should it"); + - // TODO what to do with the VSZ now - log.info("VSZ: {}", vsz); } catch (final Exception e) { log.error("Initial search FAILED.", e); throw new TaskExecutionException(pendingReq, "Initial search FAILED.", e); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java index 1563d6df..01497f8d 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java @@ -42,6 +42,8 @@ import com.google.common.collect.ImmutableMap; import com.google.common.collect.ImmutableSet; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException; @@ -71,9 +73,9 @@ import lombok.extern.slf4j.Slf4j; * Output: * <ul> * <li>{@link Constants#DATA_SIMPLE_EIDAS} converted from Full eIDAS Response</li> - * <li>{@link Constants#DATA_INITIAL_REGISTER_RESULT} results from first search in registers with + * <li>{@link Constants#DATA_INTERMEDIATE_RESULT} results from first search in registers with * PersonIdentifier</li> - * <li>{@link Constants#DATA_FURTHER_REGISTER_RESULT} results after second search in registers with MDS</li> + * <li>{@link Constants#DATA_PERSON_MATCH_RESULT} results after second search in registers with MDS</li> * <li>{@link Constants#DATA_RESULT_MATCHING_BPK} if one register result found</li> * </ul> * Transitions: @@ -135,8 +137,7 @@ public class InitialSearchTask extends AbstractAuthServletTask { step6CountrySpecificSearch(executionContext, initialSearchResult.getOperationStatus(), eidasData); } else if (resultCount == 1) { - // find person by PersonalIdentifier --> finalize first matching task - initialSearchResult.setMatchingFinished(true); + // find person by PersonalIdentifier --> finalize first matching task foundMatchFinializeTask(initialSearchResult, eidasData); } else { @@ -169,8 +170,7 @@ public class InitialSearchTask extends AbstractAuthServletTask { log.trace("'step6CountrySpecificSearch' finds a person. Forward to 'step7aKittProcess' step ... "); registerSearchService.step7aKittProcess(countrySpecificResult, eidasData); - // find person by country-specific information --> finalize first matching task - countrySpecificResult.setMatchingFinished(true); + // find person by country-specific information --> finalize first matching task foundMatchFinializeTask(countrySpecificResult, eidasData); } else { @@ -194,7 +194,7 @@ public class InitialSearchTask extends AbstractAuthServletTask { log.debug("Matching step: 'step8RegisterSearchWithMds' has #{} results. " + "Forward to GUI based matching steps ... ", registerData.getResultCount()); - MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerData); + MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerData); executionContext.put(TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK, true); } @@ -205,22 +205,26 @@ public class InitialSearchTask extends AbstractAuthServletTask { private void foundMatchFinializeTask(RegisterSearchResult searchResult, SimpleEidasData eidasData) throws WorkflowException, EaafStorageException { // check if register update is required - step3CheckRegisterUpdateNecessary(searchResult, eidasData); - + RegisterResult updatedResult = step3CheckRegisterUpdateNecessary(searchResult.getResult(), eidasData); + // store search result - MatchingTaskUtils.storeInitialRegisterResult(pendingReq, searchResult); + MatchingTaskUtils.storeFinalMatchingResult(pendingReq, + MatchedPersonResult.generateFormMatchingResult(updatedResult, eidasData.getCitizenCountryCode())); } - private void step3CheckRegisterUpdateNecessary(RegisterSearchResult initialSearchResult, + private RegisterResult step3CheckRegisterUpdateNecessary(RegisterResult searchResult, SimpleEidasData eidasData) throws WorkflowException { log.trace("Starting step3CheckRegisterUpdateNecessary"); - if (!eidasData.equalsRegisterData(initialSearchResult)) { - // TODO Update "initialSearchResult" in register with "eidasData" from login not possible for now + if (!eidasData.equalsRegisterData(searchResult)) { log.info("Skipping update-register-information step, because it's not supported yet"); + + //TODO: return updated search result if updates are allowed + return searchResult; } else { - log.debug("Register information match to eIDAS information. No update requird"); + log.debug("Register information match to eIDAS information. No update requird"); + return searchResult; } @@ -233,6 +237,7 @@ public class InitialSearchTask extends AbstractAuthServletTask { .getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE, ILightResponse.class); Map<String, Object> simpleMap = convertEidasAttrToSimpleMap(eidasResponse.getAttributes().getAttributeMap()); return eidPostProcessor.postProcess(simpleMap); + } private Map<String, Object> convertEidasAttrToSimpleMap( diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java index b18104fa..b71d86c8 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java @@ -33,6 +33,7 @@ import org.jetbrains.annotations.NotNull; import org.springframework.stereotype.Component; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.InvalidUserInputException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ManualFixNecessaryException; @@ -56,7 +57,7 @@ import lombok.extern.slf4j.Slf4j; * Input: * <ul> * <li>{@link Constants#DATA_SIMPLE_EIDAS} initial login data from user</li> - * <li>{@link Constants#DATA_INITIAL_REGISTER_RESULT} results from search in registers with personIdentifier</li> + * <li>{@link Constants#DATA_INTERMEDIATE_RESULT} results from search in registers with personIdentifier</li> * </ul> * Output: * <ul> @@ -125,7 +126,7 @@ public class ReceiveAustrianResidenceGuiResponseTask extends AbstractAuthServlet try { SimpleEidasData eidasData = MatchingTaskUtils.getInitialEidasData(pendingReq); - RegisterSearchResult initialSearchResult = MatchingTaskUtils.getInitialRegisterResult(pendingReq); + RegisterSearchResult initialSearchResult = MatchingTaskUtils.getIntermediateMatchingResult(pendingReq); RegisterSearchResult residencyResult = registerSearchService.searchWithResidence(initialSearchResult.getOperationStatus(), @@ -160,13 +161,14 @@ public class ReceiveAustrianResidenceGuiResponseTask extends AbstractAuthServlet /*TODO: check 'equalsRegisterData' because this method maybe this method evaluate to an invalid result. * See TODO in methods body */ - if (eidasData.equalsRegisterData(residencyResult)) { + if (eidasData.equalsRegisterData(residencyResult.getResult())) { // update register information registerSearchService.step7aKittProcess(residencyResult, eidasData); // store search result to re-used in CreateIdentityLink step, because there we need bPK and MDS - residencyResult.setMatchingFinished(true); - MatchingTaskUtils.storeInitialRegisterResult(pendingReq, residencyResult); + MatchingTaskUtils.storeFinalMatchingResult(pendingReq, + MatchedPersonResult.generateFormMatchingResult( + residencyResult.getResult(), eidasData.getCitizenCountryCode())); } else { moveToNextTask(executionContext); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java index fd469f49..e0b05892 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java @@ -45,6 +45,7 @@ import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; import org.springframework.stereotype.Component; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleMobileSignatureData; @@ -86,7 +87,7 @@ import lombok.extern.slf4j.Slf4j; * Input: * <ul> * <li>{@link Constants#DATA_SIMPLE_EIDAS} initial login data from user</li> - * <li>{@link Constants#DATA_INITIAL_REGISTER_RESULT} results from search in registers with personIdentifier</li> + * <li>{@link Constants#DATA_INTERMEDIATE_RESULT} results from search in registers with personIdentifier</li> * </ul> * Output: * <ul> @@ -160,7 +161,7 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet // load already existing information from session SimpleEidasData eidasData = MatchingTaskUtils.getInitialEidasData(pendingReq); - RegisterSearchResult initialSearchResult = MatchingTaskUtils.getInitialRegisterResult(pendingReq); + RegisterSearchResult initialSearchResult = MatchingTaskUtils.getIntermediateMatchingResult(pendingReq); // extract user information from ID Austria authentication AssertionAttributeExtractor extractor = new AssertionAttributeExtractor(processedMsg.getFirst().getResponse()); @@ -188,9 +189,10 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet // perform kit operation registerSearchService.step7aKittProcess(registerResult, eidasData); - // store search result to re-used in CreateIdentityLink step, because there we need bPK and MDS - registerResult.setMatchingFinished(true); - MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerResult); + // store search result to re-used in CreateIdentityLink step, because there we need bPK and MDS + MatchingTaskUtils.storeFinalMatchingResult(pendingReq, + MatchedPersonResult.generateFormMatchingResult(registerResult.getResult(), + eidasData.getCitizenCountryCode())); } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java index 59a6886a..0eb56d0b 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java @@ -45,7 +45,7 @@ import lombok.extern.slf4j.Slf4j; * Input: * <ul> * <li>{@link Constants#DATA_SIMPLE_EIDAS} initial login data from user</li> - * <li>{@link Constants#DATA_INITIAL_REGISTER_RESULT} results from search in registers with personIdentifier</li> + * <li>{@link Constants#DATA_INTERMEDIATE_RESULT} results from search in registers with personIdentifier</li> * </ul> * Output: * <ul> diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java index 5625a30d..ae4dfb30 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java @@ -5,6 +5,7 @@ import javax.annotation.Nullable; import org.springframework.lang.NonNull; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterSearchResult; import at.gv.egiz.eaaf.core.api.IRequest; @@ -41,34 +42,62 @@ public class MatchingTaskUtils { } /** - * Get Matching result from session. + * Get intermediate matching result from session. * * @param pendingReq Current pendingRequest - * @return Matching result or <code>null</code> if not exist + * @return Intermediate matching result or <code>null</code> if not exist */ @Nullable - public static RegisterSearchResult getInitialRegisterResult(IRequest pendingReq) { - return getAuthProcessDataWrapper(pendingReq).getGenericDataFromSession(Constants.DATA_INITIAL_REGISTER_RESULT, + public static RegisterSearchResult getIntermediateMatchingResult(IRequest pendingReq) { + return getAuthProcessDataWrapper(pendingReq).getGenericDataFromSession(Constants.DATA_INTERMEDIATE_RESULT, RegisterSearchResult.class); } /** - * Store matching result into session. + * Store intermediate matching result into session. * * @param pendingReq Current pendingRequest - * @param registerData Matching result information + * @param registerData Intermediate matching result information * @throws EaafStorageException In case of data can not be add into session */ @Nullable - public static void storeInitialRegisterResult(IRequest pendingReq, RegisterSearchResult registerData) + public static void storeIntermediateMatchingResult(IRequest pendingReq, RegisterSearchResult registerData) throws EaafStorageException { getAuthProcessDataWrapper(pendingReq).setGenericDataToSession( - Constants.DATA_INITIAL_REGISTER_RESULT, registerData); + Constants.DATA_INTERMEDIATE_RESULT, registerData); } /** + * Get intermediate matching result from session. + * + * @param pendingReq Current pendingRequest + * @return Intermediate matching result or <code>null</code> if not exist + */ + @Nullable + public static MatchedPersonResult getFinalMatchingResult(IRequest pendingReq) { + return getAuthProcessDataWrapper(pendingReq).getGenericDataFromSession(Constants.DATA_PERSON_MATCH_RESULT, + MatchedPersonResult.class); + + } + + /** + * Store intermediate matching result into session. + * + * @param pendingReq Current pendingRequest + * @param personInfos Person information after a successful match + * @throws EaafStorageException In case of data can not be add into session + */ + @Nullable + public static void storeFinalMatchingResult(IRequest pendingReq, MatchedPersonResult personInfos) + throws EaafStorageException { + getAuthProcessDataWrapper(pendingReq).setGenericDataToSession( + Constants.DATA_PERSON_MATCH_RESULT, personInfos); + + } + + /** * Get holder for authentication information for the current process. * * @param pendingReq Current pendingRequest diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/zmr/DummyZmrClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/zmr/DummyZmrClient.java index 30a801a4..b39281c2 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/zmr/DummyZmrClient.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/zmr/DummyZmrClient.java @@ -39,7 +39,8 @@ import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest; public class DummyZmrClient implements IZmrClient { @Override - public ZmrRegisterResult searchWithPersonIdentifier(BigInteger zmrProzessId, String personIdentifier) { + public ZmrRegisterResult searchWithPersonIdentifier(BigInteger zmrProzessId, String personIdentifier, + String citizenCountryCode) { return new ZmrRegisterResult(Collections.emptyList(), null); } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyOA.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyOA.java index 2f7782ae..074dd0bb 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyOA.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyOA.java @@ -1,13 +1,19 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy; +import java.util.ArrayList; +import java.util.Collections; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Set; + +import org.apache.commons.lang3.StringUtils; + +import at.gv.egiz.eaaf.core.impl.builder.BpkBuilder; import at.gv.egiz.eaaf.core.impl.data.Pair; -import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder; import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; import lombok.Getter; import lombok.Setter; -import org.apache.commons.lang3.StringUtils; - -import java.util.*; public class DummyOA implements IAhSpConfiguration { @@ -115,13 +121,13 @@ public class DummyOA implements IAhSpConfiguration { } @Override - public List<String> getTargetsWithNoBaseIdInternalProcessingRestriction() { + public Set<String> getTargetsWithNoBaseIdInternalProcessingRestriction() { // TODO Auto-generated method stub return null; } @Override - public List<String> getTargetsWithNoBaseIdTransferRestriction() { + public Set<String> getTargetsWithNoBaseIdTransferRestriction() { // TODO Auto-generated method stub return null; } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/DeSpecificDetailSearchProcessorTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/DeSpecificDetailSearchProcessorTest.java new file mode 100644 index 00000000..21c9fd80 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/DeSpecificDetailSearchProcessorTest.java @@ -0,0 +1,105 @@ +package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.handler; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertTrue; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; + +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.DeSpecificDetailSearchProcessor; +import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest; + +@RunWith(BlockJUnit4ClassRunner.class) +public class DeSpecificDetailSearchProcessorTest { + + private DeSpecificDetailSearchProcessor handler = new DeSpecificDetailSearchProcessor(); + + @Test + public void checkName() { + assertEquals("wrong handler name", "DeSpecificDetailSearchProcessor", handler.getName()); + + } + + @Test + public void canHandlerCheck_1() { + SimpleEidasData eidData = SimpleEidasData.builder() + .birthName(RandomStringUtils.randomAlphabetic(5)) + .placeOfBirth(RandomStringUtils.randomAlphabetic(5)) + .build(); + assertFalse("wrong 'canHandle' flag", handler.canHandle("XX", eidData)); + + } + + @Test + public void canHandlerCheck_2() { + SimpleEidasData eidData = SimpleEidasData.builder() + .birthName(RandomStringUtils.randomAlphabetic(5)) + .placeOfBirth(RandomStringUtils.randomAlphabetic(5)) + .build(); + assertTrue("wrong 'canHandle' flag", handler.canHandle("DE", eidData)); + + } + + @Test + public void canHandlerCheck_3() { + SimpleEidasData eidData = SimpleEidasData.builder() + .birthName(RandomStringUtils.randomAlphabetic(5)) + .placeOfBirth(RandomStringUtils.randomAlphabetic(5)) + .build(); + assertTrue("wrong 'canHandle' flag", handler.canHandle("de", eidData)); + + } + + @Test + public void canHandlerCheck_4() { + SimpleEidasData eidData = SimpleEidasData.builder() + .birthName(null) + .placeOfBirth(RandomStringUtils.randomAlphabetic(5)) + .build(); + assertFalse("wrong 'canHandle' flag", handler.canHandle("DE", eidData)); + + } + + @Test + public void canHandlerCheck_5() { + SimpleEidasData eidData = SimpleEidasData.builder() + .birthName(RandomStringUtils.randomAlphabetic(5)) + .placeOfBirth(null) + .build(); + assertFalse("wrong 'canHandle' flag", handler.canHandle("DE", eidData)); + + } + + @Test + public void generateZmrSearchRequest() { + SimpleEidasData eidData = SimpleEidasData.builder() + .citizenCountryCode("DE") + .givenName(RandomStringUtils.randomAlphabetic(5)) + .familyName(RandomStringUtils.randomAlphabetic(5)) + .dateOfBirth(RandomStringUtils.randomAlphabetic(5)) + .birthName(RandomStringUtils.randomAlphabetic(5)) + .placeOfBirth(RandomStringUtils.randomAlphabetic(5)) + .build(); + + // perform operation + PersonSuchenRequest req = handler.generateSearchRequest(eidData); + + //validate response + assertNotNull("no search request", req); + assertNotNull("no MDS", req.getNatuerlichePerson()); + assertNotNull("no MDS PersonName", req.getNatuerlichePerson().getPersonenName()); + assertEquals("familyName", eidData.getFamilyName(), req.getNatuerlichePerson().getPersonenName().getFamilienname()); + assertEquals("givenName", eidData.getGivenName(), req.getNatuerlichePerson().getPersonenName().getVorname()); + assertEquals("birthday", eidData.getDateOfBirth(), req.getNatuerlichePerson().getGeburtsdatum()); + + assertNotNull("no eIDAS documenst", req.getEidasSuchdaten()); + //TODO: add validation if we can add more than one eIDAS document + + } + +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/ItSpecificDetailSearchProcessorTes.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/ItSpecificDetailSearchProcessorTes.java new file mode 100644 index 00000000..9b638ee5 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/ItSpecificDetailSearchProcessorTes.java @@ -0,0 +1,84 @@ +package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.handler; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertTrue; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; + +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.ItSpecificDetailSearchProcessor; +import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest; + +@RunWith(BlockJUnit4ClassRunner.class) +public class ItSpecificDetailSearchProcessorTes { + + private ItSpecificDetailSearchProcessor handler = new ItSpecificDetailSearchProcessor(); + + @Test + public void checkName() { + assertEquals("wrong handler name", "ItSpecificDetailSearchProcessor", handler.getName()); + + } + + @Test + public void canHandlerCheck_1() { + SimpleEidasData eidData = SimpleEidasData.builder() + .taxNumber(RandomStringUtils.randomAlphabetic(5)) + .build(); + assertFalse("wrong 'canHandle' flag", handler.canHandle("XX", eidData)); + + } + + @Test + public void canHandlerCheck_2() { + SimpleEidasData eidData = SimpleEidasData.builder() + .taxNumber(RandomStringUtils.randomAlphabetic(5)) + .build(); + assertTrue("wrong 'canHandle' flag", handler.canHandle("IT", eidData)); + + } + + @Test + public void canHandlerCheck_3() { + SimpleEidasData eidData = SimpleEidasData.builder() + .taxNumber(RandomStringUtils.randomAlphabetic(5)) + .build(); + assertTrue("wrong 'canHandle' flag", handler.canHandle("it", eidData)); + + } + + @Test + public void canHandlerCheck_4() { + SimpleEidasData eidData = SimpleEidasData.builder() + .taxNumber("") + .build(); + assertFalse("wrong 'canHandle' flag", handler.canHandle("IT", eidData)); + + } + + @Test + public void generateZmrSearchRequest() { + SimpleEidasData eidData = SimpleEidasData.builder() + .citizenCountryCode("IT") + .givenName(RandomStringUtils.randomAlphabetic(5)) + .familyName(RandomStringUtils.randomAlphabetic(5)) + .dateOfBirth(RandomStringUtils.randomAlphabetic(5)) + .taxNumber(RandomStringUtils.randomAlphabetic(5)) + .build(); + + // perform operation + PersonSuchenRequest req = handler.generateSearchRequest(eidData); + + //validate response + assertNotNull("no search request", req); + + //TODO: add validation if we can add more information about taxNumber from Italy + + } + +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java index 248b71d9..7af9706e 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java @@ -18,7 +18,9 @@ import java.util.List; import java.util.Map; import org.apache.commons.lang3.RandomStringUtils; +import org.apache.commons.lang3.StringUtils; import org.jetbrains.annotations.NotNull; +import org.joda.time.DateTime; import org.jose4j.jwa.AlgorithmConstraints; import org.jose4j.jwa.AlgorithmConstraints.ConstraintType; import org.jose4j.jws.AlgorithmIdentifiers; @@ -39,16 +41,25 @@ import org.springframework.web.context.request.ServletRequestAttributes; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; +import com.google.common.collect.ImmutableMap; +import com.google.common.collect.ImmutableSet; import com.skjolberg.mockito.soap.SoapServiceRule; import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService; import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils; import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils; import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils.JwsResult; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.IRequestStorage; import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; @@ -68,8 +79,10 @@ import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; import at.gv.egiz.eaaf.core.impl.utils.Random; import eu.eidas.auth.commons.attribute.AttributeDefinition; +import eu.eidas.auth.commons.attribute.AttributeValue; import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; import eu.eidas.auth.commons.attribute.ImmutableAttributeMap.Builder; +import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress; import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse; import lombok.val; import szrservices.JwsHeaderParam; @@ -97,6 +110,9 @@ public class CreateIdentityLinkTaskEidNewTest { EaafKeyStoreFactory keyStoreFactory; @Autowired + ICcSpecificEidProcessingService eidPostProcessor; + + @Autowired private IRequestStorage requestStorage; final ExecutionContext executionContext = new ExecutionContextImpl(); @@ -123,9 +139,11 @@ public class CreateIdentityLinkTaskEidNewTest { /** * jUnit test set-up. + * @throws EidasAttributeException + * @throws EidPostProcessingException */ @Before - public void setUp() throws EaafStorageException, URISyntaxException { + public void setUp() throws EaafStorageException, URISyntaxException, EidPostProcessingException, EidasAttributeException { httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); httpResp = new MockHttpServletResponse(); @@ -144,8 +162,14 @@ public class CreateIdentityLinkTaskEidNewTest { response = buildDummyAuthResponse(false); pendingReq.getSessionData(AuthProcessDataWrapper.class) .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); - - + + final Map<String, Object> eidasAttributes = convertEidasAttrToSimpleMap( + response.getAttributes().getAttributeMap()); + final SimpleEidasData eidData = eidPostProcessor.postProcess(eidasAttributes); + MatchingTaskUtils.storeInitialEidasData(pendingReq, eidData); + + MatchingTaskUtils.storeFinalMatchingResult(pendingReq, null); + pendingReq.setSpConfig(oaParam); pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue()); pendingReq.setAuthUrl("http://test.com/"); @@ -163,8 +187,10 @@ public class CreateIdentityLinkTaskEidNewTest { //initialize test response = buildDummyAuthResponse(true); pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); - + .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); + MatchingTaskUtils.storeInitialEidasData(pendingReq, eidPostProcessor.postProcess( + convertEidasAttrToSimpleMap(response.getAttributes().getAttributeMap()))); + String vsz = RandomStringUtils.randomNumeric(10); when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(vsz); val signContentResp = new SignContentResponseType(); @@ -223,7 +249,7 @@ public class CreateIdentityLinkTaskEidNewTest { verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture()); Boolean param5 = argument5.getValue(); - Assert.assertFalse("insertERnP flag", param5); + Assert.assertTrue("insertERnP flag", param5); PersonInfoType person = argument4.getValue(); Assert.assertEquals("FamilyName", response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue( @@ -297,6 +323,82 @@ public class CreateIdentityLinkTaskEidNewTest { } @Test + public void successfulProcessWithDataFromMatching() throws Exception { + //initialize test + String vsz = RandomStringUtils.randomNumeric(10); + when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(vsz); + val signContentResp = new SignContentResponseType(); + final SignContentEntry signContentEntry = new SignContentEntry(); + signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10)); + signContentResp.getOut().add(signContentEntry); + when(szrMock.signContent(any(), any(), any())).thenReturn(signContentResp); + + String randomTestSp = RandomStringUtils.randomAlphabetic(10); + pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); + + MatchedPersonResult matchingInfos = MatchedPersonResult.builder() + .bpk(RandomStringUtils.randomAlphabetic(5)) + .givenName(RandomStringUtils.randomAlphabetic(5)) + .familyName(RandomStringUtils.randomAlphabetic(5)) + .dateOfBirth(RandomStringUtils.randomAlphabetic(5)) + .countryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .build(); + + MatchingTaskUtils.storeFinalMatchingResult(pendingReq, matchingInfos); + + //perform test + task.execute(pendingReq, executionContext); + + + //validate state + // check if pendingRequest was stored + IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); + Assert.assertNotNull("pendingReq not stored", storedPendingReq); + + //check data in session + final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); + Assert.assertNotNull("AuthProcessData", authProcessData); + Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class)); + + String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class); + Assert.assertNotNull("AuthBlock", authBlock); + + Assert.assertTrue("EID process", authProcessData.isEidProcess()); + Assert.assertTrue("foreigner process", authProcessData.isForeigner()); + Assert.assertEquals("EID-ISSUING_NATION", "LU", + authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); + + // check vsz request + ArgumentCaptor<PersonInfoType> argument4 = ArgumentCaptor.forClass(PersonInfoType.class); + ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class); + verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture()); + + Boolean param5 = argument5.getValue(); + Assert.assertFalse("insertERnP flag", param5); + PersonInfoType person = argument4.getValue(); + Assert.assertEquals("FamilyName", + matchingInfos.getFamilyName(), + person.getPerson().getName().getFamilyName()); + Assert.assertEquals("GivenName", + matchingInfos.getGivenName(), + person.getPerson().getName().getGivenName()); + Assert.assertEquals("DateOfBirth", + matchingInfos.getDateOfBirth(), + person.getPerson().getDateOfBirth()); + Assert.assertEquals("bPK", + matchingInfos.getBpk(), + person.getPerson().getIdentification().getValue()); + Assert.assertEquals("bPKType", + EaafConstants.URN_PREFIX_CDID + "ZP", + person.getPerson().getIdentification().getType()); + + + Assert.assertNull("PlaceOfBirth", person.getPerson().getPlaceOfBirth()); + Assert.assertNull("BirthName", person.getPerson().getAlternativeName()); + + } + + @Test public void successfulProcessWithStandardInfos() throws Exception { //initialize test String vsz = RandomStringUtils.randomNumeric(10); @@ -337,7 +439,7 @@ public class CreateIdentityLinkTaskEidNewTest { verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture()); Boolean param5 = argument5.getValue(); - Assert.assertFalse("insertERnP flag", param5); + Assert.assertTrue("insertERnP flag", param5); PersonInfoType person = argument4.getValue(); Assert.assertEquals("FamilyName", response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue( @@ -456,4 +558,53 @@ public class CreateIdentityLinkTaskEidNewTest { .attributes(attributeMap.build()) .build(); } + + private Map<String, Object> convertEidasAttrToSimpleMap( + ImmutableMap<AttributeDefinition<?>, ImmutableSet<? extends AttributeValue<?>>> attributeMap) { + final Map<String, Object> result = new HashMap<>(); + for (final AttributeDefinition<?> el : attributeMap.keySet()) { + final Class<?> parameterizedType = el.getParameterizedType(); + if (DateTime.class.equals(parameterizedType)) { + convertDateTime(attributeMap, result, el); + } else if (PostalAddress.class.equals(parameterizedType)) { + convertPostalAddress(attributeMap, result, el); + } else { + convertString(attributeMap, result, el); + } + } + return result; + } + + private void convertString(ImmutableMap<AttributeDefinition<?>, + ImmutableSet<? extends AttributeValue<?>>> attributeMap, + Map<String, Object> result, AttributeDefinition<?> el) { + final List<String> natPersonIdObj = EidasResponseUtils + .translateStringListAttribute(el, attributeMap.get(el)); + final String stringAttr = natPersonIdObj.get(0); + if (StringUtils.isNotEmpty(stringAttr)) { + result.put(el.getFriendlyName(), stringAttr); + + } + } + + private void convertPostalAddress(ImmutableMap<AttributeDefinition<?>, + ImmutableSet<? extends AttributeValue<?>>> attributeMap, + Map<String, Object> result, AttributeDefinition<?> el) { + final PostalAddress addressAttribute = EidasResponseUtils + .translateAddressAttribute(el, attributeMap.get(el).asList()); + if (addressAttribute != null) { + result.put(el.getFriendlyName(), addressAttribute); + + } + } + + private void convertDateTime(ImmutableMap<AttributeDefinition<?>, + ImmutableSet<? extends AttributeValue<?>>> attributeMap, + Map<String, Object> result, AttributeDefinition<?> el) { + final DateTime attribute = EidasResponseUtils.translateDateAttribute(el, attributeMap.get(el).asList()); + if (attribute != null) { + result.put(el.getFriendlyName(), attribute); + + } + } } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java index 556bd2eb..0a2d4271 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java @@ -5,6 +5,7 @@ import static org.mockito.ArgumentMatchers.any; import java.net.URISyntaxException; import java.util.HashMap; +import java.util.List; import java.util.Map; import javax.xml.bind.JAXBContext; @@ -12,7 +13,9 @@ import javax.xml.bind.JAXBException; import javax.xml.bind.Unmarshaller; import org.apache.commons.lang3.RandomStringUtils; +import org.apache.commons.lang3.StringUtils; import org.jetbrains.annotations.NotNull; +import org.joda.time.DateTime; import org.junit.Assert; import org.junit.Before; import org.junit.Rule; @@ -27,13 +30,22 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; +import com.google.common.collect.ImmutableMap; +import com.google.common.collect.ImmutableSet; import com.skjolberg.mockito.soap.SoapServiceRule; import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService; import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.IRequestStorage; import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; @@ -50,7 +62,9 @@ import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; import at.gv.egiz.eaaf.core.impl.utils.Random; import eu.eidas.auth.commons.attribute.AttributeDefinition; +import eu.eidas.auth.commons.attribute.AttributeValue; import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; +import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress; import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse; import lombok.val; import szrservices.GetBPK; @@ -79,7 +93,10 @@ public class CreateIdentityLinkTaskTest { EaafKeyStoreFactory keyStoreFactory; @Autowired - private IRequestStorage requestStorage; + ICcSpecificEidProcessingService eidPostProcessor; + + @Autowired + IRequestStorage requestStorage; final ExecutionContext executionContext = new ExecutionContextImpl(); private MockHttpServletRequest httpReq; @@ -96,9 +113,11 @@ public class CreateIdentityLinkTaskTest { /** * jUnit test set-up. + * @throws EidasAttributeException + * @throws EidPostProcessingException */ @Before - public void setUp() throws EaafStorageException, URISyntaxException { + public void setUp() throws EaafStorageException, URISyntaxException, EidPostProcessingException, EidasAttributeException { httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); httpResp = new MockHttpServletResponse(); @@ -117,9 +136,15 @@ public class CreateIdentityLinkTaskTest { pendingReq = new TestRequestImpl(); response = buildDummyAuthResponse(); - + final Map<String, Object> eidasAttributes = convertEidasAttrToSimpleMap( + response.getAttributes().getAttributeMap()); + final SimpleEidasData eidData = eidPostProcessor.postProcess(eidasAttributes); + MatchingTaskUtils.storeInitialEidasData(pendingReq, eidData); pendingReq.getSessionData(AuthProcessDataWrapper.class) .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); + + MatchingTaskUtils.storeFinalMatchingResult(pendingReq, null); + pendingReq.setSpConfig(oaParam); pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue()); pendingReq.setAuthUrl("http://test.com/"); @@ -182,6 +207,63 @@ public class CreateIdentityLinkTaskTest { } @Test + public void successfulProcessWithDataFromMatching() throws Exception { + //initialize test + setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml"); + + String randomTestSp = RandomStringUtils.randomAlphabetic(10); + pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); + + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); + + MatchedPersonResult matchingInfos = MatchedPersonResult.builder() + .bpk(RandomStringUtils.randomAlphabetic(5)) + .givenName(RandomStringUtils.randomAlphabetic(5)) + .familyName(RandomStringUtils.randomAlphabetic(5)) + .dateOfBirth(RandomStringUtils.randomAlphabetic(5)) + .countryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .build(); + + MatchingTaskUtils.storeFinalMatchingResult(pendingReq, matchingInfos); + + //perform test + task.execute(pendingReq, executionContext); + + + //validate state + // check if pendingRequest was stored + IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); + Assert.assertNotNull("pendingReq not stored", storedPendingReq); + + //check data in session + final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); + Assert.assertNotNull("AuthProcessData", authProcessData); + Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class)); + + String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class); + Assert.assertNull("AuthBlock", authBlock); + + Assert.assertFalse("EID process", authProcessData.isEidProcess()); + Assert.assertTrue("foreigner process", authProcessData.isForeigner()); + Assert.assertEquals("EID-ISSUING_NATION", "LU", + authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); + + Assert.assertNotNull("IDL", authProcessData.getIdentityLink()); + checkElement("Mustermann", authProcessData.getIdentityLink().getFamilyName()); + checkElement("Hans", authProcessData.getIdentityLink().getGivenName()); + checkElement("1989-05-05", authProcessData.getIdentityLink().getDateOfBirth()); + checkElement("urn:publicid:gv.at:baseid", authProcessData.getIdentityLink().getIdentificationType()); + checkElement("k+zDM1BVpN1WJO4x7ZQ3ng==", authProcessData.getIdentityLink().getIdentificationValue()); + Assert.assertNotNull(authProcessData.getIdentityLink().getSerializedSamlAssertion()); + Assert.assertNotNull(authProcessData.getIdentityLink().getSamlAssertion()); + + Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); + Assert.assertEquals("wrong bPK", "XX:FkXtOaSSeR3elyL9KLLvijIYDMU=", + authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); + + } + + @Test public void buildIdentityLinkWithWbpk() throws Exception { //initialize test setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml"); @@ -444,4 +526,54 @@ public class CreateIdentityLinkTaskTest { .attributes(attributeMap) .build(); } + + private Map<String, Object> convertEidasAttrToSimpleMap( + ImmutableMap<AttributeDefinition<?>, ImmutableSet<? extends AttributeValue<?>>> attributeMap) { + final Map<String, Object> result = new HashMap<>(); + for (final AttributeDefinition<?> el : attributeMap.keySet()) { + final Class<?> parameterizedType = el.getParameterizedType(); + if (DateTime.class.equals(parameterizedType)) { + convertDateTime(attributeMap, result, el); + } else if (PostalAddress.class.equals(parameterizedType)) { + convertPostalAddress(attributeMap, result, el); + } else { + convertString(attributeMap, result, el); + } + } + return result; + } + + private void convertString(ImmutableMap<AttributeDefinition<?>, + ImmutableSet<? extends AttributeValue<?>>> attributeMap, + Map<String, Object> result, AttributeDefinition<?> el) { + final List<String> natPersonIdObj = EidasResponseUtils + .translateStringListAttribute(el, attributeMap.get(el)); + final String stringAttr = natPersonIdObj.get(0); + if (StringUtils.isNotEmpty(stringAttr)) { + result.put(el.getFriendlyName(), stringAttr); + + } + } + + private void convertPostalAddress(ImmutableMap<AttributeDefinition<?>, + ImmutableSet<? extends AttributeValue<?>>> attributeMap, + Map<String, Object> result, AttributeDefinition<?> el) { + final PostalAddress addressAttribute = EidasResponseUtils + .translateAddressAttribute(el, attributeMap.get(el).asList()); + if (addressAttribute != null) { + result.put(el.getFriendlyName(), addressAttribute); + + } + } + + private void convertDateTime(ImmutableMap<AttributeDefinition<?>, + ImmutableSet<? extends AttributeValue<?>>> attributeMap, + Map<String, Object> result, AttributeDefinition<?> el) { + final DateTime attribute = EidasResponseUtils.translateDateAttribute(el, attributeMap.get(el).asList()); + if (attribute != null) { + result.put(el.getFriendlyName(), attribute); + + } + } + } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java index 34bca782..bb732f1c 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java @@ -24,14 +24,18 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks; import static org.apache.commons.lang3.RandomStringUtils.randomAlphabetic; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; import static org.junit.Assert.assertThrows; +import static org.junit.Assert.assertTrue; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.eq; import java.math.BigInteger; import java.net.URI; import java.net.URISyntaxException; -import java.util.ArrayList; import java.util.Arrays; import java.util.Collections; import java.util.List; @@ -44,6 +48,7 @@ import org.apache.commons.lang3.RandomStringUtils; import org.jetbrains.annotations.NotNull; import org.junit.Assert; import org.junit.Before; +import org.junit.Ignore; import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.Mock; @@ -62,6 +67,7 @@ import org.springframework.web.context.request.ServletRequestAttributes; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.IZmrClient; import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.ZmrSoapClient.ZmrRegisterResult; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; import at.asitplus.eidas.specific.modules.auth.eidas.v2.ernp.IErnpClient; @@ -69,10 +75,12 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcess import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ZmrCommunicationException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.CountrySpecificDetailSearchProcessor; import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.GenericEidProcessor; import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService; import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterSearchResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.InitialSearchTask; import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils; import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest; @@ -100,11 +108,9 @@ public class InitialSearchTaskTest { private static final String EE = "EE"; private static final String DE = "DE"; - private static final String IT = "IT"; private static final String EE_ST = EE + "/ST/"; private static final String DE_ST = DE + "/ST/"; - private static final String IT_ST = IT + "/ST/"; @Mock private IZmrClient zmrClient; @@ -173,130 +179,215 @@ public class InitialSearchTaskTest { */ @Test @DirtiesContext - public void testNode100_UserIdentifiedUpdateNecessary_a() throws Exception { - String newFirstName = randomAlphabetic(10); - Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn( + public void singlePersonalIdMatchUpdateNecessary_Zmr() throws Exception { + String oldGivenName = randomAlphabetic(10); + Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn( new ZmrRegisterResult(Collections.singletonList( RegisterResult.builder() .bpk(randomBpk) .pseudonym(Arrays.asList(randomPsydonym)) - .givenName(newFirstName) + .givenName(oldGivenName) .familyName(randomFamilyName) .dateOfBirth(randomBirthDate) .build()), generateRandomProcessId())); + + Mockito.when(zmrClient.searchCountrySpecific(any(), any(), any())).thenThrow( + new IllegalStateException("CountrySpecific search search should not be neccessary")); + Mockito.when(zmrClient.searchWithMds(any(), any(), any(), any(), any())).thenThrow( + new IllegalStateException("MDS search should not be neccessary")); + + // execute test task.execute(pendingReq, executionContext); - String bPk = readBpkFromSessionData(pendingReq); - - Assert.assertEquals("Wrong bpk", randomBpk, bPk); + + // validate state + //INFO: has to be the old givenName because ZMR allows no update of MDS information + checkMatchingSuccessState(pendingReq, randomBpk, randomFamilyName, oldGivenName, randomBirthDate, DE); + } + /** - * One match, but register update needed + * TODO: include again if ERnP update is implementet. Maybe we can update MDS based on ERnP. + * + * One match, but register update needed. * @throws EidasSAuthenticationException */ + @Ignore @Test @DirtiesContext - public void testNode100_UserIdentifiedUpdateNecessary_b() throws TaskExecutionException, EidasSAuthenticationException { - Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn( + public void singlePersonalIdMatchUpdateNecessary_Ernp() throws TaskExecutionException, EidasSAuthenticationException { + Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn( new ZmrRegisterResult(Collections.emptyList(), generateRandomProcessId())); - String newRandomGivenName = randomAlphabetic(10); + String oldRandomGivenName = randomAlphabetic(10); Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.singletonList( RegisterResult.builder() .bpk(randomBpk) .pseudonym(Arrays.asList(randomPsydonym)) - .givenName(newRandomGivenName) + .givenName(oldRandomGivenName) .familyName(randomFamilyName) .dateOfBirth(randomBirthDate) .build())); + // execute test task.execute(pendingReq, executionContext); - String bPk = readBpkFromSessionData(pendingReq); - - Assert.assertEquals("Wrong bpk", randomBpk, bPk); + + // validate state + checkMatchingSuccessState(pendingReq, randomBpk, randomFamilyName, randomGivenName, randomBirthDate, DE); } /** - * Two matches found in ZMR + * Two matches by PersonalId found in ZMR * @throws EidasSAuthenticationException */ @Test @DirtiesContext - public void testNode101_ManualFixNecessary_a() throws EidasSAuthenticationException { - ArrayList<RegisterResult> zmrResult = new ArrayList<>(); - zmrResult.add( - RegisterResult.builder() - .bpk(randomBpk) - .pseudonym(Arrays.asList(randomPsydonym)) - .givenName(randomGivenName) - .familyName(randomFamilyName) - .dateOfBirth(randomBirthDate) - .build()); - String newRandomGivenName = randomGivenName + randomAlphabetic(2); - zmrResult.add( - RegisterResult.builder() - .bpk(randomBpk) - .pseudonym(Arrays.asList(randomPsydonym)) - .givenName(newRandomGivenName) - .familyName(randomFamilyName) - .dateOfBirth(randomBirthDate) - .build()); - Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn( - new ZmrRegisterResult(zmrResult, generateRandomProcessId())); - Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList()); + public void multiPersonalIdMatch_Zmr() throws EidasSAuthenticationException { + String newRandomGivenName = randomAlphabetic(10); + Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn( + new ZmrRegisterResult(Arrays.asList( + RegisterResult.builder() + .bpk(randomBpk) + .pseudonym(Arrays.asList(randomPsydonym)) + .givenName(randomGivenName) + .familyName(randomFamilyName) + .dateOfBirth(randomBirthDate) + .build(), + RegisterResult.builder() + .bpk(randomBpk) + .pseudonym(Arrays.asList(randomPsydonym)) + .givenName(newRandomGivenName) + .familyName(randomFamilyName) + .dateOfBirth(randomBirthDate) + .build() + ), + generateRandomProcessId())); + Mockito.when(ernpClient.searchWithPersonIdentifier( + randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList()); + // execute task TaskExecutionException exception = assertThrows(TaskExecutionException.class, () -> task.execute(pendingReq, executionContext)); - Throwable origE = exception.getOriginalException(); - Assert.assertTrue("Wrong exception", (origE instanceof WorkflowException)); + + // validate state + assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException)); + assertTrue("Wrong flag 'manualFixNeeded'", + ((WorkflowException)exception.getOriginalException()).isRequiresManualFix()); + } - /** - * Two matches found in ErnP + * Two matches by PersonalId found in ZMR * @throws EidasSAuthenticationException */ @Test @DirtiesContext - public void testNode101_ManualFixNecessary_b() throws EidasSAuthenticationException { - Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn( - new ZmrRegisterResult(Collections.emptyList(), generateRandomProcessId())); - ArrayList<RegisterResult> ernpResult = new ArrayList<>(); - ernpResult.add( - RegisterResult.builder() - .bpk(randomBpk) - .pseudonym(Arrays.asList(randomPsydonym)) - .givenName(randomGivenName) - .familyName(randomFamilyName) - .dateOfBirth(randomBirthDate) - .build()); - String newRandomGivenName = randomGivenName + randomAlphabetic(2); - ernpResult.add( - RegisterResult.builder() - .bpk(randomBpk) - .pseudonym(Arrays.asList(randomPsydonym)) - .givenName(newRandomGivenName) - .familyName(randomFamilyName) - .dateOfBirth(randomBirthDate) - .build()); - Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(ernpResult); + public void withErrorFromZmr() throws EidasSAuthenticationException { + Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenThrow( + new ZmrCommunicationException("jUnit ZMR error", null)); + Mockito.when(ernpClient.searchWithPersonIdentifier( + randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList()); + // execute task TaskExecutionException exception = assertThrows(TaskExecutionException.class, () -> task.execute(pendingReq, executionContext)); - Throwable origE = exception.getOriginalException(); - Assert.assertTrue("Wrong exception", (origE instanceof WorkflowException)); + + // validate state + assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException)); + assertFalse("Wrong flag 'manualFixNeeded'", + ((WorkflowException)exception.getOriginalException()).isRequiresManualFix()); + } /** - * One match, no register update needed + * Two matches by PersonalId found in ErnP + * @throws EidasSAuthenticationException */ @Test @DirtiesContext - public void testNode102_UserIdentified_a() throws Exception { - Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn( + public void multiPersonalIdMatch_Ernp() throws EidasSAuthenticationException { + Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn( + new ZmrRegisterResult(Collections.emptyList(), generateRandomProcessId())); + String newRandomGivenName = randomAlphabetic(10); + Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn( + Arrays.asList( + RegisterResult.builder() + .bpk(randomBpk) + .pseudonym(Arrays.asList(randomPsydonym)) + .givenName(randomGivenName) + .familyName(randomFamilyName) + .dateOfBirth(randomBirthDate) + .build(), + RegisterResult.builder() + .bpk(randomBpk) + .pseudonym(Arrays.asList(randomPsydonym)) + .givenName(newRandomGivenName) + .familyName(randomFamilyName) + .dateOfBirth(randomBirthDate) + .build() + )); + + // execute task + TaskExecutionException exception = assertThrows(TaskExecutionException.class, + () -> task.execute(pendingReq, executionContext)); + + // validate state + assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException)); + assertTrue("Wrong flag 'manualFixNeeded'", + ((WorkflowException)exception.getOriginalException()).isRequiresManualFix()); + + } + + /** + * Two matches by PersonalId + * @throws EidasSAuthenticationException + */ + @Test + @DirtiesContext + public void multiPersonalIdMatch_ErnpAndZmr() throws EidasSAuthenticationException { + Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn( + new ZmrRegisterResult(Arrays.asList( + RegisterResult.builder() + .bpk(randomBpk) + .pseudonym(Arrays.asList(randomPsydonym)) + .givenName(randomGivenName) + .familyName(randomFamilyName) + .dateOfBirth(randomBirthDate) + .build() + ), generateRandomProcessId())); + String newRandomGivenName = randomAlphabetic(10); + Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn( + Arrays.asList( + RegisterResult.builder() + .bpk(randomBpk) + .pseudonym(Arrays.asList(randomPsydonym)) + .givenName(randomGivenName) + .familyName(randomFamilyName) + .dateOfBirth(randomBirthDate) + .build() + )); + + // execute task + TaskExecutionException exception = assertThrows(TaskExecutionException.class, + () -> task.execute(pendingReq, executionContext)); + + // validate state + assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException)); + assertTrue("Wrong flag 'manualFixNeeded'", + ((WorkflowException)exception.getOriginalException()).isRequiresManualFix()); + + } + + /** + * One match by PersonalId, no register update needed + */ + @Test + @DirtiesContext + public void singlePersonalIdMatchNoUpdate_Ernp() throws Exception { + Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn( new ZmrRegisterResult(Collections.emptyList(), generateRandomProcessId())); Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.singletonList( RegisterResult.builder() @@ -307,18 +398,20 @@ public class InitialSearchTaskTest { .dateOfBirth(randomBirthDate) .build())); + // execute test task.execute(pendingReq, executionContext); - String bPk = readBpkFromSessionData(pendingReq); - Assert.assertEquals("Wrong bpk", randomBpk, bPk); + + // validate state + checkMatchingSuccessState(pendingReq, randomBpk, randomFamilyName, randomGivenName, randomBirthDate, DE); } /** - * One match, no register update needed + * One match by PersonalId, no register update needed */ @Test @DirtiesContext - public void testNode102_UserIdentified_b() throws Exception { - Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn( + public void singlePersonalIdMatchNoUpdate_Zmr() throws Exception { + Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn( new ZmrRegisterResult(Collections.singletonList( RegisterResult.builder() .bpk(randomBpk) @@ -330,27 +423,27 @@ public class InitialSearchTaskTest { generateRandomProcessId())); Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList()); + // execute test task.execute(pendingReq, executionContext); - - String bPk = readBpkFromSessionData(pendingReq); - Assert.assertEquals("Wrong bpk", randomBpk, bPk); + + // validate state + checkMatchingSuccessState(pendingReq, randomBpk, randomFamilyName, randomGivenName, randomBirthDate, DE); } /** - * Multiple matches found in ZMR and ErnP with detail search + * Find single person in ZMR by country specifics. */ @Test @DirtiesContext - public void testNode103_UserIdentified_DE() throws Exception { + public void singlePersonFindWithCountySpecifics_Zmr() throws Exception { final AuthenticationResponse response = buildDummyAuthResponseDE(randomGivenName, randomFamilyName, - randomPersonalIdentifier_DE, - randomBirthDate, randomPlaceOfBirth, randomBirthName); + randomPersonalIdentifier_DE, randomBirthDate, randomPlaceOfBirth, randomBirthName); TestRequestImpl pendingReq1 = new TestRequestImpl(); pendingReq1.getSessionData(AuthProcessDataWrapper.class) .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); BigInteger zmrProcessId = generateRandomProcessId(); - Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn( + Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn( new ZmrRegisterResult(Collections.emptyList(), zmrProcessId)); Mockito.when(zmrClient.searchCountrySpecific(eq(zmrProcessId), any(PersonSuchenRequest.class), eq(DE))).thenReturn( new ZmrRegisterResult(Collections.singletonList( @@ -364,23 +457,25 @@ public class InitialSearchTaskTest { .birthName(randomBirthName) .build()) ,zmrProcessId)); + Mockito.when(zmrClient.searchWithMds(any(), any(), any(), any(), any())).thenThrow( + new IllegalStateException("MDS search should not be neccessary")); + Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList()); // execute test task.execute(pendingReq1, executionContext); - + // validate state - String resultBpk = readBpkFromSessionData(pendingReq1); - Assert.assertEquals("Wrong bpk", randomBpk, resultBpk); + checkMatchingSuccessState(pendingReq1, randomBpk, randomFamilyName, randomGivenName, randomBirthDate, DE); } /** - * Multiple matches found in ZMR and ErnP with detail search + * Multiple matches found in ZMR by country specifics. */ @Test @DirtiesContext - public void testNode104_ManualFixNecessary_DE() throws Exception { + public void multiplePersonFindWithCountySpecifics_Zmr() throws Exception { String newRandomPseudonym = randomPersonalIdentifier_DE + RandomStringUtils.randomNumeric(2); String newRandomBpk = randomBpk + RandomStringUtils.randomNumeric(6); final AuthenticationResponse response = buildDummyAuthResponseDE(randomGivenName, randomFamilyName, @@ -391,9 +486,8 @@ public class InitialSearchTaskTest { .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); BigInteger zmrProcessId = generateRandomProcessId(); - Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn( - new ZmrRegisterResult(Collections.emptyList(), zmrProcessId)); - Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList()); + Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn( + new ZmrRegisterResult(Collections.emptyList(), zmrProcessId)); Mockito.when(zmrClient.searchCountrySpecific(eq(zmrProcessId), any(PersonSuchenRequest.class), eq(DE))).thenReturn( new ZmrRegisterResult(Arrays.asList( RegisterResult.builder() @@ -416,14 +510,17 @@ public class InitialSearchTaskTest { .build()) ,zmrProcessId)); + Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList()); - // execute test + // execute task TaskExecutionException exception = assertThrows(TaskExecutionException.class, () -> task.execute(pendingReq1, executionContext)); - - // check error - Throwable origE = exception.getOriginalException(); - Assert.assertTrue("Wrong exception", (origE instanceof WorkflowException)); + + // validate state + assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException)); + assertTrue("Wrong flag 'manualFixNeeded'", + ((WorkflowException)exception.getOriginalException()).isRequiresManualFix()); + } /** @@ -434,44 +531,51 @@ public class InitialSearchTaskTest { */ @Test @DirtiesContext - public void testNode505_TransitionToInsertErnbTask() throws TaskExecutionException, EidasSAuthenticationException, URISyntaxException, EaafStorageException { + public void noResultByAnySearch() throws TaskExecutionException, EidasSAuthenticationException, URISyntaxException, EaafStorageException { BigInteger zmrProcessId = generateRandomProcessId(); pendingReq.getSessionData(AuthProcessDataWrapper.class) .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, buildDummyAuthResponse(randomGivenName, randomFamilyName, randomPersonalIdentifier_EE, randomBirthDate)); - Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_EE)).thenReturn( + + Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, EE)).thenReturn( new ZmrRegisterResult(Collections.emptyList(), zmrProcessId)); Mockito.when(zmrClient.searchWithMds(zmrProcessId, randomGivenName, randomFamilyName, randomBirthDate, EE)).thenReturn( new ZmrRegisterResult(Collections.emptyList(), zmrProcessId)); Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_EE)).thenReturn(Collections.emptyList()); + + // execute task task.execute(pendingReq, executionContext); - String bPk = readBpkFromSessionData(pendingReq); - Assert.assertNull("Wrong bpk", bPk); + + // validate state + assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq)); + + assertNull("Find intermediate matching data but matching should be finished", + MatchingTaskUtils.getIntermediateMatchingResult(pendingReq)); + assertNull("Find final matching data but no match sould be found", + MatchingTaskUtils.getFinalMatchingResult(pendingReq)); Boolean transitionGUI = (Boolean) executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK); Assert.assertNull("Wrong transition", transitionGUI); Boolean transitionErnb = (Boolean) executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK); Assert.assertTrue("Wrong transition", transitionErnb); + } /** - * NO match found in ZMR and ErnP with Initial search, one match with MDS search in Ernb - * @throws EidasSAuthenticationException - * @throws URISyntaxException - * @throws EaafStorageException + * Find one match with MDS search in ERnP. */ @Test @DirtiesContext - public void testNode505_TransitionToGUI_Ernb() throws TaskExecutionException, EidasSAuthenticationException, URISyntaxException, EaafStorageException { + public void resultByMdsSearch_Ernb() throws TaskExecutionException, EidasSAuthenticationException, URISyntaxException, EaafStorageException { BigInteger zmrProcessId = generateRandomProcessId(); pendingReq.getSessionData(AuthProcessDataWrapper.class) .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, buildDummyAuthResponse(randomGivenName, randomFamilyName, randomPersonalIdentifier_EE, randomBirthDate)); - Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_EE)).thenReturn( + Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, EE)).thenReturn( new ZmrRegisterResult(Collections.emptyList(), zmrProcessId)); Mockito.when(zmrClient.searchWithMds(zmrProcessId, randomGivenName, randomFamilyName, randomBirthDate, EE)).thenReturn( new ZmrRegisterResult(Collections.emptyList(), zmrProcessId)); @@ -487,24 +591,22 @@ public class InitialSearchTaskTest { .dateOfBirth(randomBirthDate) .build())); + // execute test task.execute(pendingReq, executionContext); - assertThrows(WorkflowException.class, () -> readBpkFromSessionData(pendingReq)); - Boolean transitionGUI = (Boolean) executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK); - Assert.assertTrue("Wrong transition", transitionGUI); - Boolean transitionErnb = (Boolean) executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK); - Assert.assertNull("Wrong transition", transitionErnb); + // validate state + checkIntermediateResult(1); + } /** - * NO match found in ZMR and ErnP with Initial search, one match with MDS search in ZMR - * @throws EidasSAuthenticationException + * Find one match with MDS search in ZMR. */ @Test @DirtiesContext - public void testNode505_TransitionToGUI_Zmr() throws TaskExecutionException, EidasSAuthenticationException { + public void resultByMdsSearch_Zmr() throws TaskExecutionException, EidasSAuthenticationException { BigInteger zmrProcessId = generateRandomProcessId(); - Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn( + Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn( new ZmrRegisterResult(Collections.emptyList(), zmrProcessId)); Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList()); @@ -518,29 +620,35 @@ public class InitialSearchTaskTest { .build()), zmrProcessId)); + // execute test task.execute(pendingReq, executionContext); - assertThrows(WorkflowException.class, () -> readBpkFromSessionData(pendingReq)); - Boolean transitionGUI = (Boolean) executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK); - Assert.assertTrue("Wrong transition", transitionGUI); - Boolean transitionErnb = (Boolean) executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK); - Assert.assertNull("Wrong transition", transitionErnb); + // validate state + checkIntermediateResult(1); + } /** - * NO match found in ZMR and ErnP with Initial search, multiple matches found with MDS search - * @throws EidasSAuthenticationException + * resultByMdsSearch */ @Test @DirtiesContext - public void testNode505_TransitionToGUI_Ernb_multi() throws TaskExecutionException, EidasSAuthenticationException { + public void multipleResultsByMdsSearch() throws TaskExecutionException, EidasSAuthenticationException { BigInteger zmrProcessId = generateRandomProcessId(); - Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn( + Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn( new ZmrRegisterResult(Collections.emptyList(), zmrProcessId)); Mockito.when(zmrClient.searchCountrySpecific(eq(zmrProcessId), any(PersonSuchenRequest.class), any(String.class))).thenReturn( new ZmrRegisterResult(Collections.emptyList(), zmrProcessId)); Mockito.when(zmrClient.searchWithMds(zmrProcessId, randomGivenName, randomFamilyName, randomBirthDate, DE)).thenReturn( - new ZmrRegisterResult(Collections.emptyList(), zmrProcessId)); + new ZmrRegisterResult(Arrays.asList( + RegisterResult.builder() + .bpk(randomBpk + "2") + .pseudonym(Arrays.asList(randomPsydonym)) + .givenName(randomGivenName) + .familyName(randomFamilyName) + .dateOfBirth(randomBirthDate) + .build()), + zmrProcessId)); Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList()); Mockito.when(ernpClient.searchWithMds(randomGivenName, randomFamilyName, randomBirthDate)).thenReturn( @@ -560,13 +668,12 @@ public class InitialSearchTaskTest { .dateOfBirth(randomBirthDate) .build())); + // execute test task.execute(pendingReq, executionContext); - assertThrows(WorkflowException.class, () -> readBpkFromSessionData(pendingReq)); - Boolean transitionGUI = (Boolean) executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK); - Assert.assertTrue("Wrong transition", transitionGUI); - Boolean transitionErnb = (Boolean) executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK); - Assert.assertNull("Wrong transition", transitionErnb); + // validate state + checkIntermediateResult(3); + } @NotNull @@ -579,6 +686,38 @@ public class InitialSearchTaskTest { } + private void checkMatchingSuccessState(IRequest pendingReq, String bpk, String familyName, String givenName, + String birhday, String countryCode) { + assertNull("Find intermediate matching data but matching should be finished", + MatchingTaskUtils.getIntermediateMatchingResult(pendingReq)); + assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq)); + + MatchedPersonResult personInfo = MatchingTaskUtils.getFinalMatchingResult(pendingReq); + assertNotNull("no final matching result", personInfo); + assertEquals("wrong bpk", bpk, personInfo.getBpk()); + assertEquals("wrong givenName", givenName, personInfo.getGivenName()); + assertEquals("wrong familyName", familyName, personInfo.getFamilyName()); + assertEquals("wrong dateOfBirth", birhday, personInfo.getDateOfBirth()); + assertEquals("wrong countryCode", countryCode, personInfo.getCountryCode()); + + } + + private void checkIntermediateResult(int resultSize) { + Boolean transitionGUI = (Boolean) executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK); + Assert.assertTrue("Wrong transition", transitionGUI); + Boolean transitionErnb = (Boolean) executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK); + Assert.assertNull("Wrong transition", transitionErnb); + + assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq)); + assertNull("Find final matching data but no match sould be found", + MatchingTaskUtils.getFinalMatchingResult(pendingReq)); + + RegisterSearchResult result = MatchingTaskUtils.getIntermediateMatchingResult(pendingReq); + assertNotNull("Find no intermediate matching data", result); + assertEquals("wrong intermediate result size", resultSize, result.getResultCount()); + + } + @NotNull private AuthenticationResponse buildDummyAuthResponse(String givenName, String familyName, String identifier, String dateOfBirth) throws URISyntaxException { @@ -646,10 +785,4 @@ public class InitialSearchTaskTest { .attributeValueMarshaller(marshaller).build(); } - private String readBpkFromSessionData(TestRequestImpl pendingReq) throws WorkflowException { - return MatchingTaskUtils.getInitialRegisterResult(pendingReq) != null - ? MatchingTaskUtils.getInitialRegisterResult(pendingReq).getBpk() - : null; - - } } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java index 281be36f..77c49bb4 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java @@ -101,7 +101,7 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest { SimpleEidasData eidasData = setupEidasData(); RegisterSearchResult registerSearchResult = buildEmptyResult(); mockRegisterSearch(userInput, registerSearchResult, eidasData); - MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerSearchResult); + MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult); task.execute(pendingReq, executionContext); @@ -113,7 +113,7 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest { UserInput userInput = setupUserInput(); SimpleEidasData eidasData = setupEidasData(); RegisterSearchResult registerSearchResult = buildResultWithOneMatch(buildMatchingRegisterResult(eidasData)); - MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerSearchResult); + MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult); mockRegisterSearch(userInput, registerSearchResult, eidasData); task.execute(pendingReq, executionContext); @@ -128,7 +128,7 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest { UserInput userInput = setupUserInput(); SimpleEidasData eidasData = setupEidasData(); RegisterSearchResult registerSearchResult = buildResultWithOneMatch(buildNotMatchingRegisterResult(eidasData)); - MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerSearchResult); + MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult); mockRegisterSearch(userInput, registerSearchResult, eidasData); task.execute(pendingReq, executionContext); @@ -141,7 +141,7 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest { UserInput userInput = setupUserInput(); SimpleEidasData eidasData = setupEidasData(); RegisterSearchResult registerSearchResult = buildResultWithTwoMatches(); - MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerSearchResult); + MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult); mockRegisterSearch(userInput, registerSearchResult, eidasData); TaskExecutionException e = assertThrows(TaskExecutionException.class, diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java index 8c137bb2..51077e96 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java @@ -344,7 +344,7 @@ public class ReceiveMobilePhoneSignatureResponseTaskTest { authProcessData.setGenericDataToSession(Constants.DATA_SIMPLE_EIDAS, eidData); RegisterSearchResult registerSearchResult = new RegisterSearchResult(new RegisterOperationStatus(generateRandomProcessId()), Collections.emptyList(), Collections.emptyList()); - MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerSearchResult); + MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult); task.execute(pendingReq, executionContext); @@ -363,7 +363,7 @@ public class ReceiveMobilePhoneSignatureResponseTaskTest { SimpleEidasData eidData = createEidasDataMatchingToSamlResponse().build(); authProcessData.setGenericDataToSession(Constants.DATA_SIMPLE_EIDAS, eidData); RegisterSearchResult registerSearchResult = buildResultWithOneMatch(); - MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerSearchResult); + MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult); task.execute(pendingReq, executionContext); |