aboutsummaryrefslogtreecommitdiff
path: root/eidas_modules/authmodule-eIDAS-v2
diff options
context:
space:
mode:
authorlalber <lukas.alber@iaik.tugraz.at>2020-11-13 08:39:00 +0100
committerlalber <lukas.alber@iaik.tugraz.at>2020-11-13 08:39:32 +0100
commit65baff23786c76746f4b188d3e6e59fd112e3030 (patch)
treeb94096d5fe912ef6e905bd5df7eb6b17fd113b48 /eidas_modules/authmodule-eIDAS-v2
parentb04c31afa0213048367ee6e4eec4fb52dfd59915 (diff)
downloadNational_eIDAS_Gateway-65baff23786c76746f4b188d3e6e59fd112e3030.tar.gz
National_eIDAS_Gateway-65baff23786c76746f4b188d3e6e59fd112e3030.tar.bz2
National_eIDAS_Gateway-65baff23786c76746f4b188d3e6e59fd112e3030.zip
improved Junit tests
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2')
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java204
1 files changed, 120 insertions, 84 deletions
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
index f67b4d93..d08855f2 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
@@ -2,6 +2,9 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.BDDMockito.given;
+import static org.mockito.Mockito.doThrow;
import static org.powermock.api.mockito.PowerMockito.when;
import java.io.IOException;
@@ -18,14 +21,19 @@ import java.util.Map;
import javax.xml.namespace.QName;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.AuthBlockSigningService;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import org.apache.commons.lang3.RandomStringUtils;
import org.jetbrains.annotations.NotNull;
import org.jose4j.jwa.AlgorithmConstraints;
import org.jose4j.jwa.AlgorithmConstraints.ConstraintType;
import org.jose4j.jws.AlgorithmIdentifiers;
+import org.jose4j.lang.JoseException;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
+import org.junit.Ignore;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
@@ -67,6 +75,7 @@ import eu.eidas.auth.commons.attribute.PersonType;
import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
import lombok.val;
import szrservices.SZR;
+import szrservices.SZRException_Exception;
import szrservices.SignContentEntry;
import szrservices.SignContentResponseType;
@@ -85,10 +94,13 @@ public class CreateIdentityLinkTaskEidNewTest {
private IConfiguration basicConfig;
@Autowired
protected EidasAttributeRegistry attrRegistry;
-
+
@Autowired
EaafKeyStoreFactory keyStoreFactory;
+ @Autowired
+ private AuthBlockSigningService authBlockSigner;
+
final ExecutionContext executionContext = new ExecutionContextImpl();
private MockHttpServletRequest httpReq;
private MockHttpServletResponse httpResp;
@@ -99,13 +111,11 @@ public class CreateIdentityLinkTaskEidNewTest {
private static final String PW = "f/+saJBc3a}*/T^s";
private static final String ALIAS = "connectorkeypair";
- private static final List<String> BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING = Collections.unmodifiableList(
- Arrays.asList(
- AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256,
- AlgorithmIdentifiers.ECDSA_USING_P521_CURVE_AND_SHA512,
- AlgorithmIdentifiers.RSA_PSS_USING_SHA256,
+ private static final List<String> BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING = Collections.unmodifiableList(Arrays
+ .asList(AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256,
+ AlgorithmIdentifiers.ECDSA_USING_P521_CURVE_AND_SHA512, AlgorithmIdentifiers.RSA_PSS_USING_SHA256,
AlgorithmIdentifiers.RSA_PSS_USING_SHA512));
-
+
@Rule
public final SoapServiceRule soap = SoapServiceRule.newInstance();
@@ -117,8 +127,7 @@ public class CreateIdentityLinkTaskEidNewTest {
@BeforeClass
public static void classInitializer() throws IOException {
final String current = new java.io.File(".").toURI().toString();
- System.setProperty("eidas.ms.configuration", current
- + "src/test/resources/config/junit_config_3.properties");
+ System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_3.properties");
}
@@ -155,54 +164,6 @@ public class CreateIdentityLinkTaskEidNewTest {
szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr");
}
- @NotNull
- private AuthenticationResponse buildDummyAuthResponse() throws URISyntaxException {
- final AttributeDefinition attributeDef = AttributeDefinition.builder()
- .friendlyName(Constants.eIDAS_ATTR_PERSONALIDENTIFIER)
- .nameUri(new URI("ad", "sd", "ff"))
- .personType(PersonType.LEGAL_PERSON)
- .xmlType(new QName("http://saf", "as", "af"))
- .attributeValueMarshaller(
- "eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller")
- .build();
- final AttributeDefinition attributeDef2 = AttributeDefinition.builder()
- .friendlyName(Constants.eIDAS_ATTR_CURRENTFAMILYNAME)
- .nameUri(new URI("ad", "sd", "fff"))
- .personType(PersonType.LEGAL_PERSON)
- .xmlType(new QName("http://saf", "as", "aff"))
- .attributeValueMarshaller(
- "eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller")
- .build();
- final AttributeDefinition attributeDef3 = AttributeDefinition.builder()
- .friendlyName(Constants.eIDAS_ATTR_CURRENTGIVENNAME)
- .nameUri(new URI("ad", "sd", "ffff"))
- .personType(PersonType.LEGAL_PERSON)
- .xmlType(new QName("http://saf", "as", "afff"))
- .attributeValueMarshaller(
- "eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller")
- .build();
- final AttributeDefinition attributeDef4 = AttributeDefinition.builder().friendlyName(
- Constants.eIDAS_ATTR_DATEOFBIRTH)
- .nameUri(new URI("ad", "sd", "fffff"))
- .personType(PersonType.LEGAL_PERSON)
- .xmlType(new QName("http://saf", "as", "affff"))
- .attributeValueMarshaller(
- "eu.eidas.auth.commons.attribute.impl.DateTimeAttributeValueMarshaller")
- .build();
-
- final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder().put(attributeDef, "de/st/"
- + RandomStringUtils
- .randomNumeric(64)).put(attributeDef2, RandomStringUtils.randomAlphabetic(10)).put(attributeDef3,
- RandomStringUtils
- .randomAlphabetic(10))
- .put(attributeDef4, "2001-01-01").build();
-
- val b = new AuthenticationResponse.Builder();
- return b.id("aasdf").issuer("asd").subject("asf").statusCode("200").inResponseTo("asdf")
- .subjectNameIdFormat("afaf")
- .attributes(attributeMap).build();
- }
-
@Test
public void successfulProcess() throws Exception {
//initialize test
@@ -212,54 +173,129 @@ public class CreateIdentityLinkTaskEidNewTest {
signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10));
signContentResp.getOut().add(signContentEntry);
when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp);
-
+
//perform test
task.execute(pendingReq, executionContext);
-
+
//validate state
final AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
Assert.assertNotNull("AuthProcessData", authProcessData);
Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class));
-
+
String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);
Assert.assertNotNull("AuthBlock", authBlock);
-
+
//check authblock signature
final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT,
- BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING
- .toArray(new String[BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));
- Pair<KeyStore, Provider> keyStore = getKeyStore();
- X509Certificate[] trustedCerts = EaafKeyStoreUtils.getPrivateKeyAndCertificates(
- keyStore.getFirst(), ALIAS, PW.toCharArray(), true, "junit").getSecond();
- JwsResult result = JoseUtils.validateSignature(authBlock, Arrays.asList(trustedCerts) , constraints);
+ BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.toArray(new String[BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));
+ Pair<KeyStore, Provider> keyStore = getKeyStore();
+ X509Certificate[] trustedCerts = EaafKeyStoreUtils
+ .getPrivateKeyAndCertificates(keyStore.getFirst(), ALIAS, PW.toCharArray(), true, "junit").getSecond();
+ JwsResult result = JoseUtils.validateSignature(authBlock, Arrays.asList(trustedCerts), constraints);
Assert.assertTrue("AuthBlock not valid", result.isValid());
-
+
+ }
+
+ @Test
+ public void getStammzahlEncryptedExceptionTest() throws Exception {
+ try {
+ when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(null);
+ task.execute(pendingReq, executionContext);
+ } catch (TaskExecutionException e) {
+ Assert.assertEquals("Incorrect exception thrown", e.getMessage(),
+ "IdentityLink generation for foreign person " + "FAILED.");
+ Assert.assertEquals("Incorrect exception thrown", ((SzrCommunicationException) e.getCause()).getErrorId(),
+ "ernb.01");
+ Assert.assertTrue("Incorrect exception thrown", e.getCause().getMessage().contains("Stammzahl response empty"));
+ }
+ }
+
+ @Test
+ public void signContentExceptionTest() throws Exception {
+ try {
+ when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(RandomStringUtils.randomNumeric(10));
+ when(szrMock, "signContent", any(), any(), any()).thenReturn(null);
+ task.execute(pendingReq, executionContext);
+ } catch (TaskExecutionException e) {
+ Assert.assertEquals("Incorrect exception thrown", e.getMessage(),
+ "IdentityLink generation for foreign person " + "FAILED.");
+ Assert.assertEquals("Incorrect exception thrown", ((SzrCommunicationException) e.getCause()).getErrorId(),
+ "ernb.01");
+ Assert.assertTrue("Incorrect exception thrown", e.getCause().getMessage().contains("BcBind response empty"));
+ }
+ }
+
+ @Ignore
+ @Test
+ public void exceptionTest() throws Exception {
+ try {
+ when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(RandomStringUtils.randomNumeric(10));
+ val signContentResp = new SignContentResponseType();
+ final SignContentEntry signContentEntry = new SignContentEntry();
+ signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10));
+ signContentResp.getOut().add(signContentEntry);
+ when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp);
+ doThrow(new EaafException("test")).when(authBlockSigner)
+ .buildSignedAuthBlock(pendingReq.getUniqueTransactionIdentifier());
+
+ task.execute(pendingReq, executionContext);
+ } catch (TaskExecutionException e) {
+ Assert.assertEquals("Incorrect exception thrown", e.getMessage(),
+ "IdentityLink generation for foreign person " + "FAILED.");
+ Assert.assertTrue("Incorrect exception thrown", e.getCause() instanceof EaafException);
+ Assert.assertTrue("Incorrect exception thrown", e.getCause().getMessage().contains("test"));
+ }
+
}
private Pair<KeyStore, Provider> getKeyStore() throws EaafException {
- // read Connector wide config data TODO connector wide!
- String keyStoreName = basicConfig
- .getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_NAME);
- String keyStorePw = basicConfig
- .getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_PASSWORD);
- String keyStorePath = basicConfig
- .getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_PATH);
- String keyStoreType = basicConfig
- .getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_TYPE);
-
-
+ // read Connector wide config data TODO connector wide!
+ String keyStoreName = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_NAME);
+ String keyStorePw = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_PASSWORD);
+ String keyStorePath = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_PATH);
+ String keyStoreType = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_TYPE);
+
+
//build new KeyStore configuration
KeyStoreConfiguration keyStoreConfiguration = new KeyStoreConfiguration();
keyStoreConfiguration.setFriendlyName("jUnit test");
-
+
keyStoreConfiguration.setSoftKeyStoreFilePath(keyStorePath);
keyStoreConfiguration.setSoftKeyStorePassword(keyStorePw);
- keyStoreConfiguration.setKeyStoreType(KeyStoreConfiguration.KeyStoreType.fromString(keyStoreType));
+ keyStoreConfiguration.setKeyStoreType(KeyStoreConfiguration.KeyStoreType.fromString(keyStoreType));
keyStoreConfiguration.setKeyStoreName(keyStoreName);
-
+
//build new KeyStore based on configuration
- return keyStoreFactory.buildNewKeyStore(keyStoreConfiguration);
-
+ return keyStoreFactory.buildNewKeyStore(keyStoreConfiguration);
+
}
+ @NotNull
+ private AuthenticationResponse buildDummyAuthResponse() throws URISyntaxException {
+ final AttributeDefinition attributeDef = AttributeDefinition.builder()
+ .friendlyName(Constants.eIDAS_ATTR_PERSONALIDENTIFIER).nameUri(new URI("ad", "sd", "ff"))
+ .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", "af"))
+ .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller").build();
+ final AttributeDefinition attributeDef2 = AttributeDefinition.builder()
+ .friendlyName(Constants.eIDAS_ATTR_CURRENTFAMILYNAME).nameUri(new URI("ad", "sd", "fff"))
+ .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", "aff"))
+ .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller").build();
+ final AttributeDefinition attributeDef3 = AttributeDefinition.builder()
+ .friendlyName(Constants.eIDAS_ATTR_CURRENTGIVENNAME).nameUri(new URI("ad", "sd", "ffff"))
+ .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", "afff"))
+ .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller").build();
+ final AttributeDefinition attributeDef4 = AttributeDefinition.builder()
+ .friendlyName(Constants.eIDAS_ATTR_DATEOFBIRTH).nameUri(new URI("ad", "sd", "fffff"))
+ .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", "affff"))
+ .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.DateTimeAttributeValueMarshaller").build();
+
+ final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder()
+ .put(attributeDef, "de/st/" + RandomStringUtils.randomNumeric(64))
+ .put(attributeDef2, RandomStringUtils.randomAlphabetic(10))
+ .put(attributeDef3, RandomStringUtils.randomAlphabetic(10)).put(attributeDef4, "2001-01-01").build();
+
+ val b = new AuthenticationResponse.Builder();
+ return b.id("aasdf").issuer("asd").subject("asf").statusCode("200").inResponseTo("asdf").subjectNameIdFormat("afaf")
+ .attributes(attributeMap).build();
+ }
}