select mandate based on eIDAS Proxy-Service request information

author: Thomas <> 2021-05-24 14:49:48 +0200
committer: Thomas <> 2022-03-03 16:31:56 +0100
commit: a2eba5646b5b43d549993859849cdcf2baae5eb2 (patch)
tree: b6815e24f56f09a9b01101c179cb0f231f2914f2 /eidas_modules/eidas_proxy-sevice/src/test/java/at
parent: 45b0a790ad412e6b7118f1c937b620c66a32fd64 (diff)
download: National_eIDAS_Gateway-a2eba5646b5b43d549993859849cdcf2baae5eb2.tar.gz
National_eIDAS_Gateway-a2eba5646b5b43d549993859849cdcf2baae5eb2.tar.bz2
National_eIDAS_Gateway-a2eba5646b5b43d549993859849cdcf2baae5eb2.zip
1 files changed, 390 insertions, 26 deletions
diff --git a/eidas_modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java b/eidas_modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java
index 1a19b723..86357123 100644
--- a/eidas_modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java
+++ b/eidas_modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java
@@ -8,6 +8,7 @@ import static org.junit.Assert.assertTrue;
 
 import java.io.IOException;
 import java.net.URISyntaxException;
+import java.net.URLDecoder;
 import java.text.MessageFormat;
 import java.util.Arrays;
 import java.util.List;
@@ -19,8 +20,11 @@ import org.junit.Assert;
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
+import org.opensaml.saml.saml2.core.NameIDType;
+import org.opensaml.saml.saml2.core.StatusCode;
 import org.powermock.core.classloader.annotations.PrepareForTest;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
 import org.springframework.test.context.ContextConfiguration;
@@ -29,8 +33,12 @@ import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 import org.springframework.web.servlet.config.annotation.EnableWebMvc;
 
+import com.google.common.collect.ImmutableSortedSet;
+
 import at.asitplus.eidas.specific.connector.config.ServiceProviderConfiguration;
 import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService;
 import at.asitplus.eidas.specific.modules.msproxyservice.MsProxyServiceConstants;
@@ -38,12 +46,17 @@ import at.asitplus.eidas.specific.modules.msproxyservice.exception.EidasProxySer
 import at.asitplus.eidas.specific.modules.msproxyservice.protocol.EidasProxyServiceController;
 import at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServicePendingRequest;
 import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions.SpMandateModes;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
 import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
 import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyProtocolAuthService;
 import eu.eidas.auth.commons.EidasParameterKeys;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.light.ILightResponse;
 import eu.eidas.auth.commons.light.impl.LightRequest;
+import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames;
 import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
 
 @RunWith(SpringJUnit4ClassRunner.class)
 @PrepareForTest(CreateIdentityLinkTask.class)
@@ -58,12 +71,16 @@ public class EidasProxyServiceControllerTest {
   
   @Autowired private DummySpecificCommunicationService proxyService;
   @Autowired private DummyProtocolAuthService authService;
+  @Autowired private EidasAttributeRegistry attrRegistry;
+  @Autowired private ApplicationContext context;
   
   @Autowired MsConnectorDummyConfigMap config;
   
   private MockHttpServletRequest httpReq;
   private MockHttpServletResponse httpResp;
   
+  private SpecificCommunicationService springManagedSpecificConnectorCommunicationService;
+  
   /**
    * jUnit test set-up.
    */
@@ -76,7 +93,68 @@ public class EidasProxyServiceControllerTest {
        
     proxyService.setiLightRequest(null);
     proxyService.setError(null);
-        
+            
+    config.putConfigValue("eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint", 
+        "http://eidas.proxy/endpoint");
+    
+    springManagedSpecificConnectorCommunicationService =
+        (SpecificCommunicationService) context.getBean(
+            SpecificCommunicationDefinitionBeanNames.SPECIFIC_PROXYSERVICE_COMMUNICATION_SERVICE
+                .toString());
+    
+  }
+  
+  @Test
+  public void generateErrorResponseWrongPendingReq() throws Throwable {    
+    Assert.assertFalse("wrong statusCode", controller.generateErrorMessage(
+        new EaafException("1000"), 
+        httpReq, httpResp, null));    
+    
+  }
+  
+  @Test
+  public void generateErrorResponse() throws Throwable {    
+    ProxyServicePendingRequest pendingReq = new ProxyServicePendingRequest();
+    pendingReq.initialize(httpReq, config);
+    
+    LightRequest.Builder eidasRequestBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .spType("public")
+        .requesterId(RandomStringUtils.randomAlphanumeric(10))
+        .providerName(RandomStringUtils.randomAlphanumeric(10));
+    pendingReq.setEidasRequest(eidasRequestBuilder.build());
+    
+    
+    // execute test
+    Assert.assertTrue("wrong statusCode", controller.generateErrorMessage(
+        new EaafException("1000"), 
+        httpReq, httpResp, 
+        pendingReq));    
+    
+    // validate state
+    assertNotNull("not redirct Header", httpResp.getHeader("Location"));
+    assertTrue("wrong redirect URL", httpResp.getHeader("Location").startsWith("http://eidas.proxy/endpoint?token="));    
+    String token = httpResp.getHeader("Location").substring("http://eidas.proxy/endpoint?token=".length());
+    
+    ILightResponse resp = springManagedSpecificConnectorCommunicationService.getAndRemoveResponse(URLDecoder.decode(token), 
+        ImmutableSortedSet.copyOf(attrRegistry.getCoreAttributeRegistry().getAttributes()));    
+    
+    assertNotNull("responseId", resp.getId());
+    assertEquals("inResponseTo", pendingReq.getEidasRequest().getId(), resp.getInResponseToId());
+    assertEquals("relayState", pendingReq.getEidasRequest().getRelayState(), resp.getRelayState());
+    
+    assertNotNull("subjectNameId", resp.getSubject());
+    assertEquals("subjectNameIdFormat", NameIDType.TRANSIENT, resp.getSubjectNameIdFormat());  
+    assertTrue("not attributes", resp.getAttributes().isEmpty());    
+
+    assertEquals("StatusCode", StatusCode.RESPONDER, resp.getStatus().getStatusCode());
+    //assertEquals("SubStatusCode", "", resp.getStatus().getSubStatusCode());
+    //assertEquals("StatusMsg", "", resp.getStatus().getStatusMessage());
+    
   }
   
   @Test
@@ -112,7 +190,7 @@ public class EidasProxyServiceControllerTest {
     Assert.assertTrue("Wrong exception", (exception.getCause() instanceof SpecificCommunicationException));
     
   }
-  
+    
   @Test
   public void missingServiceProviderCountry() {       
     //initialize state
@@ -128,11 +206,67 @@ public class EidasProxyServiceControllerTest {
     //validate state
     EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
         () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
-    Assert.assertEquals("wrong errorCode", "eidas.proxyservice.05", exception.getErrorId());
+    Assert.assertEquals("wrong errorCode", "eidas.proxyservice.07", exception.getErrorId());
+    
+  }
+    
+  @Test
+  public void requestingLegalAndNaturalPerson() {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
+    LightRequest.Builder authnReqBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first())
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                Constants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
+            .build());
+    
+    proxyService.setiLightRequest(authnReqBuilder.build());
+    
+    //validate state
+    EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
+        () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
+    Assert.assertEquals("wrong errorCode", "eidas.proxyservice.08", exception.getErrorId());
     
   }
   
   @Test
+  public void requestLegalPersonButNoMandates() throws IOException, EaafException {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
+    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    LightRequest.Builder authnReqBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(spCountryCode)
+        .spType("public")
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                Constants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build());
+    
+    proxyService.setiLightRequest(authnReqBuilder.build());
+    
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "false");
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, 
+        StringUtils.join(Arrays.asList(
+            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+    
+  //validate state
+    EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
+        () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
+    Assert.assertEquals("wrong errorCode", "eidas.proxyservice.09", exception.getErrorId());  
+  
+  }
+  
+  @Test
   public void validAuthnRequest() throws IOException, EaafException {       
     //initialize state
     httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
@@ -143,10 +277,20 @@ public class EidasProxyServiceControllerTest {
         .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
         .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
         .spCountryCode(spCountryCode)
-        .spType("public");
+        .spType("public")
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build());
     
     proxyService.setiLightRequest(authnReqBuilder.build());
     
+    
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "false");
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, 
+        StringUtils.join(Arrays.asList(
+            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+    
+    
     //execute
     controller.receiveEidasAuthnRequest(httpReq, httpResp);
     
@@ -168,8 +312,12 @@ public class EidasProxyServiceControllerTest {
         pendingReq.getServiceProviderConfiguration(ServiceProviderConfiguration.class);
     Assert.assertNotNull("uniqueId", spConfig.getUniqueIdentifier());
     Assert.assertEquals("uniqueId wrong pattern", 
+        authnReqBuilder.build().getIssuer(), 
+        spConfig.getUniqueIdentifier());    
+    Assert.assertEquals("friendlyName wrong pattern", 
         MessageFormat.format(MsProxyServiceConstants.TEMPLATE_SP_UNIQUE_ID, spCountryCode, "public"), 
-        spConfig.getUniqueIdentifier());
+        spConfig.getFriendlyName());
+    
     Assert.assertEquals("uniqueId not match to pendingReq", 
         pendingReq.getSpEntityId(), spConfig.getUniqueIdentifier());
     Assert.assertNotNull("bpkTarget", spConfig.getAreaSpecificTargetIdentifier());
@@ -179,11 +327,12 @@ public class EidasProxyServiceControllerTest {
     
     assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
     assertTrue("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
-    
+    assertEquals("MandateMode", SpMandateModes.NONE, spConfig.getMandateMode());
+        
   }
 
   @Test
-  public void validAuthnRequestWithMandatesDefaultProfiles() throws IOException, EaafException {       
+  public void validAuthnRequestWithMandatesDefaultProfilesNat() throws IOException, EaafException {       
     //initialize state
     httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
     String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
@@ -193,15 +342,23 @@ public class EidasProxyServiceControllerTest {
         .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
         .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
         .spCountryCode(spCountryCode)
-        .spType("public");
+        .spType("public")
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build());
+    
     
     proxyService.setiLightRequest(authnReqBuilder.build());
     
-    List<String> mandateProfiles = 
+    List<String> mandateProfilesNat = 
+        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+    List<String> mandateProfilesJur = 
         Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
     config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
-    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT, 
-        StringUtils.join(mandateProfiles, ","));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, 
+        StringUtils.join(mandateProfilesNat, ","));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, 
+        StringUtils.join(mandateProfilesJur, ","));
     
     //execute
     controller.receiveEidasAuthnRequest(httpReq, httpResp);
@@ -211,14 +368,15 @@ public class EidasProxyServiceControllerTest {
         authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
     assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
     assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
-    assertEquals("mandateprofile size", mandateProfiles.size(), spConfig.getMandateProfiles().size());
+    assertEquals("mandateprofile size", mandateProfilesNat.size(), spConfig.getMandateProfiles().size());
     spConfig.getMandateProfiles().stream()
-        .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfiles.contains(el)));
+        .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfilesNat.contains(el)));
+    assertEquals("MandateMode", SpMandateModes.NATURAL, spConfig.getMandateMode());
     
   }
   
   @Test
-  public void validAuthnRequestWithMandatesCountryProfiles() throws IOException, EaafException {       
+  public void validAuthnRequestWithMandatesDefaultProfilesJur() throws IOException, EaafException {       
     //initialize state
     httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
     String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
@@ -228,28 +386,168 @@ public class EidasProxyServiceControllerTest {
         .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
         .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
         .spCountryCode(spCountryCode)
-        .spType("public");
+        .spType("public")
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                Constants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build());
+    
     
     proxyService.setiLightRequest(authnReqBuilder.build());
     
-    List<String> mandateProfiles = 
+    List<String> mandateProfilesNat = 
         Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
-    List<String> mandateProfilesCc1 = 
+    List<String> mandateProfilesJur = 
         Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
-    List<String> mandateProfilesCc2 = 
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, 
+        StringUtils.join(mandateProfilesNat, ","));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, 
+        StringUtils.join(mandateProfilesJur, ","));
+    
+    //execute
+    controller.receiveEidasAuthnRequest(httpReq, httpResp);
+    
+    //validate state
+    ServiceProviderConfiguration spConfig = 
+        authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
+    assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
+    assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
+    assertEquals("mandateprofile size", mandateProfilesJur.size(), spConfig.getMandateProfiles().size());
+    spConfig.getMandateProfiles().stream()
+        .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfilesJur.contains(el)));
+    assertEquals("MandateMode", SpMandateModes.LEGAL_FORCE, spConfig.getMandateMode());
+    
+  }
+  
+  @Test
+  public void validAuthnRequestWithMandatesDefaultNoJurProfiles() throws IOException, EaafException {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
+    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    LightRequest.Builder authnReqBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(spCountryCode)
+        .spType("public")
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                Constants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build());
+    
+    
+    proxyService.setiLightRequest(authnReqBuilder.build());
+    
+    List<String> mandateProfilesNat = 
         Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
     config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
-    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT, 
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, 
+        StringUtils.join(mandateProfilesNat, ","));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, "");
+    
+    //validate state
+    EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
+        () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
+    Assert.assertEquals("wrong errorCode", "eidas.proxyservice.10", exception.getErrorId());
+        
+  }
+  
+  @Test
+  public void validAuthnRequestIssueSpecificNoMandates() throws IOException, EaafException {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
+    
+    String issuer = RandomStringUtils.randomAlphabetic(10);    
+    LightRequest.Builder authnReqBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(issuer)
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .spType("public")
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build());
+    
+    proxyService.setiLightRequest(authnReqBuilder.build());
+    
+    
+    // set default mandate configuration    
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, 
+        StringUtils.join(Arrays.asList(
+            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, 
+        StringUtils.join(Arrays.asList(
+            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+    
+    // set specific mandate configuration
+    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_UNIQUEID, issuer);
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_COUNTRYCODE, spCountryCode);
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_ENABLED, "false");
+    
+    List<String> mandateProfiles = 
+        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_NATURAL, 
         StringUtils.join(mandateProfiles, ","));
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_LEGAL, 
+        StringUtils.join(Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+        
+    //execute
+    controller.receiveEidasAuthnRequest(httpReq, httpResp);
     
-    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_SPECIFIC 
-        + RandomStringUtils.randomAlphabetic(2).toLowerCase(),
-        StringUtils.join(mandateProfilesCc1, ","));    
-    config.putConfigValue(
-        MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_SPECIFIC + spCountryCode.toLowerCase(),
-        StringUtils.join(mandateProfilesCc2, ","));
+    //validate state
+    ServiceProviderConfiguration spConfig = 
+        authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
+    assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
+    assertTrue("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
+    assertEquals("MandateMode", SpMandateModes.NONE, spConfig.getMandateMode());
+    
+  }
+  
+  @Test
+  public void validAuthnRequestIssueSpecificMandatesNat() throws IOException, EaafException {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
     
+    String issuer = "https://apps.egiz.gv.at/EidasNode//ConnectorMetadata";    
+    LightRequest.Builder authnReqBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(issuer)
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .spType("public")
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build());
     
+    proxyService.setiLightRequest(authnReqBuilder.build());
+    
+    
+    // set default mandate configuration    
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "false");
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, 
+        StringUtils.join(Arrays.asList(
+            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, 
+        StringUtils.join(Arrays.asList(
+            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+    
+    // set specific mandate configuration
+    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_UNIQUEID, issuer);
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_COUNTRYCODE, spCountryCode);
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_ENABLED, "true");
+    
+    List<String> mandateProfiles = 
+        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_NATURAL, 
+        StringUtils.join(mandateProfiles, ","));
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_LEGAL, 
+        StringUtils.join(Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+        
     //execute
     controller.receiveEidasAuthnRequest(httpReq, httpResp);
     
@@ -260,8 +558,74 @@ public class EidasProxyServiceControllerTest {
     assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
     assertEquals("mandateprofile size", mandateProfiles.size(), spConfig.getMandateProfiles().size());
     spConfig.getMandateProfiles().stream()
-        .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfilesCc2.contains(el)));
+        .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfiles.contains(el)));
+    assertEquals("MandateMode", SpMandateModes.NATURAL, spConfig.getMandateMode());
+    
+  }
+  
+  @Test
+  public void validAuthnRequestIssueSpecificMandatesJur() throws IOException, EaafException {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
+    
+    String issuer = RandomStringUtils.randomAlphabetic(10);    
+    LightRequest.Builder authnReqBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(issuer)
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .spType("public")
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                Constants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build());
+    
+    proxyService.setiLightRequest(authnReqBuilder.build());
+    
+    
+    // set default mandate configuration    
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, 
+        StringUtils.join(Arrays.asList(
+            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, 
+        StringUtils.join(Arrays.asList(
+            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+    
+    // set specific mandate configuration
+    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_UNIQUEID, issuer);
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_COUNTRYCODE, spCountryCode);
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_ENABLED, "true");
+    
+    List<String> mandateProfiles = 
+        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_LEGAL, 
+        StringUtils.join(mandateProfiles, ","));
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_NATURAL, 
+        StringUtils.join(Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+        
+    //execute
+    controller.receiveEidasAuthnRequest(httpReq, httpResp);
+    
+    //validate state
+    ServiceProviderConfiguration spConfig = 
+        authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
+    assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
+    assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
+    assertEquals("mandateprofile size", mandateProfiles.size(), spConfig.getMandateProfiles().size());
+    spConfig.getMandateProfiles().stream()
+        .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfiles.contains(el)));
+    assertEquals("MandateMode", SpMandateModes.LEGAL_FORCE, spConfig.getMandateMode());
+    
+  }
+  
+  private void addConnectorConfig(int i, String key, String value) {
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_PREFIX + String.valueOf(i)  + "." + key, 
+        value); 
     
   }
   
 }
+
+
author	Thomas <>	2021-05-24 14:49:48 +0200
committer	Thomas <>	2022-03-03 16:31:56 +0100
commit	a2eba5646b5b43d549993859849cdcf2baae5eb2 (patch)
tree	b6815e24f56f09a9b01101c179cb0f231f2914f2 /eidas_modules/eidas_proxy-sevice/src/test/java/at
parent	45b0a790ad412e6b7118f1c937b620c66a32fd64 (diff)
download	National_eIDAS_Gateway-a2eba5646b5b43d549993859849cdcf2baae5eb2.tar.gz National_eIDAS_Gateway-a2eba5646b5b43d549993859849cdcf2baae5eb2.tar.bz2 National_eIDAS_Gateway-a2eba5646b5b43d549993859849cdcf2baae5eb2.zip