diff options
| author | Thomas <> | 2021-05-24 14:49:48 +0200 | 
|---|---|---|
| committer | Thomas <> | 2022-03-03 16:31:56 +0100 | 
| commit | a2eba5646b5b43d549993859849cdcf2baae5eb2 (patch) | |
| tree | b6815e24f56f09a9b01101c179cb0f231f2914f2 /eidas_modules/eidas_proxy-sevice/src/test/java/at | |
| parent | 45b0a790ad412e6b7118f1c937b620c66a32fd64 (diff) | |
| download | National_eIDAS_Gateway-a2eba5646b5b43d549993859849cdcf2baae5eb2.tar.gz National_eIDAS_Gateway-a2eba5646b5b43d549993859849cdcf2baae5eb2.tar.bz2 National_eIDAS_Gateway-a2eba5646b5b43d549993859849cdcf2baae5eb2.zip | |
select mandate based on eIDAS Proxy-Service request information
Diffstat (limited to 'eidas_modules/eidas_proxy-sevice/src/test/java/at')
| -rw-r--r-- | eidas_modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java | 416 | 
1 files changed, 390 insertions, 26 deletions
| diff --git a/eidas_modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java b/eidas_modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java index 1a19b723..86357123 100644 --- a/eidas_modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java +++ b/eidas_modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java @@ -8,6 +8,7 @@ import static org.junit.Assert.assertTrue;  import java.io.IOException;  import java.net.URISyntaxException; +import java.net.URLDecoder;  import java.text.MessageFormat;  import java.util.Arrays;  import java.util.List; @@ -19,8 +20,11 @@ import org.junit.Assert;  import org.junit.Before;  import org.junit.Test;  import org.junit.runner.RunWith; +import org.opensaml.saml.saml2.core.NameIDType; +import org.opensaml.saml.saml2.core.StatusCode;  import org.powermock.core.classloader.annotations.PrepareForTest;  import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext;  import org.springframework.mock.web.MockHttpServletRequest;  import org.springframework.mock.web.MockHttpServletResponse;  import org.springframework.test.context.ContextConfiguration; @@ -29,8 +33,12 @@ import org.springframework.web.context.request.RequestContextHolder;  import org.springframework.web.context.request.ServletRequestAttributes;  import org.springframework.web.servlet.config.annotation.EnableWebMvc; +import com.google.common.collect.ImmutableSortedSet; +  import at.asitplus.eidas.specific.connector.config.ServiceProviderConfiguration;  import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService;  import at.asitplus.eidas.specific.modules.msproxyservice.MsProxyServiceConstants; @@ -38,12 +46,17 @@ import at.asitplus.eidas.specific.modules.msproxyservice.exception.EidasProxySer  import at.asitplus.eidas.specific.modules.msproxyservice.protocol.EidasProxyServiceController;  import at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServicePendingRequest;  import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions.SpMandateModes;  import at.gv.egiz.eaaf.core.exceptions.EaafException;  import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;  import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyProtocolAuthService;  import eu.eidas.auth.commons.EidasParameterKeys; +import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; +import eu.eidas.auth.commons.light.ILightResponse;  import eu.eidas.auth.commons.light.impl.LightRequest; +import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames;  import eu.eidas.specificcommunication.exception.SpecificCommunicationException; +import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;  @RunWith(SpringJUnit4ClassRunner.class)  @PrepareForTest(CreateIdentityLinkTask.class) @@ -58,12 +71,16 @@ public class EidasProxyServiceControllerTest {    @Autowired private DummySpecificCommunicationService proxyService;    @Autowired private DummyProtocolAuthService authService; +  @Autowired private EidasAttributeRegistry attrRegistry; +  @Autowired private ApplicationContext context;    @Autowired MsConnectorDummyConfigMap config;    private MockHttpServletRequest httpReq;    private MockHttpServletResponse httpResp; +  private SpecificCommunicationService springManagedSpecificConnectorCommunicationService; +      /**     * jUnit test set-up.     */ @@ -76,7 +93,68 @@ public class EidasProxyServiceControllerTest {      proxyService.setiLightRequest(null);      proxyService.setError(null); -         +             +    config.putConfigValue("eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint",  +        "http://eidas.proxy/endpoint"); +     +    springManagedSpecificConnectorCommunicationService = +        (SpecificCommunicationService) context.getBean( +            SpecificCommunicationDefinitionBeanNames.SPECIFIC_PROXYSERVICE_COMMUNICATION_SERVICE +                .toString()); +     +  } +   +  @Test +  public void generateErrorResponseWrongPendingReq() throws Throwable {     +    Assert.assertFalse("wrong statusCode", controller.generateErrorMessage( +        new EaafException("1000"),  +        httpReq, httpResp, null));     +     +  } +   +  @Test +  public void generateErrorResponse() throws Throwable {     +    ProxyServicePendingRequest pendingReq = new ProxyServicePendingRequest(); +    pendingReq.initialize(httpReq, config); +     +    LightRequest.Builder eidasRequestBuilder = LightRequest.builder() +        .id(UUID.randomUUID().toString()) +        .issuer(RandomStringUtils.randomAlphabetic(10)) +        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) +        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) +        .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) +        .spType("public") +        .requesterId(RandomStringUtils.randomAlphanumeric(10)) +        .providerName(RandomStringUtils.randomAlphanumeric(10)); +    pendingReq.setEidasRequest(eidasRequestBuilder.build()); +     +     +    // execute test +    Assert.assertTrue("wrong statusCode", controller.generateErrorMessage( +        new EaafException("1000"),  +        httpReq, httpResp,  +        pendingReq));     +     +    // validate state +    assertNotNull("not redirct Header", httpResp.getHeader("Location")); +    assertTrue("wrong redirect URL", httpResp.getHeader("Location").startsWith("http://eidas.proxy/endpoint?token="));     +    String token = httpResp.getHeader("Location").substring("http://eidas.proxy/endpoint?token=".length()); +     +    ILightResponse resp = springManagedSpecificConnectorCommunicationService.getAndRemoveResponse(URLDecoder.decode(token),  +        ImmutableSortedSet.copyOf(attrRegistry.getCoreAttributeRegistry().getAttributes()));     +     +    assertNotNull("responseId", resp.getId()); +    assertEquals("inResponseTo", pendingReq.getEidasRequest().getId(), resp.getInResponseToId()); +    assertEquals("relayState", pendingReq.getEidasRequest().getRelayState(), resp.getRelayState()); +     +    assertNotNull("subjectNameId", resp.getSubject()); +    assertEquals("subjectNameIdFormat", NameIDType.TRANSIENT, resp.getSubjectNameIdFormat());   +    assertTrue("not attributes", resp.getAttributes().isEmpty());     + +    assertEquals("StatusCode", StatusCode.RESPONDER, resp.getStatus().getStatusCode()); +    //assertEquals("SubStatusCode", "", resp.getStatus().getSubStatusCode()); +    //assertEquals("StatusMsg", "", resp.getStatus().getStatusMessage()); +        }    @Test @@ -112,7 +190,7 @@ public class EidasProxyServiceControllerTest {      Assert.assertTrue("Wrong exception", (exception.getCause() instanceof SpecificCommunicationException));    } -   +        @Test    public void missingServiceProviderCountry() {             //initialize state @@ -128,11 +206,67 @@ public class EidasProxyServiceControllerTest {      //validate state      EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,          () -> controller.receiveEidasAuthnRequest(httpReq, httpResp)); -    Assert.assertEquals("wrong errorCode", "eidas.proxyservice.05", exception.getErrorId()); +    Assert.assertEquals("wrong errorCode", "eidas.proxyservice.07", exception.getErrorId()); +     +  } +     +  @Test +  public void requestingLegalAndNaturalPerson() {        +    //initialize state +    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));     +    LightRequest.Builder authnReqBuilder = LightRequest.builder() +        .id(UUID.randomUUID().toString()) +        .issuer(RandomStringUtils.randomAlphabetic(10)) +        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) +        .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) +        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) +        .requestedAttributes(ImmutableAttributeMap.builder() +            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( +                Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first()) +            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( +                Constants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()) +            .build()); +     +    proxyService.setiLightRequest(authnReqBuilder.build()); +     +    //validate state +    EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class, +        () -> controller.receiveEidasAuthnRequest(httpReq, httpResp)); +    Assert.assertEquals("wrong errorCode", "eidas.proxyservice.08", exception.getErrorId());    }    @Test +  public void requestLegalPersonButNoMandates() throws IOException, EaafException {        +    //initialize state +    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));     +    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase(); +    LightRequest.Builder authnReqBuilder = LightRequest.builder() +        .id(UUID.randomUUID().toString()) +        .issuer(RandomStringUtils.randomAlphabetic(10)) +        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) +        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) +        .spCountryCode(spCountryCode) +        .spType("public") +        .requestedAttributes(ImmutableAttributeMap.builder() +            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( +                Constants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build()); +     +    proxyService.setiLightRequest(authnReqBuilder.build()); +     +    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "false"); +    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,  +        StringUtils.join(Arrays.asList( +            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); +     +  //validate state +    EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class, +        () -> controller.receiveEidasAuthnRequest(httpReq, httpResp)); +    Assert.assertEquals("wrong errorCode", "eidas.proxyservice.09", exception.getErrorId());   +   +  } +   +  @Test    public void validAuthnRequest() throws IOException, EaafException {             //initialize state      httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));     @@ -143,10 +277,20 @@ public class EidasProxyServiceControllerTest {          .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())          .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)          .spCountryCode(spCountryCode) -        .spType("public"); +        .spType("public") +        .requestedAttributes(ImmutableAttributeMap.builder() +            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( +                Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build());      proxyService.setiLightRequest(authnReqBuilder.build()); +     +    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "false"); +    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,  +        StringUtils.join(Arrays.asList( +            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); +     +          //execute      controller.receiveEidasAuthnRequest(httpReq, httpResp); @@ -168,8 +312,12 @@ public class EidasProxyServiceControllerTest {          pendingReq.getServiceProviderConfiguration(ServiceProviderConfiguration.class);      Assert.assertNotNull("uniqueId", spConfig.getUniqueIdentifier());      Assert.assertEquals("uniqueId wrong pattern",  +        authnReqBuilder.build().getIssuer(),  +        spConfig.getUniqueIdentifier());     +    Assert.assertEquals("friendlyName wrong pattern",           MessageFormat.format(MsProxyServiceConstants.TEMPLATE_SP_UNIQUE_ID, spCountryCode, "public"),  -        spConfig.getUniqueIdentifier()); +        spConfig.getFriendlyName()); +          Assert.assertEquals("uniqueId not match to pendingReq",           pendingReq.getSpEntityId(), spConfig.getUniqueIdentifier());      Assert.assertNotNull("bpkTarget", spConfig.getAreaSpecificTargetIdentifier()); @@ -179,11 +327,12 @@ public class EidasProxyServiceControllerTest {      assertNotNull("mandateprofiles", spConfig.getMandateProfiles());      assertTrue("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty()); -     +    assertEquals("MandateMode", SpMandateModes.NONE, spConfig.getMandateMode()); +            }    @Test -  public void validAuthnRequestWithMandatesDefaultProfiles() throws IOException, EaafException {        +  public void validAuthnRequestWithMandatesDefaultProfilesNat() throws IOException, EaafException {             //initialize state      httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));          String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase(); @@ -193,15 +342,23 @@ public class EidasProxyServiceControllerTest {          .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())          .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)          .spCountryCode(spCountryCode) -        .spType("public"); +        .spType("public") +        .requestedAttributes(ImmutableAttributeMap.builder() +            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( +                Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build()); +          proxyService.setiLightRequest(authnReqBuilder.build()); -    List<String> mandateProfiles =  +    List<String> mandateProfilesNat =  +        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); +    List<String> mandateProfilesJur =           Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));      config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true"); -    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT,  -        StringUtils.join(mandateProfiles, ",")); +    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,  +        StringUtils.join(mandateProfilesNat, ",")); +    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL,  +        StringUtils.join(mandateProfilesJur, ","));      //execute      controller.receiveEidasAuthnRequest(httpReq, httpResp); @@ -211,14 +368,15 @@ public class EidasProxyServiceControllerTest {          authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);      assertNotNull("mandateprofiles", spConfig.getMandateProfiles());      assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty()); -    assertEquals("mandateprofile size", mandateProfiles.size(), spConfig.getMandateProfiles().size()); +    assertEquals("mandateprofile size", mandateProfilesNat.size(), spConfig.getMandateProfiles().size());      spConfig.getMandateProfiles().stream() -        .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfiles.contains(el))); +        .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfilesNat.contains(el))); +    assertEquals("MandateMode", SpMandateModes.NATURAL, spConfig.getMandateMode());    }    @Test -  public void validAuthnRequestWithMandatesCountryProfiles() throws IOException, EaafException {        +  public void validAuthnRequestWithMandatesDefaultProfilesJur() throws IOException, EaafException {             //initialize state      httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));          String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase(); @@ -228,28 +386,168 @@ public class EidasProxyServiceControllerTest {          .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())          .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)          .spCountryCode(spCountryCode) -        .spType("public"); +        .spType("public") +        .requestedAttributes(ImmutableAttributeMap.builder() +            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( +                Constants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build()); +          proxyService.setiLightRequest(authnReqBuilder.build()); -    List<String> mandateProfiles =  +    List<String> mandateProfilesNat =           Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); -    List<String> mandateProfilesCc1 =  +    List<String> mandateProfilesJur =           Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); -    List<String> mandateProfilesCc2 =  +    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true"); +    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,  +        StringUtils.join(mandateProfilesNat, ",")); +    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL,  +        StringUtils.join(mandateProfilesJur, ",")); +     +    //execute +    controller.receiveEidasAuthnRequest(httpReq, httpResp); +     +    //validate state +    ServiceProviderConfiguration spConfig =  +        authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class); +    assertNotNull("mandateprofiles", spConfig.getMandateProfiles()); +    assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty()); +    assertEquals("mandateprofile size", mandateProfilesJur.size(), spConfig.getMandateProfiles().size()); +    spConfig.getMandateProfiles().stream() +        .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfilesJur.contains(el))); +    assertEquals("MandateMode", SpMandateModes.LEGAL_FORCE, spConfig.getMandateMode()); +     +  } +   +  @Test +  public void validAuthnRequestWithMandatesDefaultNoJurProfiles() throws IOException, EaafException {        +    //initialize state +    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));     +    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase(); +    LightRequest.Builder authnReqBuilder = LightRequest.builder() +        .id(UUID.randomUUID().toString()) +        .issuer(RandomStringUtils.randomAlphabetic(10)) +        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) +        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) +        .spCountryCode(spCountryCode) +        .spType("public") +        .requestedAttributes(ImmutableAttributeMap.builder() +            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( +                Constants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build()); +     +     +    proxyService.setiLightRequest(authnReqBuilder.build()); +     +    List<String> mandateProfilesNat =           Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));      config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true"); -    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT,  +    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,  +        StringUtils.join(mandateProfilesNat, ",")); +    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, ""); +     +    //validate state +    EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class, +        () -> controller.receiveEidasAuthnRequest(httpReq, httpResp)); +    Assert.assertEquals("wrong errorCode", "eidas.proxyservice.10", exception.getErrorId()); +         +  } +   +  @Test +  public void validAuthnRequestIssueSpecificNoMandates() throws IOException, EaafException {        +    //initialize state +    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));     +     +    String issuer = RandomStringUtils.randomAlphabetic(10);     +    LightRequest.Builder authnReqBuilder = LightRequest.builder() +        .id(UUID.randomUUID().toString()) +        .issuer(issuer) +        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) +        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) +        .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) +        .spType("public") +        .requestedAttributes(ImmutableAttributeMap.builder() +            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( +                Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build()); +     +    proxyService.setiLightRequest(authnReqBuilder.build()); +     +     +    // set default mandate configuration     +    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true"); +    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,  +        StringUtils.join(Arrays.asList( +            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); +    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL,  +        StringUtils.join(Arrays.asList( +            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); +     +    // set specific mandate configuration +    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase(); +    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_UNIQUEID, issuer); +    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_COUNTRYCODE, spCountryCode); +    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_ENABLED, "false"); +     +    List<String> mandateProfiles =  +        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); +    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_NATURAL,           StringUtils.join(mandateProfiles, ",")); +    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_LEGAL,  +        StringUtils.join(Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); +         +    //execute +    controller.receiveEidasAuthnRequest(httpReq, httpResp); -    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_SPECIFIC  -        + RandomStringUtils.randomAlphabetic(2).toLowerCase(), -        StringUtils.join(mandateProfilesCc1, ","));     -    config.putConfigValue( -        MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_SPECIFIC + spCountryCode.toLowerCase(), -        StringUtils.join(mandateProfilesCc2, ",")); +    //validate state +    ServiceProviderConfiguration spConfig =  +        authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class); +    assertNotNull("mandateprofiles", spConfig.getMandateProfiles()); +    assertTrue("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty()); +    assertEquals("MandateMode", SpMandateModes.NONE, spConfig.getMandateMode()); +     +  } +   +  @Test +  public void validAuthnRequestIssueSpecificMandatesNat() throws IOException, EaafException {        +    //initialize state +    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));     +    String issuer = "https://apps.egiz.gv.at/EidasNode//ConnectorMetadata";     +    LightRequest.Builder authnReqBuilder = LightRequest.builder() +        .id(UUID.randomUUID().toString()) +        .issuer(issuer) +        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) +        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) +        .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) +        .spType("public") +        .requestedAttributes(ImmutableAttributeMap.builder() +            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( +                Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build()); +    proxyService.setiLightRequest(authnReqBuilder.build()); +     +     +    // set default mandate configuration     +    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "false"); +    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,  +        StringUtils.join(Arrays.asList( +            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); +    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL,  +        StringUtils.join(Arrays.asList( +            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); +     +    // set specific mandate configuration +    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase(); +    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_UNIQUEID, issuer); +    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_COUNTRYCODE, spCountryCode); +    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_ENABLED, "true"); +     +    List<String> mandateProfiles =  +        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); +    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_NATURAL,  +        StringUtils.join(mandateProfiles, ",")); +    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_LEGAL,  +        StringUtils.join(Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); +              //execute      controller.receiveEidasAuthnRequest(httpReq, httpResp); @@ -260,8 +558,74 @@ public class EidasProxyServiceControllerTest {      assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());      assertEquals("mandateprofile size", mandateProfiles.size(), spConfig.getMandateProfiles().size());      spConfig.getMandateProfiles().stream() -        .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfilesCc2.contains(el))); +        .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfiles.contains(el))); +    assertEquals("MandateMode", SpMandateModes.NATURAL, spConfig.getMandateMode()); +     +  } +   +  @Test +  public void validAuthnRequestIssueSpecificMandatesJur() throws IOException, EaafException {        +    //initialize state +    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));     +     +    String issuer = RandomStringUtils.randomAlphabetic(10);     +    LightRequest.Builder authnReqBuilder = LightRequest.builder() +        .id(UUID.randomUUID().toString()) +        .issuer(issuer) +        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) +        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) +        .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) +        .spType("public") +        .requestedAttributes(ImmutableAttributeMap.builder() +            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( +                Constants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build()); +     +    proxyService.setiLightRequest(authnReqBuilder.build()); +     +     +    // set default mandate configuration     +    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true"); +    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,  +        StringUtils.join(Arrays.asList( +            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); +    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL,  +        StringUtils.join(Arrays.asList( +            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); +     +    // set specific mandate configuration +    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase(); +    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_UNIQUEID, issuer); +    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_COUNTRYCODE, spCountryCode); +    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_ENABLED, "true"); +     +    List<String> mandateProfiles =  +        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); +    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_LEGAL,  +        StringUtils.join(mandateProfiles, ",")); +    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_NATURAL,  +        StringUtils.join(Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); +         +    //execute +    controller.receiveEidasAuthnRequest(httpReq, httpResp); +     +    //validate state +    ServiceProviderConfiguration spConfig =  +        authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class); +    assertNotNull("mandateprofiles", spConfig.getMandateProfiles()); +    assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty()); +    assertEquals("mandateprofile size", mandateProfiles.size(), spConfig.getMandateProfiles().size()); +    spConfig.getMandateProfiles().stream() +        .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfiles.contains(el))); +    assertEquals("MandateMode", SpMandateModes.LEGAL_FORCE, spConfig.getMandateMode()); +     +  } +   +  private void addConnectorConfig(int i, String key, String value) { +    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_PREFIX + String.valueOf(i)  + "." + key,  +        value);     }  } + + | 
