add ID Austria communication-module and additional jUnit test

It's first alpha-version of eIDAS MS-specific Proxy-Service with ID Austria authentication

8 files changed, 306 insertions, 52 deletions

diff --git a/eidas_modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml b/eidas_modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml
index 53ca4d4d..cdc9fa95 100644
--- a/eidas_modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml
+++ b/eidas_modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml
@@ -9,4 +9,12 @@
         <Bug pattern="CRLF_INJECTION_LOGS" />                       
       </OR>
     </Match>
+    <Match>
+      <!-- Redirect-URL is set by configuration only. Therefore it's trusted -->
+      <Class name="at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServiceAuthenticationAction" />
+      <Method name="forwardToEidasProxy" />
+      <OR>
+        <Bug pattern="UNVALIDATED_REDIRECT" />                
+      </OR>
+    </Match>    
 </FindBugsFilter>
diff --git a/eidas_modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/MsProxyServiceConstants.java b/eidas_modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/MsProxyServiceConstants.java
index a7c3b8e2..e5d4d33e 100644
--- a/eidas_modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/MsProxyServiceConstants.java
+++ b/eidas_modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/MsProxyServiceConstants.java
@@ -1,5 +1,9 @@
 package at.asitplus.eidas.specific.modules.msproxyservice;
 
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.impl.idp.auth.builder.AbstractAuthenticationDataBuilder;
+
 /**
  * Constants for MS-specific eIDAS Proxy-Service.
  * 
@@ -11,7 +15,15 @@ public class MsProxyServiceConstants {
   //general constants
   public static final String TEMPLATE_SP_UNIQUE_ID = "eidasProxyAuth_from_{0}_type_{1}";
   
+  public static final String ATTR_EIDAS_PERSONAL_IDENTIFIER = 
+      AbstractAuthenticationDataBuilder.GENERIC_AUTHDATA_IDENTIFIER + PvpAttributeDefinitions.BPK_NAME;
+  
   //configuration constants
+  public static final String CONIG_PROPS_EIDAS_PROXY_NODE_ENTITYID = Constants.CONIG_PROPS_EIDAS_NODE
+      + ".proxy.entityId";
+  public static final String CONIG_PROPS_EIDAS_PROXY_NODE_FORWARD_URL = Constants.CONIG_PROPS_EIDAS_NODE
+      + ".proxy.forward.endpoint";
+
   
   //http end-points
   public static final String EIDAS_HTTP_ENDPOINT_IDP_POST = "/eidas/light/idp/post";
diff --git a/eidas_modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/EidasProxyServiceController.java b/eidas_modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/EidasProxyServiceController.java
index 47cfd3a9..aafe57e7 100644
--- a/eidas_modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/EidasProxyServiceController.java
+++ b/eidas_modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/EidasProxyServiceController.java
@@ -149,6 +149,32 @@ public class EidasProxyServiceController extends AbstractController implements I
     
   }
 
+  @Override
+  public boolean generateErrorMessage(Throwable e, HttpServletRequest request, HttpServletResponse response,
+      IRequest protocolRequest) throws Throwable {
+    
+    //TODO: implement error handling for eIDAS Node communication    
+    return false;
+    
+  }
+  
+  @Override
+  public String getName() {
+    return EidasProxyServiceController.class.getName();
+    
+  }
+
+  @Override
+  public String getAuthProtocolIdentifier() {
+    return PROTOCOL_ID;
+    
+  }
+
+  @Override
+  public boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending) {
+    return true;
+    
+  }
   
   /**
    * Validate incoming eIDAS request.
@@ -180,9 +206,12 @@ public class EidasProxyServiceController extends AbstractController implements I
     try {
       String spCountry = eidasRequest.getSpCountryCode();                  
       Map<String, String> spConfigMap = new HashMap<>();
+
+      //TODO: how we get the EntityId from eIDAS connector?
       spConfigMap.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER,
           MessageFormat.format(MsProxyServiceConstants.TEMPLATE_SP_UNIQUE_ID, 
               spCountry, eidasRequest.getSpType()));
+      
       ServiceProviderConfiguration spConfig = new ServiceProviderConfiguration(spConfigMap, authConfig);
     
       final String ccCountry = authConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRYCODE,
@@ -198,35 +227,7 @@ public class EidasProxyServiceController extends AbstractController implements I
     } catch (EaafException e) {
       throw new EidasProxyServiceException(ERROR_04, new Object[] {e.getMessage()}, e);
       
-    }
-    
-  }
-
-  @Override
-  public boolean generateErrorMessage(Throwable e, HttpServletRequest request, HttpServletResponse response,
-      IRequest protocolRequest) throws Throwable {
-    
-    //TODO: implement error handling for eIDAS Node communication    
-    return false;
-    
-  }
-  
-  @Override
-  public String getName() {
-    return EidasProxyServiceController.class.getName();
-    
-  }
-
-  @Override
-  public String getAuthProtocolIdentifier() {
-    return PROTOCOL_ID;
-    
-  }
-
-  @Override
-  public boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending) {
-    return true;
-    
+    }    
   }
 
 }
diff --git a/eidas_modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java b/eidas_modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java
index 3ff35ac9..c51db460 100644
--- a/eidas_modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java
+++ b/eidas_modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java
@@ -1,18 +1,53 @@
 package at.asitplus.eidas.specific.modules.msproxyservice.protocol;
 
+import java.io.IOException;
+import java.util.UUID;
+
+import javax.annotation.PostConstruct;
+import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.apache.commons.lang3.StringUtils;
+import org.opensaml.saml.saml2.core.NameIDType;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.core.io.ResourceLoader;
+import org.springframework.web.util.UriComponentsBuilder;
+
+import at.asitplus.eidas.specific.connector.gui.StaticGuiBuilderConfiguration;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.msproxyservice.MsProxyServiceConstants;
+import at.asitplus.eidas.specific.modules.msproxyservice.exception.EidasProxyServiceException;
 import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.gui.ISpringMvcGuiFormBuilder;
 import at.gv.egiz.eaaf.core.api.idp.IAction;
 import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.slo.SloInformationInterface;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.GuiBuildException;
+import at.gv.egiz.eaaf.core.impl.data.SloInformationImpl;
+import eu.eidas.auth.commons.EidasParameterKeys;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.light.ILightRequest;
+import eu.eidas.auth.commons.light.ILightResponse;
+import eu.eidas.auth.commons.light.impl.LightResponse;
+import eu.eidas.auth.commons.light.impl.LightResponse.Builder;
+import eu.eidas.auth.commons.light.impl.ResponseStatus;
+import eu.eidas.auth.commons.tx.BinaryLightToken;
+import eu.eidas.specificcommunication.BinaryLightTokenHelper;
+import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
 import lombok.extern.slf4j.Slf4j;
 
 /**
  * Result action of a successfully performed eIDAS Proxy-Service authentication.
- * 
+ *
  * @author tlenz
  *
  */
@@ -20,33 +55,178 @@ import lombok.extern.slf4j.Slf4j;
 public class ProxyServiceAuthenticationAction implements IAction {
 
   private static final String PROXYSERVICE_AUTH_ACTION_NAME = "MS-specific eIDAS-Proxy action";
-  
+
+  @Autowired
+  ApplicationContext context;
+  @Autowired
+  IConfiguration basicConfig;
+  @Autowired
+  ResourceLoader resourceLoader;
+  @Autowired
+  ISpringMvcGuiFormBuilder guiBuilder;
+  @Autowired
+  EidasAttributeRegistry attrRegistry;
+
   @Override
   public SloInformationInterface processRequest(IRequest pendingReq, HttpServletRequest httpReq,
       HttpServletResponse httpResp, IAuthData authData) throws EaafException {
     if (pendingReq instanceof ProxyServicePendingRequest) {
+      try {        
+        ILightRequest eidasReq = ((ProxyServicePendingRequest) pendingReq).getEidasRequest();
+        
+        //build eIDAS response
+        Builder lightRespBuilder = LightResponse.builder();
+        lightRespBuilder.id(UUID.randomUUID().toString());
+        lightRespBuilder.inResponseToId(eidasReq.getId());
+        lightRespBuilder.relayState(eidasReq.getRelayState());
+        
+        lightRespBuilder.status(ResponseStatus.builder()
+            .statusCode(Constants.SUCCESS_URI)
+            .build());
+        
+        //TODO: check if we can use transient subjectNameIds
+        lightRespBuilder.subject(UUID.randomUUID().toString());
+        lightRespBuilder.subjectNameIdFormat(NameIDType.TRANSIENT);
+        
+        //TODO:
+        lightRespBuilder.issuer(basicConfig.getBasicConfiguration(
+            MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_NODE_ENTITYID));
+        lightRespBuilder.levelOfAssurance(authData.getEidasQaaLevel());       
+        lightRespBuilder.attributes(buildAttributesFromAuthData(authData));
+        
+        // put request into shared cache
+        final BinaryLightToken token = putResponseInCommunicationCache(lightRespBuilder.build());
+        final String tokenBase64 = BinaryLightTokenHelper.encodeBinaryLightTokenBase64(token);
+
+        // set SLO response object of EAAF framework
+        final SloInformationImpl sloInformation = new SloInformationImpl();
+        sloInformation.setProtocolType(pendingReq.requestedModule());
+        sloInformation
+            .setSpEntityID(pendingReq.getServiceProviderConfiguration().getUniqueIdentifier());
+
+        // forward to eIDAS Proxy-Service
+        forwardToEidasProxy(pendingReq, httpReq, httpResp, tokenBase64);
+
+        return sloInformation;
+
+      } catch (ServletException | IOException | GuiBuildException e) {
+        throw new EidasProxyServiceException("eidas.proxyservice.06", null, e);
+
+      }
 
-      
-      return null;
-      
     } else {
       log.error("eIDAS Proxy-Service authentication requires PendingRequest of Type: {}",
           ProxyServicePendingRequest.class.getName());
       throw new EaafException("eidas.proxyservice.99");
-      
-    }    
-  }
 
+    }
+  }
+  
   @Override
-  public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) {    
+  public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) {
     return true;
-    
+
   }
 
   @Override
   public String getDefaultActionName() {
     return PROXYSERVICE_AUTH_ACTION_NAME;
+
+  }
+  
+  
+  @PostConstruct 
+  private void checkConfiguration() {
+    //TODO: validate configuration on start-up
     
   }
+  
+  
+  private ImmutableAttributeMap buildAttributesFromAuthData(IAuthData authData) {
+    final AttributeDefinition<?> attrDefPersonalId = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+    final AttributeDefinition<?> attrDefFamilyName = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first();
+    final AttributeDefinition<?> attrDefGivenName = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_CURRENTGIVENNAME).first();
+    final AttributeDefinition<?> attrDefDateOfBirth = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_DATEOFBIRTH).first();
+   
+    final ImmutableAttributeMap.Builder attributeMap = 
+        ImmutableAttributeMap.builder().put(attrDefPersonalId, 
+            authData.getGenericData(MsProxyServiceConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, String.class))
+        .put(attrDefFamilyName, authData.getFamilyName())
+        .put(attrDefGivenName, authData.getGivenName())
+        .put(attrDefDateOfBirth, authData.getFormatedDateOfBirth());
+    
+    return attributeMap.build();
+    
+  }
+  
+  private BinaryLightToken putResponseInCommunicationCache(ILightResponse lightResponse)
+      throws ServletException {
+    final BinaryLightToken binaryLightToken;
+    try {
+      final SpecificCommunicationService springManagedSpecificConnectorCommunicationService =
+          (SpecificCommunicationService) context.getBean(
+              SpecificCommunicationDefinitionBeanNames.SPECIFIC_PROXYSERVICE_COMMUNICATION_SERVICE
+                  .toString());
+
+      binaryLightToken = springManagedSpecificConnectorCommunicationService.putResponse(lightResponse);
+
+    } catch (final SpecificCommunicationException e) {
+      log.error("Unable to process specific request");
+      throw new ServletException(e);
+
+    }
+
+    return binaryLightToken;
+  }
+
+  private void forwardToEidasProxy(IRequest pendingReq, HttpServletRequest httpReq,
+      HttpServletResponse httpResp, String tokenBase64) throws EaafConfigurationException, IOException,
+      GuiBuildException {
+    // select forward URL regarding the selected environment
+    final String forwardUrl = basicConfig.getBasicConfiguration(
+        MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_NODE_FORWARD_URL);
+
+    if (StringUtils.isEmpty(forwardUrl)) {
+      log.warn("NO ForwardURL defined in configuration. Can NOT forward to eIDAS node! Process stops");
+      throw new EaafConfigurationException("config.08",
+          new Object[] { MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_NODE_FORWARD_URL });
+
+    }
+    log.debug("ForwardURL: " + forwardUrl + " selected to forward eIDAS request");
+
+    if (basicConfig.getBasicConfiguration(
+        Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_METHOD,
+        Constants.FORWARD_METHOD_GET).equals(Constants.FORWARD_METHOD_GET)) {
+
+      log.debug("Use http-redirect for eIDAS node forwarding ...  ");
+      // send redirect
+      final UriComponentsBuilder redirectUrl = UriComponentsBuilder.fromHttpUrl(forwardUrl);
+      redirectUrl.queryParam(EidasParameterKeys.TOKEN.toString(), tokenBase64);
+      httpResp.sendRedirect(redirectUrl.build().encode().toString());
+
+    } else {
+      log.debug("Use http-post for eIDAS node forwarding ...  ");
+      final StaticGuiBuilderConfiguration config = new StaticGuiBuilderConfiguration(
+          basicConfig,
+          pendingReq,
+          Constants.TEMPLATE_POST_FORWARD_NAME,
+          null,
+          resourceLoader);
+
+      config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_ENDPOINT, forwardUrl);
+      config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_TOKEN_NAME,
+          EidasParameterKeys.TOKEN.toString());
+      config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_TOKEN_VALUE,
+          tokenBase64);
+
+      guiBuilder.build(httpReq, httpResp, config, "Forward to eIDASNode form");
+
+    }
+
+  }
 
 }
diff --git a/eidas_modules/eidas_proxy-sevice/src/main/resources/messages/eidasproxy_messages.properties b/eidas_modules/eidas_proxy-sevice/src/main/resources/messages/eidasproxy_messages.properties
index 0437554b..5c4c51b9 100644
--- a/eidas_modules/eidas_proxy-sevice/src/main/resources/messages/eidasproxy_messages.properties
+++ b/eidas_modules/eidas_proxy-sevice/src/main/resources/messages/eidasproxy_messages.properties
@@ -3,5 +3,6 @@ eidas.proxyservice.02=Authentication request contains not communication token.
 eidas.proxyservice.03=General error during eIDAS-Node communication. Reason: {}
 eidas.proxyservice.04=Validation of eIDAS Authn request failed. Reason: {}
 eidas.proxyservice.05=No Service-Provider country-code in Authn. request. Authentication not possible
+eidas.proxyservice.06=Can not build eIDAS Proxy-Service response. Authentication FAILED.
 
 eidas.proxyservice.99=Internal error during eIDAS Proxy-Service authentication
\ No newline at end of file
diff --git a/eidas_modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/ProxyServiceAuthenticationActionTest.java b/eidas_modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/ProxyServiceAuthenticationActionTest.java
index eb5280b3..96429d71 100644
--- a/eidas_modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/ProxyServiceAuthenticationActionTest.java
+++ b/eidas_modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/ProxyServiceAuthenticationActionTest.java
@@ -5,10 +5,13 @@ import static org.junit.Assert.assertThrows;
 
 import java.net.URISyntaxException;
 import java.util.Arrays;
+import java.util.Collections;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
+import java.util.UUID;
 
+import org.apache.commons.lang3.RandomStringUtils;
 import org.junit.Assert;
 import org.junit.Before;
 import org.junit.Test;
@@ -26,6 +29,7 @@ import org.springframework.web.context.request.ServletRequestAttributes;
 import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
 import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummySpConfiguration;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.msproxyservice.MsProxyServiceConstants;
 import at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServiceAuthenticationAction;
 import at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServicePendingRequest;
 import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
@@ -35,6 +39,7 @@ import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
 import at.gv.egiz.eaaf.core.api.idp.slo.SloInformationInterface;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
 import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import eu.eidas.auth.commons.light.impl.LightRequest;
 
 @RunWith(SpringJUnit4ClassRunner.class)
 @PrepareForTest(CreateIdentityLinkTask.class)
@@ -65,6 +70,9 @@ public class ProxyServiceAuthenticationActionTest {
     RequestContextHolder.resetRequestAttributes();
     RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
     
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint", 
+        "http://eidas.proxy/endpoint");
+    
     final Map<String, String> spConfig = new HashMap<>();
     spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
     spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
@@ -76,6 +84,17 @@ public class ProxyServiceAuthenticationActionTest {
     pendingReq.initialize(httpReq, basicConfig);
     pendingReq.setOnlineApplicationConfiguration(oaParam);
     
+    LightRequest.Builder eidasRequestBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .spType("public")
+        .requesterId(RandomStringUtils.randomAlphanumeric(10))
+        .providerName(RandomStringUtils.randomAlphanumeric(10));
+    pendingReq.setEidasRequest(eidasRequestBuilder.build());
+    
   }
   
   @Test
@@ -88,16 +107,35 @@ public class ProxyServiceAuthenticationActionTest {
     Assert.assertEquals("wrong errorCode", "eidas.proxyservice.99", exception.getErrorId());
     
   }
+
+  @Test
+  public void missingForwardUrl() {        
+    Map<String, Object> attr = new HashMap<>();
+    attr.put(MsProxyServiceConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, 
+        "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));    
+    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18");
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint");
+        
+    EaafException exception = assertThrows(EaafException.class,
+        () ->  action.processRequest(pendingReq, httpReq, httpResp, authData));
+    Assert.assertEquals("wrong errorCode", "config.08", exception.getErrorId());
+    
+  }
   
   @Test 
   public void dummyResponseActionTest() throws EaafException {
-    IAuthData authData = generateDummyAuthData();
+    Map<String, Object> attr = new HashMap<>();
+    attr.put(MsProxyServiceConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, 
+        "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));    
+    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18");
     
     //perform test
     SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
     
     //validate state
-    Assert.assertNull("Result should be not null", result);
+    Assert.assertNotNull("Result should be not null", result);
     
   }
   
@@ -112,6 +150,12 @@ public class ProxyServiceAuthenticationActionTest {
   }
   
   private IAuthData generateDummyAuthData() {
+    return generateDummyAuthData(Collections.emptyMap(), EaafConstants.EIDAS_LOA_LOW, 
+        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1940-01-01");
+    
+  }
+  
+  private IAuthData generateDummyAuthData(Map<String, Object> attrs, String loa, String familyName, String givenName, String dateOfBirth) {
     return new IAuthData() {
       
       @Override
@@ -176,26 +220,28 @@ public class ProxyServiceAuthenticationActionTest {
       
       @Override
       public String getGivenName() {
-        // TODO Auto-generated method stub
-        return null;
+        return givenName;
       }
       
       @Override
       public <T> T getGenericData(String key, Class<T> clazz) {
-        // TODO Auto-generated method stub
-        return null;
+        if (attrs.containsKey(key)) {
+          return (T) attrs.get(key);
+          
+        } else {
+          return null;  
+        }
+        
       }
       
       @Override
       public String getFormatedDateOfBirth() {
-        // TODO Auto-generated method stub
-        return null;
+        return dateOfBirth;
       }
       
       @Override
       public String getFamilyName() {
-        // TODO Auto-generated method stub
-        return null;
+        return familyName;
       }
       
       @Override
@@ -212,8 +258,8 @@ public class ProxyServiceAuthenticationActionTest {
       
       @Override
       public String getEidasQaaLevel() {
-        // TODO Auto-generated method stub
-        return null;
+        return loa;
+        
       }
       
       @Override
diff --git a/eidas_modules/eidas_proxy-sevice/src/test/resources/config/junit_config_1.properties b/eidas_modules/eidas_proxy-sevice/src/test/resources/config/junit_config_1.properties
index b03e2c81..4f3b82b5 100644
--- a/eidas_modules/eidas_proxy-sevice/src/test/resources/config/junit_config_1.properties
+++ b/eidas_modules/eidas_proxy-sevice/src/test/resources/config/junit_config_1.properties
@@ -1,3 +1,6 @@
 ## Basic service configuration
 eidas.ms.context.url.prefix=http://localhost
-eidas.ms.context.url.request.validation=false
\ No newline at end of file
+eidas.ms.context.url.request.validation=false
+
+eidas.ms.auth.eIDAS.node_v2.proxy.entityId=ownSpecificProxy
+eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint=http://eidas.proxy/endpoint
\ No newline at end of file
diff --git a/eidas_modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_test.xml b/eidas_modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_test.xml
index 6a1505f4..2c16d796 100644
--- a/eidas_modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_test.xml
+++ b/eidas_modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_test.xml
@@ -16,6 +16,9 @@
   <bean id="springManagedSpecificProxyserviceCommunicationService"
         class="at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService" />
 
+ <bean id="mvcGUIBuilderImpl"
+    class="at.asitplus.eidas.specific.connector.gui.SpringMvcGuiFormBuilderImpl" />
+
   <bean id="specificConnectorAttributesFileWithPath"
     class="java.lang.String">
     <constructor-arg