aboutsummaryrefslogtreecommitdiff
path: root/modules/authmodule-eIDAS-v2/src/test/java
diff options
context:
space:
mode:
authorThomas <>2022-12-19 15:50:38 +0100
committerThomas <>2022-12-19 15:50:38 +0100
commitd2dec4601c41131c3ca509a8f7907b91af0ba2a6 (patch)
tree999634c3edaf5d45774593b4cdece1dada857dab /modules/authmodule-eIDAS-v2/src/test/java
parentc2fa7fa970f717b8b4e27098b3d2b9341c59fae1 (diff)
downloadNational_eIDAS_Gateway-d2dec4601c41131c3ca509a8f7907b91af0ba2a6.tar.gz
National_eIDAS_Gateway-d2dec4601c41131c3ca509a8f7907b91af0ba2a6.tar.bz2
National_eIDAS_Gateway-d2dec4601c41131c3ca509a8f7907b91af0ba2a6.zip
feat(eidas-connector): support not-notified LoA
- not-notified LoA is currently used by Ukraine
Diffstat (limited to 'modules/authmodule-eIDAS-v2/src/test/java')
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java83
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java34
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java44
3 files changed, 148 insertions, 13 deletions
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java
index b8cb0642..7ae432a7 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java
@@ -31,6 +31,7 @@ import java.util.HashMap;
import java.util.Map;
import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;
@@ -40,6 +41,7 @@ import org.springframework.test.annotation.DirtiesContext.ClassMode;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService;
@@ -126,6 +128,8 @@ public class EidasAttributePostProcessingTest {
private static final String P8_PLACEOFBIRTH = RandomStringUtils.randomAlphabetic(10);
private static final String P8_BIRTHNAME = RandomStringUtils.randomAlphabetic(10);
+ @Autowired
+ private MsConnectorDummyConfigMap basicConfig;
/**
* jUnit class initializer.
@@ -136,9 +140,19 @@ public class EidasAttributePostProcessingTest {
public static void classInitializer() throws IOException {
final String current = new java.io.File(".").toURI().toString();
System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties");
-
+
}
+ /**
+ * Test initializer.
+ */
+ @Before
+ public void initialize() {
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.workaround.ua.dateofbirth", "false");
+
+ }
+
+
@Test
@SneakyThrows
public void deWithHexLowerCase() {
@@ -271,6 +285,73 @@ public class EidasAttributePostProcessingTest {
}
+ @Test
+ public void uaTestCaseWrongDateOfBirthWorkAround() throws Exception {
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.workaround.ua.dateofbirth", "true");
+
+ final SimpleEidasData result = postProcessor.postProcess(
+ generateInputData(
+ "UA/AT/asdfsafsdaasfsadf",
+ "UATestUser",
+ "mein Vorname",
+ "2170-05-29",
+ null,
+ null));
+
+ validate(result,
+ "asdfsafsdaasfsadf",
+ "UA",
+ "UATestUser",
+ "mein Vorname",
+ "2000-05-29",
+ null,
+ null);
+
+ }
+
+ @Test
+ public void uaTestCaseWrongDateOfBirth() throws Exception {
+ final SimpleEidasData result = postProcessor.postProcess(
+ generateInputData(
+ "UA/AT/asdfsafsdaasfsadf",
+ "UATestUser",
+ "mein Vorname",
+ "2170-05-29",
+ null,
+ null));
+
+ validate(result,
+ "asdfsafsdaasfsadf",
+ "UA",
+ "UATestUser",
+ "mein Vorname",
+ "2170-05-29",
+ null,
+ null);
+
+ }
+
+ @Test
+ public void uaTestCaseValidDateOfBirth() throws Exception {
+ final SimpleEidasData result = postProcessor.postProcess(
+ generateInputData(
+ "UA/AT/asdfsafsdaasfsadf",
+ "UATestUser",
+ "mein Vorname",
+ "1970-05-29",
+ null,
+ null));
+
+ validate(result,
+ "asdfsafsdaasfsadf",
+ "UA",
+ "UATestUser",
+ "mein Vorname",
+ "1970-05-29",
+ null,
+ null);
+
+ }
@Test
public void eeTestCase() throws Exception {
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java
index 7cfd2d5c..6f385789 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java
@@ -25,6 +25,7 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
import java.util.HashMap;
import java.util.Map;
@@ -40,13 +41,13 @@ import org.springframework.test.annotation.DirtiesContext.ClassMode;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import at.asitplus.eidas.specific.core.config.ServiceProviderConfiguration;
import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPreProcessingException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService;
import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
import at.gv.egiz.eaaf.core.api.data.EaafConstants;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
import eu.eidas.auth.commons.light.impl.LightRequest;
import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
@@ -65,7 +66,7 @@ public class EidasRequestPreProcessingSecondTest {
private CcSpecificEidProcessingService preProcessor;
private TestRequestImpl pendingReq;
- private DummySpConfiguration oaParam;
+ private ServiceProviderConfiguration oaParam;
private Builder authnRequestBuilder;
@@ -74,13 +75,16 @@ public class EidasRequestPreProcessingSecondTest {
*
*/
@Before
+ @SneakyThrows
public void setUp() {
final Map<String, String> spConfig = new HashMap<>();
spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
- spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
- oaParam = new DummySpConfiguration(spConfig, basicConfig);
-
+
+ oaParam = new ServiceProviderConfiguration(spConfig, basicConfig);
+ oaParam.setBpkTargetIdentifier("urn:publicid:gv.at:cdid+XX");
+
+
pendingReq = new TestRequestImpl();
pendingReq.setSpConfig(oaParam);
pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
@@ -105,9 +109,8 @@ public class EidasRequestPreProcessingSecondTest {
public void privateSpAllowed() {
basicConfig.putConfigValue(
"eidas.ms.auth.eIDAS.node_v2.proxyservices.privatesp.notsupported", "XX,XY");
- basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
-
- oaParam.getFullConfiguration().put("target", "urn:publicid:gv.at:wbpk+XFN+123456a");
+ basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+ oaParam.setBpkTargetIdentifier("urn:publicid:gv.at:wbpk+XFN+123456a");
final String testCountry = "DE";
authnRequestBuilder.citizenCountryCode(testCountry);
@@ -123,10 +126,9 @@ public class EidasRequestPreProcessingSecondTest {
public void privateSpNotAllowed() {
basicConfig.putConfigValue(
"eidas.ms.auth.eIDAS.node_v2.proxyservices.privatesp.notsupported", "XX,XY");
- basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
-
- oaParam.getFullConfiguration().put("target", "urn:publicid:gv.at:wbpk+XFN+123456a");
-
+ basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+ oaParam.setBpkTargetIdentifier("urn:publicid:gv.at:wbpk+XFN+123456a");
+
final String testCountry = "XY";
authnRequestBuilder.citizenCountryCode(testCountry);
@@ -225,6 +227,14 @@ public class EidasRequestPreProcessingSecondTest {
Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/NotNotified/LoA/high",
lightReq.getLevelsOfAssurance().get(0).getValue());
+ assertEquals("SP allowed LoA", 2, oaParam.getRequiredLoA().size());
+ assertTrue("missing not-notified LoA", oaParam.getRequiredLoA().stream()
+ .filter(el -> el.equals("http://eidas.europa.eu/NotNotified/LoA/high")).findFirst().isPresent());
+ assertEquals("wrong LoA matching-mode", "exact", oaParam.getLoAMatchingMode());
+
+
+
+
}
}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java
index 91a50d28..d7831dbd 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java
@@ -36,6 +36,7 @@ import eu.eidas.auth.commons.attribute.ImmutableAttributeMap.Builder;
import eu.eidas.auth.commons.attribute.impl.StringAttributeValue;
import eu.eidas.auth.commons.light.ILightResponse;
import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
+import lombok.SneakyThrows;
import lombok.val;
@RunWith(SpringJUnit4ClassRunner.class)
@@ -100,6 +101,49 @@ public class EidasResponseValidatorTest {
}
@Test
+ public void loaFromResponseNotAllowed() throws URISyntaxException {
+ //set-up
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ "LU/AT/" + RandomStringUtils.randomNumeric(10),
+ "http://eidas.europa.eu/NotNotified/LoA/high",
+ false);
+ String spCountry = "AT";
+ String citizenCountryCode = "XX";
+
+ //execute test
+ try {
+ EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+ Assert.fail("Wrong eIDAS response not detected");
+
+ } catch (EidasValidationException e) {
+ Assert.assertEquals("ErrorId", "eidas.06", e.getErrorId());
+ Assert.assertEquals("wrong parameter size", 1, e.getParams().length);
+ Assert.assertEquals("wrong errorMsg", "http://eidas.europa.eu/NotNotified/LoA/high",
+ e.getParams()[0]);
+
+ }
+ }
+
+ @Test
+ @SneakyThrows
+ public void loaFromResponseNotNotified() throws URISyntaxException {
+
+ //set-up
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ "LU/AT/" + RandomStringUtils.randomNumeric(10),
+ "http://eidas.europa.eu/NotNotified/LoA/high",
+ false);
+ String spCountry = "AT";
+ String citizenCountryCode = "LU";
+
+ oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, "http://eidas.europa.eu/NotNotified/LoA/high"));
+
+ //execute test
+ EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+
+ }
+
+ @Test
public void noEidasSpCountry() throws URISyntaxException {
//set-up
ILightResponse eidasResponse = buildDummyAuthResponse(