diff options
author | Thomas <> | 2022-11-17 16:48:29 +0100 |
---|---|---|
committer | Thomas <> | 2022-11-17 16:48:29 +0100 |
commit | aacc2545abb12328a09cef2cf20ca80a61374836 (patch) | |
tree | 6a05a7e63677748a070f854059ad9962a4edfa7d /modules/authmodule-eIDAS-v2/src/test | |
parent | 1a76153176f57ba5d85343e905061db14c523729 (diff) | |
download | National_eIDAS_Gateway-aacc2545abb12328a09cef2cf20ca80a61374836.tar.gz National_eIDAS_Gateway-aacc2545abb12328a09cef2cf20ca80a61374836.tar.bz2 National_eIDAS_Gateway-aacc2545abb12328a09cef2cf20ca80a61374836.zip |
feat(connector): add validation to disable private-SP support for specific countries
Diffstat (limited to 'modules/authmodule-eIDAS-v2/src/test')
5 files changed, 69 insertions, 8 deletions
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/AlternativeSearchTaskWithRegisterTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/AlternativeSearchTaskWithRegisterTest.java index 2506a9b6..305220cf 100644 --- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/AlternativeSearchTaskWithRegisterTest.java +++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/AlternativeSearchTaskWithRegisterTest.java @@ -56,6 +56,7 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPreProcessingException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.CountrySpecificDetailSearchProcessor; @@ -871,8 +872,9 @@ public class AlternativeSearchTaskWithRegisterTest { } @Override - public void preProcess(String selectedCC, IRequest pendingReq, LightRequest.Builder authnRequestBuilder) { - genericEidProcessor.preProcess(pendingReq, authnRequestBuilder); + public void preProcess(String selectedCC, IRequest pendingReq, LightRequest.Builder authnRequestBuilder) + throws EidPreProcessingException { + genericEidProcessor.preProcess(pendingReq, authnRequestBuilder, selectedCC); } }; } diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java index 6292a0e1..ca78e156 100644 --- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java +++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java @@ -74,6 +74,7 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPreProcessingException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException; @@ -172,8 +173,9 @@ public class InitialSearchTaskTest { } @Override - public void preProcess(String selectedCC, IRequest pendingReq, LightRequest.Builder authnRequestBuilder) { - genericEidProcessor.preProcess(pendingReq, authnRequestBuilder); + public void preProcess(String selectedCC, IRequest pendingReq, LightRequest.Builder authnRequestBuilder) + throws EidPreProcessingException { + genericEidProcessor.preProcess(pendingReq, authnRequestBuilder, selectedCC); } }; } diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskWithRegistersTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskWithRegistersTest.java index 4b9e9fe2..ead276f9 100644 --- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskWithRegistersTest.java +++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskWithRegistersTest.java @@ -76,6 +76,7 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPreProcessingException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException; @@ -536,8 +537,9 @@ public class InitialSearchTaskWithRegistersTest { } @Override - public void preProcess(String selectedCC, IRequest pendingReq, LightRequest.Builder authnRequestBuilder) { - genericEidProcessor.preProcess(pendingReq, authnRequestBuilder); + public void preProcess(String selectedCC, IRequest pendingReq, LightRequest.Builder authnRequestBuilder) + throws EidPreProcessingException { + genericEidProcessor.preProcess(pendingReq, authnRequestBuilder, selectedCC); } }; } diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java index ca292d4c..f3863ce0 100644 --- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java +++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java @@ -50,6 +50,7 @@ import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; import eu.eidas.auth.commons.light.impl.LightRequest; import eu.eidas.auth.commons.light.impl.LightRequest.Builder; +import lombok.SneakyThrows; @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration(locations = { @@ -110,7 +111,8 @@ public class EidasRequestPreProcessingFirstTest { } @Test - public void prePreProcessGeneric() throws EidPostProcessingException { + @SneakyThrows + public void prePreProcessGeneric() { final String testCountry = "XX"; authnRequestBuilder.citizenCountryCode(testCountry); preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder); @@ -125,6 +127,7 @@ public class EidasRequestPreProcessingFirstTest { } @Test + @SneakyThrows public void prePreProcessGenericNoCountryCode() throws EidPostProcessingException { final String testCountry = "XX"; authnRequestBuilder.citizenCountryCode(testCountry); @@ -140,6 +143,7 @@ public class EidasRequestPreProcessingFirstTest { } @Test + @SneakyThrows public void prePreProcessDE() throws EidPostProcessingException { final String testCountry = "DE"; @@ -157,6 +161,7 @@ public class EidasRequestPreProcessingFirstTest { } @Test + @SneakyThrows public void prePreProcessNlWithUpgrade() throws EidPostProcessingException { final String testCountry = "NL"; @@ -177,6 +182,7 @@ public class EidasRequestPreProcessingFirstTest { } @Test + @SneakyThrows public void prePreProcessNlWithOutUpgrade() throws EidPostProcessingException { final String testCountry = "NL"; diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java index 9b061b55..0453ca1d 100644 --- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java +++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java @@ -23,6 +23,9 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertThrows; + import java.util.HashMap; import java.util.Map; import java.util.UUID; @@ -39,6 +42,7 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPreProcessingException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService; import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; import at.gv.egiz.eaaf.core.api.data.EaafConstants; @@ -46,6 +50,7 @@ import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; import eu.eidas.auth.commons.light.impl.LightRequest; import eu.eidas.auth.commons.light.impl.LightRequest.Builder; +import lombok.SneakyThrows; @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration(locations = { @@ -85,13 +90,55 @@ public class EidasRequestPreProcessingSecondTest { authnRequestBuilder.id(UUID.randomUUID().toString()); authnRequestBuilder.issuer("Test"); authnRequestBuilder.levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH); + + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.publicSectorTargets", ".*"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll", "true"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.proxyservices.privatesp.notsupported", ""); + + } + @Test + @SneakyThrows + public void privateSpAllowed() { basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll", "true"); + "eidas.ms.auth.eIDAS.node_v2.proxyservices.privatesp.notsupported", "XX,XY"); + basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets"); + + oaParam.getFullConfiguration().put("target", "urn:publicid:gv.at:wbpk+XFN+123456a"); + final String testCountry = "DE"; + authnRequestBuilder.citizenCountryCode(testCountry); + preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder); + + final LightRequest lightReq = authnRequestBuilder.build(); + Assert.assertEquals("no PublicSP", "private", lightReq.getSpType()); + } + + @Test + @SneakyThrows + public void privateSpNotAllowed() { + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.proxyservices.privatesp.notsupported", "XX,XY"); + basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets"); + + oaParam.getFullConfiguration().put("target", "urn:publicid:gv.at:wbpk+XFN+123456a"); + + final String testCountry = "XY"; + authnRequestBuilder.citizenCountryCode(testCountry); + + EidPreProcessingException error = assertThrows("validation error not detected", EidPreProcessingException.class, + () -> preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder)); + assertEquals("wrong errorId", "module.eidasauth.07", error.getErrorId()); + + } + @Test + @SneakyThrows public void prePreProcessDeUnknownAttribute() throws EidPostProcessingException { basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs", "myNode"); basicConfig.putConfigValue( @@ -114,6 +161,7 @@ public class EidasRequestPreProcessingSecondTest { * Set ProviderName according to general configuration */ @Test + @SneakyThrows public void prePreProcessLuPublicSpWithoutRequestId() throws EidPostProcessingException { basicConfig.putConfigValue( @@ -136,6 +184,7 @@ public class EidasRequestPreProcessingSecondTest { * Always set requesterId and providername in case of country LU */ @Test + @SneakyThrows public void prePreProcessLuPublicSpWithStaticRequesterId() throws EidPostProcessingException { |