diff options
21 files changed, 511 insertions, 919 deletions
| diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 9cecaf7f..df21e049 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -18,6 +18,10 @@ include:    - template: Dependency-Scanning.gitlab-ci.yml    - template: Secret-Detection.gitlab-ci.yml +default: +  tags: +    - docker +  stages:    - assemble    - test @@ -30,14 +34,12 @@ cache:  assemble:    stage: assemble -  tags: -    - docker    except:      - tags    script: |      mvn $MAVEN_CLI_OPTS generate-sources compile test    after_script: -    - awk -F"," '{ instructions += $4 + $5; covered += $5 } END { print covered, "/", instructions, " instructions covered"; print 100*covered/instructions, "% covered" }' $JACOCO_CSV_LOCATION     +    - awk -F"," '{ instructions += $4 + $5; covered += $5 } END { print covered, "/", instructions, " instructions covered"; print 100*covered/instructions, "% covered" }' $JACOCO_CSV_LOCATION    coverage: '/([0-9]{1,3}.[0-9]*).%.covered/'    artifacts:      when: always @@ -50,8 +52,6 @@ assemble:  buildDistributionPackage:    stage: package -  tags: -    - docker    except:      - tags      -  /^feature/.*$/i @@ -64,15 +64,13 @@ buildDistributionPackage:      name: "${CI_PROJECT_NAME}-${CI_COMMIT_SHORT_SHA}"      when: always      reports: -      dotenv: variables.env     +      dotenv: variables.env      paths:        - $PROJECT_RELEASE_PACKAGE  release:    stage: release    image: registry.gitlab.com/gitlab-org/release-cli:latest -  tags: -    - docker    needs:      - job: buildDistributionPackage        artifacts: true @@ -87,4 +85,4 @@ release:      name: "${CI_PROJECT_NAME}-${CI_COMMIT_SHORT_SHA}-release"      expire_in: never      paths: -      - $PROJECT_RELEASE_PACKAGE          +      - $PROJECT_RELEASE_PACKAGE diff --git a/eidas_modules/authmodule-eIDAS-v2/pom.xml b/eidas_modules/authmodule-eIDAS-v2/pom.xml index 6b5469a1..976a4d9b 100644 --- a/eidas_modules/authmodule-eIDAS-v2/pom.xml +++ b/eidas_modules/authmodule-eIDAS-v2/pom.xml @@ -59,15 +59,6 @@        <artifactId>eaaf_module_pvp2_sp</artifactId>      </dependency> -    <dependency> -      <groupId>iaik.prod</groupId> -      <artifactId>iaik_jce_full</artifactId> -      <version>5.52_moa</version> -<!--      <groupId>iaik</groupId>--> -<!--      <artifactId>jce_full_signed</artifactId>--> -<!--      <version>5.52</version>--> -    </dependency> -      <!-- eIDAS reference implemenation libs -->      <dependency>        <groupId>eu.eidas</groupId> @@ -181,12 +172,12 @@        <groupId>org.springframework.boot</groupId>        <artifactId>spring-boot-starter-test</artifactId>        <scope>test</scope> -    </dependency>         +    </dependency>      <dependency>        <groupId>org.springframework.boot</groupId>        <artifactId>spring-boot-starter-tomcat</artifactId>        <scope>test</scope> -    </dependency>         +    </dependency>      <dependency>        <groupId>com.github.skjolber</groupId>        <artifactId>mockito-soap-cxf</artifactId> @@ -283,15 +274,15 @@                    <extraargs>                      <extraarg>-verbose </extraarg>                    </extraargs> -                </wsdlOption>                 +                </wsdlOption>                  <wsdlOption>                    <wsdl>${basedir}/src/main/resources/wsdl/zmr_client/wsdl/Service.wsdl</wsdl>                    <extraargs>                      <extraarg>-verbose </extraarg>                    </extraargs>                  </wsdlOption> -                 -                <!--use custom package name for search address Web-Service,  + +                <!--use custom package name for search address Web-Service,                      because ZMR and address Web-Service use the same XML namespace but defines different schema. -->                  <wsdlOption>                    <wsdl>${basedir}/src/main/resources/wsdl/addresssearching_client/wsdl/Service.wsdl</wsdl> @@ -300,10 +291,10 @@                    </extraargs>                    <packagenames>                      <packagename>http://bmi.gv.at/namespace/zmr-su/base/20040201#=at.gv.bmi.namespace.zmr_su.base._20040201_.address</packagename> -                    <packagename>http://bmi.gv.at/namespace/zmr-su/zmr/20040201#=at.gv.bmi.namespace.zmr_su.zrm._20040201_.address</packagename>                     +                    <packagename>http://bmi.gv.at/namespace/zmr-su/zmr/20040201#=at.gv.bmi.namespace.zmr_su.zrm._20040201_.address</packagename>                    </packagenames> -                </wsdlOption>  -                                +                </wsdlOption> +                </wsdlOptions>              </configuration>              <goals> diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java index ee9b00f7..bfb82474 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java @@ -40,11 +40,6 @@ public class Constants {    public static final String DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE = "resp_fulleIDASResponseAlternative";    /** -   * Stored when one match from register was found. -   */ -  public static final String DATA_RESULT_MATCHING_BPK = "matching_result_bpk"; - -  /**     * Stored before Step 2 from Matching Concept, input from user eIDAS authn.     */    public static final String DATA_SIMPLE_EIDAS = "matching_simple_eidas_data"; @@ -67,7 +62,7 @@ public class Constants {    // configuration properties    public static final String CONIG_PROPS_EIDAS_PREFIX = "auth.eIDAS"; -  public static final String CONIG_PROPS_EIDAS_IS_TEST_IDENTITY = CONIG_PROPS_EIDAS_PREFIX  +  public static final String CONIG_PROPS_EIDAS_IS_TEST_IDENTITY = CONIG_PROPS_EIDAS_PREFIX        + ".eid.testidentity.default";    public static final String CONIG_PROPS_EIDAS_NODE = CONIG_PROPS_EIDAS_PREFIX + ".node_v2";    public static final String CONIG_PROPS_EIDAS_NODE_COUNTRYCODE = CONIG_PROPS_EIDAS_NODE + ".countrycode"; @@ -84,20 +79,20 @@ public class Constants {        CONIG_PROPS_EIDAS_NODE + ".attributes.requested.{0}.onlynatural";    public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_REPRESENTATION =        CONIG_PROPS_EIDAS_NODE + ".attributes.requested.representation"; -   +    public static final String CONIG_PROPS_EIDAS_NODE_REQUESTERID_USE_HASHED_VERSION =        CONIG_PROPS_EIDAS_NODE + ".requesterId.useHashedForm";    public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USE_STATIC_REQUESTERID_FOR_LUX =        CONIG_PROPS_EIDAS_NODE + ".requesterId.lu.useStaticRequesterForAll"; -   +    public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_ADD_ALWAYS_PROVIDERNAME = -      CONIG_PROPS_EIDAS_NODE + ".workarounds.addAlwaysProviderName";   +      CONIG_PROPS_EIDAS_NODE + ".workarounds.addAlwaysProviderName";    public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USEREQUESTIDASTRANSACTIONIDENTIFIER =        CONIG_PROPS_EIDAS_NODE + ".workarounds.useRequestIdAsTransactionIdentifier"; -   -  public static final String CONFIG_PROP_EIDAS_NODE_NAMEIDFORMAT =  + +  public static final String CONFIG_PROP_EIDAS_NODE_NAMEIDFORMAT =        CONIG_PROPS_EIDAS_NODE + ".requested.nameIdFormat"; -   +    public static final String CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = CONIG_PROPS_EIDAS_NODE        + ".staticProviderNameForPublicSPs";    public static final String DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = "Austria"; @@ -279,14 +274,14 @@ public class Constants {    public static final String COUNTRY_CODE_DE = "DE";    public static final String COUNTRY_CODE_IT = "IT"; -   +    // UI options    public static final String HTML_FORM_ADVANCED_MATCHING_FAILED = "advancedMatchingFailed"; -   -   + +    // ProcessEngine context    public static final String CONTEXT_FLAG_ADVANCED_MATCHING_FAILED = HTML_FORM_ADVANCED_MATCHING_FAILED; -     +    /**     * {@link at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateNewErnpEntryTask}.     */ @@ -315,7 +310,7 @@ public class Constants {     */    public static final String TRANSITION_TO_GENERATE_EIDAS_LOGIN = "TASK_GenerateAlternativeEidasAuthn"; -   +    /**     * Stores login selection from user.     */ diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java index 35f353f4..5ad92507 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java @@ -23,12 +23,10 @@  package at.asitplus.eidas.specific.modules.auth.eidas.v2.dao; -import org.apache.commons.lang3.builder.EqualsBuilder; - -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException;  import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType;  import lombok.Builder;  import lombok.Data; +import org.apache.commons.lang3.builder.EqualsBuilder;  @Data  @Builder @@ -60,27 +58,18 @@ public class SimpleEidasData {    private final String taxNumber;    /** -   * Compares the register result with the eidas data. +   * Compares the register result with the EIDAS data (given name, family name, date of birth, personal identifier).     *     * @param result The register data to use for comparison -   * @return true or false depending of the data matches -   * @throws WorkflowException if multiple results have been found +   * @return whether the data (given name, family name, date of birth, personal identifier) match     */ -  public boolean equalsRegisterData(RegisterResult result) throws WorkflowException { -    /*TODO: maybe this is check is not valid, because only the minimum data-set (personalIdentifer, givenName, -     *      familyName, dateOfBirth) has to be always available. Any other attributes are optional. -     *      This check will always evaluate to false if register has more information as current eIDAS process!!! -     */ - +  public boolean equalsRegisterData(RegisterResult result) {      return new EqualsBuilder()          .append(result.getGivenName(), givenName)          .append(result.getFamilyName(), familyName)          .append(result.getDateOfBirth(), dateOfBirth) -        .append(result.getPlaceOfBirth(), placeOfBirth) -        .append(result.getBirthName(), birthName) -        .append(result.getTaxNumber(), taxNumber) -        .isEquals() && result.getPseudonym().stream() -            .anyMatch(el -> el.equals(pseudonym)); +        .isEquals() +        && result.getPseudonym().stream().anyMatch(el -> el.equals(pseudonym));    }    /** diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/InvalidUserInputException.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/InvalidUserInputException.java deleted file mode 100644 index c7df56d0..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/InvalidUserInputException.java +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Copyright 2020 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.exception; - -public class InvalidUserInputException extends EidasSAuthenticationException { -  private static final long serialVersionUID = 1L; - -  public InvalidUserInputException(String errorCode) { -    super(errorCode, null); -     -  } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/AlternativeSearchTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/AlternativeSearchTask.java index e0273d10..f021fae9 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/AlternativeSearchTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/AlternativeSearchTask.java @@ -62,7 +62,6 @@ import lombok.extern.slf4j.Slf4j;   * Output:   * <ul>   *     <li>{@link Constants#DATA_PERSON_MATCH_RESULT} results after second search in registers with MDS</li> - *     <li>{@link Constants#DATA_RESULT_MATCHING_BPK} if one register result found</li>   * </ul>   * Transitions:   * <ul> @@ -98,123 +97,123 @@ public class AlternativeSearchTask extends AbstractAuthServletTask {    public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)        throws TaskExecutionException {      try { -      final SimpleEidasData altEidasData = convertEidasAttrToSimpleData();             +      final SimpleEidasData altEidasData = convertEidasAttrToSimpleData();        final SimpleEidasData initialEidasData = MatchingTaskUtils.getInitialEidasData(pendingReq); -      final RegisterStatusResults intermediateMatchingState =  +      final RegisterStatusResults intermediateMatchingState =            MatchingTaskUtils.getIntermediateMatchingResult(pendingReq); -             +        //pre-validation of eIDAS data        preVerifyAlternativeEidasData(altEidasData, initialEidasData, intermediateMatchingState); -             +        //perform register search operation based on alterantive eIDAS data -      step11RegisterSearchWithPersonIdentifier(executionContext, altEidasData,  +      step11RegisterSearchWithPersonIdentifier(executionContext, altEidasData,            intermediateMatchingState, initialEidasData); -       +      } catch (WorkflowException e) {        throw new TaskExecutionException(pendingReq, "Initial search failed", e); -       +      } catch (final Exception e) {        log.error("Initial search failed", e);        throw new TaskExecutionException(pendingReq, "Initial search failed with a generic error", e); -       +      }    }    /**     * Pre-validation of eIDAS information. -   *  +   *     * <p>Check if country-code and MDS (givenName, familyName, dateOfBirth) matches.</p> -   *  +   *     * @param altEidasData eIDAS data from alternative authentication     * @param initialEidasData eIDAS data from initial authentication     * @param intermediateMatchingState Intermediate matching result     * @throws WorkflowException In case of a validation error     */ -  private void preVerifyAlternativeEidasData(SimpleEidasData altEidasData, SimpleEidasData initialEidasData,  +  private void preVerifyAlternativeEidasData(SimpleEidasData altEidasData, SimpleEidasData initialEidasData,        RegisterStatusResults intermediateMatchingState) throws WorkflowException {      if (initialEidasData == null) {        throw new WorkflowException("step11", "No initial eIDAS authn data", true); -       +      } -     +      if (intermediateMatchingState == null) {        throw new WorkflowException("step11", "No intermediate matching-state", true); -       +      } -     +      if (!Objects.equals(altEidasData.getCitizenCountryCode(), initialEidasData.getCitizenCountryCode())) {        throw new WorkflowException("step11", "Country Code of alternative eIDAS authn not matching", true); -       +      } -     +      if (!altEidasData.equalsMds(initialEidasData)) {        throw new WorkflowException("step11", "MDS of alternative eIDAS authn does not match initial authn", true); -       +      }    }    private void step11RegisterSearchWithPersonIdentifier( -      ExecutionContext executionContext, SimpleEidasData altEidasData,  +      ExecutionContext executionContext, SimpleEidasData altEidasData,        RegisterStatusResults intermediateMatchingState, SimpleEidasData initialEidasData)        throws WorkflowException, EaafStorageException {      try {        log.trace("Starting step11RegisterSearchWithPersonIdentifier");        RegisterStatusResults altSearchResult = registerSearchService.searchWithPersonIdentifier(            intermediateMatchingState.getOperationStatus(), altEidasData); -       +        int resultCount = altSearchResult.getResultCount();        if (resultCount == 0) { -        step12CountrySpecificSearch(executionContext, intermediateMatchingState, initialEidasData,  +        step12CountrySpecificSearch(executionContext, intermediateMatchingState, initialEidasData,              altSearchResult.getOperationStatus(), altEidasData); -         +        } else if (resultCount == 1) {          log.debug("step11RegisterSearchWithPersonIdentifier find single result. Starting KITT operation ... ");          RegisterStatusResults matchtedResult = registerSearchService.step7bKittProcess(              intermediateMatchingState, initialEidasData, altSearchResult, altEidasData); -         +          log.debug("KITT operation finished. Finalize matching process ... ");          foundMatchFinalizeTask(matchtedResult, altEidasData); -         +        } else {          throw new WorkflowException("step11RegisterSearchWithPersonIdentifier",              "More than one entry with unique personal-identifier", true); -         +        }      } catch (WorkflowException e) {        log.warn("Workflow error during matching step: {}. Reason: {}", e.getProcessStepName(), e.getErrorReason());        throw e; -       +      }    }    private void step12CountrySpecificSearch(ExecutionContext executionContext, -                                           RegisterStatusResults intermediateMatchingState,  +                                           RegisterStatusResults intermediateMatchingState,                                             SimpleEidasData initialEidasData,                                             RegisterOperationStatus registerOperationStatus,                                             SimpleEidasData altEidasData)        throws EaafStorageException, WorkflowException { -    log.trace("Starting 'step12CountrySpecificSearch' ... ");     +    log.trace("Starting 'step12CountrySpecificSearch' ... ");      RegisterStatusResults ccAltSearchResult = registerSearchService.searchWithCountrySpecifics(          registerOperationStatus, altEidasData); -         +      if (ccAltSearchResult.getResultCount() == 0) {        log.trace("'step12CountrySpecificSearch' ends with no result. Forward to GUI based matching step ... ");        log.debug("Forward to GUI based matching steps ... ");        executionContext.put(TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK, true); -       -    } else if (ccAltSearchResult.getResultCount() == 1) {       -      log.debug("'step12CountrySpecificSearch' find single result. Starting KITT operation ... ");       + +    } else if (ccAltSearchResult.getResultCount() == 1) { +      log.debug("'step12CountrySpecificSearch' find single result. Starting KITT operation ... ");        RegisterStatusResults matchtedResult = registerSearchService.step7bKittProcess(            intermediateMatchingState, initialEidasData, ccAltSearchResult, altEidasData); -       -      log.debug("KITT operation finished. Finalize matching process ... ");             + +      log.debug("KITT operation finished. Finalize matching process ... ");        foundMatchFinalizeTask(matchtedResult, altEidasData); -       +      } else {        throw new WorkflowException("step12CountrySpecificSearch",            "More than one entry with unique country-specific information", true); -       -    }     + +    }    }    private void foundMatchFinalizeTask(RegisterStatusResults searchResult, SimpleEidasData eidasData) @@ -222,10 +221,10 @@ public class AlternativeSearchTask extends AbstractAuthServletTask {      MatchedPersonResult result = MatchedPersonResult.generateFormMatchingResult(          searchResult.getResult(), eidasData.getCitizenCountryCode());      MatchingTaskUtils.storeFinalMatchingResult(pendingReq, result); -     +      //remove intermediate matching-state      MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, null); -     +    }    @NotNull diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java index 35717ae0..c95c275e 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java @@ -71,11 +71,11 @@ import lombok.extern.slf4j.Slf4j;  import szrservices.IdentityLinkType;  /** - * Task that creates the IdentityLink for an eIDAS authenticated person.  + * Task that creates the IdentityLink for an eIDAS authenticated person.   * Input:   * <ul>   *     <li>{@link Constants#DATA_SIMPLE_EIDAS} initial login data from user</li> - *     <li>{@link Constants#DATA_RESULT_MATCHING_BPK} the BPK of the matched entry in a register</li> + *     <li>{@link Constants#DATA_PERSON_MATCH_RESULT} the data of the matched entry in a register</li>   * </ul>   * Output:   * <ul> @@ -116,47 +116,47 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {    @Override    public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)        throws TaskExecutionException { -    try {       -       +    try { +        /*TODO: needs more re-factoring if we finalize CreateNewErnpEntryTask and we know how add entries into ERnP -       *      Maybe, we can fully replace eidData by matchedPersonData,  +       *      Maybe, we can fully replace eidData by matchedPersonData,         *      because matchedPersonData holds the result after a successful matching process. -       *       +       *         *      Currently, we only add a work-around to operate without new ERnP implementation.         */ -      final SimpleEidasData eidData = MatchingTaskUtils.getInitialEidasData(pendingReq);       +      final SimpleEidasData eidData = MatchingTaskUtils.getInitialEidasData(pendingReq);        MatchedPersonResult matchedPersonData = MatchingTaskUtils.getFinalMatchingResult(pendingReq); -       +        writeMdsLogInformation(eidData);        if (basicConfig.getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USEDUMMY, false)) {          buildDummyIdentityLink(eidData); -         +        } else {          //request SZR based on IDL or E-ID mode          if (pendingReq.getServiceProviderConfiguration()              .isConfigurationValue(MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE, false)) {            executeEidMode(eidData, matchedPersonData); -           +          } else {            executeIdlMode(eidData, matchedPersonData); -           -        }         + +        }        } -       +        storeGenericInfoToSession(eidData);        requestStoreage.storePendingRequest(pendingReq); -       +      } catch (final EidasAttributeException e) {        throw new TaskExecutionException(pendingReq, "Minimum required eIDAS attributeset not found.", e); -       +      } catch (final EaafException e) {        throw new TaskExecutionException(pendingReq, "IdentityLink generation for foreign person FAILED.", e); -       +      } catch (final Exception e) {        log.error("IdentityLink generation for foreign person FAILED.", e);        throw new TaskExecutionException(pendingReq, "IdentityLink generation for foreign person FAILED.", e); -       +      }    } @@ -191,18 +191,18 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {    private void executeEidMode(SimpleEidasData eidData, MatchedPersonResult matchedPersonData)        throws JsonProcessingException, EaafException, JoseException { -    // get encrypted baseId         +    // get encrypted baseId      String vsz;      if (matchedPersonData != null) {        log.debug("Requesting encrypted baseId by already matched person information ... ");        vsz = szrClient.getEncryptedStammzahl(matchedPersonData); -       +      } else {        log.debug("Requesting encrypted baseId by using eIDAS information directly ... "); -      vsz = szrClient.createNewErnpEntry(eidData);   -       +      vsz = szrClient.createNewErnpEntry(eidData); +      } -     +      //write revision-Log entry and extended infos personal-identifier mapping      revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_VSZ_RECEIVED);      writeExtendedRevisionLogEntry(eidData, eidData.getPersonalIdentifier()); @@ -221,7 +221,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {      //inject personal-data into session      authProcessDataWrapper.setEidProcess(true); -     +    }    private void buildDummyIdentityLink(SimpleEidasData eidData) @@ -249,7 +249,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {      }    } -  private SzrResultHolder requestSzrForIdentityLink(SimpleEidasData eidData,  +  private SzrResultHolder requestSzrForIdentityLink(SimpleEidasData eidData,        MatchedPersonResult matchedPersonData) throws EaafException {      //request IdentityLink from SZR      IdentityLinkType result; @@ -257,14 +257,14 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {      if (matchedPersonData != null) {        log.debug("Requesting encrypted baseId by already matched person information ... ");        result = szrClient.getIdentityLinkInRawMode(matchedPersonData); -       +      } else {        log.debug("Requesting encrypted baseId by using eIDAS information directly ... ");        result = szrClient.getIdentityLinkInRawMode(eidData); -       +      } -     -     + +      final Element idlFromSzr = (Element) result.getAssertion();      final IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSzr).parseIdentityLink(); @@ -336,7 +336,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {      }    } -  +    /**     * write MDS into technical log and revision log.     */ diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java index b9769bc4..f295d66b 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java @@ -65,7 +65,6 @@ import lombok.extern.slf4j.Slf4j;   *     <li>{@link Constants#DATA_INTERMEDIATE_RESULT} results from first search in registers with   *     PersonIdentifier</li>   *     <li>{@link Constants#DATA_PERSON_MATCH_RESULT} results after second search in registers with MDS</li> - *     <li>{@link Constants#DATA_RESULT_MATCHING_BPK} if one register result found</li>   * </ul>   * Transitions:   * <ul> @@ -122,14 +121,14 @@ public class InitialSearchTask extends AbstractAuthServletTask {        int resultCount = searchResult.getResultCount();        if (resultCount == 0) {          step6CountrySpecificSearch(executionContext, searchResult.getOperationStatus(), eidasData); -         +        } else if (resultCount == 1) {          foundMatchFinalizeTask(searchResult, eidasData); -         +        } else {          throw new WorkflowException("step2RegisterSearchWithPersonIdentifier",              "More than one entry with unique personal-identifier", true); -         +        }      } catch (WorkflowException e) {        //TODO: what we do in case of a workflow error and manual matching are necessary?? @@ -182,7 +181,7 @@ public class InitialSearchTask extends AbstractAuthServletTask {    }    private RegisterResult step3CheckRegisterUpdateNecessary(RegisterResult searchResult, -                                                           SimpleEidasData eidasData) throws WorkflowException { +                                                           SimpleEidasData eidasData) {      log.trace("Starting step3CheckRegisterUpdateNecessary");      if (!eidasData.equalsRegisterData(searchResult)) {        log.info("Skipping update-register-information step, because it's not supported yet"); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java index 83fdf771..acf469d3 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java @@ -35,7 +35,6 @@ import org.springframework.stereotype.Component;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.InvalidUserInputException;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ManualFixNecessaryException;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService; @@ -50,6 +49,9 @@ import lombok.Data;  import lombok.NoArgsConstructor;  import lombok.extern.slf4j.Slf4j; +import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED; +import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK; +  /**   * Task receives the response of {@link GenerateAustrianResidenceGuiTask} and handles it. @@ -61,13 +63,14 @@ import lombok.extern.slf4j.Slf4j;   * </ul>   * Output:   * <ul> - *   <li>{@link Constants#DATA_RESULT_MATCHING_BPK} if one register result found</li> + *   <li>{@link Constants#DATA_PERSON_MATCH_RESULT} if one register result found</li>   * </ul>   * Transitions:   * <ul>   *   <li>{@link CreateNewErnpEntryTask} if no results from search with residency data in registers</li>   *   <li>{@link CreateIdentityLinkTask} if one exact match between initial register search (with MDS) and results   *   from search with residency data in registers exists</li> + *   <li>{@link GenerateOtherLoginMethodGuiTask} if a user input error has happened</li>   * </ul>   *   * @author amarsalek @@ -102,89 +105,80 @@ public class ReceiveAustrianResidenceGuiResponseTask extends AbstractAuthServlet    public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)        throws TaskExecutionException {      log.trace("Starting ReceiveAustrianResidenceGuiResponseTask"); -         -    UserInput input = parseHtmlInput(request);     + +    UserInput input = parseHtmlInput(request);      if (!input.isFormerResidenceAvailable()) {        moveToNextTask(executionContext);        return; -       +      } -         -    //TODO: Here, we need an error handling an can not stop full process if form input was invalid -    //TODO: check minimum form elements -    /*TODO: maybe we can switch to custom controller and use WebMVC form-binding feature.  -     *      Binding element can be add as attribute to this request -     */ +      if (input.getStreet().isEmpty() || input.getCity().isEmpty() || input.getZipcode().isEmpty()) {        // HTML form should ensure that mandatory fields are set => this should never happen -      throw new TaskExecutionException(pendingReq, "Invalid user input",  -          new InvalidUserInputException("module.eidasauth.matching.06")); -       +      executionContext.put(CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true); +      executionContext.put(TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK, true); +      return; +      } -     -     -         +      try {        SimpleEidasData eidasData = MatchingTaskUtils.getInitialEidasData(pendingReq);        RegisterStatusResults initialSearchResult = MatchingTaskUtils.getIntermediateMatchingResult(pendingReq); -       -      RegisterStatusResults residencyResult =  -          registerSearchService.searchWithResidence(initialSearchResult.getOperationStatus(),  + +      RegisterStatusResults residencyResult = +          registerSearchService.searchWithResidence(initialSearchResult.getOperationStatus(),                eidasData, input.zipcode, input.city, input.street);        if (residencyResult.getResultCount() == 0) {          //TODO: her we should add a GUI step of result is zero to inform user an forward process by click          moveToNextTask(executionContext); -         +        } else if (residencyResult.getResultCount() == 1) {          compareSearchResultWithInitialData(executionContext, residencyResult, eidasData); -         +        } else { -        /*TODO: align with form generation task and to better error handling in case of more-than-one result.  +        /*TODO: align with form generation task and to better error handling in case of more-than-one result.           *      Maybe the user has to provide more information.           */          throw new TaskExecutionException(pendingReq,              "Manual Fix necessary", new ManualFixNecessaryException(eidasData)); -         +        } -       +      } catch (EaafStorageException e) {        log.error("Search with residency data failed", e);        throw new TaskExecutionException(pendingReq, "Search with residency data failed", e); -       +      }    } -  private void compareSearchResultWithInitialData(ExecutionContext executionContext,  +  private void compareSearchResultWithInitialData(ExecutionContext executionContext,        RegisterStatusResults residencyResult, SimpleEidasData eidasData)        throws TaskExecutionException, EaafStorageException { -    try {             -      /*TODO: check 'equalsRegisterData' because this method maybe this method evaluate to an invalid result. -       *      See TODO in methods body -       */       +    try {        if (eidasData.equalsRegisterData(residencyResult.getResult())) {          // update register information          registerSearchService.step7aKittProcess(residencyResult, eidasData); -                                 +          // store search result to re-used in CreateIdentityLink step, because there we need bPK and MDS -        MatchingTaskUtils.storeFinalMatchingResult(pendingReq,  +        MatchingTaskUtils.storeFinalMatchingResult(pendingReq,              MatchedPersonResult.generateFormMatchingResult(                  residencyResult.getResult(), eidasData.getCitizenCountryCode())); -         +        } else {          moveToNextTask(executionContext); -         +        } -       +      } catch (WorkflowException e) {        throw new TaskExecutionException(pendingReq, "Search failed", new ManualFixNecessaryException(eidasData)); -       +      }    }    private void moveToNextTask(ExecutionContext executionContext) {      // Later on, this should transition to Step 20      executionContext.put(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK, true); -     +    }    private @NotNull UserInput parseHtmlInput(HttpServletRequest request) { @@ -195,20 +189,20 @@ public class ReceiveAustrianResidenceGuiResponseTask extends AbstractAuthServlet        String escaped = StringEscapeUtils.escapeHtml(request.getParameter(paramName));        if (PARAM_FORMER_RESIDENCE_AVAILABLE.equalsIgnoreCase(paramName)) {          result.setFormerResidenceAvailable(Boolean.parseBoolean(escaped)); -         +        } else if (PARAM_STREET.equalsIgnoreCase(paramName)) {          result.setStreet(escaped); -         +        } else if (PARAM_CITY.equalsIgnoreCase(paramName)) {          result.setCity(escaped); -         +        } else if (PARAM_ZIPCODE.equalsIgnoreCase(paramName)) {          result.setZipcode(escaped); -         +        }      }      return result; -     +    }  } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java index d43a175f..4655d7ab 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java @@ -23,6 +23,8 @@  package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks; +import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED; +import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK;  import static at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants.MODULE_NAME_FOR_LOGGING;  import java.io.IOException; @@ -49,7 +51,6 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleMobileSignatureData; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.InvalidUserInputException;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthEventConstants; @@ -91,13 +92,14 @@ import lombok.extern.slf4j.Slf4j;   * </ul>   * Output:   * <ul> - *     <li>{@link Constants#DATA_RESULT_MATCHING_BPK} if one register result found</li> + *     <li>{@link Constants#DATA_PERSON_MATCH_RESULT} if one register result found</li>   * </ul>   * Transitions:   * <ul>   *     <li>{@link GenerateAustrianResidenceGuiTask} if no results in registers were found</li>   *     <li>{@link CreateIdentityLinkTask} if one exact match between initial register search (with MDS) data and   *     register search with MPS data exists</li> + *     <li>{@link GenerateOtherLoginMethodGuiTask} if a user input error has happened</li>   * </ul>   *   * @author tlenz @@ -150,83 +152,84 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet        Pair<PvpSProfileResponse, Boolean> processedMsg = validateAssertion((PvpSProfileResponse) inboundMessage);        if (processedMsg.getSecond()) {          // forward to next matching step in case of ID Autria authentication was stopped by user -        executionContext.put(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK, true);         +        executionContext.put(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK, true);          return; -         +        }        // validate SAML2 response        validateEntityId(inboundMessage);        log.info("Receive a valid assertion from IDP " + inboundMessage.getEntityID()); -             +        // load already existing information from session        SimpleEidasData eidasData = MatchingTaskUtils.getInitialEidasData(pendingReq);        RegisterStatusResults initialSearchResult = MatchingTaskUtils.getIntermediateMatchingResult(pendingReq); -       +        // extract user information from ID Austria authentication        AssertionAttributeExtractor extractor = new AssertionAttributeExtractor(processedMsg.getFirst().getResponse());        SimpleMobileSignatureData simpleMobileSignatureData = getAuthDataFromInterfederation(extractor); -       -      // check if MDS from ID Austria authentication matchs to eIDAS authentication   + +      // check if MDS from ID Austria authentication matchs to eIDAS authentication        if (!simpleMobileSignatureData.equalsSimpleEidasData(eidasData)) { -        // user has cheated!? -        throw new InvalidUserInputException("module.eidasauth.matching.05");  -                +        executionContext.put(CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true); +        executionContext.put(TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK, true); +        return; +        } -             +        // search entry in initial search result from steps before and build new RegisterSearchResult        RegisterStatusResults registerResult = new RegisterStatusResults(initialSearchResult.getOperationStatus(),            extractEntriesByBpk(initialSearchResult.getResultsZmr().stream(), simpleMobileSignatureData.getBpk()),            extractEntriesByBpk(initialSearchResult.getResultsErnp().stream(), simpleMobileSignatureData.getBpk())); -           +        if (registerResult.getResultCount() != 1) {          throw new WorkflowException("matchWithIDAustriaAuthentication",              "Suspect state detected. MDS matches to eIDAS authentication " -                + "but register search-result with MDS contains #" + registerResult.getResultCount()  -                + " entry with bPK from ID Austria authentication", false);   -         +                + "but register search-result with MDS contains #" + registerResult.getResultCount() +                + " entry with bPK from ID Austria authentication", false); +        } else {          // perform kit operation          registerSearchService.step7aKittProcess(registerResult, eidasData); -         -        // store search result to re-used in CreateIdentityLink step, because there we need bPK and MDS         -        MatchingTaskUtils.storeFinalMatchingResult(pendingReq,  -            MatchedPersonResult.generateFormMatchingResult(registerResult.getResult(),  + +        // store search result to re-used in CreateIdentityLink step, because there we need bPK and MDS +        MatchingTaskUtils.storeFinalMatchingResult(pendingReq, +            MatchedPersonResult.generateFormMatchingResult(registerResult.getResult(),                  eidasData.getCitizenCountryCode())); -         -      }             -       + +      } +      } catch (final AuthnResponseValidationException e) {        throw new TaskExecutionException(pendingReq, ERROR_MSG_03, e); -       +      } catch (MessageDecodingException | SecurityException | SamlSigningException e) {        //final String samlRequest = request.getParameter("SAMLRequest");        //log.debug("Receive INVALID PVP Response from 'ms-specific eIDAS node': {}",        //    samlRequest, null, e);        throw new TaskExecutionException(pendingReq, ERROR_MSG_00,            new AuthnResponseValidationException(ERROR_PVP_11, new Object[]{MODULE_NAME_FOR_LOGGING}, e)); -       +      } catch (IOException | MarshallingException | TransformerException e) {        log.debug("Processing PVP response from 'ms-specific eIDAS node' FAILED.", e);        throw new TaskExecutionException(pendingReq, ERROR_MSG_01,            new AuthnResponseValidationException(ERROR_PVP_12, new Object[]{MODULE_NAME_FOR_LOGGING, e.getMessage()}, e)); -       +      } catch (final CredentialsNotAvailableException e) {        log.debug("PVP response decryption FAILED. No credential found.", e);        throw new TaskExecutionException(pendingReq, ERROR_MSG_02,            new AuthnResponseValidationException(ERROR_PVP_10, new Object[]{MODULE_NAME_FOR_LOGGING}, e)); -       +      } catch (final Exception e) {        // todo catch ManualFixNecessaryException in any other way?        log.debug("PVP response validation FAILED. Msg:" + e.getMessage(), e);        throw new TaskExecutionException(pendingReq, ERROR_MSG_03,            new AuthnResponseValidationException(ERROR_PVP_12, new Object[]{MODULE_NAME_FOR_LOGGING, e.getMessage()}, e)); -       +      }    }    private List<RegisterResult> extractEntriesByBpk(Stream<RegisterResult> stream, String bpk) { -    return stream.filter(el -> bpk.equals(el.getBpk())).collect(Collectors.toList());        +    return stream.filter(el -> bpk.equals(el.getBpk())).collect(Collectors.toList());    } @@ -354,7 +357,7 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet        }        if (PvpAttributeDefinitions.BIRTHDATE_NAME.equals(attrName)) {          builder.dateOfBirth(extractor.getSingleAttributeValue(attrName)); -      }       +      }        if (PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME.equals(attrName)) {          MatchingTaskUtils.getAuthProcessDataWrapper(pendingReq).setQaaLevel(              extractor.getSingleAttributeValue(attrName)); @@ -362,7 +365,7 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet      }      MatchingTaskUtils.getAuthProcessDataWrapper(pendingReq).setIssueInstant(extractor.getAssertionIssuingDate());      return builder.build(); -     +    } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java index c2c1a351..f4419c1c 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java @@ -23,21 +23,17 @@  package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks; -import java.util.Enumeration; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.commons.lang.StringEscapeUtils; -import org.springframework.stereotype.Component; -  import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SelectedLoginMethod; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.InvalidUserInputException;  import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;  import at.gv.egiz.eaaf.core.impl.idp.controller.tasks.AbstractLocaleAuthServletTask;  import lombok.extern.slf4j.Slf4j; +import org.apache.commons.lang.StringEscapeUtils; +import org.springframework.stereotype.Component; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.util.Enumeration;  /**   * Handles user's selection from {@link GenerateOtherLoginMethodGuiTask}. @@ -47,14 +43,12 @@ import lombok.extern.slf4j.Slf4j;   *     <li>{@link Constants#DATA_SIMPLE_EIDAS} initial login data from user</li>   *     <li>{@link Constants#DATA_INTERMEDIATE_RESULT} results from search in registers with personIdentifier</li>   * </ul> - * Output: - * <ul> - *     <li>{@link Constants#DATA_RESULT_MATCHING_BPK} if one register result found</li> - * </ul>   * Transitions:   * <ul>   *     <li>{@link GenerateMobilePhoneSignatureRequestTask} if selected by user</li>   *     <li>{@link GenerateAustrianResidenceGuiTask} if selected by user</li> + *     <li>{@link GenerateAuthnRequestTask} if selected by user</li> + *     <li>{@link GenerateOtherLoginMethodGuiTask} if a user input error has happened</li>   * </ul>   *   * @author amarsalek @@ -65,62 +59,54 @@ import lombok.extern.slf4j.Slf4j;  public class ReceiveOtherLoginMethodGuiResponseTask extends AbstractLocaleAuthServletTask {    @Override -  public void executeWithLocale(ExecutionContext executionContext, HttpServletRequest request,  -      HttpServletResponse response) throws TaskExecutionException { +  public void executeWithLocale(ExecutionContext executionContext, HttpServletRequest request, +                                HttpServletResponse response) {      try {        SelectedLoginMethod selection = SelectedLoginMethod.valueOf(extractUserSelection(request));        executionContext.put(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER, selection);        executionContext.remove(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED);        transitionToNextTask(executionContext, selection); -       -    } catch (final IllegalArgumentException e) { -      log.error("Parsing selected login method FAILED.", e); -      throw new TaskExecutionException(pendingReq, "Parsing selected login method FAILED.", -          new InvalidUserInputException("module.eidasauth.matching.98")); -       +      } catch (final Exception e) {        log.error("Parsing selected login method FAILED.", e); -      throw new TaskExecutionException(pendingReq, "Parsing selected login method FAILED.", e); -       +      executionContext.put(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true); +      executionContext.put(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK, true);      }    } -  private String extractUserSelection(HttpServletRequest request) throws InvalidUserInputException { +  private String extractUserSelection(HttpServletRequest request) {      Enumeration<String> paramNames = request.getParameterNames();      while (paramNames.hasMoreElements()) {        String paramName = paramNames.nextElement();        if (Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER.equalsIgnoreCase(paramName)) {          return StringEscapeUtils.escapeHtml(request.getParameter(paramName)); -                }      } -     -    throw new InvalidUserInputException("module.eidasauth.matching.98"); -     +    return null;    } -  private void transitionToNextTask(ExecutionContext executionContext, SelectedLoginMethod selection) -      throws InvalidUserInputException { +  private void transitionToNextTask(ExecutionContext executionContext, SelectedLoginMethod selection) {      switch (selection) {        case EIDAS_LOGIN:          executionContext.put(Constants.TRANSITION_TO_GENERATE_EIDAS_LOGIN, true);          return; -       +        case MOBILE_PHONE_SIGNATURE_LOGIN:          executionContext.put(Constants.TRANSITION_TO_GENERATE_MOBILE_PHONE_SIGNATURE_REQUEST_TASK, true);          return; -       +        case NO_OTHER_LOGIN:          executionContext.put(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK, true);          return; -         +        case ADD_ME_AS_NEW:          executionContext.put(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK, true); -        return;         -         +        return; +        default: -        throw new InvalidUserInputException("module.eidasauth.matching.98"); -         +        executionContext.put(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true); +        executionContext.put(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK, true); +        return;      }    } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/messages/eidas_connector_message.properties b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/messages/eidas_connector_message.properties index cfb48d57..f47d0f30 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/messages/eidas_connector_message.properties +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/messages/eidas_connector_message.properties @@ -19,9 +19,5 @@ module.eidasauth.matching.01=Matching failed, because of an ZMR communication er  module.eidasauth.matching.02=Matching failed, because ZMR response contains historic information which is not supported.  module.eidasauth.matching.03=Matching failed in workflow step: {0} with error: {1}  module.eidasauth.matching.04=An error occurred while loading your data from official registers. Please contact the support.   -module.eidasauth.matching.05=Matching failed, because result from alternative authentication-method does not match to eIDAS authentication   -module.eidasauth.matching.06=Matching failed, because GUI form for matching by residence was invalid filled   -   -   -module.eidasauth.matching.98=Matching failed, because of an invalid or unknown request parameter.   +  module.eidasauth.matching.99=Matching failed, because of an unexpected processing error. Reason: {0}
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/AlternativeSearchTaskWithRegisterTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/AlternativeSearchTaskWithRegisterTest.java index b70b4854..63266cf6 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/AlternativeSearchTaskWithRegisterTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/AlternativeSearchTaskWithRegisterTest.java @@ -97,7 +97,7 @@ public class AlternativeSearchTaskWithRegisterTest {    @Rule    public SoapServiceRule soap = SoapServiceRule.newInstance(); -   +    @Mock private IErnpClient ernpClient;    @Autowired private IZmrClient zmrClient; @@ -105,15 +105,15 @@ public class AlternativeSearchTaskWithRegisterTest {    private RegisterSearchService registerSearchService;    private ServicePort zmrMock = null; -   +    private final ICcSpecificEidProcessingService eidPostProcessor = createEidPostProcessor();    private AlternativeSearchTask task;    final ExecutionContext executionContext = new ExecutionContextImpl();    private TestRequestImpl pendingReq;    private static JAXBContext jaxbContext; -   -   + +    /**     * Initialize jUnit class.     */ @@ -126,19 +126,17 @@ public class AlternativeSearchTaskWithRegisterTest {          at.gv.bmi.namespace.zmr_su.base._20040201.ObjectFactory.class);    } -   +    /**     * jUnit test set-up.     */    @Before    public void setUp() throws URISyntaxException, EaafStorageException { -    MockitoAnnotations.initMocks(this); -      if (zmrMock == null) {        zmrMock = soap.mock(ServicePort.class, "http://localhost:1234/demozmr"); -       +      } -     +      registerSearchService = new RegisterSearchService(handlers, zmrClient, ernpClient);      task = new AlternativeSearchTask(registerSearchService, eidPostProcessor); @@ -151,12 +149,12 @@ public class AlternativeSearchTaskWithRegisterTest {    } -   +    @Test    @SneakyThrows    public void missingStateInfoFirstEidasData() {      // inject matching intermediate state -    RegisterStatusResults matchingState = new RegisterStatusResults(null,  +    RegisterStatusResults matchingState = new RegisterStatusResults(null,          Arrays.asList(RegisterResult.builder()              .bpk("")              .givenName("XXXKlaus - Maria") @@ -166,14 +164,14 @@ public class AlternativeSearchTaskWithRegisterTest {              .build()),          Collections.emptyList());      MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState ); -     +      //inject alternative eIDAS data      pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( -        Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE,  -        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",  +        Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE, +        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",              "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31")); -     -     + +      // execute task      TaskExecutionException exception = assertThrows(TaskExecutionException.class,          () -> task.execute(pendingReq, executionContext)); @@ -183,12 +181,12 @@ public class AlternativeSearchTaskWithRegisterTest {      assertEquals("wrong errorparam 1", "step11", ((EaafException) exception.getOriginalException()).getParams()[0]);      assertTrue("Wrong flag 'step11'",          ((WorkflowException) exception.getOriginalException()).isRequiresManualFix()); -    assertEquals("wrong errorparam 1", "No initial eIDAS authn data",  +    assertEquals("wrong errorparam 1", "No initial eIDAS authn data",          ((EaafException) exception.getOriginalException()).getParams()[1]); -     -             + +    } -   +    @Test    @SneakyThrows    public void missingStateInfoIntermediateMatchingState() { @@ -203,11 +201,11 @@ public class AlternativeSearchTaskWithRegisterTest {      //inject alternative eIDAS data      pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( -        Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE,  -        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",  +        Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE, +        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",              "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31")); -     -     + +      // execute task      TaskExecutionException exception = assertThrows(TaskExecutionException.class,          () -> task.execute(pendingReq, executionContext)); @@ -217,11 +215,11 @@ public class AlternativeSearchTaskWithRegisterTest {      assertEquals("wrong errorparam 1", "step11", ((EaafException) exception.getOriginalException()).getParams()[0]);      assertTrue("Wrong flag 'step11'",          ((WorkflowException) exception.getOriginalException()).isRequiresManualFix()); -    assertEquals("wrong errorparam 1", "No intermediate matching-state",  +    assertEquals("wrong errorparam 1", "No intermediate matching-state",          ((EaafException) exception.getOriginalException()).getParams()[1]); -                +    } -   +    @Test    @SneakyThrows    public void countryCodeNotMatch() { @@ -236,7 +234,7 @@ public class AlternativeSearchTaskWithRegisterTest {          .build());      // inject matching intermediate state -    RegisterStatusResults matchingState = new RegisterStatusResults(null,  +    RegisterStatusResults matchingState = new RegisterStatusResults(null,          Arrays.asList(RegisterResult.builder()              .bpk("")              .givenName("XXXKlaus - Maria") @@ -246,14 +244,14 @@ public class AlternativeSearchTaskWithRegisterTest {              .build()),          Collections.emptyList());      MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState ); -     +      //inject alternative eIDAS data      pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( -        Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE,  -        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",  +        Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE, +        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",              "EE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31")); -     -     + +      // execute task      TaskExecutionException exception = assertThrows(TaskExecutionException.class,          () -> task.execute(pendingReq, executionContext)); @@ -263,11 +261,11 @@ public class AlternativeSearchTaskWithRegisterTest {      assertEquals("wrong errorparam 1", "step11", ((EaafException) exception.getOriginalException()).getParams()[0]);      assertTrue("Wrong flag 'step11'",          ((WorkflowException) exception.getOriginalException()).isRequiresManualFix()); -    assertEquals("wrong errorparam 1", "Country Code of alternative eIDAS authn not matching",  +    assertEquals("wrong errorparam 1", "Country Code of alternative eIDAS authn not matching",          ((EaafException) exception.getOriginalException()).getParams()[1]); -                +    } -   +    @Test    @SneakyThrows    public void mdsNoMatch() { @@ -282,7 +280,7 @@ public class AlternativeSearchTaskWithRegisterTest {          .build());      // inject matching intermediate state -    RegisterStatusResults matchingState = new RegisterStatusResults(null,  +    RegisterStatusResults matchingState = new RegisterStatusResults(null,          Arrays.asList(RegisterResult.builder()              .bpk("")              .givenName("XXXKlaus - Maria") @@ -292,14 +290,14 @@ public class AlternativeSearchTaskWithRegisterTest {              .build()),          Collections.emptyList());      MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState ); -     +      //inject alternative eIDAS data      pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( -        Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE,  -        buildDummyAuthResponse("XXXClaus - Maria", "XXXvon Brandenburg",  +        Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE, +        buildDummyAuthResponse("XXXClaus - Maria", "XXXvon Brandenburg",              "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1995-12-31")); -     -     + +      // execute task      TaskExecutionException exception = assertThrows(TaskExecutionException.class,          () -> task.execute(pendingReq, executionContext)); @@ -309,11 +307,11 @@ public class AlternativeSearchTaskWithRegisterTest {      assertEquals("wrong errorparam 1", "step11", ((EaafException) exception.getOriginalException()).getParams()[0]);      assertTrue("Wrong flag 'step11'",          ((WorkflowException) exception.getOriginalException()).isRequiresManualFix()); -    assertEquals("wrong errorparam 1", "MDS of alternative eIDAS authn does not match initial authn",  +    assertEquals("wrong errorparam 1", "MDS of alternative eIDAS authn does not match initial authn",          ((EaafException) exception.getOriginalException()).getParams()[1]); -                +    } -   +    @Test    @SneakyThrows    public void seachPersonalIdMoreThanOneResult() { @@ -329,7 +327,7 @@ public class AlternativeSearchTaskWithRegisterTest {      // inject matching intermediate state      RegisterStatusResults matchingState = new RegisterStatusResults( -        new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))),  +        new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))),          Arrays.asList(RegisterResult.builder()              .bpk("")              .givenName("XXXKlaus - Maria") @@ -339,19 +337,19 @@ public class AlternativeSearchTaskWithRegisterTest {              .build()),          Collections.emptyList());      MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState); -     +      //inject alternative eIDAS data      pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( -        Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE,  -        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",  +        Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE, +        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",              "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31")); -             +      // inject response      final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);      when(zmrMock.service(zmrReq.capture(), any()))          .thenReturn(loadResponseFromFile("/data/zmr/search_with_personalId_only_resp_moreThanOne.xml")) -        .thenThrow(new RuntimeException("This request is not needed any more"));     -     +        .thenThrow(new RuntimeException("This request is not needed any more")); +      // execute task      TaskExecutionException exception = assertThrows(TaskExecutionException.class,          () -> task.execute(pendingReq, executionContext)); @@ -361,18 +359,18 @@ public class AlternativeSearchTaskWithRegisterTest {      assertEquals("wrong errorparam 1", "searchWithPersonalIdentifier", ((EaafException) exception.getOriginalException()).getParams()[0]);      assertTrue("Wrong flag 'step11'",          ((WorkflowException) exception.getOriginalException()).isRequiresManualFix()); -                    +      // validate request      assertEquals("wrong number of req.", 1, zmrReq.getAllValues().size()); -    checkBasicRequestParameters(zmrReq.getValue(), ZmrClientTest.PROCESS_TASK_SEARCH,  +    checkBasicRequestParameters(zmrReq.getValue(), ZmrClientTest.PROCESS_TASK_SEARCH,          matchingState.getOperationStatus().getZmrProcessId(), "jUnit123456");      assertNotNull("Personensuche req.", zmrReq.getValue().getPersonSuchenRequest()); -    checkEidasDocumentResult(zmrReq.getValue().getPersonSuchenRequest().getEidasSuchdaten(),  -        "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",  -        "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit");   -     +    checkEidasDocumentResult(zmrReq.getValue().getPersonSuchenRequest().getEidasSuchdaten(), +        "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", +        "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"); +    } -   +    @Test    @SneakyThrows    public void seachPersonalIdNoBpkMatchWithIntermediateResults() { @@ -387,7 +385,7 @@ public class AlternativeSearchTaskWithRegisterTest {          .build());      // inject matching intermediate state -    RegisterStatusResults matchingState = new RegisterStatusResults(null,  +    RegisterStatusResults matchingState = new RegisterStatusResults(null,          Arrays.asList(RegisterResult.builder()              .bpk("notExists")              .givenName("XXXKlaus - Maria") @@ -397,19 +395,19 @@ public class AlternativeSearchTaskWithRegisterTest {              .build()),          Collections.emptyList());      MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState ); -     +      //inject alternative eIDAS data      pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( -        Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE,  -        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",  +        Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE, +        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",              "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31")); -             +      // inject response      final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);      when(zmrMock.service(zmrReq.capture(), any()))          .thenReturn(loadResponseFromFile("/data/zmr/seq_1-8_search_with_personalId_only_resp.xml")) -        .thenThrow(new RuntimeException("This request is not needed any more"));     -     +        .thenThrow(new RuntimeException("This request is not needed any more")); +      // execute task      TaskExecutionException exception = assertThrows(TaskExecutionException.class,          () -> task.execute(pendingReq, executionContext)); @@ -419,18 +417,18 @@ public class AlternativeSearchTaskWithRegisterTest {      assertEquals("wrong errorparam 1", "step7bKittProcess", ((EaafException) exception.getOriginalException()).getParams()[0]);      assertFalse("Wrong flag 'step11'",          ((WorkflowException) exception.getOriginalException()).isRequiresManualFix()); -    assertEquals("wrong errorparam 1", "Register result from alternativ authentication does not fit into intermediate state",  +    assertEquals("wrong errorparam 1", "Register result from alternativ authentication does not fit into intermediate state",          ((EaafException) exception.getOriginalException()).getParams()[1]); -                +      // validate request      assertEquals("wrong number of req.", 1, zmrReq.getAllValues().size());      assertNotNull("Personensuche req.", zmrReq.getValue().getPersonSuchenRequest()); -    checkEidasDocumentResult(zmrReq.getValue().getPersonSuchenRequest().getEidasSuchdaten(),  -        "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",  -        "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit");   -     +    checkEidasDocumentResult(zmrReq.getValue().getPersonSuchenRequest().getEidasSuchdaten(), +        "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", +        "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"); +    } -   +    @Test    @SneakyThrows    public void seachPersonalIdSuccess() { @@ -446,7 +444,7 @@ public class AlternativeSearchTaskWithRegisterTest {      // inject matching intermediate state      RegisterStatusResults matchingState = new RegisterStatusResults( -        new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))),  +        new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))),          Arrays.asList(RegisterResult.builder()              .bpk("UgeknNsc26lVuB7U/uYGVmWtnnA=")              .givenName("XXXKlaus - Maria") @@ -456,57 +454,57 @@ public class AlternativeSearchTaskWithRegisterTest {              .build()),          Collections.emptyList());      MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState ); -     +      //inject alternative eIDAS data      pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( -        Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE,  -        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",  +        Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE, +        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",              "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31")); -             +      // inject response      final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);      when(zmrMock.service(zmrReq.capture(), any()))          .thenReturn(loadResponseFromFile("/data/zmr/seq_1-8_search_with_personalId_only_resp.xml")) -        .thenReturn(loadResponseFromFile("/data/zmr/seq_3-4_kitt_get_latest_version_resp.xml"))         -        .thenReturn(loadResponseFromFile("/data/zmr/seq_3-6_kitt_update_resp.xml"))     -        .thenReturn(loadResponseFromFile("/data/zmr/seq_3-8_kitt_get_latest_version_resp.xml"))             -        .thenThrow(new RuntimeException("This request is not needed any more"));     -     +        .thenReturn(loadResponseFromFile("/data/zmr/seq_3-4_kitt_get_latest_version_resp.xml")) +        .thenReturn(loadResponseFromFile("/data/zmr/seq_3-6_kitt_update_resp.xml")) +        .thenReturn(loadResponseFromFile("/data/zmr/seq_3-8_kitt_get_latest_version_resp.xml")) +        .thenThrow(new RuntimeException("This request is not needed any more")); +      // execute task      task.execute(pendingReq, executionContext);      // validate state      //INFO: has to be the old givenName because ZMR allows no update of MDS information -    checkMatchingSuccessState(pendingReq, "UgeknNsc26lVuB7U/uYGVmWtnnA=", "XXXvon Brandenburg",  +    checkMatchingSuccessState(pendingReq, "UgeknNsc26lVuB7U/uYGVmWtnnA=", "XXXvon Brandenburg",          "XXXClaus - Maria", "1994-12-31", "DE"); -    assertNull("wrong executionContextFlag 'alternative eIDAS result'",  +    assertNull("wrong executionContextFlag 'alternative eIDAS result'",          executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK)); -     -     + +      // validate request      assertEquals("wrong number of req.", 4, zmrReq.getAllValues().size());      assertNotNull("Personensuche req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest()); -    checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH,  +    checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH,          matchingState.getOperationStatus().getZmrProcessId(), "jUnit123456"); -    checkEidasDocumentResult(zmrReq.getAllValues().get(0).getPersonSuchenRequest().getEidasSuchdaten(),  -        "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",  -        "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit");   -     -     +    checkEidasDocumentResult(zmrReq.getAllValues().get(0).getPersonSuchenRequest().getEidasSuchdaten(), +        "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", +        "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"); + +      assertNotNull("Personensuche KITT req.", zmrReq.getAllValues().get(1).getPersonSuchenRequest()); -    checkBasicRequestParameters(zmrReq.getAllValues().get(1), ZmrClientTest.PROCESS_TASK_SEARCH,  +    checkBasicRequestParameters(zmrReq.getAllValues().get(1), ZmrClientTest.PROCESS_TASK_SEARCH,          new BigInteger("367100000000079"), "jUnit123456"); -     +      assertNotNull("PersonAender KITT req.", zmrReq.getAllValues().get(2).getPersonAendernRequest()); -    checkBasicRequestParameters(zmrReq.getAllValues().get(2), ZmrClientTest.PROCESS_TASK_UPDATE,  +    checkBasicRequestParameters(zmrReq.getAllValues().get(2), ZmrClientTest.PROCESS_TASK_UPDATE,          new BigInteger("367100000000079"), "jUnit123456"); -     +      assertNotNull("Personensuche KITT req.", zmrReq.getAllValues().get(3).getPersonSuchenRequest()); -    checkBasicRequestParameters(zmrReq.getAllValues().get(3), ZmrClientTest.PROCESS_TASK_SEARCH,  +    checkBasicRequestParameters(zmrReq.getAllValues().get(3), ZmrClientTest.PROCESS_TASK_SEARCH,          new BigInteger("367100000000079"), "jUnit123456"); -     +    } -   +    @Test    @SneakyThrows    public void seachCcSpecificSuccess() { @@ -522,7 +520,7 @@ public class AlternativeSearchTaskWithRegisterTest {      // inject matching intermediate state      RegisterStatusResults matchingState = new RegisterStatusResults( -        new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))),  +        new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))),          Arrays.asList(RegisterResult.builder()              .bpk("UgeknNsc26lVuB7U/uYGVmWtnnA=")              .givenName("XXXKlaus - Maria") @@ -532,73 +530,73 @@ public class AlternativeSearchTaskWithRegisterTest {              .build()),          Collections.emptyList());      MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState ); -     +      //inject alternative eIDAS data      pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( -        Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE,  -        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",  +        Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE, +        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",              "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31",              null, "Hintergigritzpotschn", "XXXvon Heuburg")); -             +      // inject response      final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);      when(zmrMock.service(zmrReq.capture(), any()))          .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml"))          .thenReturn(loadResponseFromFile("/data/zmr/seq_1-8_search_with_personalId_only_resp.xml")) -        .thenReturn(loadResponseFromFile("/data/zmr/seq_3-4_kitt_get_latest_version_resp.xml"))         -        .thenReturn(loadResponseFromFile("/data/zmr/seq_3-6_kitt_update_resp.xml"))     -        .thenReturn(loadResponseFromFile("/data/zmr/seq_3-8_kitt_get_latest_version_resp.xml"))             +        .thenReturn(loadResponseFromFile("/data/zmr/seq_3-4_kitt_get_latest_version_resp.xml")) +        .thenReturn(loadResponseFromFile("/data/zmr/seq_3-6_kitt_update_resp.xml")) +        .thenReturn(loadResponseFromFile("/data/zmr/seq_3-8_kitt_get_latest_version_resp.xml"))          .thenReturn(loadResponseFromFile("/data/zmr/seq_3-10_kitt_update_resp.xml")) -        .thenThrow(new RuntimeException("This request is not needed any more"));     -     +        .thenThrow(new RuntimeException("This request is not needed any more")); +      // execute task      task.execute(pendingReq, executionContext);      // validate state      //INFO: has to be the old givenName because ZMR allows no update of MDS information -    checkMatchingSuccessState(pendingReq, "UgeknNsc26lVuB7U/uYGVmWtnnA=", "XXXvon Brandenburg",  +    checkMatchingSuccessState(pendingReq, "UgeknNsc26lVuB7U/uYGVmWtnnA=", "XXXvon Brandenburg",          "XXXClaus - Maria", "1994-12-31", "DE"); -    assertNull("wrong executionContextFlag 'alternative eIDAS result'",   +    assertNull("wrong executionContextFlag 'alternative eIDAS result'",          executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK)); -     -     + +      // validate request      assertEquals("wrong number of req.", 6, zmrReq.getAllValues().size());      assertNotNull("Personensuche req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest()); -    checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH,  +    checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH,          matchingState.getOperationStatus().getZmrProcessId(), "jUnit123456"); -    checkEidasDocumentResult(zmrReq.getAllValues().get(0).getPersonSuchenRequest().getEidasSuchdaten(),  -        "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",  -        "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit");   -     +    checkEidasDocumentResult(zmrReq.getAllValues().get(0).getPersonSuchenRequest().getEidasSuchdaten(), +        "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", +        "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"); +      assertNotNull("Personensuche CC-specific req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest()); -    checkBasicRequestParameters(zmrReq.getAllValues().get(1), ZmrClientTest.PROCESS_TASK_SEARCH,  +    checkBasicRequestParameters(zmrReq.getAllValues().get(1), ZmrClientTest.PROCESS_TASK_SEARCH,          new BigInteger("367100000000079"), "jUnit123456"); -    checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(),  -        "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth",  +    checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(), +        "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth",          "DE", "Hintergigritzpotschn"); -    checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(),  -        "http://eidas.europa.eu/attributes/naturalperson/BirthName",  +    checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(), +        "http://eidas.europa.eu/attributes/naturalperson/BirthName",          "DE", "XXXvon Heuburg"); -     -     + +      assertNotNull("Personensuche KITT req.", zmrReq.getAllValues().get(2).getPersonSuchenRequest()); -    checkBasicRequestParameters(zmrReq.getAllValues().get(2), ZmrClientTest.PROCESS_TASK_SEARCH,  +    checkBasicRequestParameters(zmrReq.getAllValues().get(2), ZmrClientTest.PROCESS_TASK_SEARCH,          new BigInteger("367100000000079"), "jUnit123456"); -     +      assertNotNull("PersonAender KITT req.", zmrReq.getAllValues().get(3).getPersonAendernRequest()); -    checkBasicRequestParameters(zmrReq.getAllValues().get(3), ZmrClientTest.PROCESS_TASK_UPDATE,  +    checkBasicRequestParameters(zmrReq.getAllValues().get(3), ZmrClientTest.PROCESS_TASK_UPDATE,          new BigInteger("367100000000079"), "jUnit123456"); -     +      assertNotNull("Personensuche KITT req.", zmrReq.getAllValues().get(4).getPersonSuchenRequest()); -    checkBasicRequestParameters(zmrReq.getAllValues().get(4), ZmrClientTest.PROCESS_TASK_SEARCH,  +    checkBasicRequestParameters(zmrReq.getAllValues().get(4), ZmrClientTest.PROCESS_TASK_SEARCH,          new BigInteger("367100000000079"), "jUnit123456"); -     +      assertNotNull("PersonAender KITT req.", zmrReq.getAllValues().get(5).getPersonAendernRequest()); -    checkBasicRequestParameters(zmrReq.getAllValues().get(5), ZmrClientTest.PROCESS_TASK_UPDATE,  +    checkBasicRequestParameters(zmrReq.getAllValues().get(5), ZmrClientTest.PROCESS_TASK_UPDATE,          new BigInteger("367100000000079"), "jUnit123456");    } -   +    @Test    @SneakyThrows    public void seachCcSpecificNotPossible() { @@ -614,7 +612,7 @@ public class AlternativeSearchTaskWithRegisterTest {      // inject matching intermediate state      RegisterStatusResults matchingState = new RegisterStatusResults( -        new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))),  +        new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))),          Arrays.asList(RegisterResult.builder()              .bpk("UgeknNsc26lVuB7U/uYGVmWtnnA=")              .givenName("XXXKlaus - Maria") @@ -624,41 +622,41 @@ public class AlternativeSearchTaskWithRegisterTest {              .build()),          Collections.emptyList());      MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState ); -     +      //inject alternative eIDAS data      pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( -        Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE,  -        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",  +        Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE, +        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",              "EE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31",              null, "Hintergigritzpotschn", "XXXvon Heuburg")); -             +      // inject response      final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);      when(zmrMock.service(zmrReq.capture(), any()))          .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml")) -        .thenThrow(new RuntimeException("This request is not needed any more"));     -     +        .thenThrow(new RuntimeException("This request is not needed any more")); +      // execute task      task.execute(pendingReq, executionContext);      // validate state      assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq));      assertNull("final matching result", MatchingTaskUtils.getFinalMatchingResult(pendingReq)); -    assertEquals("wrong executionContextFlag 'alternative eIDAS result'", true,  +    assertEquals("wrong executionContextFlag 'alternative eIDAS result'", true,          executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK)); -     -     + +      // validate request      assertEquals("wrong number of req.", 1, zmrReq.getAllValues().size());      assertNotNull("Personensuche req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest()); -    checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH,  +    checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH,          matchingState.getOperationStatus().getZmrProcessId(), "jUnit123456"); -    checkEidasDocumentResult(zmrReq.getAllValues().get(0).getPersonSuchenRequest().getEidasSuchdaten(),  -        "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",  -        "EE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit");   +    checkEidasDocumentResult(zmrReq.getAllValues().get(0).getPersonSuchenRequest().getEidasSuchdaten(), +        "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", +        "EE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit");    } -   +    @Test    @SneakyThrows    public void seachCcSpecificMoreThanOneResult() { @@ -674,7 +672,7 @@ public class AlternativeSearchTaskWithRegisterTest {      // inject matching intermediate state      RegisterStatusResults matchingState = new RegisterStatusResults( -        new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))),  +        new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))),          Arrays.asList(RegisterResult.builder()              .bpk("UgeknNsc26lVuB7U/uYGVmWtnnA=")              .givenName("XXXKlaus - Maria") @@ -684,21 +682,21 @@ public class AlternativeSearchTaskWithRegisterTest {              .build()),          Collections.emptyList());      MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState ); -     +      //inject alternative eIDAS data      pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( -        Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE,  -        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",  +        Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE, +        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",              "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31",              null, "Hintergigritzpotschn", "XXXvon Heuburg")); -             +      // inject response      final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);      when(zmrMock.service(zmrReq.capture(), any()))          .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml"))          .thenReturn(loadResponseFromFile("/data/zmr/search_with_personalId_only_resp_moreThanOne.xml")) -        .thenThrow(new RuntimeException("This request is not needed any more"));     -     +        .thenThrow(new RuntimeException("This request is not needed any more")); +      // execute task      TaskExecutionException exception = assertThrows(TaskExecutionException.class,          () -> task.execute(pendingReq, executionContext)); @@ -708,29 +706,29 @@ public class AlternativeSearchTaskWithRegisterTest {      assertEquals("wrong errorparam 1", "searchWithCountrySpecifics", ((EaafException) exception.getOriginalException()).getParams()[0]);      assertTrue("Wrong flag 'step11'",          ((WorkflowException) exception.getOriginalException()).isRequiresManualFix()); -     -     + +      // validate request      assertEquals("wrong number of req.", 2, zmrReq.getAllValues().size());      assertNotNull("Personensuche req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest()); -    checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH,  +    checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH,          matchingState.getOperationStatus().getZmrProcessId(), "jUnit123456"); -    checkEidasDocumentResult(zmrReq.getAllValues().get(0).getPersonSuchenRequest().getEidasSuchdaten(),  -        "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",  -        "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit");   -     +    checkEidasDocumentResult(zmrReq.getAllValues().get(0).getPersonSuchenRequest().getEidasSuchdaten(), +        "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", +        "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"); +      assertNotNull("Personensuche CC-specific req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest()); -    checkBasicRequestParameters(zmrReq.getAllValues().get(1), ZmrClientTest.PROCESS_TASK_SEARCH,  +    checkBasicRequestParameters(zmrReq.getAllValues().get(1), ZmrClientTest.PROCESS_TASK_SEARCH,          new BigInteger("367100000000079"), "jUnit123456"); -    checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(),  -        "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth",  +    checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(), +        "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth",          "DE", "Hintergigritzpotschn"); -    checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(),  -        "http://eidas.europa.eu/attributes/naturalperson/BirthName",  +    checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(), +        "http://eidas.europa.eu/attributes/naturalperson/BirthName",          "DE", "XXXvon Heuburg"); -     +    } -   +    @Test    @SneakyThrows    public void seachCcSpecificEmptyResult() { @@ -746,7 +744,7 @@ public class AlternativeSearchTaskWithRegisterTest {      // inject matching intermediate state      RegisterStatusResults matchingState = new RegisterStatusResults( -        new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))),  +        new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))),          Arrays.asList(RegisterResult.builder()              .bpk("UgeknNsc26lVuB7U/uYGVmWtnnA=")              .givenName("XXXKlaus - Maria") @@ -756,52 +754,52 @@ public class AlternativeSearchTaskWithRegisterTest {              .build()),          Collections.emptyList());      MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState ); -     +      //inject alternative eIDAS data      pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( -        Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE,  -        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",  +        Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE, +        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",              "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31",              null, "Hintergigritzpotschn", "XXXvon Heuburg")); -             +      // inject response      final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);      when(zmrMock.service(zmrReq.capture(), any()))          .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml"))          .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml")) -        .thenThrow(new RuntimeException("This request is not needed any more"));     -     +        .thenThrow(new RuntimeException("This request is not needed any more")); +      // execute task      task.execute(pendingReq, executionContext);      // validate state      assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq));      assertNull("final matching result", MatchingTaskUtils.getFinalMatchingResult(pendingReq)); -    assertEquals("wrong executionContextFlag 'alternative eIDAS result'", true,  +    assertEquals("wrong executionContextFlag 'alternative eIDAS result'", true,          executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK)); -     -     + +      // validate request      assertEquals("wrong number of req.", 2, zmrReq.getAllValues().size());      assertNotNull("Personensuche req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest()); -    checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH,  +    checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH,          matchingState.getOperationStatus().getZmrProcessId(), "jUnit123456"); -    checkEidasDocumentResult(zmrReq.getAllValues().get(0).getPersonSuchenRequest().getEidasSuchdaten(),  -        "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",  -        "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit");   -     +    checkEidasDocumentResult(zmrReq.getAllValues().get(0).getPersonSuchenRequest().getEidasSuchdaten(), +        "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", +        "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"); +      assertNotNull("Personensuche CC-specific req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest()); -    checkBasicRequestParameters(zmrReq.getAllValues().get(1), ZmrClientTest.PROCESS_TASK_SEARCH,  +    checkBasicRequestParameters(zmrReq.getAllValues().get(1), ZmrClientTest.PROCESS_TASK_SEARCH,          new BigInteger("367100000000079"), "jUnit123456"); -    checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(),  -        "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth",  +    checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(), +        "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth",          "DE", "Hintergigritzpotschn"); -    checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(),  -        "http://eidas.europa.eu/attributes/naturalperson/BirthName",  +    checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(), +        "http://eidas.europa.eu/attributes/naturalperson/BirthName",          "DE", "XXXvon Heuburg"); -     +    } -   +    @NotNull    private ICcSpecificEidProcessingService createEidPostProcessor() {      return new ICcSpecificEidProcessingService() { @@ -819,7 +817,7 @@ public class AlternativeSearchTaskWithRegisterTest {        }      };    } -   +    @NotNull    private ZmrRegisterResult zmrRegisterResult(RegisterResult registerResult, BigInteger processId) {      return new ZmrRegisterResult(Collections.singletonList(registerResult), processId); @@ -942,7 +940,7 @@ public class AlternativeSearchTaskWithRegisterTest {      return (ResponseType) resp.getValue();    } -   +    private void checkBasicRequestParameters(RequestType requestType, String vorgangName, BigInteger processId,        String behoerdennummer) {      assertNotNull("no workflow infos", requestType.getWorkflowInfoClient()); @@ -959,19 +957,19 @@ public class AlternativeSearchTaskWithRegisterTest {      assertEquals("behoerdennummer", behoerdennummer, requestType.getClientInfo().getOrganisation()          .getBehoerdenNr());    } -  -  private void checkEidasDocumentResult(List<EidasSuchdatenType> list, String type, String cc, String value) {     + +  private void checkEidasDocumentResult(List<EidasSuchdatenType> list, String type, String cc, String value) {      Optional<EidasSuchdatenType> eidasDoc = list.stream()          .filter(el -> type.equals(el.getEidasArt()))          .findFirst(); -                    -    assertTrue("eidas doc: " + type, eidasDoc.isPresent());             + +    assertTrue("eidas doc: " + type, eidasDoc.isPresent());      assertEquals("eIDAS docType", type, eidasDoc.get().getEidasArt());      assertEquals("eIDAS docValue", value, eidasDoc.get().getEidasWert());      assertEquals("eIDAS docCC", cc, eidasDoc.get().getStaatscode2());    } -   -   -   + + +  } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java index b0de3460..e5ba2e07 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java @@ -127,8 +127,6 @@ public class InitialSearchTaskTest {     */    @Before    public void setUp() throws URISyntaxException, EaafStorageException { -    MockitoAnnotations.initMocks(this); -      registerSearchService = new RegisterSearchService(handlers, zmrClient, ernpClient);      task = new InitialSearchTask(registerSearchService, eidPostProcessor); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskWithRegistersTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskWithRegistersTest.java index 11dfc522..14ad3519 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskWithRegistersTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskWithRegistersTest.java @@ -118,7 +118,7 @@ public class InitialSearchTaskWithRegistersTest {    @Rule    public SoapServiceRule soap = SoapServiceRule.newInstance(); -   +    @Mock private IErnpClient ernpClient;    @Autowired private IZmrClient zmrClient; @@ -126,7 +126,7 @@ public class InitialSearchTaskWithRegistersTest {    private RegisterSearchService registerSearchService;    private ServicePort zmrMock = null; -   +    private final ICcSpecificEidProcessingService eidPostProcessor = createEidPostProcessor();    private InitialSearchTask task; @@ -146,19 +146,17 @@ public class InitialSearchTaskWithRegistersTest {          at.gv.bmi.namespace.zmr_su.base._20040201.ObjectFactory.class);    } -   +    /**     * jUnit test set-up.     */    @Before    public void setUp() throws URISyntaxException, EaafStorageException { -    MockitoAnnotations.initMocks(this); -      if (zmrMock == null) {        zmrMock = soap.mock(ServicePort.class, "http://localhost:1234/demozmr"); -       +      } -     +      registerSearchService = new RegisterSearchService(handlers, zmrClient, ernpClient);      task = new InitialSearchTask(registerSearchService, eidPostProcessor); @@ -177,36 +175,36 @@ public class InitialSearchTaskWithRegistersTest {    @Test    @DirtiesContext    public void singlePersonalIdMatchUpdateNecessary_Zmr() throws Exception { -     +      String oldGivenName = "XXXClaus - Maria"; -     +      //inject eIDAS data      pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( -        Constants.DATA_FULL_EIDAS_RESPONSE,  -        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",  +        Constants.DATA_FULL_EIDAS_RESPONSE, +        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",              "DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31"));      final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class); -     +      // inject response      when(zmrMock.service(zmrReq.capture(), any()))          .thenReturn(loadResponseFromFile("/data/zmr/seq_1-8_search_with_personalId_only_resp.xml")) -        .thenThrow(new RuntimeException("This request is not needed any more"));     +        .thenThrow(new RuntimeException("This request is not needed any more")); + -          // execute test      task.execute(pendingReq, executionContext);      // validate state      //INFO: has to be the old givenName because ZMR allows no update of MDS information -    checkMatchingSuccessState(pendingReq, "UgeknNsc26lVuB7U/uYGVmWtnnA=", "XXXvon Brandenburg",  +    checkMatchingSuccessState(pendingReq, "UgeknNsc26lVuB7U/uYGVmWtnnA=", "XXXvon Brandenburg",          oldGivenName, "1994-12-31", DE);      // validate request      assertEquals("wrong number of req.", 1, zmrReq.getAllValues().size());      assertNotNull("Personensuche req.", zmrReq.getValue().getPersonSuchenRequest());      checkBasicRequestParameters(zmrReq.getValue(), ZmrClientTest.PROCESS_TASK_SEARCH, null, "jUnit123456"); -     +    } @@ -218,17 +216,17 @@ public class InitialSearchTaskWithRegistersTest {    @Test    @DirtiesContext    @SneakyThrows -  public void multiPersonalIdMatch_Zmr() throws EidasSAuthenticationException {     +  public void multiPersonalIdMatch_Zmr() throws EidasSAuthenticationException {      //inject eIDAS data      pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( -        Constants.DATA_FULL_EIDAS_RESPONSE,  -        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",  +        Constants.DATA_FULL_EIDAS_RESPONSE, +        buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",              "DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31")); -     +      // inject response      when(zmrMock.service(any(), any()))          .thenReturn(loadResponseFromFile("/data/zmr/search_with_personalId_only_resp_moreThanOne.xml")) -        .thenThrow(new RuntimeException("This request is not needed any more"));     +        .thenThrow(new RuntimeException("This request is not needed any more"));      // execute task      TaskExecutionException exception = assertThrows(TaskExecutionException.class, @@ -238,50 +236,50 @@ public class InitialSearchTaskWithRegistersTest {      assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));      assertTrue("Wrong flag 'manualFixNeeded'",          ((WorkflowException) exception.getOriginalException()).isRequiresManualFix()); -     +    } -   -   + +    /**     * Find single person in ZMR by country specifics.     */    @Test    @DirtiesContext -  public void singlePersonFindWithCountySpecifics_Zmr() throws Exception {         +  public void singlePersonFindWithCountySpecifics_Zmr() throws Exception {      //inject eIDAS data      pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( -        Constants.DATA_FULL_EIDAS_RESPONSE,  -        buildDummyAuthResponse("XXXClaus - Maria", "XXXvon Brandenburg",  +        Constants.DATA_FULL_EIDAS_RESPONSE, +        buildDummyAuthResponse("XXXClaus - Maria", "XXXvon Brandenburg",              "DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit_with_New_ID", "1994-12-31",              null, "Hintergigritzpotschn", "XXXvon Heuburg")); -         +      final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);      BigInteger processId = new BigInteger("367100000000079"); -     +      // inject response      when(zmrMock.service(zmrReq.capture(), any()))          .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml"))   //personalId search          .thenReturn(loadResponseFromFile("/data/zmr/seq_1-8_search_with_personalId_only_resp.xml"))  //CC specific search -        .thenReturn(loadResponseFromFile("/data/zmr/seq_1-4_kitt_get_latest_version_resp.xml"))  //KITT latest version          +        .thenReturn(loadResponseFromFile("/data/zmr/seq_1-4_kitt_get_latest_version_resp.xml"))  //KITT latest version          .thenReturn(loadResponseFromFile("/data/zmr/seq_1-6_kitt_update_resp.xml"))  //KITT update          .thenThrow(new RuntimeException("This request is not needed any more")); -     +      // execute test      task.execute(pendingReq, executionContext);      // validate state -    checkMatchingSuccessState(pendingReq, "UgeknNsc26lVuB7U/uYGVmWtnnA=", "XXXvon Brandenburg",  +    checkMatchingSuccessState(pendingReq, "UgeknNsc26lVuB7U/uYGVmWtnnA=", "XXXvon Brandenburg",          "XXXClaus - Maria", "1994-12-31", DE);      // validate request -    assertEquals("wrong number of req.", 4, zmrReq.getAllValues().size());     +    assertEquals("wrong number of req.", 4, zmrReq.getAllValues().size());      checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH, null, "jUnit123456");      checkBasicRequestParameters(zmrReq.getAllValues().get(1), ZmrClientTest.PROCESS_TASK_SEARCH, processId, "jUnit123456");      checkBasicRequestParameters(zmrReq.getAllValues().get(2), ZmrClientTest.PROCESS_TASK_SEARCH, processId, "jUnit123456");      checkBasicRequestParameters(zmrReq.getAllValues().get(3), ZmrClientTest.PROCESS_TASK_UPDATE, processId, "jUnit123456"); -     +    } -   +    /**     * Find one match with MDS search in ZMR.     */ @@ -291,18 +289,18 @@ public class InitialSearchTaskWithRegistersTest {    public void resultByMdsSearch_Zmr() throws TaskExecutionException, EidasSAuthenticationException {      //inject eIDAS data      pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( -        Constants.DATA_FULL_EIDAS_RESPONSE,  -        buildDummyAuthResponse("XXXClaus - Maria", "XXXvon Brandenburg",  +        Constants.DATA_FULL_EIDAS_RESPONSE, +        buildDummyAuthResponse("XXXClaus - Maria", "XXXvon Brandenburg",              "DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit_with_New_ID", "1994-12-31")); -         +      final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);      BigInteger processId = new BigInteger("367100000000079"); -     +      // inject response      when(zmrMock.service(zmrReq.capture(), any()))          .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml"))   //personalId search -        //CC-specific will be ignored because CC is DE but BirthName and PlaceOfBirth is 'null'  -        .thenReturn(loadResponseFromFile("/data/zmr/seq_1-2_search_with_mds_resp.xml"))  //MDS specific search        +        //CC-specific will be ignored because CC is DE but BirthName and PlaceOfBirth is 'null' +        .thenReturn(loadResponseFromFile("/data/zmr/seq_1-2_search_with_mds_resp.xml"))  //MDS specific search          .thenThrow(new RuntimeException("This request is not needed any more")); @@ -316,9 +314,9 @@ public class InitialSearchTaskWithRegistersTest {      assertEquals("wrong number of req.", 2, zmrReq.getAllValues().size());      checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH, null, "jUnit123456");      checkBasicRequestParameters(zmrReq.getAllValues().get(1), ZmrClientTest.PROCESS_TASK_SEARCH, processId, "jUnit123456"); -     +    } -   +    /**     * Find one match with MDS search in ZMR.     */ @@ -328,19 +326,19 @@ public class InitialSearchTaskWithRegistersTest {    public void resultByMdsSearch_Zmr_Second() throws TaskExecutionException, EidasSAuthenticationException {      //inject eIDAS data      pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( -        Constants.DATA_FULL_EIDAS_RESPONSE,  -        buildDummyAuthResponse("XXXClaus - Maria", "XXXvon Brandenburg",  +        Constants.DATA_FULL_EIDAS_RESPONSE, +        buildDummyAuthResponse("XXXClaus - Maria", "XXXvon Brandenburg",              "DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit_with_New_ID", "1994-12-31",              null, "Hintergigritzpotschn", "XXXvon Heuburg")); -         +      final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);      BigInteger processId = new BigInteger("367100000000079"); -     +      // inject response      when(zmrMock.service(zmrReq.capture(), any()))          .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml"))   //personalId search -        .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml"))   //CC-specific search  -        .thenReturn(loadResponseFromFile("/data/zmr/search_with_personalId_only_resp_moreThanOne.xml"))  //MDS specific search        +        .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml"))   //CC-specific search +        .thenReturn(loadResponseFromFile("/data/zmr/search_with_personalId_only_resp_moreThanOne.xml"))  //MDS specific search          .thenThrow(new RuntimeException("This request is not needed any more")); @@ -355,11 +353,11 @@ public class InitialSearchTaskWithRegistersTest {      checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH, null, "jUnit123456");      checkBasicRequestParameters(zmrReq.getAllValues().get(1), ZmrClientTest.PROCESS_TASK_SEARCH, processId, "jUnit123456");      checkBasicRequestParameters(zmrReq.getAllValues().get(2), ZmrClientTest.PROCESS_TASK_SEARCH, processId, "jUnit123456"); -     +    } -   -   -   + + +    @NotNull    private ICcSpecificEidProcessingService createEidPostProcessor() {      return new ICcSpecificEidProcessingService() { @@ -377,7 +375,7 @@ public class InitialSearchTaskWithRegistersTest {        }      };    } -   +    @NotNull    private ZmrRegisterResult zmrRegisterResult(RegisterResult registerResult, BigInteger processId) {      return new ZmrRegisterResult(Collections.singletonList(registerResult), processId); @@ -500,7 +498,7 @@ public class InitialSearchTaskWithRegistersTest {      return (ResponseType) resp.getValue();    } -   +    private void checkBasicRequestParameters(RequestType requestType, String vorgangName, BigInteger processId,        String behoerdennummer) {      assertNotNull("no workflow infos", requestType.getWorkflowInfoClient()); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java index 25a77cce..64bb0d48 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java @@ -61,12 +61,12 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest {    @Autowired    protected MsConnectorDummyConfigMap authConfig; -      +    @MockBean    private RegisterSearchService registerSearchService;    private ReceiveAustrianResidenceGuiResponseTask task; -   +    private final ExecutionContext executionContext = new ExecutionContextImpl();    private MockHttpServletRequest httpReq;    private MockHttpServletResponse httpResp; @@ -79,10 +79,8 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest {     */    @Before    public void setUp() throws Exception { -    MockitoAnnotations.initMocks(this); -      task = new ReceiveAustrianResidenceGuiResponseTask(registerSearchService); -     +      httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector");      httpResp = new MockHttpServletResponse();      RequestContextHolder.resetRequestAttributes(); @@ -102,7 +100,7 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest {      RegisterStatusResults registerSearchResult = buildEmptyResult();      mockRegisterSearch(userInput, registerSearchResult, eidasData);      MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult); -     +      task.execute(pendingReq, executionContext);      assertEquals("Transition To S9", true, executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK)); @@ -120,7 +118,7 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest {      assertNull("Transition To S9", executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK));      Mockito.verify(registerSearchService).step7aKittProcess(eq(registerSearchResult), eq(eidasData)); -     +    }    @Test @@ -153,35 +151,35 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest {    }    private void mockRegisterSearch(UserInput userInput, RegisterStatusResults registerSearchResult, SimpleEidasData eidasData ) { -    Mockito.when(registerSearchService.searchWithResidence(eq(registerSearchResult.getOperationStatus()), eq(eidasData),  +    Mockito.when(registerSearchService.searchWithResidence(eq(registerSearchResult.getOperationStatus()), eq(eidasData),          eq(userInput.getZipcode()), eq(userInput.getCity()), eq(userInput.getStreet()))).thenReturn(registerSearchResult);    }    @NotNull -  private RegisterStatusResults buildEmptyResult() {     -    return new RegisterStatusResults(new RegisterOperationStatus(generateRandomProcessId()),  +  private RegisterStatusResults buildEmptyResult() { +    return new RegisterStatusResults(new RegisterOperationStatus(generateRandomProcessId()),          Collections.emptyList(), Collections.emptyList()); -     +    }    private BigInteger generateRandomProcessId() {      return new BigInteger(RandomStringUtils.randomNumeric(10)); -     +    } -   +    @NotNull    private RegisterStatusResults buildResultWithOneMatch(RegisterResult registerResult) { -    return new RegisterStatusResults(new RegisterOperationStatus(generateRandomProcessId()),  +    return new RegisterStatusResults(new RegisterOperationStatus(generateRandomProcessId()),          Collections.singletonList(registerResult), Collections.emptyList()); -     +    }    @NotNull    private RegisterStatusResults buildResultWithTwoMatches() {      List<RegisterResult> results = Lists.newArrayList(buildRandomRegisterResult(), buildRandomRegisterResult()); -    return new RegisterStatusResults(new RegisterOperationStatus(generateRandomProcessId()),  +    return new RegisterStatusResults(new RegisterOperationStatus(generateRandomProcessId()),          results, Collections.emptyList()); -     +    }    @NotNull @@ -192,8 +190,8 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest {              .familyName(RandomStringUtils.randomAlphabetic(8))              .dateOfBirth(RandomStringUtils.randomAlphabetic(8))              .bpk(RandomStringUtils.randomAlphabetic(8)) -            .build();  -     +            .build(); +    }    private RegisterResult buildMatchingRegisterResult(SimpleEidasData eidData) { @@ -203,8 +201,8 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest {          .familyName(eidData.getFamilyName())          .dateOfBirth(eidData.getDateOfBirth())          .bpk(RandomStringUtils.randomAlphabetic(8)) -        .build();  -        +        .build(); +    }    private RegisterResult buildNotMatchingRegisterResult(SimpleEidasData eidData) { @@ -215,7 +213,7 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest {          .dateOfBirth(eidData.getDateOfBirth())          .bpk(RandomStringUtils.randomAlphabetic(8))          .build(); -     +    }    private void setHttpParameters(UserInput input) { diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java index b072b8b2..8094ac1e 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java @@ -47,7 +47,6 @@ import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyCo  import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.InvalidUserInputException;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ManualFixNecessaryException;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.provider.IdAustriaClientAuthCredentialProvider; @@ -118,7 +117,6 @@ public class ReceiveMobilePhoneSignatureResponseTaskTest {     */    @Before    public void setUp() throws Exception { -    MockitoAnnotations.initMocks(this);      httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");      httpReq.setScheme("https");      httpReq.setServerPort(443); @@ -325,12 +323,11 @@ public class ReceiveMobilePhoneSignatureResponseTaskTest {          .build();      authProcessData.setGenericDataToSession(Constants.DATA_SIMPLE_EIDAS, eidData); -    TaskExecutionException e = assertThrows(TaskExecutionException.class, -        () -> task.execute(pendingReq, executionContext)); -    assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID()); -    isInstanceOf(AuthnResponseValidationException.class, e.getOriginalException()); -    isInstanceOf(InvalidUserInputException.class, e.getOriginalException().getCause()); +    task.execute(pendingReq, executionContext); + +    assertEquals("Next task", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK)); +    assertEquals("advancedMatchingError flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));    }    //TODO: implement new test that this test makes no sense any more @@ -345,13 +342,12 @@ public class ReceiveMobilePhoneSignatureResponseTaskTest {      RegisterStatusResults registerSearchResult = new RegisterStatusResults(new RegisterOperationStatus(generateRandomProcessId()),          Collections.emptyList(), Collections.emptyList());      MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult); -     +      task.execute(pendingReq, executionContext);      AuthProcessDataWrapper session = pendingReq.getSessionData(AuthProcessDataWrapper.class);      assertEquals("LoA", "http://eidas.europa.eu/LoA/low", session.getQaaLevel());      assertEquals("IssueInstant", "2014-03-05T06:39:51Z", session.getIssueInstantString()); -    assertNull("Matching BPK", session.getGenericDataFromSession(Constants.DATA_RESULT_MATCHING_BPK));      assertEquals("Transition To S16", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK));    } @@ -370,9 +366,8 @@ public class ReceiveMobilePhoneSignatureResponseTaskTest {      AuthProcessDataWrapper session = pendingReq.getSessionData(AuthProcessDataWrapper.class);      assertEquals("LoA", "http://eidas.europa.eu/LoA/low", session.getQaaLevel());      assertEquals("IssueInstant", "2014-03-05T06:39:51Z", session.getIssueInstantString()); -    assertNull("Matching BPK", session.getGenericDataFromSession(Constants.DATA_RESULT_MATCHING_BPK));      assertNull("Transition To S16", executionContext.get(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK)); -     +      //TODO: update this check because this task selects one result from MDS search result before and creates a new element      //Mockito.verify(registerSearchService).step7aKittProcess(eq(registerSearchResult), eq(eidData));    } @@ -390,15 +385,14 @@ public class ReceiveMobilePhoneSignatureResponseTaskTest {      TaskExecutionException e = assertThrows(TaskExecutionException.class,          () -> task.execute(pendingReq, executionContext)); -     +      assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());      isInstanceOf(AuthnResponseValidationException.class, e.getOriginalException());      isInstanceOf(ManualFixNecessaryException.class, e.getOriginalException().getCause());      assertEquals("sp.pvp2.12", ((AuthnResponseValidationException) e.getOriginalException()).getErrorId()); -     -     -    AuthProcessDataWrapper session = pendingReq.getSessionData(AuthProcessDataWrapper.class);     -    assertNull("Matching BPK", session.getGenericDataFromSession(Constants.DATA_RESULT_MATCHING_BPK)); + + +    AuthProcessDataWrapper session = pendingReq.getSessionData(AuthProcessDataWrapper.class);      assertNull("Transition To S16", executionContext.get(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK));    } @@ -411,9 +405,9 @@ public class ReceiveMobilePhoneSignatureResponseTaskTest {              .givenName("foo")              .familyName("foo")              .dateOfBirth("bar") -            .build()),  +            .build()),          Collections.emptyList()); -     +    }    @NotNull @@ -433,16 +427,16 @@ public class ReceiveMobilePhoneSignatureResponseTaskTest {              .familyName("familyName")              .dateOfBirth("dateOfBirth")              .build()); -     -    return new RegisterStatusResults(new RegisterOperationStatus(generateRandomProcessId()),  + +    return new RegisterStatusResults(new RegisterOperationStatus(generateRandomProcessId()),          results, Collections.emptyList());    }    private BigInteger generateRandomProcessId() {      return new BigInteger(RandomStringUtils.randomNumeric(10)); -     +    } -   +    private SimpleEidasData.SimpleEidasDataBuilder createEidasDataMatchingToSamlResponse() {      // data from "/data/Response_with_EID.xml"      return SimpleEidasData.builder() diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveOtherLoginMethodGuiResponseTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveOtherLoginMethodGuiResponseTaskTest.java index 84e78fdb..da8a7497 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveOtherLoginMethodGuiResponseTaskTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveOtherLoginMethodGuiResponseTaskTest.java @@ -25,7 +25,6 @@ import org.springframework.web.context.request.ServletRequestAttributes;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SelectedLoginMethod; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.InvalidUserInputException;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveOtherLoginMethodGuiResponseTask;  import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;  import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; @@ -88,7 +87,7 @@ public class ReceiveOtherLoginMethodGuiResponseTaskTest {    public void withNoOtherLoginSelection() throws TaskExecutionException {      testTransition(SelectedLoginMethod.NO_OTHER_LOGIN, Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK);    } -   +    @Test    public void withAddMeAsNewSelection() throws TaskExecutionException {      testTransition(SelectedLoginMethod.ADD_ME_AS_NEW, Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK); @@ -106,48 +105,44 @@ public class ReceiveOtherLoginMethodGuiResponseTaskTest {      assertEquals("Wrong login-selection found", loginMethod, executionContext.get(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER));      assertEquals("Next task", true, executionContext.get(expectedTransition));      assertNull("find advancedMatchingError flag", executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED)); -     +    } -  public void withInvalidSelection() { +  public void withInvalidSelection() throws TaskExecutionException {      httpReq.setParameter(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER, RandomStringUtils.randomAlphabetic(2)); -    TaskExecutionException e = assertThrows(TaskExecutionException.class, -        () -> task.execute(pendingReq, executionContext)); +    task.execute(pendingReq, executionContext); -    assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID()); -    isInstanceOf(InvalidUserInputException.class, e.getOriginalException()); +    assertEquals("Next task", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK)); +    assertEquals("advancedMatchingError flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));    }    @Test -  public void withNullSelection() { +  public void withNullSelection() throws TaskExecutionException {      httpReq.setParameter(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER, "null"); -    TaskExecutionException e = assertThrows(TaskExecutionException.class, -        () -> task.execute(pendingReq, executionContext)); +    task.execute(pendingReq, executionContext); -    assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID()); -    isInstanceOf(InvalidUserInputException.class, e.getOriginalException()); +    assertEquals("Next task", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK)); +    assertEquals("advancedMatchingError flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));    }    @Test -  public void withEmptySelection() { +  public void withEmptySelection() throws TaskExecutionException {      httpReq.setParameter(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER, ""); -    TaskExecutionException e = assertThrows(TaskExecutionException.class, -        () -> task.execute(pendingReq, executionContext)); +    task.execute(pendingReq, executionContext); -    assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID()); -    isInstanceOf(InvalidUserInputException.class, e.getOriginalException()); +    assertEquals("Next task", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK)); +    assertEquals("advancedMatchingError flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));    }    @Test -  public void withoutLoginMethodSelection() { +  public void withoutLoginMethodSelection() throws TaskExecutionException { -    TaskExecutionException e = assertThrows(TaskExecutionException.class, -        () -> task.execute(pendingReq, executionContext)); +    task.execute(pendingReq, executionContext); -    assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID()); -    isInstanceOf(InvalidUserInputException.class, e.getOriginalException()); +    assertEquals("Next task", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK)); +    assertEquals("advancedMatchingError flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));    }  } diff --git a/licenses/IAIK-LICENSE.txt b/licenses/IAIK-LICENSE.txt deleted file mode 100644 index 4fa412cf..00000000 --- a/licenses/IAIK-LICENSE.txt +++ /dev/null @@ -1,108 +0,0 @@ -Stiftung SIC License Agreement for "IAIK MOA" - -Valid from December 1st, 2005 - -The Stiftung SIC -Stiftung Secure Information and Communication Technologies -Inffeldgasse16a, A-8010 Graz, Austria, hereafter referred to as "Stiftung SIC",  -offers to grant licences for the SOFTWARE defined below according to the following conditions: - -1. DEFINITIONS -For the purpose of this Licence Agreement, the following definitions are valid: - -a. The term "SOFTWARE" refers to the "IAIK MOA" bundle in any  -form (object code or other) including documentation. The  -SOFTWARE is the sole property of Stiftung SIC and protected by  -Austrian, International Copyright Law, e.g. the Revised Berne  -Convention, and the US Copyright Act. - -b. "IAIK MOA" is distributed in documentation, manuals, and user  -guides, tools - including any revisions, patches and updates  -downloaded by the customer. - -c."IAIK MOA Runtime Modules" means the runtime object code  -modules provided with, or derived from the SOFTWARE. - -d. "MOA modules" mean the modules for online applications made  -available by the Austrian Federal Chancellery and they consist of  -MOA-Signature Creation (MOA-SS), MOA-Signature Verification  -(MOA-SP) and MOA-Identification (MOA-ID). - -2. GRANTING of LICENCES - -The licensee is granted as specified below: - -o IAIK MOA Runtime License -Stiftung SIC grants the Licensee a non-exclusive, non-transferable runtime licence to use the  -"IAIK MOA" modules in the context of unmodified MOA modules. Any attempt to use any parts or  -the whole IAIK Crypto Toolkits which come bundled together with the MOA modules for any  -purpose other than accessing these MOA modules by applications, including, but not limited to,  -the development of applications, the creation of a toolkit, or inclusion in a different toolkit, is not  -permitted without additional licenses. These licences are not transferable to contractors or any  -other persons, organisations or companies outside the licensee's organisation without making  -such persons, organisations or companies explicitly aware of the restrictions of these licenses  -and such persons, organisations or companies explicitly agree to observe these restrictions. - -3. LIMITATIONS for all LICENCES: -LICENSEES must not attempt to reverse engineer, decompile, disassemble, reverse, translate or in  -any other manner decode the computer programmes in the IAIK libraries in order to derive the  -source code there from.  - -4. WARRANTY: -Stiftung SIC guarantees that the SOFTWARE is free of any computer virus or other malicious  -hidden routines that would intentionally cause damage to or corrupt data, storage media or  -equipment. For proving the integrity of the SOFTWARE, Stiftung SIC may calculate a SHA-1 hash  -value over the distribution file and publish it on its web site. It is the duty of the licensee to verify this  -hash value. If the hash value cannot be verified, Stiftung SIC declines any warranties on that  -software, and the licensee should immediately (or within 30 days of delivery at the latest), contact  -Stiftung SIC for verification and reshipment. -The SOFTWARE is provided "as is" and except for the declaration and warranty stated in this  -section, Stiftung SIC makes no representations, conditions or warranties, either express or implied,  -relative to the SOFTWARE or services provided hereunder, including all implied conditions or  -warranties of merchantability and fitness for a particular purpose and all conditions with respect to  -intellectual property infringement. Stiftung SIC may, but shall not be obliged to, fix errors in any  -SOFTWARE. - -5. PROPRIETARY INFORMATION and CONFIDENTIALITY: -The LICENSEE acknowledges that the SOFTWARE remains the property of, and is confidential to,  -Stiftung SIC and incorporates trade secrets of Stiftung SIC, and that Stiftung SIC shall have the  -exclusive right to any copyrights or patents in respect of the SOFTWARE. The LICENSEE agrees to  -maintain the confidentiality of the SOFTWARE. -The LICENSEE further agrees that (with the exception of paragraph 2 above), he shall not make  -any disclosure of the SOFTWARE (including copies thereof or methods or concepts utilised therein)  -to any person or entity, other than employees of the LICENSEE, to whom such disclosure is  -necessary in order to use the SOFTWARE as provided herein. The LICENSEE shall appropriately  -notify each employee to whom any such disclosure is made. Such disclosure must be made in  -confidence and shall be kept in confidence by the employee in question. -The LICENSEE agrees to use diligent and determined efforts to secure and protect the  -SOFTWARE and copies thereof in a manner consistent with their proprietary character and the  -maintenance of Licensor's rights therein, and without limitation thereof, to take appropriate action,  -by instruction or agreement with its employees who are permitted access to the SOFTWARE or  -copies thereof, or otherwise, to satisfy its obligations as hereby stated. - -6. TERMINATION: -Stiftung SIC may terminate this Agreement without prior notice, if the licensee 1. neglects or fails to  -perform or observe, or correct a breach of its obligations to Stiftung SIC; 2. goes out of business,  -files a bankruptcy petition or has such a petition filed involuntarily against it or becomes insolvent; 3.  -develops, sells, licenses or distributes or attempts to develop, sell, license or distribute any software  -based on the SOFTWARE which is outside the scope of the limited rights granted herein, to any  -third party. In the event of such a termination, the Licensee shall immediately destroy all copies and  -ensure that all backup copies are destroyed as well. - -Stiftung SIC may at any time stop granting free licenses of the SOFTWARE in combination with the  -MOA modules without prior notice. In this case, all licenses granted until that time remain valid, i.e.  -allow the licensee to continue using the SOFTWARE in combination with the unmodified MOA  -modules. - -7. LIABILITY: -To the maximum extent allowed by applicable law Stiftung SIC shall not be liable for any damages  -whatsoever (including, without limitation, damages for loss of business profits, business interruption,  -loss of business information, or other pecuniary loss) arising out of the use of or inability to use the  -SOFTWARE, even if Stiftung SIC has been advised of the possibility of such damages. - -8. WAIVER: -Invalidity, on legal grounds, of any term of this Agreement does not render the Agreement as a whole  -invalid. - -9. GOVERNING LAW, ARBITRATION: -This Agreement is governed by Austrian law. diff --git a/licenses/SIC_LICENSE.txt b/licenses/SIC_LICENSE.txt deleted file mode 100644 index 5452d915..00000000 --- a/licenses/SIC_LICENSE.txt +++ /dev/null @@ -1,197 +0,0 @@ -License for Open Source Projects - -Stiftung SIC Java Crypto-Software Development Kit Licence Agreement for -Free Licenses Valid from February 19, 2010, amended May 13, 2011 - -The Stiftung SIC (Stiftung Secure Information and Communication -Technologies, Inffeldgasse16a, A-8010 Graz, Austria / Europe) hereafter -referred to as "Stiftung SIC" offers to grant licences for the SOFTWARE -defined below according to the following conditions: - -1. DEFINITIONS - -a. "LICENSEE" refers to the person, organisation or company, to whom the -licenses are granted under this license agreement. - -b. The term "SOFTWARE" refers to IAIK Java Crypto Software in any form -(source code, object code or other) including documentation. The -SOFTWARE is the sole property of Stiftung SIC and protected by Austrian, -International Copyright Law, e.g. the Revised Berne Convention, and the -US Copyright Act. - -c. "IAIK Java Crypto Software" means either IAIK-JCE, iSaSiLk or any -other Java-based Crypto-Software development kit which usually consists -of source code (if applicable; for source licences only), Java byte code -or any other form of object code. The Software and additional tools are -distributed in documentation, manuals, user guides, sample application -code, tools - including any revisions, patches and updates delivered or -downloaded by the LICENSEE. - -d. "IAIK Java Crypto Software Runtime Modules" means the runtime object -code modules provided with, or derived from, an IAIK-Java-Crypto -Software Development Kit, which are usually distributed as a -Java-Archive in JAR or ZIP-Format, or in any other format suitable for -use by application programmes or other software. - -e. "IAIK-Crypto Software based Application" means any computer programme -created by the LICENSEE using any of the IAIK-Toolkits, with the -exception of server software, which is considered as a different -category. - -f. "Server software" means IAIK-Crypto Software based applications run -or published on a server (like but not limited to a web server). -Examples for server software are applets, midlets, servlets, CGI-scripts -or software that is run on a server. - -g. "To publish" means that an application is retrievable or accessible -from a certain server, but not installed on another machine. - -h. "DERIVED SOFTWARE" refers to software (excluding any of our SOFTWARE) -in any form (source code, object code or other) that uses the IAIK Java -Crypto Software Runtime Modules. It also includes parts where LICENSEE -acts as a licensor or sub-licensor. - -i. “Open Source Software Development” means development under an -ACCEPTED LICENSE. - -j. "ACCEPTED LICENSE" means the following licenses: - -j1. GPL Version 2, June 1991 (http: //www.fsf.org/licenses/gpl.html). - -j2. European Union Public License (EUPL) Version 1.1, January 2009 -(http://www.osor.eu/eupl) - for distribution under compatible licenses -defined in the licenses above or under any other license, the LICENSEE -needs explicit permission by Stiftung SIC. - -2. GRANTING of LICENCES Stiftung SIC grants free licenses of the -SOFTWARE for development of free of charge open source software. The -SOFTWARE may be distributed bundled with the free of charge open source -software in binary form only. The type of open source development is -generally unrestricted; the only exception is a product that contains or -is an API or a service of which most of the functionality is provided by -the SOFTWARE. The derived product must not offer features that are -similar to that of the SOFTWARE. This means, this license does not allow -developing a product that contains or is a wrapper around the SOFTWARE. - -The LICENSEE and his licensees are granted a non-exclusive, -non-transferable license to run and redistribute the IAIK Java Crypto -Software Runtime Modules in unmodified, binary form under the following -conditions. - - * The LICENSEE and his licensees are not permitted to charge any -   royalties or fees for DERIVED SOFTWARE. - - * The LICENSEE of "IAIK Java Crypto Software Runtime Modules", has to -   make the source code of his product publicly available under an -   ACCEPTED LICENSE. - - * The LICENSEE is further hereby obliged and authorized to bind his -   licensees to all these conditions. - -If LICENSEE licenses DERIVED SOFTWARE under any other free software -licensing scheme that is similar to an ACCEPTED LICENSE, it may be -possible to grant a free license. Stiftung SIC will decide on this -individually after inspecting the intended use and license conditions. - -This free license shall NOT be construed or otherwise interpreted as any -kind of express or implied representation that this SOFTWARE is -licensable under an ACCEPTED LICENSE or any free license other than the -one laid out in this document. - -3. LIMITATIONS for all LICENCES: LICENSEES must not attempt to reverse -engineer, decompile, disassemble, reverse, translate or in any other -manner decode the computer programmes in the IAIK-Toolkit in order to -derive the source code there from. - -ATTENTION: THIS LICENSE AGREEMENT DOES NOT INCLUDE LICENSING OF THE -INCLUDED ALGORITHMS, when appropriate. Please see -http://jce.iaik.tugraz.at/sic/sales/patent_issues_algorithms for a -summary of the licence/patent status situation of algorithms used in -IAIK-JCE. It is the sole responsibility of LICENSEES to ensure the -legality of using the IAIK-Crypto software in their countries. Stiftung -SIC declares that to the best of its knowledge all parts of the -IAIK-Toolkits have been developed by Austrian citizens, except for the -HTTP implementation (w3c_http.jar) delivered with the iSaSiLk -distribution and free third party libraries (like Apache Xalan or -Xerces) that may be delivered with the toolkits for convenience. The -implementation of the Camellia cipher algorithm core has been provided -by NTT (Nippon Telegraph and Telephone Corporation) under BSD licence -terms -(see http://jce.iaik.tugraz.at/sic/sales/patent_issues_algorithms). - -4. TERMS of LICENSE: Free licenses for development of free of charge -open source software under ACCEPTED LICENSES are perpetual. Stiftung SIC -has no obligation to continue making free updates or new versions -available for LICENSEE - -5. DELIVERY: Free licenses are made available by download only. - -6. WARRANTY: Stiftung SIC guarantees that the SOFTWARE is free of any -computer virus or other malicious hidden routines that would -intentionally cause damage to or corrupt data, storage media or -equipment. - -The SOFTWARE is provided "as is" and except for the declaration and -warranty stated in this Section, Stiftung SIC makes no representations, -conditions or warranties, either express or implied, relative to the -IAIK-Toolkit or services provided hereunder, including all implied -conditions or warranties of merchantability and fitness for a particular -purpose and all conditions with respect to intellectual property -infringement. - -7. PROPRIETARY INFORMATION and CONFIDENTIALITY: The LICENSEE -acknowledges that the SOFTWARE remains the property of, and is -confidential to, Stiftung SIC and incorporates trade secrets of Stiftung -SIC, and that Stiftung SIC shall have the exclusive right to any -copyrights or patents in respect of the SOFTWARE. The LICENSEE agrees to -maintain the confidentiality of the SOFTWARE. The LICENSEE further -agrees that (with the exception of paragraph 2 above), he shall not make -any disclosure of the SOFTWARE (including copies thereof or methods or -concepts utilised therein) to any person or entity, other than employees -of the LICENSEE, to whom such disclosure is necessary in order to use -the SOFTWARE as provided herein. The LICENSEE shall appropriately notify -each employee to whom any such disclosure is made. Such disclosure must -be made in confidence and shall be kept in confidence by the employee in -question. The LICENSEE agrees to use diligent and determined efforts to -secure and protect the SOFTWARE and copies thereof in a manner -consistent with their proprietary character and the maintenance of -LICENSOR`s rights therein, and without limitation thereof, to take -appropriate action, by instruction or agreement with its employees who -are permitted access to the SOFTWARE or copies thereof, or otherwise, to -satisfy its obligations as hereby stated. - -8. TERMINATION: Stiftung SIC may terminate this Agreement without prior -notice, if the LICENSEE 1. neglects or fails to perform or observe, or -correct a breach of its obligations to Stiftung SIC; 2. goes out of -business, files a bankruptcy petition or has such a petition filed -involuntarily against it or becomes insolvent; 3. develops, sells, -licenses or distributes or attempts to develop, sell, license or -distribute any software based on the IAIK-Toolkit which is outside the -scope of the limited rights granted herein, to any third party. In the -event of such a termination, the LICENSEE shall immediately delete all -electronic versions from his systems and ensure that all backup copies -are destroyed as well. - -9. LIABILITY: To the maximum extent allowed by applicable law Stiftung -SIC shall not be liable for any damages whatsoever (including, without -limitation, damages for loss of business profits, business interruption, -loss of business information, or other pecuniary loss) arising out of -the use of or inability to use the IAIK-Toolkit, even if Stiftung SIC -has been advised of the possibility of such damages. - -10. EXPORT RESTRICTIONS: In some countries, the IAIK-Toolkits may be -subject to export and import restrictions. Their re-export may require -the approval of the competent authorities. The LICENSEE shall be liable -for the observance of any control regulation and explicitly agrees to -hold Stiftung SIC fully harmless. - -11. WAIVER: Invalidity, on legal grounds, of any term of this Agreement -does not render the Agreement as a whole invalid. - -12. SURVIVAL: Irrespective of expiration or termination of this -Agreement, the provisions of Articles 2, 4, and 8 shall survive the -termination or the expiry of this Agreement. - -13. GOVERNING LAW, ARBITRATION: This Agreement is governed by Austrian -law. - @@ -45,7 +45,7 @@      <hibernate-validator.version>6.1.5.Final</hibernate-validator.version>      <!-- testing --> -    <junit.version>4.13.2</junit.version> +    <junit.version>4.13</junit.version>      <surefire.version>2.22.2</surefire.version>      <mockito-soap-cxf.version>1.2.0</mockito-soap-cxf.version>      <com.squareup.okhttp3.version>4.0.0</com.squareup.okhttp3.version> @@ -290,7 +290,7 @@          <groupId>org.apache.cxf</groupId>          <artifactId>cxf-core</artifactId>          <version>${cxf.version}</version> -      </dependency>       +      </dependency>        <dependency>          <groupId>org.apache.cxf</groupId>          <artifactId>cxf-rt-frontend-jaxws</artifactId> @@ -388,7 +388,7 @@          <version>${eaaf-core.version}</version>          <scope>test</scope>          <type>test-jar</type> -      </dependency>             +      </dependency>        <dependency>          <groupId>at.asitplus.eidas.ms_specific</groupId>          <artifactId>connector_lib</artifactId> @@ -518,7 +518,7 @@          </executions>          <configuration>            <excludedScopes>test</excludedScopes> -          <excludedGroups>iaik.*|MOA.spss.*</excludedGroups> +          <excludedGroups>MOA.spss.*</excludedGroups>          </configuration>        </plugin> | 
