diff options
7 files changed, 455 insertions, 52 deletions
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/task/GenerateCountrySelectionFrameBmiTemplateTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/task/GenerateCountrySelectionFrameBmiTemplateTest.java new file mode 100644 index 00000000..491dfa81 --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/task/GenerateCountrySelectionFrameBmiTemplateTest.java @@ -0,0 +1,110 @@ +package at.asitplus.eidas.specific.connector.test.task; + +import java.io.UnsupportedEncodingException; +import java.util.Locale; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Assert; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.i18n.LocaleContextHolder; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.context.ActiveProfiles; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.test.context.web.WebAppConfiguration; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; + +import at.asitplus.eidas.specific.connector.processes.tasks.GenerateCountrySelectionFrameTask; +import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/applicationContext.xml", + "/spring/SpringTest_connector.beans.xml", + "/eaaf_core.beans.xml", + "/eaaf_pvp.beans.xml", + "/eaaf_pvp_idp.beans.xml", + "/spring/SpringTest-context_simple_storage.xml" }) +@ActiveProfiles(profiles = {"deprecatedConfig"}) +@WebAppConfiguration +public class GenerateCountrySelectionFrameBmiTemplateTest { + + @Autowired private GenerateCountrySelectionFrameTask task; + + private ExecutionContextImpl executionContext = new ExecutionContextImpl(); + private TestRequestImpl pendingReq; + private MockHttpServletRequest httpReq; + private MockHttpServletResponse httpResp; + + /** + * jUnit class initializer. + * + */ + @BeforeClass + public static void classInitializer() { + final String current = new java.io.File(".").toURI().toString(); + System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1_bmi.properties"); + Locale.setDefault(Locale.ENGLISH); + + } + + /** + * jUnit test set-up. + * + */ + @Before + public void initialize() { + httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + pendingReq = new TestRequestImpl(); + pendingReq.setAuthUrl("https://localhost/ms_connector"); + pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); + + Locale.setDefault(Locale.ENGLISH); + LocaleContextHolder.resetLocaleContext(); + LocaleContextHolder.setDefaultLocale(Locale.ENGLISH); + + } + + @Test + public void validHtmlResponseWithDE() throws TaskExecutionException, UnsupportedEncodingException { + LocaleContextHolder.setLocale(Locale.GERMAN); + httpReq.addHeader("Accept-Language", "de"); + + task.execute(pendingReq, executionContext); + + //result validation + String html = doBasicValidation(); + + Assert.assertTrue("No english text", + html.contains("Information zur Anmeldung über Europäische eIDs")); + + } + + private String doBasicValidation() throws UnsupportedEncodingException { + Assert.assertEquals("Wrong http StatusCode", 200, httpResp.getStatus()); + Assert.assertEquals("Wrong http ContentType", "text/html;charset=UTF-8", httpResp.getContentType()); + + String html = httpResp.getContentAsString(); + Assert.assertNotNull("html result is null", html); + Assert.assertFalse("html result is empty", html.isEmpty()); + Assert.assertTrue("No language selector with pendingRequestId", + html.contains("/myHomeCountry?pendingid=" + pendingReq.getPendingRequestId())); + Assert.assertTrue("No country-selection form", + html.contains("<form class=\"block\" method=\"post\" action=\"/myHomeCountry\">")); + + return html; + + } +} diff --git a/connector/src/test/resources/config/junit_config_1_bmi.properties b/connector/src/test/resources/config/junit_config_1_bmi.properties new file mode 100644 index 00000000..fa722554 --- /dev/null +++ b/connector/src/test/resources/config/junit_config_1_bmi.properties @@ -0,0 +1,124 @@ +## Basic service configuration +eidas.ms.context.url.prefix=http://localhost +eidas.ms.context.url.request.validation=false +eidas.ms.core.configRootDir=file:./src/test/resources/config/ + +eidas.ms.context.use.clustermode=true + +##Monitoring +eidas.ms.monitoring.eIDASNode.metadata.url= + + +##Specific logger configuration +eidas.ms.technicallog.write.MDS.into.techlog=true +eidas.ms.revisionlog.write.MDS.into.revisionlog=true +eidas.ms.revisionlog.logIPAddressOfUser=true + +##Directory for static Web content +eidas.ms.webcontent.static.directory=webcontent/ +eidas.ms.webcontent.templates=templates/ +eidas.ms.webcontent.properties=properties/messages +eidas.ms.webcontent.templates.countryselection=countrySelection_bmi_v1.html + +## extended validation of pending-request Id's +eidas.ms.core.pendingrequestid.maxlifetime=300 +eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256 +eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret + +## eIDAS Ref. Implementation connector ### +eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector +eidas.ms.auth.eIDAS.node_v2.forward.endpoint= +eidas.ms.auth.eIDAS.node_v2.forward.method=POST +eidas.ms.auth.eIDAS.node_v2.countrycode=AT +eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.* +eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true +eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true +eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true + +eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/substantial + +eidas.ms.auth.eIDAS.szrclient.useTestService=true +eidas.ms.auth.eIDAS.szrclient.endpoint.prod= +eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/junit.jks +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password=password +eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path= +eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password= +eidas.ms.auth.eIDAS.szrclient.timeout.connection=15 +eidas.ms.auth.eIDAS.szrclient.timeout.response=30 +eidas.ms.auth.eIDAS.szrclient.params.vkz= + +eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation=false + + +#Raw eIDAS Id data storage +eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true + +eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true +eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true + +eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true +eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=true + +##without mandates +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true + +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.4=PlaceOfBirth,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.5=BirthName,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.6=Gender,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.7=CurrentAddress,false + +##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT ----- +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.1=FamilyName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.2=FirstName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.3=DateOfBirth,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true + + +## PVP2 S-Profile end-point configuration +eidas.ms.pvp2.keystore.type=jks +eidas.ms.pvp2.keystore.path=keys/junit.jks +eidas.ms.pvp2.keystore.password=password +eidas.ms.pvp2.key.metadata.alias=meta +eidas.ms.pvp2.key.metadata.password=password +eidas.ms.pvp2.key.signing.alias=sig +eidas.ms.pvp2.key.signing.password=password +eidas.ms.pvp2.metadata.validity=24 + +eidas.ms.pvp2.metadata.organisation.name=JUnit +eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit +eidas.ms.pvp2.metadata.organisation.url=http://junit.test +eidas.ms.pvp2.metadata.contact.givenname=Max +eidas.ms.pvp2.metadata.contact.surname=Mustermann +eidas.ms.pvp2.metadata.contact.email=max@junit.test + +## Service Provider configuration +eidas.ms.sp.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata +eidas.ms.sp.0.pvp2.metadata.truststore=keys/junit.jks +eidas.ms.sp.0.pvp2.metadata.truststore.password=password +eidas.ms.sp.0.friendlyName=jUnit test +#eidas.ms.sp.0.pvp2.metadata.url= +#eidas.ms.sp.0.policy.allowed.requested.targets=.* +#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false + +## Service Provider configuration +eidas.ms.sp.1.uniqueID=https://demo.egiz.gv.at/junit_test +eidas.ms.sp.1.pvp2.metadata.truststore=keys/junit.jks +eidas.ms.sp.1.pvp2.metadata.truststore.password=password +eidas.ms.sp.1.friendlyName=jUnit test +eidas.ms.sp.1.pvp2.metadata.url=http://junit.test/metadata +eidas.ms.sp.1.policy.allowed.requested.targets=test +eidas.ms.sp.1.policy.hasBaseIdTransferRestriction=true + + +##only for advanced config +eidas.ms.configuration.sp.disableRegistrationRequirement= +#eidas.ms.configuration.restrictions.baseID.spTransmission= +eidas.ms.configuration.auth.default.countrycode= +eidas.ms.configuration.pvp.scheme.validation= +eidas.ms.configuration.pvp.enable.entitycategories=
\ No newline at end of file diff --git a/connector/src/test/resources/config/templates/countrySelection_bmi_v1.html b/connector/src/test/resources/config/templates/countrySelection_bmi_v1.html new file mode 100644 index 00000000..c290556f --- /dev/null +++ b/connector/src/test/resources/config/templates/countrySelection_bmi_v1.html @@ -0,0 +1,133 @@ +<!DOCTYPE html> +<html xmlns:th="http://www.thymeleaf.org" + xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout" + layout:decorator="fragments/base" + th:with="lang=${#locale.language}" th:lang="${lang}"> +<head> + <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <meta name="viewport" content="width=device-width, initial-scale=1"> +<!-- <link rel="stylesheet" href="$contextPath/css/css_country.css" th:href="@{/css/css_country.css}"/> --> + <link rel="stylesheet" href="/static/common.css"/> + <title th:text="#{gui.countryselection.title}">eIDAS-Login Länderauswahl</title> +<style> +</style> +<script type="text/javascript"> + +/* Element.closest polyfill - https://developer.mozilla.org/en-US/docs/Web/API/Element/closest License: public domain*/ +if (!Element.prototype.matches) + Element.prototype.matches = Element.prototype.msMatchesSelector || + Element.prototype.webkitMatchesSelector; + +if (!Element.prototype.closest) + Element.prototype.closest = function(s) { + var el = this; + if (!document.documentElement.contains(el)) return null; + do { + if (el.matches(s)) return el; + el = el.parentElement || el.parentNode; + } while (el !== null && el.nodeType === 1); + return null; + }; + + +function clickCountryFlag(element) { + if (!element) return false; + + var form = element.closest("form"); + + if (!form) return false; + + form.submit(); + return false; +} +</script> +</head> +<body> + <div class="header container"> + <div class="titlebar"> + <div> + <a href="https://www.bmi.gv.at/" target="_blank" title="Home"> + <img class="toplogo img-responsive" src="/static/BMI.png" alt="Logo BMI" + th:attr="alt=#{gui.countryselection.logo.bmi.alt}"> + <h1 class="hidden" th:text="#{gui.countryselection.header1}"> Bundesministerium für Inneres </h1> + </a> + </div> + <ul class="nav_oben"> + <li> + <div class="languageselection" th:include="language_selection :: selectlanguage"> + LanguageSelectionBlock + </div> + </li> + + <li><a href="https://www.bmi.gv.at/" target="_blank" th:text="#{gui.countryselection.link.bmi}" > Startseite BMI </a></li> + </ul> + </div> + </div> + <div class="content"> + <div class="subtitle"> + <h1 th:text="#{gui.countryselection.header2}" > Zentraler eIDAS Knoten der Republik Österreich </h1> + <h2 th:text="#{gui.countryselection.header3}" > Betrieben durch das Bundesministerium für Inneres </h2> + </div> + + <h1 th:text="#{gui.countryselection.header.selection}"> Wählen Sie Ihr Land / Select your country </h1> + + <!-- Active countries --> + + <div id="country" th:with="countries=${new java.lang.String[]{'be', 'de', 'ee', 'it', 'lu', 'pt', 'sk', 'es', 'cz' } }"> + <form th:each="country : ${countries}" class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> + <a onclick='clickCountryFlag(this)'><img class="countryimage" + th:attr="src=@{#{gui.countryselection.country.__${country}__.img}},alt=#{gui.countryselection.country.__${country}__.logo.alt}"/></a> + + <input type="submit" class="country-button" role="button" value="?countryname?" th:attr="value=#{gui.countryselection.country.__${country}__}" /> + <input type="hidden" name="selectedCountry" th:value="${#strings.toUpperCase(country)}"> + <input type="hidden" name="pendingid" value="$pendingid" th:attr="value=${pendingid}" /> + </form> + </div> +<!--/* + <div id="country"> + <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> + <a><img class="countryimage" src="$contextPath/img/countries/germany-eu_.png" alt="Germany-eID" + th:attr="src=@{/img/countries/germany-eu_.png},alt=#{gui.countryselection.country.de.logo.alt}"/></a> + <input type="submit" role="button" value="Deutschland / Germany" th:attr="value=#{gui.countryselection.country.de}" /> + <input type="hidden" name="selectedCountry" value="DE"> + <input type="hidden" name="pendingid" value="$pendingid" th:attr="value=${pendingid}" /> + </form> + + </div> +*/--> + + <!-- Abbrechen Button --> + <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}"> + <input type="submit" class="btn btn-outline-primary btn-block cancel-button" value="Abbrechen/Cancel" th:attr="value=#{gui.countryselection.cancle}"> + <input type="hidden" name="stopAuthProcess" value="true" > + <input type="hidden" name="pendingid" value="$pendingid" th:attr="value=${pendingid}"> + </form> + + <p th:text="#{gui.countryselection.notsupportedinfo}" >Wenn Sie Ihr Land in dieser Aufzählung nicht entdecken ... </p> + +<h2 th:text="#{gui.countryselection.infos.general.header}" > Information zur Anmeldung über Europäische eIDs </h2> +<p> + <span th:text="#{gui.countryselection.infos.general.part.1}"> first part </span> + <a href="https://www.bmi.gv.at/" target="_blank" th:text="#{gui.countryselection.header1}" > Bundesministerium für Inneres </a> + <span th:text="#{gui.countryselection.infos.general.part.2}"> second part </span> +</p> + +<p> + <span th:text="#{gui.countryselection.infos.general.part.3}"> third part </span> + <a href="https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32014R0910&from=DE" target="_blank" th:text="#{gui.countryselection.infos.general.link.1}"> eIDAS-Verordnung der Europäischen Union </a> + <span th:text="#{gui.countryselection.infos.general.part.4}"> fourth part </span> +</p> + +<p> + <span th:text="#{gui.countryselection.infos.general.part.5}"> fived part </span> + <a href="http://ernp.bmi.gv.at/" target="_blank" th:text="#{gui.countryselection.infos.general.link.2}" ></a> + <span th:text="#{gui.countryselection.infos.general.part.6}"> sixed part </span> +</p> + + </div> + <footer> + <div class="copyright">© BUNDESMINISTERIUM FÜR INNERES</div> + <div></div> + </footer> +</body> +</html> diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java index fca5e583..8c294c97 100644 --- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java +++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java @@ -48,8 +48,6 @@ import javax.xml.ws.Dispatch; import org.apache.commons.lang3.StringUtils; import org.apache.xpath.XPathAPI; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; import org.springframework.stereotype.Service; import org.w3c.dom.Document; import org.w3c.dom.Element; @@ -72,6 +70,7 @@ import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.data.XmlNamespaceConstants; import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; import at.gv.egiz.eaaf.core.impl.utils.DomUtils; +import lombok.extern.slf4j.Slf4j; import szrservices.GetBPK; import szrservices.GetBPKResponse; import szrservices.GetIdentityLinkEidas; @@ -88,9 +87,9 @@ import szrservices.SignContentResponseType; import szrservices.TravelDocumentType; +@Slf4j @Service("SZRClientForeIDAS") public class SzrClient extends AbstractSoapClient { - private static final Logger log = LoggerFactory.getLogger(SzrClient.class); private static final String CLIENT_DEFAULT = "DefaultClient"; private static final String CLIENT_RAW = "RawClient"; @@ -125,11 +124,12 @@ public class SzrClient extends AbstractSoapClient { try { final GetIdentityLinkEidas getIdl = new GetIdentityLinkEidas(); getIdl.setPersonInfo(generateSzrRequest(matchedPersonData)); - + return getIdentityLinkGeneric(getIdl); } catch (final Exception e) { - log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e); + log.warn("SZR communication FAILED for operation: {} Reason: {}", + "GetIdentityLinkEidas", e.getMessage(), e); throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e); } @@ -157,33 +157,13 @@ public class SzrClient extends AbstractSoapClient { return result.getGetBPKReturn(); } catch (final SZRException_Exception e) { - log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e); + log.warn("SZR communication FAILED for operation: {} Reason: {}", + "GetBPK", e.getMessage(), e); throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e); } } - - /** - * Creates a new ERnP entry. - * TODO Is this correct? Ask BMI. - * - * @param eidasData Minimum dataset of person - * @return encrypted baseId - * @throws SzrCommunicationException In case of a SZR error - */ - public String createNewErnpEntry(final SimpleEidasData eidasData) throws SzrCommunicationException { - final String resp; - try { - resp = this.szr.getStammzahlEncrypted(generateSzrRequest(eidasData), true); - } catch (SZRException_Exception e) { - throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e); - } - if (StringUtils.isEmpty(resp)) { - throw new SzrCommunicationException("ernb.01", new Object[]{"Stammzahl response empty"}); // TODO error handling - } - return resp; - } /** * Request a encrypted baseId from SZR. @@ -256,7 +236,8 @@ public class SzrClient extends AbstractSoapClient { return resp.getOut().get(0).getValue(); } catch (final JsonProcessingException | SZRException_Exception e) { - log.warn("Requesting bcBind by using SZR FAILED.", e); + log.warn("SZR communication FAILED for operation: {} Reason: {}", + "SignContent", e.getMessage(), e); throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e); } diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java index 6b541135..2853d8ab 100644 --- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java +++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java @@ -34,8 +34,6 @@ import javax.annotation.Nullable; import org.apache.commons.lang3.StringUtils; import org.joda.time.DateTime; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableSet; @@ -50,9 +48,11 @@ import eu.eidas.auth.commons.attribute.AttributeValueMarshaller; import eu.eidas.auth.commons.attribute.AttributeValueMarshallingException; import eu.eidas.auth.commons.attribute.AttributeValueTransliterator; import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress; +import lombok.NonNull; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class EidasResponseUtils { - private static final Logger log = LoggerFactory.getLogger(EidasResponseUtils.class); public static final String PERSONALIDENIFIER_VALIDATION_PATTERN = "^[A-Z,a-z]{2}/[A-Z,a-z]{2}/.*"; /** @@ -100,17 +100,15 @@ public class EidasResponseUtils { * @return Set of attribute values. If more then one value than the first value * contains the 'Latin' value. */ - // TODO: check possible problem with nonLatinCharacters + // TODO: check possible problem with nonLatinCharacters + @NonNull public static List<String> translateStringListAttribute(AttributeDefinition<?> attributeDefinition, @Nullable ImmutableSet<? extends AttributeValue<?>> attributeValues) { final List<String> stringListAttribute = new ArrayList<>(); - if (attributeValues == null) { - log.info("Can not extract infos from 'null' attribute value"); - - } else { - final AttributeValueMarshaller<?> attributeValueMarshaller = - attributeDefinition.getAttributeValueMarshaller(); - for (final AttributeValue<?> attributeValue : attributeValues) { + if (attributeValues != null && !attributeValues.isEmpty()) { + final AttributeValueMarshaller<?> attributeValueMarshaller = attributeDefinition + .getAttributeValueMarshaller(); + for (final AttributeValue<?> attributeValue : attributeValues.asList()) { String valueString = null; try { valueString = attributeValueMarshaller.marshal((AttributeValue) attributeValue); @@ -149,9 +147,13 @@ public class EidasResponseUtils { } } - log.trace("Extract values: {} for attr: {}", + log.trace("Extract values: {} for attr: {}", StringUtils.join(stringListAttribute, ","), attributeDefinition.getFriendlyName()); - + + } else { + log.info("Can not extract infos from '{}' attributeValue for attribute: {}", + attributeValues != null ? "empty" : "null", attributeDefinition.getNameUri()); + } return stringListAttribute; diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java index 3c9db9ea..c8a1f190 100644 --- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java +++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java @@ -155,7 +155,7 @@ public class MatchingTaskUtils { result.put(el.getFriendlyName(), attribute); log.trace("Find attr '{}' with value: {}", el.getFriendlyName(), attribute); } else { - log.info("Ignore empty 'DateTime' attribute"); + log.info("Ignore empty 'DateTime' attribute: {}", el.getNameUri()); } } else if (PostalAddress.class.equals(parameterizedType)) { final PostalAddress addressAttribute = EidasResponseUtils @@ -164,21 +164,24 @@ public class MatchingTaskUtils { result.put(el.getFriendlyName(), addressAttribute); log.trace("Find attr '{}' with value: {}", el.getFriendlyName(), addressAttribute); } else { - log.info("Ignore empty 'PostalAddress' attribute"); + log.info("Ignore empty 'PostalAddress' attribute: {}", el.getNameUri()); } } else { final List<String> natPersonIdObj = EidasResponseUtils.translateStringListAttribute(el, attributeMap.get(el)); - final String stringAttr = natPersonIdObj.get(0); - if (StringUtils.isNotEmpty(stringAttr)) { - result.put(el.getFriendlyName(), stringAttr); - log.trace("Find attr '{}' with value: {}", el.getFriendlyName(), stringAttr); + if (natPersonIdObj.isEmpty() || StringUtils.isEmpty(natPersonIdObj.get(0))) { + log.info("Ignore empty 'String' attribute: {}", el.getNameUri()); + } else { - log.info("Ignore empty 'String' attribute"); + result.put(el.getFriendlyName(), natPersonIdObj.get(0)); + log.trace("Find attr '{}' with value: {}", el.getFriendlyName(), natPersonIdObj.get(0)); + } - } - } + } + } + log.debug("Receive #{} attributes with names: {}", result.size(), result.keySet()); return result; + } private MatchingTaskUtils() { diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java index bb4abfa2..023c196c 100644 --- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java +++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java @@ -522,6 +522,45 @@ public class CreateIdentityLinkTaskEidNewTest { } } + @Test + public void checkEmptyStringAttribute() throws Exception { + //initialize test + setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml"); + String vsz = RandomStringUtils.randomNumeric(10); + when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(vsz); + val signContentResp = new SignContentResponseType(); + final SignContentEntry signContentEntry = new SignContentEntry(); + signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10)); + signContentResp.getOut().add(signContentEntry); + when(szrMock.signContent(any(), any(), any())).thenReturn(signContentResp); + + String randomTestSp = RandomStringUtils.randomAlphabetic(10); + String bindingPubKey = RandomStringUtils.randomAlphabetic(10); + pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); + pendingReq.setRawDataToTransaction(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME, bindingPubKey); + + + response = buildDummyAuthResponse(true, true); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); + + + //perform test + task.execute(pendingReq, executionContext); + + //validate state + // check if pendingRequest was stored + IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); + Assert.assertNotNull("pendingReq not stored", storedPendingReq); + + //check data in session + final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); + Assert.assertNotNull("AuthProcessData", authProcessData); + Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class)); + + } + + private Pair<KeyStore, Provider> getKeyStore() throws EaafException { // read Connector wide config data TODO connector wide! String keyStoreName = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_NAME); @@ -557,9 +596,14 @@ public class CreateIdentityLinkTaskEidNewTest { } - @Nonnull private AuthenticationResponse buildDummyAuthResponse(boolean withAll) throws URISyntaxException { + return buildDummyAuthResponse(withAll, false); + + } + + @Nonnull + private AuthenticationResponse buildDummyAuthResponse(boolean withAll, boolean withEmpty) throws URISyntaxException { final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first(); final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( @@ -579,7 +623,13 @@ public class CreateIdentityLinkTaskEidNewTest { attributeMap.put(attributeDef3, RandomStringUtils.randomAlphabetic(10)); attributeMap.put(attributeDef4, "2001-01-01"); if (withAll) { - attributeMap.put(attributeDef5, RandomStringUtils.randomAlphabetic(10)); + if (withEmpty) { + attributeMap.put(attributeDef5, Collections.emptySet()); + + } else { + attributeMap.put(attributeDef5, RandomStringUtils.randomAlphabetic(10)); + + } attributeMap.put(attributeDef6, RandomStringUtils.randomAlphabetic(10)); } |