aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/attributes/AuthBlockAttributeBuilder.java9
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/attributes/EidasBindAttributeBuilder.java6
-rw-r--r--connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/AuthBlockAttributeBuilderTest.java97
-rw-r--r--connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/EidasBindAttributeBuilderTest.java92
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java17
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java3
6 files changed, 204 insertions, 20 deletions
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/attributes/AuthBlockAttributeBuilder.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/attributes/AuthBlockAttributeBuilder.java
index c9cbdb84..80f91e57 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/attributes/AuthBlockAttributeBuilder.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/attributes/AuthBlockAttributeBuilder.java
@@ -27,15 +27,14 @@ import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PvpMetadata;
+import org.apache.commons.lang3.StringUtils;
@PvpMetadata
public class AuthBlockAttributeBuilder implements IPvpAttributeBuilder {
- // private static final String AUTHBLOCK_FRIENDLY_NAME = "AUTHBLOCK";
- // private static final String AUTHBLOCK_NAME = "urn:oid:x.x.x.x"; //TODO set oid
- private static final String EID_AUTHBLOCK_SIGNED_NAME = "urn:eidgvat:attributes.authblock.signed";
- private static final String EID_AUTHBLOCK_SIGNED_FRIENDLY_NAME = "userAuthBlock";
+ public static final String EID_AUTHBLOCK_SIGNED_NAME = "urn:eidgvat:attributes.authblock.signed";
+ public static final String EID_AUTHBLOCK_SIGNED_FRIENDLY_NAME = "userAuthBlock";
@Override
public String getName() {
@@ -47,7 +46,7 @@ public class AuthBlockAttributeBuilder implements IPvpAttributeBuilder {
final IAttributeGenerator<ATT> g) throws AttributeBuilderException {
String authBlock = authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class);
- if (authBlock != null) {
+ if (StringUtils.isNotEmpty(authBlock)) {
return g.buildStringAttribute(EID_AUTHBLOCK_SIGNED_FRIENDLY_NAME, EID_AUTHBLOCK_SIGNED_NAME, authBlock);
} else {
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/attributes/EidasBindAttributeBuilder.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/attributes/EidasBindAttributeBuilder.java
index 53f52ab3..a4fe8c6c 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/attributes/EidasBindAttributeBuilder.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/attributes/EidasBindAttributeBuilder.java
@@ -27,7 +27,7 @@ import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PvpMetadata;
-
+import org.apache.commons.lang3.StringUtils;
import static at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions.EID_EIDBIND_FRIENDLY_NAME;
import static at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions.EID_EIDBIND_NAME;
@@ -35,8 +35,6 @@ import static at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions.EID_
@PvpMetadata
public class EidasBindAttributeBuilder implements IPvpAttributeBuilder {
- // private static final String EIDASBIND_FRIENDLY_NAME = "EIDASBIND";
- // private static final String EIDASBIND_NAME = "urn:oid:x.x.x.x"; //TODO set oid
@Override
public String getName() {
@@ -48,7 +46,7 @@ public class EidasBindAttributeBuilder implements IPvpAttributeBuilder {
final IAttributeGenerator<ATT> g) throws AttributeBuilderException {
String eidasBind = authData.getGenericData(Constants.EIDAS_BIND, String.class);
- if (eidasBind != null) {
+ if (StringUtils.isNotEmpty(eidasBind)) {
return g.buildStringAttribute(EID_EIDBIND_FRIENDLY_NAME, EID_EIDBIND_NAME, eidasBind);
} else {
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/AuthBlockAttributeBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/AuthBlockAttributeBuilderTest.java
new file mode 100644
index 00000000..50376e08
--- /dev/null
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/AuthBlockAttributeBuilderTest.java
@@ -0,0 +1,97 @@
+package at.asitplus.eidas.specific.connector.test.attributes;
+
+import at.asitplus.eidas.specific.connector.attributes.AuthBlockAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
+import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData;
+import at.gv.egiz.eaaf.core.impl.idp.auth.attributes.AbstractAttributeBuilderTest;
+import lombok.extern.slf4j.Slf4j;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.TestName;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+
+import static at.asitplus.eidas.specific.connector.attributes.AuthBlockAttributeBuilder.EID_AUTHBLOCK_SIGNED_NAME;
+import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.SZR_AUTHBLOCK;
+
+@Slf4j
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration("/SpringTest-context_eaaf_core.xml")
+public class AuthBlockAttributeBuilderTest extends AbstractAttributeBuilderTest {
+
+ private final String JSW =
+ "eyJhbGciOiJQUzI1NiIsIng1dCNTMjU2IjoiTjBDZUJRdzlMX1BleEt6SlhVM2w2dkF1aExGb3hkWFlIUjNSX01ubTZnRSJ9.ImF2YWFz" +
+ "YmF2Ig.dpzCcHFlISXyKEZaXgvRj0ja1cenfMuy0VKwK_rmHZLkUCb58V4X5balpQduDTyRfTyFE0zmBjm8_cmDVNOYTIG4NsEtvY" +
+ "qW4ee9JH-VpkU0w5-7HTH81R3JOd9g7XaHGPXYyUuqceZQRmkl1Vw4HSsnIAT3bb0Di0us6zmFkOPmRtbXQAym_ygGFwTVGLskUTm" +
+ "epCxmDQC7OJoIV9oqDavLySP7Ram4NHfi043uF_DmBf6csTjmQu3g2vKJWwlkD8RXDzqksozO8fLDFyVWjA8G1IcvnuHDW1nTTkuG" +
+ "_fBIU6yBZ7kQe9vtjqKiGhGa1zD-F_Lem2zsY7d7dVUvyQ";
+ private final IAttributeBuilder attrBuilde = new AuthBlockAttributeBuilder();
+
+ @Rule
+ public TestName mTestName = new TestName();
+
+ @Before
+ public void init() {
+ log.info("setting up");
+ }
+
+ @Test
+ public void okTest() {
+ log.info("starting: " + mTestName);
+ try {
+ final IAuthData authData = buildAuthData();
+ ((AuthenticationData) authData).setGenericData(SZR_AUTHBLOCK, JSW);
+
+ final String value = attrBuilde.build(spConfig, authData, gen);
+
+ Assert.assertEquals("Authblock build wrong", JSW, value);
+
+ } catch (final Exception e) {
+ Assert.assertNull("Attr. builder has an exception", e);
+ }
+ }
+
+
+ @Test
+ public void nullTest() {
+ log.info("starting: " + mTestName);
+ try {
+ final IAuthData authData = buildAuthData();
+ ((AuthenticationData) authData).setGenericData(SZR_AUTHBLOCK, null);
+
+ final String value = attrBuilde.build(spConfig, authData, gen);
+ Assert.fail("Attr. Builder provide no 'UnavailableAttributeException'");
+
+ } catch (final Exception e) {
+ Assert.assertTrue("Attr. builder provide wrong exception",
+ e instanceof UnavailableAttributeException);
+ Assert.assertEquals("Attr. name in exception does NOT match",
+ EID_AUTHBLOCK_SIGNED_NAME,
+ ((UnavailableAttributeException) e).getAttributeName());
+ }
+ }
+
+ @Test
+ public void emptyTest() {
+ log.info("starting: " + mTestName);
+ try {
+ final IAuthData authData = buildAuthData();
+ ((AuthenticationData) authData).setGenericData(SZR_AUTHBLOCK, "");
+
+ final String value = attrBuilde.build(spConfig, authData, gen);
+ Assert.fail("Attr. Builder provide no 'UnavailableAttributeException'");
+
+ } catch (final Exception e) {
+ Assert.assertTrue("Attr. builder provide wrong exception",
+ e instanceof UnavailableAttributeException);
+ Assert.assertEquals("Attr. name in exception does NOT match",
+ EID_AUTHBLOCK_SIGNED_NAME,
+ ((UnavailableAttributeException) e).getAttributeName()); }
+ }
+}
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/EidasBindAttributeBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/EidasBindAttributeBuilderTest.java
new file mode 100644
index 00000000..254efb59
--- /dev/null
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/EidasBindAttributeBuilderTest.java
@@ -0,0 +1,92 @@
+package at.asitplus.eidas.specific.connector.test.attributes;
+
+import at.asitplus.eidas.specific.connector.attributes.EidasBindAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
+import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData;
+import at.gv.egiz.eaaf.core.impl.idp.auth.attributes.AbstractAttributeBuilderTest;
+import lombok.extern.slf4j.Slf4j;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.TestName;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.EIDAS_BIND;
+
+
+@Slf4j
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration("/SpringTest-context_eaaf_core.xml")
+public class EidasBindAttributeBuilderTest extends AbstractAttributeBuilderTest {
+
+ private final IAttributeBuilder attrBuilde = new EidasBindAttributeBuilder();
+
+ @Rule
+ public TestName mTestName = new TestName();
+
+ @Before
+ public void init() {
+ log.info("setting up");
+ }
+
+ @Test
+ public void okTest() {
+ log.info("starting: " + mTestName);
+ try {
+ final IAuthData authData = buildAuthData();
+ ((AuthenticationData) authData).setGenericData(EIDAS_BIND, "vuG8w29GT0");
+
+ final String value = attrBuilde.build(spConfig, authData, gen);
+
+ Assert.assertEquals("eDIAS bind build wrong", "vuG8w29GT0", value);
+
+ } catch (final Exception e) {
+ Assert.assertNull("Attr. builder has an exception", e);
+ }
+ }
+
+ @Test
+ public void nullTest() {
+ log.info("starting: " + mTestName);
+ try {
+ final IAuthData authData = buildAuthData();
+ ((AuthenticationData) authData).setGenericData(EIDAS_BIND, null);
+
+ final String value = attrBuilde.build(spConfig, authData, gen);
+ Assert.fail("Attr. Builder provide no 'UnavailableAttributeException'");
+
+ } catch (final Exception e) {
+ Assert.assertTrue("Attr. builder provide wrong exception",
+ e instanceof UnavailableAttributeException);
+ Assert.assertEquals("Attr. name in exception does NOT match",
+ ExtendedPvpAttributeDefinitions.EID_EIDBIND_NAME,
+ ((UnavailableAttributeException) e).getAttributeName());
+ }
+ }
+
+ @Test
+ public void emptyTest() {
+ log.info("starting: " + mTestName);
+ try {
+ final IAuthData authData = buildAuthData();
+ ((AuthenticationData) authData).setGenericData(EIDAS_BIND, "");
+
+ final String value = attrBuilde.build(spConfig, authData, gen);
+ Assert.fail("Attr. Builder provide no 'UnavailableAttributeException'");
+
+ } catch (final Exception e) {
+ Assert.assertTrue("Attr. builder provide wrong exception",
+ e instanceof UnavailableAttributeException);
+ Assert.assertEquals("Attr. name in exception does NOT match",
+ ExtendedPvpAttributeDefinitions.EID_EIDBIND_NAME,
+ ((UnavailableAttributeException) e).getAttributeName()); }
+ }
+
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
index af260528..f060a4cf 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
@@ -101,6 +101,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
@Autowired
EaafKeyStoreFactory keyStoreFactory;
+ private static final String EID_STATUS = "urn:eidgvat:eid.status.eidas";
Pair<KeyStore, Provider> ks;
/*
@@ -230,27 +231,24 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
}
if (eidMode.equals("new")) {
-
String keyAlias = pendingReq.getServiceProviderConfiguration().getConfigurationValue(
MsEidasNodeConstants.PROP_CONFIG_SP_AUTHBLOCK_FRIENDLYNAME, "");
-
String keyPw = pendingReq.getServiceProviderConfiguration()
.getConfigurationValue(MsEidasNodeConstants.PROP_CONFIG_SP_AUTHBLOCK_PW, "");
+ // get verschlüsselte Stammzahl
String vsz = szrClient.getEncryptedStammzahl(personInfo);
// build Keystore
String pk64 = getPkFromKeystore(keyAlias, keyPw);
+ // get eIDAS bind
+ String signedEidasBind = szrClient.getBcBind(vsz, pk64, EID_STATUS);
- String signedEidasBind = szrClient.getBcBind(vsz, pk64, "urn:eidgvat:eid.status.eidas");
- //TODO eidStatus as config?
-
- //build AuthBlock JWS
+ // build AuthBlock (JWS)
ObjectMapper mapper = new ObjectMapper();
String jwsPayload = mapper.writeValueAsString(pendingReq.getUniqueTransactionIdentifier());
-
String jwsSignature = JoseUtils
.createSignature(ks, keyAlias, keyPw.toCharArray(), jwsPayload, false, keyAlias);
@@ -277,9 +275,8 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
.getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USESRZFORBPKGENERATION, true)) {
bpk = szrClient
.getBpk(personInfo, pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier(),
- basicConfig
- .getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ, "no VKZ defined"))
- .get(0);
+ basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ,
+ "no VKZ defined")).get(0);
} else {
log.debug("Calculating bPK from baseId ... ");
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java
index c957e20c..d6bce8eb 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java
@@ -143,7 +143,8 @@ public class SzrClientTest {
when(szrMock.getBPKFromStammzahlEncrypted(anyList()))
.thenReturn(Arrays.asList(result1));
-// szrMock.getStammzahlEncrypted() TODO ???
+ String stammzahlEncrypted = szrMock.getStammzahlEncrypted(new PersonInfoType(), false);
+
}
@Test
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-19 12:42:18 +0000