aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--connector/src/test/java/at/asitplus/eidas/specific/connector/test/task/GenerateCountrySelectionFrameBmiTemplateTest.java110
-rw-r--r--connector/src/test/resources/config/junit_config_1_bmi.properties124
-rw-r--r--connector/src/test/resources/config/templates/countrySelection_bmi_v1.html133
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java37
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java28
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java21
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java54
7 files changed, 455 insertions, 52 deletions
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/task/GenerateCountrySelectionFrameBmiTemplateTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/task/GenerateCountrySelectionFrameBmiTemplateTest.java
new file mode 100644
index 00000000..491dfa81
--- /dev/null
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/task/GenerateCountrySelectionFrameBmiTemplateTest.java
@@ -0,0 +1,110 @@
+package at.asitplus.eidas.specific.connector.test.task;
+
+import java.io.UnsupportedEncodingException;
+import java.util.Locale;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.i18n.LocaleContextHolder;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ActiveProfiles;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.context.web.WebAppConfiguration;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import at.asitplus.eidas.specific.connector.processes.tasks.GenerateCountrySelectionFrameTask;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+ "/applicationContext.xml",
+ "/spring/SpringTest_connector.beans.xml",
+ "/eaaf_core.beans.xml",
+ "/eaaf_pvp.beans.xml",
+ "/eaaf_pvp_idp.beans.xml",
+ "/spring/SpringTest-context_simple_storage.xml" })
+@ActiveProfiles(profiles = {"deprecatedConfig"})
+@WebAppConfiguration
+public class GenerateCountrySelectionFrameBmiTemplateTest {
+
+ @Autowired private GenerateCountrySelectionFrameTask task;
+
+ private ExecutionContextImpl executionContext = new ExecutionContextImpl();
+ private TestRequestImpl pendingReq;
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+
+ /**
+ * jUnit class initializer.
+ *
+ */
+ @BeforeClass
+ public static void classInitializer() {
+ final String current = new java.io.File(".").toURI().toString();
+ System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1_bmi.properties");
+ Locale.setDefault(Locale.ENGLISH);
+
+ }
+
+ /**
+ * jUnit test set-up.
+ *
+ */
+ @Before
+ public void initialize() {
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ pendingReq = new TestRequestImpl();
+ pendingReq.setAuthUrl("https://localhost/ms_connector");
+ pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+
+ Locale.setDefault(Locale.ENGLISH);
+ LocaleContextHolder.resetLocaleContext();
+ LocaleContextHolder.setDefaultLocale(Locale.ENGLISH);
+
+ }
+
+ @Test
+ public void validHtmlResponseWithDE() throws TaskExecutionException, UnsupportedEncodingException {
+ LocaleContextHolder.setLocale(Locale.GERMAN);
+ httpReq.addHeader("Accept-Language", "de");
+
+ task.execute(pendingReq, executionContext);
+
+ //result validation
+ String html = doBasicValidation();
+
+ Assert.assertTrue("No english text",
+ html.contains("Information zur Anmeldung über Europäische eIDs"));
+
+ }
+
+ private String doBasicValidation() throws UnsupportedEncodingException {
+ Assert.assertEquals("Wrong http StatusCode", 200, httpResp.getStatus());
+ Assert.assertEquals("Wrong http ContentType", "text/html;charset=UTF-8", httpResp.getContentType());
+
+ String html = httpResp.getContentAsString();
+ Assert.assertNotNull("html result is null", html);
+ Assert.assertFalse("html result is empty", html.isEmpty());
+ Assert.assertTrue("No language selector with pendingRequestId",
+ html.contains("/myHomeCountry?pendingid=" + pendingReq.getPendingRequestId()));
+ Assert.assertTrue("No country-selection form",
+ html.contains("<form class=\"block\" method=\"post\" action=\"/myHomeCountry\">"));
+
+ return html;
+
+ }
+}
diff --git a/connector/src/test/resources/config/junit_config_1_bmi.properties b/connector/src/test/resources/config/junit_config_1_bmi.properties
new file mode 100644
index 00000000..fa722554
--- /dev/null
+++ b/connector/src/test/resources/config/junit_config_1_bmi.properties
@@ -0,0 +1,124 @@
+## Basic service configuration
+eidas.ms.context.url.prefix=http://localhost
+eidas.ms.context.url.request.validation=false
+eidas.ms.core.configRootDir=file:./src/test/resources/config/
+
+eidas.ms.context.use.clustermode=true
+
+##Monitoring
+eidas.ms.monitoring.eIDASNode.metadata.url=
+
+
+##Specific logger configuration
+eidas.ms.technicallog.write.MDS.into.techlog=true
+eidas.ms.revisionlog.write.MDS.into.revisionlog=true
+eidas.ms.revisionlog.logIPAddressOfUser=true
+
+##Directory for static Web content
+eidas.ms.webcontent.static.directory=webcontent/
+eidas.ms.webcontent.templates=templates/
+eidas.ms.webcontent.properties=properties/messages
+eidas.ms.webcontent.templates.countryselection=countrySelection_bmi_v1.html
+
+## extended validation of pending-request Id's
+eidas.ms.core.pendingrequestid.maxlifetime=300
+eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256
+eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret
+
+## eIDAS Ref. Implementation connector ###
+eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector
+eidas.ms.auth.eIDAS.node_v2.forward.endpoint=
+eidas.ms.auth.eIDAS.node_v2.forward.method=POST
+eidas.ms.auth.eIDAS.node_v2.countrycode=AT
+eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.*
+eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true
+eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true
+eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true
+
+eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/substantial
+
+eidas.ms.auth.eIDAS.szrclient.useTestService=true
+eidas.ms.auth.eIDAS.szrclient.endpoint.prod=
+eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr
+eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/junit.jks
+eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password=password
+eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path=
+eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password=
+eidas.ms.auth.eIDAS.szrclient.timeout.connection=15
+eidas.ms.auth.eIDAS.szrclient.timeout.response=30
+eidas.ms.auth.eIDAS.szrclient.params.vkz=
+
+eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation=false
+
+
+#Raw eIDAS Id data storage
+eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true
+
+eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true
+eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true
+
+eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true
+eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=true
+
+##without mandates
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true
+
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.4=PlaceOfBirth,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.5=BirthName,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.6=Gender,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.7=CurrentAddress,false
+
+##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT -----
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.1=FamilyName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.2=FirstName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.3=DateOfBirth,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true
+
+
+## PVP2 S-Profile end-point configuration
+eidas.ms.pvp2.keystore.type=jks
+eidas.ms.pvp2.keystore.path=keys/junit.jks
+eidas.ms.pvp2.keystore.password=password
+eidas.ms.pvp2.key.metadata.alias=meta
+eidas.ms.pvp2.key.metadata.password=password
+eidas.ms.pvp2.key.signing.alias=sig
+eidas.ms.pvp2.key.signing.password=password
+eidas.ms.pvp2.metadata.validity=24
+
+eidas.ms.pvp2.metadata.organisation.name=JUnit
+eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit
+eidas.ms.pvp2.metadata.organisation.url=http://junit.test
+eidas.ms.pvp2.metadata.contact.givenname=Max
+eidas.ms.pvp2.metadata.contact.surname=Mustermann
+eidas.ms.pvp2.metadata.contact.email=max@junit.test
+
+## Service Provider configuration
+eidas.ms.sp.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata
+eidas.ms.sp.0.pvp2.metadata.truststore=keys/junit.jks
+eidas.ms.sp.0.pvp2.metadata.truststore.password=password
+eidas.ms.sp.0.friendlyName=jUnit test
+#eidas.ms.sp.0.pvp2.metadata.url=
+#eidas.ms.sp.0.policy.allowed.requested.targets=.*
+#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false
+
+## Service Provider configuration
+eidas.ms.sp.1.uniqueID=https://demo.egiz.gv.at/junit_test
+eidas.ms.sp.1.pvp2.metadata.truststore=keys/junit.jks
+eidas.ms.sp.1.pvp2.metadata.truststore.password=password
+eidas.ms.sp.1.friendlyName=jUnit test
+eidas.ms.sp.1.pvp2.metadata.url=http://junit.test/metadata
+eidas.ms.sp.1.policy.allowed.requested.targets=test
+eidas.ms.sp.1.policy.hasBaseIdTransferRestriction=true
+
+
+##only for advanced config
+eidas.ms.configuration.sp.disableRegistrationRequirement=
+#eidas.ms.configuration.restrictions.baseID.spTransmission=
+eidas.ms.configuration.auth.default.countrycode=
+eidas.ms.configuration.pvp.scheme.validation=
+eidas.ms.configuration.pvp.enable.entitycategories= \ No newline at end of file
diff --git a/connector/src/test/resources/config/templates/countrySelection_bmi_v1.html b/connector/src/test/resources/config/templates/countrySelection_bmi_v1.html
new file mode 100644
index 00000000..c290556f
--- /dev/null
+++ b/connector/src/test/resources/config/templates/countrySelection_bmi_v1.html
@@ -0,0 +1,133 @@
+<!DOCTYPE html>
+<html xmlns:th="http://www.thymeleaf.org"
+ xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
+ layout:decorator="fragments/base"
+ th:with="lang=${#locale.language}" th:lang="${lang}">
+<head>
+ <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
+ <meta name="viewport" content="width=device-width, initial-scale=1">
+<!-- <link rel="stylesheet" href="$contextPath/css/css_country.css" th:href="@{/css/css_country.css}"/> -->
+ <link rel="stylesheet" href="/static/common.css"/>
+ <title th:text="#{gui.countryselection.title}">eIDAS-Login Länderauswahl</title>
+<style>
+</style>
+<script type="text/javascript">
+
+/* Element.closest polyfill - https://developer.mozilla.org/en-US/docs/Web/API/Element/closest License: public domain*/
+if (!Element.prototype.matches)
+ Element.prototype.matches = Element.prototype.msMatchesSelector ||
+ Element.prototype.webkitMatchesSelector;
+
+if (!Element.prototype.closest)
+ Element.prototype.closest = function(s) {
+ var el = this;
+ if (!document.documentElement.contains(el)) return null;
+ do {
+ if (el.matches(s)) return el;
+ el = el.parentElement || el.parentNode;
+ } while (el !== null && el.nodeType === 1);
+ return null;
+ };
+
+
+function clickCountryFlag(element) {
+ if (!element) return false;
+
+ var form = element.closest("form");
+
+ if (!form) return false;
+
+ form.submit();
+ return false;
+}
+</script>
+</head>
+<body>
+ <div class="header container">
+ <div class="titlebar">
+ <div>
+ <a href="https://www.bmi.gv.at/" target="_blank" title="Home">
+ <img class="toplogo img-responsive" src="/static/BMI.png" alt="Logo BMI"
+ th:attr="alt=#{gui.countryselection.logo.bmi.alt}">
+ <h1 class="hidden" th:text="#{gui.countryselection.header1}"> Bundesministerium für Inneres </h1>
+ </a>
+ </div>
+ <ul class="nav_oben">
+ <li>
+ <div class="languageselection" th:include="language_selection :: selectlanguage">
+ LanguageSelectionBlock
+ </div>
+ </li>
+ &nbsp; &nbsp;
+ <li><a href="https://www.bmi.gv.at/" target="_blank" th:text="#{gui.countryselection.link.bmi}" > Startseite BMI </a></li>
+ </ul>
+ </div>
+ </div>
+ <div class="content">
+ <div class="subtitle">
+ <h1 th:text="#{gui.countryselection.header2}" > Zentraler eIDAS Knoten der Republik Österreich </h1>
+ <h2 th:text="#{gui.countryselection.header3}" > Betrieben durch das Bundesministerium für Inneres </h2>
+ </div>
+
+ <h1 th:text="#{gui.countryselection.header.selection}"> Wählen Sie Ihr Land / Select your country </h1>
+
+ <!-- Active countries -->
+
+ <div id="country" th:with="countries=${new java.lang.String[]{'be', 'de', 'ee', 'it', 'lu', 'pt', 'sk', 'es', 'cz' } }">
+ <form th:each="country : ${countries}" class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}">
+ <a onclick='clickCountryFlag(this)'><img class="countryimage"
+ th:attr="src=@{#{gui.countryselection.country.__${country}__.img}},alt=#{gui.countryselection.country.__${country}__.logo.alt}"/></a>
+
+ <input type="submit" class="country-button" role="button" value="?countryname?" th:attr="value=#{gui.countryselection.country.__${country}__}" />
+ <input type="hidden" name="selectedCountry" th:value="${#strings.toUpperCase(country)}">
+ <input type="hidden" name="pendingid" value="$pendingid" th:attr="value=${pendingid}" />
+ </form>
+ </div>
+<!--/*
+ <div id="country">
+ <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}">
+ <a><img class="countryimage" src="$contextPath/img/countries/germany-eu_.png" alt="Germany-eID"
+ th:attr="src=@{/img/countries/germany-eu_.png},alt=#{gui.countryselection.country.de.logo.alt}"/></a>
+ <input type="submit" role="button" value="Deutschland / Germany" th:attr="value=#{gui.countryselection.country.de}" />
+ <input type="hidden" name="selectedCountry" value="DE">
+ <input type="hidden" name="pendingid" value="$pendingid" th:attr="value=${pendingid}" />
+ </form>
+
+ </div>
+*/-->
+
+ <!-- Abbrechen Button -->
+ <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}">
+ <input type="submit" class="btn btn-outline-primary btn-block cancel-button" value="Abbrechen/Cancel" th:attr="value=#{gui.countryselection.cancle}">
+ <input type="hidden" name="stopAuthProcess" value="true" >
+ <input type="hidden" name="pendingid" value="$pendingid" th:attr="value=${pendingid}">
+ </form>
+
+ <p th:text="#{gui.countryselection.notsupportedinfo}" >Wenn Sie Ihr Land in dieser Aufzählung nicht entdecken ... </p>
+
+<h2 th:text="#{gui.countryselection.infos.general.header}" > Information zur Anmeldung über Europäische eIDs </h2>
+<p>
+ <span th:text="#{gui.countryselection.infos.general.part.1}"> first part </span>
+ <a href="https://www.bmi.gv.at/" target="_blank" th:text="#{gui.countryselection.header1}" > Bundesministerium für Inneres </a>
+ <span th:text="#{gui.countryselection.infos.general.part.2}"> second part </span>
+</p>
+
+<p>
+ <span th:text="#{gui.countryselection.infos.general.part.3}"> third part </span>
+ <a href="https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32014R0910&from=DE" target="_blank" th:text="#{gui.countryselection.infos.general.link.1}"> eIDAS-Verordnung der Europäischen Union </a>
+ <span th:text="#{gui.countryselection.infos.general.part.4}"> fourth part </span>
+</p>
+
+<p>
+ <span th:text="#{gui.countryselection.infos.general.part.5}"> fived part </span>
+ <a href="http://ernp.bmi.gv.at/" target="_blank" th:text="#{gui.countryselection.infos.general.link.2}" ></a>
+ <span th:text="#{gui.countryselection.infos.general.part.6}"> sixed part </span>
+</p>
+
+ </div>
+ <footer>
+ <div class="copyright">&copy; BUNDESMINISTERIUM FÜR INNERES</div>
+ <div></div>
+ </footer>
+</body>
+</html>
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java
index fca5e583..8c294c97 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java
@@ -48,8 +48,6 @@ import javax.xml.ws.Dispatch;
import org.apache.commons.lang3.StringUtils;
import org.apache.xpath.XPathAPI;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -72,6 +70,7 @@ import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
import at.gv.egiz.eaaf.core.api.data.XmlNamespaceConstants;
import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
+import lombok.extern.slf4j.Slf4j;
import szrservices.GetBPK;
import szrservices.GetBPKResponse;
import szrservices.GetIdentityLinkEidas;
@@ -88,9 +87,9 @@ import szrservices.SignContentResponseType;
import szrservices.TravelDocumentType;
+@Slf4j
@Service("SZRClientForeIDAS")
public class SzrClient extends AbstractSoapClient {
- private static final Logger log = LoggerFactory.getLogger(SzrClient.class);
private static final String CLIENT_DEFAULT = "DefaultClient";
private static final String CLIENT_RAW = "RawClient";
@@ -125,11 +124,12 @@ public class SzrClient extends AbstractSoapClient {
try {
final GetIdentityLinkEidas getIdl = new GetIdentityLinkEidas();
getIdl.setPersonInfo(generateSzrRequest(matchedPersonData));
-
+
return getIdentityLinkGeneric(getIdl);
} catch (final Exception e) {
- log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e);
+ log.warn("SZR communication FAILED for operation: {} Reason: {}",
+ "GetIdentityLinkEidas", e.getMessage(), e);
throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e);
}
@@ -157,33 +157,13 @@ public class SzrClient extends AbstractSoapClient {
return result.getGetBPKReturn();
} catch (final SZRException_Exception e) {
- log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e);
+ log.warn("SZR communication FAILED for operation: {} Reason: {}",
+ "GetBPK", e.getMessage(), e);
throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e);
}
}
-
- /**
- * Creates a new ERnP entry.
- * TODO Is this correct? Ask BMI.
- *
- * @param eidasData Minimum dataset of person
- * @return encrypted baseId
- * @throws SzrCommunicationException In case of a SZR error
- */
- public String createNewErnpEntry(final SimpleEidasData eidasData) throws SzrCommunicationException {
- final String resp;
- try {
- resp = this.szr.getStammzahlEncrypted(generateSzrRequest(eidasData), true);
- } catch (SZRException_Exception e) {
- throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e);
- }
- if (StringUtils.isEmpty(resp)) {
- throw new SzrCommunicationException("ernb.01", new Object[]{"Stammzahl response empty"}); // TODO error handling
- }
- return resp;
- }
/**
* Request a encrypted baseId from SZR.
@@ -256,7 +236,8 @@ public class SzrClient extends AbstractSoapClient {
return resp.getOut().get(0).getValue();
} catch (final JsonProcessingException | SZRException_Exception e) {
- log.warn("Requesting bcBind by using SZR FAILED.", e);
+ log.warn("SZR communication FAILED for operation: {} Reason: {}",
+ "SignContent", e.getMessage(), e);
throw new SzrCommunicationException("ernb.02",
new Object[]{e.getMessage()}, e);
}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java
index 6b541135..2853d8ab 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java
@@ -34,8 +34,6 @@ import javax.annotation.Nullable;
import org.apache.commons.lang3.StringUtils;
import org.joda.time.DateTime;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableSet;
@@ -50,9 +48,11 @@ import eu.eidas.auth.commons.attribute.AttributeValueMarshaller;
import eu.eidas.auth.commons.attribute.AttributeValueMarshallingException;
import eu.eidas.auth.commons.attribute.AttributeValueTransliterator;
import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
+import lombok.NonNull;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class EidasResponseUtils {
- private static final Logger log = LoggerFactory.getLogger(EidasResponseUtils.class);
public static final String PERSONALIDENIFIER_VALIDATION_PATTERN = "^[A-Z,a-z]{2}/[A-Z,a-z]{2}/.*";
/**
@@ -100,17 +100,15 @@ public class EidasResponseUtils {
* @return Set of attribute values. If more then one value than the first value
* contains the 'Latin' value.
*/
- // TODO: check possible problem with nonLatinCharacters
+ // TODO: check possible problem with nonLatinCharacters
+ @NonNull
public static List<String> translateStringListAttribute(AttributeDefinition<?> attributeDefinition,
@Nullable ImmutableSet<? extends AttributeValue<?>> attributeValues) {
final List<String> stringListAttribute = new ArrayList<>();
- if (attributeValues == null) {
- log.info("Can not extract infos from 'null' attribute value");
-
- } else {
- final AttributeValueMarshaller<?> attributeValueMarshaller =
- attributeDefinition.getAttributeValueMarshaller();
- for (final AttributeValue<?> attributeValue : attributeValues) {
+ if (attributeValues != null && !attributeValues.isEmpty()) {
+ final AttributeValueMarshaller<?> attributeValueMarshaller = attributeDefinition
+ .getAttributeValueMarshaller();
+ for (final AttributeValue<?> attributeValue : attributeValues.asList()) {
String valueString = null;
try {
valueString = attributeValueMarshaller.marshal((AttributeValue) attributeValue);
@@ -149,9 +147,13 @@ public class EidasResponseUtils {
}
}
- log.trace("Extract values: {} for attr: {}",
+ log.trace("Extract values: {} for attr: {}",
StringUtils.join(stringListAttribute, ","), attributeDefinition.getFriendlyName());
-
+
+ } else {
+ log.info("Can not extract infos from '{}' attributeValue for attribute: {}",
+ attributeValues != null ? "empty" : "null", attributeDefinition.getNameUri());
+
}
return stringListAttribute;
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java
index 3c9db9ea..c8a1f190 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java
@@ -155,7 +155,7 @@ public class MatchingTaskUtils {
result.put(el.getFriendlyName(), attribute);
log.trace("Find attr '{}' with value: {}", el.getFriendlyName(), attribute);
} else {
- log.info("Ignore empty 'DateTime' attribute");
+ log.info("Ignore empty 'DateTime' attribute: {}", el.getNameUri());
}
} else if (PostalAddress.class.equals(parameterizedType)) {
final PostalAddress addressAttribute = EidasResponseUtils
@@ -164,21 +164,24 @@ public class MatchingTaskUtils {
result.put(el.getFriendlyName(), addressAttribute);
log.trace("Find attr '{}' with value: {}", el.getFriendlyName(), addressAttribute);
} else {
- log.info("Ignore empty 'PostalAddress' attribute");
+ log.info("Ignore empty 'PostalAddress' attribute: {}", el.getNameUri());
}
} else {
final List<String> natPersonIdObj = EidasResponseUtils.translateStringListAttribute(el, attributeMap.get(el));
- final String stringAttr = natPersonIdObj.get(0);
- if (StringUtils.isNotEmpty(stringAttr)) {
- result.put(el.getFriendlyName(), stringAttr);
- log.trace("Find attr '{}' with value: {}", el.getFriendlyName(), stringAttr);
+ if (natPersonIdObj.isEmpty() || StringUtils.isEmpty(natPersonIdObj.get(0))) {
+ log.info("Ignore empty 'String' attribute: {}", el.getNameUri());
+
} else {
- log.info("Ignore empty 'String' attribute");
+ result.put(el.getFriendlyName(), natPersonIdObj.get(0));
+ log.trace("Find attr '{}' with value: {}", el.getFriendlyName(), natPersonIdObj.get(0));
+
}
- }
- }
+ }
+ }
+
log.debug("Receive #{} attributes with names: {}", result.size(), result.keySet());
return result;
+
}
private MatchingTaskUtils() {
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
index bb4abfa2..023c196c 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
@@ -522,6 +522,45 @@ public class CreateIdentityLinkTaskEidNewTest {
}
}
+ @Test
+ public void checkEmptyStringAttribute() throws Exception {
+ //initialize test
+ setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+ String vsz = RandomStringUtils.randomNumeric(10);
+ when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(vsz);
+ val signContentResp = new SignContentResponseType();
+ final SignContentEntry signContentEntry = new SignContentEntry();
+ signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10));
+ signContentResp.getOut().add(signContentEntry);
+ when(szrMock.signContent(any(), any(), any())).thenReturn(signContentResp);
+
+ String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+ String bindingPubKey = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME, bindingPubKey);
+
+
+ response = buildDummyAuthResponse(true, true);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+
+
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ // check if pendingRequest was stored
+ IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+
+ //check data in session
+ final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+ Assert.assertNotNull("AuthProcessData", authProcessData);
+ Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class));
+
+ }
+
+
private Pair<KeyStore, Provider> getKeyStore() throws EaafException {
// read Connector wide config data TODO connector wide!
String keyStoreName = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_NAME);
@@ -557,9 +596,14 @@ public class CreateIdentityLinkTaskEidNewTest {
}
-
@Nonnull
private AuthenticationResponse buildDummyAuthResponse(boolean withAll) throws URISyntaxException {
+ return buildDummyAuthResponse(withAll, false);
+
+ }
+
+ @Nonnull
+ private AuthenticationResponse buildDummyAuthResponse(boolean withAll, boolean withEmpty) throws URISyntaxException {
final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
@@ -579,7 +623,13 @@ public class CreateIdentityLinkTaskEidNewTest {
attributeMap.put(attributeDef3, RandomStringUtils.randomAlphabetic(10));
attributeMap.put(attributeDef4, "2001-01-01");
if (withAll) {
- attributeMap.put(attributeDef5, RandomStringUtils.randomAlphabetic(10));
+ if (withEmpty) {
+ attributeMap.put(attributeDef5, Collections.emptySet());
+
+ } else {
+ attributeMap.put(attributeDef5, RandomStringUtils.randomAlphabetic(10));
+
+ }
attributeMap.put(attributeDef6, RandomStringUtils.randomAlphabetic(10));
}