aboutsummaryrefslogtreecommitdiff
path: root/connector/src/test/java/at
diff options
context:
space:
mode:
Diffstat (limited to 'connector/src/test/java/at')
-rw-r--r--connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java303
-rw-r--r--connector/src/test/java/at/asitplus/eidas/specific/connector/test/config/MsConnectorMessageSourceTest.java71
-rw-r--r--connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java178
3 files changed, 355 insertions, 197 deletions
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
index c2b87aa4..b9525de5 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
@@ -1,12 +1,13 @@
package at.asitplus.eidas.specific.connector.test;
import static org.mockito.ArgumentMatchers.any;
-import static org.powermock.api.mockito.PowerMockito.when;
+import static org.mockito.Mockito.when;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.lang.reflect.Field;
+import java.math.BigInteger;
import java.net.URISyntaxException;
import java.time.Instant;
import java.util.Map;
@@ -63,11 +64,25 @@ import at.asitplus.eidas.specific.connector.test.saml2.Pvp2SProfileEndPointTest;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.gv.bmi.namespace.zmr_su.base._20040201.ResponseType;
+import at.gv.bmi.namespace.zmr_su.base._20040201.WorkflowInfoServer;
+import at.gv.bmi.namespace.zmr_su.base._20040201_.ServicePort;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.EidasIdentitaetErgebnisType;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.NatuerlichePersonErgebnisType;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.NatuerlichePersonErgebnisType.PersonenName;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonErgebnisSatzType;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonErgebnisType;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenResponse;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.Personendaten;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonensuchergebnisType;
+import at.gv.e_government.reference.namespace.persondata.de._20040201.IdentificationType;
import at.gv.egiz.components.spring.api.SpringBootApplicationContextInitializer;
+import at.gv.egiz.eaaf.core.api.IStatusMessenger;
import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
import at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController;
+import at.gv.egiz.eaaf.core.impl.logging.LogMessageProviderFactory;
import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
@@ -85,9 +100,12 @@ import eu.eidas.auth.commons.tx.BinaryLightToken;
import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames;
import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
+import lombok.SneakyThrows;
import lombok.val;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.xml.XMLParserException;
+import okhttp3.mockwebserver.MockResponse;
+import okhttp3.mockwebserver.MockWebServer;
import szrservices.GetIdentityLinkEidasResponse;
import szrservices.PersonInfoType;
import szrservices.SZR;
@@ -99,7 +117,7 @@ import szrservices.SignContentResponseType;
@SpringBootTest
@ContextConfiguration(initializers = {
org.springframework.boot.context.config.DelegatingApplicationContextInitializer.class,
- SpringBootApplicationContextInitializer.class
+ SpringBootApplicationContextInitializer.class
})
@TestPropertySource(locations = { "file:src/test/resources/config/junit_config_1_springboot.properties" })
@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
@@ -107,32 +125,40 @@ import szrservices.SignContentResponseType;
public class FullStartUpAndProcessTest {
private static final String FINAL_REDIRECT = "http://localhost/public/secure/finalizeAuthProtocol?pendingid=";
-
+
@Autowired private WebApplicationContext wac;
@Autowired private PvpEndPointCredentialProvider credentialProvider;
@Autowired private PvpMetadataProvider metadataProvider;
@Autowired private ResourceLoader resourceLoader;
@Autowired private EidasAttributeRegistry attrRegistry;
-
+
@Autowired private Pvp2SProfileEndpoint sProfile;
@Autowired private ProcessEngineSignalController signal;
@Autowired private EidasSignalServlet eidasSignal;
@Autowired private ProtocolFinalizationController finalize;
-
+
+ @Autowired private IStatusMessenger messager;
+
@Rule
public final SoapServiceRule soap = SoapServiceRule.newInstance();
-
+
private SZR szrMock;
+ private ServicePort zmrClient;
+
+ private static MockWebServer mockWebServer;
private String cc;
private String givenName;
private String familyName;
private String dateOfBirth;
private String personalId;
+ private String pseudonym;
private String vsz;
private String eidasBind;
-
-
+
+
+
+
/**
* jUnit class initializer.
* @throws InterruptedException In case of an error
@@ -141,10 +167,11 @@ public class FullStartUpAndProcessTest {
*
*/
@BeforeClass
- public static void classInitializer() throws InterruptedException, InitializationException, ComponentInitializationException {
+ @SneakyThrows
+ public static void classInitializer() {
final String current = new java.io.File(".").toURI().toString();
System.clearProperty("eidas.ms.configuration");
-
+
//eIDAS Ref. Impl. properties
System.setProperty("EIDAS_CONFIG_REPOSITORY", current.substring("file:".length())
+ "../basicConfig/eIDAS/");
@@ -152,27 +179,34 @@ public class FullStartUpAndProcessTest {
+ "../basicConfig/eIDAS/");
System.setProperty("SPECIFIC_PROXY_SERVICE_CONFIG_REPOSITORY", current.substring("file:".length())
+ "../basicConfig/eIDAS/");
-
+
EaafOpenSaml3xInitializer.eaafInitialize();
+
+ // start ERnP mockup WebServer
+ mockWebServer = new MockWebServer();
+ mockWebServer.start(1718);
}
-
+
/**
* Test shut-down.
*
* @throws Exception In case of an error
*/
@AfterClass
- public static void closeIgniteNode() throws Exception {
+ @SneakyThrows
+ public static void closeIgniteNode() {
System.out.println("Closiong Ignite Node ... ");
Ignition.stopAll(true);
-
//set Ignite-node holder to 'null' because static holders are shared between different tests
final Field field = IgniteInstanceInitializerSpecificCommunication.class.getDeclaredField("instance");
field.setAccessible(true);
field.set(null, null);
+ // shut-down ERnP mock-up WebServer
+ mockWebServer.shutdown();
+
}
/**
@@ -188,27 +222,30 @@ public class FullStartUpAndProcessTest {
for (FilterRegistrationBean<?> filter : filters.values()) {
if (filter.isEnabled()) {
builder.addFilter(filter.getFilter(), "/*");
-
+
}
}
+ LogMessageProviderFactory.setStatusMessager(messager);
+
szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr");
-
-
-
+ zmrClient = soap.mock(ServicePort.class, "http://localhost:1234/demozmr");
+
+
cc = RandomStringUtils.randomAlphabetic(2).toUpperCase();
- personalId = cc + "/AT/" + RandomStringUtils.randomNumeric(64);
+ pseudonym = RandomStringUtils.randomNumeric(64);
+ personalId = cc + "/AT/" + pseudonym;
familyName = RandomStringUtils.randomAlphabetic(10);
givenName = RandomStringUtils.randomAlphabetic(10);
dateOfBirth = "2015-10-12";
-
+
vsz = RandomStringUtils.randomNumeric(10);
eidasBind = RandomStringUtils.randomAlphanumeric(50);
-
+
}
-
+
@Test
- public void userStopProcess() throws UnsupportedEncodingException, XMLParserException, UnmarshallingException,
+ public void userStopProcess() throws UnsupportedEncodingException, XMLParserException, UnmarshallingException,
TransformerException, IOException, MarshallingException, ComponentInitializationException, EaafException {
//start authentication process by sending a SAML2 Authn-Request
MockHttpServletRequest saml2Req = new MockHttpServletRequest("POST", "https://localhost/ms_connector");
@@ -216,74 +253,74 @@ public class FullStartUpAndProcessTest {
MockHttpServletResponse selectCountryResp = new MockHttpServletResponse();
RequestContextHolder.resetRequestAttributes();
RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(saml2Req, selectCountryResp));
-
- // send SAML2 AuthnRequest
+
+ // send SAML2 AuthnRequest
sProfile.pvpIdpPostRequest(saml2Req, selectCountryResp);
-
+
//check country-selection response
Assert.assertEquals("no country-selection page", 200, selectCountryResp.getStatus());
Assert.assertEquals("cc-selection page", "text/html;charset=UTF-8", selectCountryResp.getContentType());
String selectionPage = selectCountryResp.getContentAsString();
Assert.assertNotNull("selectionPage is null", selectionPage);
Assert.assertFalse("selectionPage is empty", selectionPage.isEmpty());
-
- String pendingReqId = extractRequestToken(selectionPage,
- "<input type=\"hidden\" name=\"pendingid\" value=\"");
+
+ String pendingReqId = extractRequestToken(selectionPage,
+ "<input type=\"hidden\" name=\"pendingid\" value=\"");
Assert.assertFalse("PendingReqId", pendingReqId.isEmpty());
-
-
+
+
// set-up user-stop request
MockHttpServletRequest userStopReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector");
userStopReq.setParameter("pendingid", pendingReqId);
userStopReq.setParameter(EaafConstants.PARAM_HTTP_STOP_PROCESS, "true");
-
+
MockHttpServletResponse finalizeResp = new MockHttpServletResponse();
RequestContextHolder.resetRequestAttributes();
RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(userStopReq, finalizeResp));
-
+
// send user-stop request
signal.performGenericAuthenticationProcess(userStopReq, finalizeResp);
-
+
//validate state
Assert.assertEquals("forward to finalization", 302, finalizeResp.getStatus());
Assert.assertNotNull("missing redirect header", finalizeResp.getHeader("Location"));
Assert.assertTrue("wrong redirect header", finalizeResp.getHeader("Location").startsWith(FINAL_REDIRECT));
String finalPendingReqId = finalizeResp.getHeader("Location").substring(FINAL_REDIRECT.length());
Assert.assertFalse("final pendingRequestId", finalPendingReqId.isEmpty());
-
+
//set-up finalization request
MockHttpServletRequest finalizationReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector");
finalizationReq.setParameter("pendingid", finalPendingReqId);
-
+
MockHttpServletResponse saml2Resp = new MockHttpServletResponse();
RequestContextHolder.resetRequestAttributes();
RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(finalizationReq, saml2Resp));
-
+
// exexcute finalization step
finalize.finalizeAuthProtocol(finalizationReq, saml2Resp);
-
+
//validate state
Assert.assertEquals("forward to finalization", 200, saml2Resp.getStatus());
Assert.assertEquals("forward to eIDAS Node page", "text/html;charset=UTF-8", saml2Resp.getContentType());
String saml2RespPage = saml2Resp.getContentAsString();
Assert.assertNotNull("selectionPage is null", saml2RespPage);
Assert.assertFalse("selectionPage is empty", saml2RespPage.isEmpty());
-
+
//validate SAML2 response
- String saml2RespB64 = extractRequestToken(saml2RespPage,
+ String saml2RespB64 = extractRequestToken(saml2RespPage,
"<input type=\"hidden\" name=\"SAMLResponse\" value=\"");
Assert.assertNotNull("SAML2 response", saml2RespB64);
-
+
StatusResponseType saml2 = (StatusResponseType) XMLObjectSupport.unmarshallFromInputStream(
- XMLObjectProviderRegistrySupport.getParserPool(),
+ XMLObjectProviderRegistrySupport.getParserPool(),
new ByteArrayInputStream(Base64Utils.decodeFromString(saml2RespB64)));
- Assert.assertEquals("SAML2 status", "urn:oasis:names:tc:SAML:2.0:status:Responder",
+ Assert.assertEquals("SAML2 status", "urn:oasis:names:tc:SAML:2.0:status:Responder",
saml2.getStatus().getStatusCode().getValue());
- Assert.assertEquals("ms-connector status", "1005",
+ Assert.assertEquals("ms-connector status", "1005",
saml2.getStatus().getStatusCode().getStatusCode().getValue());
-
+
}
-
+
@Test
public void fullSuccessProcess() throws EaafException, Exception {
//start authentication process by sending a SAML2 Authn-Request
@@ -292,151 +329,201 @@ public class FullStartUpAndProcessTest {
MockHttpServletResponse selectCountryResp = new MockHttpServletResponse();
RequestContextHolder.resetRequestAttributes();
RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(saml2Req, selectCountryResp));
-
- // send SAML2 AuthnRequest
+
+ // send SAML2 AuthnRequest
sProfile.pvpIdpPostRequest(saml2Req, selectCountryResp);
-
+
//check country-selection response
Assert.assertEquals("no country-selection page", 200, selectCountryResp.getStatus());
Assert.assertEquals("cc-selection page", "text/html;charset=UTF-8", selectCountryResp.getContentType());
String selectionPage = selectCountryResp.getContentAsString();
Assert.assertNotNull("selectionPage is null", selectionPage);
Assert.assertFalse("selectionPage is empty", selectionPage.isEmpty());
-
- String pendingReqId = extractRequestToken(selectionPage,
- "<input type=\"hidden\" name=\"pendingid\" value=\"");
+
+ String pendingReqId = extractRequestToken(selectionPage,
+ "<input type=\"hidden\" name=\"pendingid\" value=\"");
Assert.assertFalse("PendingReqId", pendingReqId.isEmpty());
-
-
+
+
// set-up country-selection request
MockHttpServletRequest selectCountryReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector");
selectCountryReq.setParameter("pendingid", pendingReqId);
selectCountryReq.setParameter("selectedCountry", cc);
-
+
MockHttpServletResponse forwardEidasNodeResp = new MockHttpServletResponse();
RequestContextHolder.resetRequestAttributes();
RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(selectCountryReq, forwardEidasNodeResp));
-
+
// send country-selection request
signal.performGenericAuthenticationProcess(selectCountryReq, forwardEidasNodeResp);
-
+
//check forward to eIDAS node response
Assert.assertEquals("forward to eIDAS Node", 200, forwardEidasNodeResp.getStatus());
Assert.assertEquals("forward to eIDAS Node page", "text/html;charset=UTF-8", forwardEidasNodeResp.getContentType());
String forwardPage = forwardEidasNodeResp.getContentAsString();
Assert.assertNotNull("forward to eIDAS Node is null", forwardPage);
Assert.assertFalse("forward to eIDAS Node is empty", forwardPage.isEmpty());
-
- String eidasNodeReqToken = extractRequestToken(forwardPage,
+
+ String eidasNodeReqToken = extractRequestToken(forwardPage,
"<input type=\"hidden\" name=\"token\" value=\"");
Assert.assertFalse("eidas req. token", eidasNodeReqToken.isEmpty());
-
+
//check eIDAS node request and build respose
String eidasRespToken = validateEidasNodeRequestAndBuildResponse(eidasNodeReqToken);
Assert.assertFalse("eidas resp. token", eidasRespToken.isEmpty());
-
-
+
+
// set-up eIDAS-node response
MockHttpServletRequest eidasNodeRespReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector");
eidasNodeRespReq.setParameter("token", eidasRespToken);
-
+
MockHttpServletResponse finalizeResp = new MockHttpServletResponse();
RequestContextHolder.resetRequestAttributes();
RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(eidasNodeRespReq, finalizeResp));
-
- injectSzrResponse();
+
+ // inject ZMR, ERnP and SZR responses for matching
+ injectZmrResponse();
+ injectSzrResponse();
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody("{}") // empty response because we simulate result from ZMR
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
//excute eIDAS node response
eidasSignal.restoreEidasAuthProcess(eidasNodeRespReq, finalizeResp);
-
+
//validate state
Assert.assertEquals("forward to finalization", 302, finalizeResp.getStatus());
Assert.assertNotNull("missing redirect header", finalizeResp.getHeader("Location"));
Assert.assertTrue("wrong redirect header", finalizeResp.getHeader("Location").startsWith(FINAL_REDIRECT));
String finalPendingReqId = finalizeResp.getHeader("Location").substring(FINAL_REDIRECT.length());
Assert.assertFalse("final pendingRequestId", finalPendingReqId.isEmpty());
-
-
+
+
//set-up finalization request
MockHttpServletRequest finalizationReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector");
finalizationReq.setParameter("pendingid", finalPendingReqId);
-
+
MockHttpServletResponse saml2Resp = new MockHttpServletResponse();
RequestContextHolder.resetRequestAttributes();
RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(finalizationReq, saml2Resp));
-
+
// exexcute finalization step
finalize.finalizeAuthProtocol(finalizationReq, saml2Resp);
-
+
//validate state
Assert.assertEquals("forward to finalization", 200, saml2Resp.getStatus());
Assert.assertEquals("forward to eIDAS Node page", "text/html;charset=UTF-8", saml2Resp.getContentType());
String saml2RespPage = saml2Resp.getContentAsString();
Assert.assertNotNull("selectionPage is null", saml2RespPage);
Assert.assertFalse("selectionPage is empty", saml2RespPage.isEmpty());
-
+
//validate SAML2 response
- String saml2RespB64 = extractRequestToken(saml2RespPage,
+ String saml2RespB64 = extractRequestToken(saml2RespPage,
"<input type=\"hidden\" name=\"SAMLResponse\" value=\"");
Assert.assertNotNull("SAML2 response", saml2RespB64);
-
+
StatusResponseType saml2 = (StatusResponseType) XMLObjectSupport.unmarshallFromInputStream(
- XMLObjectProviderRegistrySupport.getParserPool(),
+ XMLObjectProviderRegistrySupport.getParserPool(),
new ByteArrayInputStream(Base64Utils.decodeFromString(saml2RespB64)));
Assert.assertEquals("SAML2 status", Constants.SUCCESS_URI, saml2.getStatus().getStatusCode().getValue());
-
+
final AssertionAttributeExtractor extractor = new AssertionAttributeExtractor(saml2);
+
Assert.assertEquals("wrong resp attr. size", 7, extractor.getAllIncludeAttributeNames().size());
- Assert.assertEquals("Wrong attr: LoA ", "http://eidas.europa.eu/LoA/high",
+ Assert.assertEquals("Wrong attr: LoA ", "http://eidas.europa.eu/LoA/high",
extractor.getSingleAttributeValue("urn:oid:1.2.40.0.10.2.1.1.261.108"));
- Assert.assertEquals("Wrong attr: PVP_VERSION ", "2.2",
+ Assert.assertEquals("Wrong attr: PVP_VERSION ", "2.2",
extractor.getSingleAttributeValue("urn:oid:1.2.40.0.10.2.1.1.261.10"));
- Assert.assertEquals("Wrong attr: EID_ISSUER_NATION ", cc,
+ Assert.assertEquals("Wrong attr: EID_ISSUER_NATION ", cc,
extractor.getSingleAttributeValue("urn:oid:1.2.40.0.10.2.1.1.261.32"));
- Assert.assertEquals("Wrong attr: eidasBind", eidasBind,
+ Assert.assertEquals("Wrong attr: eidasBind", eidasBind,
extractor.getSingleAttributeValue("urn:eidgvat:attributes.eidbind"));
- Assert.assertNotNull("Wrong attr: authBlock",
+ Assert.assertNotNull("Wrong attr: authBlock",
extractor.getSingleAttributeValue("urn:eidgvat:attributes.authblock.signed"));
- Assert.assertNotNull("Wrong attr: piiTras.Id ",
+ Assert.assertNotNull("Wrong attr: piiTras.Id ",
extractor.getSingleAttributeValue("urn:eidgvat:attributes.piiTransactionId"));
Assert.assertEquals("Wrong attr:EID_STATUS_LEVEL ", "http://eid.gv.at/eID/status/identity",
extractor.getSingleAttributeValue(PvpAttributeDefinitions.EID_IDENTITY_STATUS_LEVEL_NAME));
-
+
}
private void injectSzrResponse() throws Exception {
-
- setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
-
- when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz);
+ when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(vsz);
+
val signContentResp = new SignContentResponseType();
final SignContentEntry signContentEntry = new SignContentEntry();
signContentEntry.setValue(eidasBind);
signContentResp.getOut().add(signContentEntry);
- when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp);
-
+ when(szrMock.signContent(any(), any(), any())).thenReturn(signContentResp);
+
+ }
+
+ private void injectZmrResponse() throws Exception {
+ ResponseType resp = new ResponseType();
+
+ WorkflowInfoServer workflow = new WorkflowInfoServer();
+ workflow.setProzessInstanzID(new BigInteger(RandomStringUtils.randomNumeric(10)));
+ resp.setWorkflowInfoServer(workflow);
+
+ PersonSuchenResponse persRespObj = new PersonSuchenResponse();
+ PersonensuchergebnisType searchResult = new PersonensuchergebnisType();
+ PersonErgebnisSatzType personInfoObj = new PersonErgebnisSatzType();
+ resp.setPersonSuchenResponse(persRespObj);
+ persRespObj.setPersonensuchergebnis(searchResult);
+
+ searchResult.setGefundeneSaetzeERnP(0);
+ searchResult.setGefundeneSaetze(1);
+ searchResult.getPersonErgebnisSatz().add(personInfoObj);
+
+ PersonErgebnisType personInfo = new PersonErgebnisType();
+ Personendaten personDataObj = new Personendaten();
+ personInfoObj.setPersonendaten(personDataObj);
+ personDataObj.getPersonErgebnis().add(personInfo);
+
+ EidasIdentitaetErgebnisType eidasPersonalIdentifier = new EidasIdentitaetErgebnisType();
+ personInfo.getEidasIdentitaet().add(eidasPersonalIdentifier);
+ eidasPersonalIdentifier.setEidasWert(pseudonym);
+ eidasPersonalIdentifier.setEidasArt(Constants.eIDAS_ATTRURN_PERSONALIDENTIFIER);
+ eidasPersonalIdentifier.setStaatscode2(cc);
+
+ NatuerlichePersonErgebnisType natInfo = new NatuerlichePersonErgebnisType();
+ IdentificationType bpk = new IdentificationType();
+ PersonenName natName = new PersonenName();
+ natInfo.getIdentification().add(bpk);
+ natInfo.setPersonenName(natName);
+ personInfo.setNatuerlichePerson(natInfo);
+
+ bpk.setType(EaafConstants.URN_PREFIX_CDID + "ZP");
+ bpk.setValue(RandomStringUtils.randomAlphabetic(10));
+ natInfo.setGeburtsdatum(dateOfBirth);
+ natName.setFamilienname(familyName);
+ natName.setVorname(givenName);
+
+ when(zmrClient.service(any(), any())).thenReturn(resp);
+
}
- private String validateEidasNodeRequestAndBuildResponse(String eidasNodeReqToken)
+
+ private String validateEidasNodeRequestAndBuildResponse(String eidasNodeReqToken)
throws SpecificCommunicationException, URISyntaxException {
final SpecificCommunicationService springManagedSpecificConnectorCommunicationService =
(SpecificCommunicationService) wac.getBean(
SpecificCommunicationDefinitionBeanNames.SPECIFIC_CONNECTOR_COMMUNICATION_SERVICE.toString());
-
- //read request and validate basic properties
- ILightRequest req = springManagedSpecificConnectorCommunicationService.getAndRemoveRequest(eidasNodeReqToken,
+
+ //read request and validate basic properties
+ ILightRequest req = springManagedSpecificConnectorCommunicationService.getAndRemoveRequest(eidasNodeReqToken,
attrRegistry.getCoreAttributeRegistry().getAttributes());
-
+
Assert.assertNotNull("eIDAS Node req", req);
Assert.assertEquals("Wrong CC", cc, req.getCitizenCountryCode());
Assert.assertEquals("Wrong CC", EaafConstants.EIDAS_LOA_HIGH, req.getLevelOfAssurance());
-
-
+
+
//set response from eIDAS node
BinaryLightToken respoToken = springManagedSpecificConnectorCommunicationService.putResponse(
buildDummyAuthResponse(Constants.SUCCESS_URI, req.getId()));
return Base64Utils.encodeToString(respoToken.getTokenBytes());
-
+
}
private AuthenticationResponse buildDummyAuthResponse(String statusCode, String reqId) throws URISyntaxException {
@@ -448,7 +535,7 @@ public class FullStartUpAndProcessTest {
Constants.eIDAS_ATTR_CURRENTGIVENNAME).first();
final AttributeDefinition<?> attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
Constants.eIDAS_ATTR_DATEOFBIRTH).first();
-
+
final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder()
.put(attributeDef, personalId)
.put(attributeDef2, familyName)
@@ -465,20 +552,20 @@ public class FullStartUpAndProcessTest {
.levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
.attributes(attributeMap)
.build();
-
+
}
-
+
private String extractRequestToken(String selectionPage, String selector) {
int start = selectionPage.indexOf(selector);
Assert.assertTrue("find no pendingReqId location start", start > 0);
int end = selectionPage.indexOf("\"", start + selector.length());
Assert.assertTrue("find no pendingReqId location end", end > 0);
return selectionPage.substring(start + selector.length(), end);
-
+
}
- private void injectSaml2AuthnReq(MockHttpServletRequest saml2Req) throws XMLParserException, UnmarshallingException,
- SamlSigningException, CredentialsNotAvailableException, UnsupportedEncodingException, TransformerException,
+ private void injectSaml2AuthnReq(MockHttpServletRequest saml2Req) throws XMLParserException, UnmarshallingException,
+ SamlSigningException, CredentialsNotAvailableException, UnsupportedEncodingException, TransformerException,
IOException, MarshallingException, ComponentInitializationException {
final RequestAbstractType authnReq = (RequestAbstractType) XMLObjectSupport.unmarshallFromInputStream(
XMLObjectProviderRegistrySupport.getParserPool(),
@@ -487,19 +574,19 @@ public class FullStartUpAndProcessTest {
RequestAbstractType signedAuthnReq =
Saml2Utils.signSamlObject(authnReq, credentialProvider.getMessageSigningCredential(), true);
String b64 = Base64Utils.encodeToString(DomUtils.serializeNode(
- XMLObjectSupport.getMarshaller(signedAuthnReq).marshall(signedAuthnReq)).getBytes("UTF-8"));
+ XMLObjectSupport.getMarshaller(signedAuthnReq).marshall(signedAuthnReq)).getBytes("UTF-8"));
saml2Req.setParameter("SAMLRequest", b64);
-
+
final org.springframework.core.io.Resource resource = resourceLoader.getResource(
"classpath:/data/metadata_valid_without_encryption.xml");
Timer timer = new Timer("PVP metadata-resolver refresh");
- ResourceBackedMetadataResolver fileSystemResolver =
+ ResourceBackedMetadataResolver fileSystemResolver =
new ResourceBackedMetadataResolver(timer, new OpenSaml3ResourceAdapter(resource));
fileSystemResolver.setId("test");
fileSystemResolver.setParserPool(XMLObjectProviderRegistrySupport.getParserPool());
- fileSystemResolver.initialize();
+ fileSystemResolver.initialize();
metadataProvider.addMetadataResolverIntoChain(fileSystemResolver);
-
+
}
private void setSzrResponseIdentityLink(String responseXmlPath) throws JAXBException, SZRException_Exception {
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/config/MsConnectorMessageSourceTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/config/MsConnectorMessageSourceTest.java
new file mode 100644
index 00000000..4c9d825d
--- /dev/null
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/config/MsConnectorMessageSourceTest.java
@@ -0,0 +1,71 @@
+package at.asitplus.eidas.specific.connector.test.config;
+
+import java.security.cert.CertificateException;
+import java.util.List;
+
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.opensaml.core.config.InitializationException;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.io.Resource;
+import org.springframework.core.io.ResourceLoader;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ActiveProfiles;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.context.web.WebAppConfiguration;
+
+import at.gv.egiz.eaaf.core.api.logging.IMessageSourceLocation;
+import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+ "/applicationContext.xml",
+ "/spring/SpringTest_connector.beans.xml",
+ "/eaaf_core.beans.xml",
+ "/eaaf_pvp.beans.xml",
+ "/eaaf_pvp_idp.beans.xml",
+ "/spring/SpringTest-context_simple_storage.xml" })
+@WebAppConfiguration
+@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
+@ActiveProfiles(profiles = {"deprecatedConfig"})
+public class MsConnectorMessageSourceTest {
+
+ /**
+ * jUnit class initializer.
+ * @throws ComponentInitializationException In case of an error
+ * @throws InitializationException In case of an error
+ * @throws CertificateException
+ *
+ */
+ @BeforeClass
+ public static void classInitializer() throws InitializationException,
+ ComponentInitializationException, CertificateException {
+ final String current = new java.io.File(".").toURI().toString();
+ System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1.properties");
+
+ }
+
+ @Autowired
+ private ResourceLoader loader;
+ @Autowired(required = false)
+ private List<IMessageSourceLocation> messageSources;
+
+ @Test
+ public void checkMessageSources() {
+ Assert.assertNotNull("No messageSource", messageSources);
+
+ for (final IMessageSourceLocation messageSource : messageSources) {
+ Assert.assertNotNull("No sourcePath", messageSource.getMessageSourceLocation());
+
+ for (final String el : messageSource.getMessageSourceLocation()) {
+ final Resource messages = loader.getResource(el + ".properties");
+ Assert.assertTrue("Source not exist", messages.exists());
+
+ }
+ }
+ }
+}
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java
index ebc07680..a9612297 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java
@@ -80,37 +80,37 @@ public class Pvp2SProfileEndPointTest {
@Autowired private PvpMetadataProvider metadataProvider;
@Autowired private ResourceLoader resourceLoader;
@Autowired private IRequestStorage storage;
-
+
private static CertificateFactory fact;
-
-
+
+
private MockHttpServletRequest httpReq;
private MockHttpServletResponse httpResp;
-
+
/**
* jUnit class initializer.
* @throws ComponentInitializationException In case of an error
* @throws InitializationException In case of an error
- * @throws CertificateException
- *
+ * @throws CertificateException
+ *
*/
@BeforeClass
- public static void classInitializer() throws InitializationException,
+ public static void classInitializer() throws InitializationException,
ComponentInitializationException, CertificateException {
final String current = new java.io.File(".").toURI().toString();
System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1.properties");
-
+
EaafOpenSaml3xInitializer.eaafInitialize();
-
+
fact = CertificateFactory.getInstance("X.509");
-
+
}
-
+
/**
* jUnit test set-up.
- * @throws EaafException
- *
+ * @throws EaafException
+ *
*/
@Before
public void initialize() throws EaafException {
@@ -118,12 +118,12 @@ public class Pvp2SProfileEndPointTest {
httpResp = new MockHttpServletResponse();
RequestContextHolder.resetRequestAttributes();
RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
-
+
}
-
+
@Test
- public void authnReqWrongEndpoint() throws EaafException, XMLParserException, UnmarshallingException,
- UnsupportedEncodingException, TransformerException, IOException, MarshallingException,
+ public void authnReqWrongEndpoint() throws EaafException, XMLParserException, UnmarshallingException,
+ UnsupportedEncodingException, TransformerException, IOException, MarshallingException,
ComponentInitializationException {
//initialize test
final RequestAbstractType authnReq = (RequestAbstractType) XMLObjectSupport.unmarshallFromInputStream(
@@ -133,34 +133,34 @@ public class Pvp2SProfileEndPointTest {
RequestAbstractType signedAuthnReq =
Saml2Utils.signSamlObject(authnReq, credentialProvider.getMetaDataSigningCredential(), true);
String b64 = Base64Utils.encodeToString(DomUtils.serializeNode(
- XMLObjectSupport.getMarshaller(signedAuthnReq).marshall(signedAuthnReq)).getBytes("UTF-8"));
+ XMLObjectSupport.getMarshaller(signedAuthnReq).marshall(signedAuthnReq)).getBytes("UTF-8"));
httpReq.setParameter("SAMLRequest", b64);
-
+
final org.springframework.core.io.Resource resource = resourceLoader.getResource(
"classpath:/data/metadata_valid.xml");
Timer timer = new Timer("PVP metadata-resolver refresh");
- ResourceBackedMetadataResolver fileSystemResolver =
+ ResourceBackedMetadataResolver fileSystemResolver =
new ResourceBackedMetadataResolver(timer, new OpenSaml3ResourceAdapter(resource));
fileSystemResolver.setId("test");
fileSystemResolver.setParserPool(XMLObjectProviderRegistrySupport.getParserPool());
- fileSystemResolver.initialize();
+ fileSystemResolver.initialize();
metadataProvider.addMetadataResolverIntoChain(fileSystemResolver);
-
-
+
+
//request SAML2 authentication
try {
controller.pvpIdpPostRequest(httpReq, httpResp);
Assert.fail("wrong AuthnRequest not detected");
-
+
}catch (EaafException e) {
- Assert.assertEquals("wrong errorId", "pvp2.22", e.getErrorId());
-
- }
+ Assert.assertEquals("wrong errorId", "pvp2.22", e.getErrorId());
+
+ }
}
-
+
@Test
- public void authnReqWrongSigned() throws EaafException, XMLParserException, UnmarshallingException,
- UnsupportedEncodingException, TransformerException, IOException, MarshallingException,
+ public void authnReqWrongSigned() throws EaafException, XMLParserException, UnmarshallingException,
+ UnsupportedEncodingException, TransformerException, IOException, MarshallingException,
ComponentInitializationException {
//initialize test
final RequestAbstractType authnReq = (RequestAbstractType) XMLObjectSupport.unmarshallFromInputStream(
@@ -170,34 +170,34 @@ public class Pvp2SProfileEndPointTest {
RequestAbstractType signedAuthnReq =
Saml2Utils.signSamlObject(authnReq, credentialProvider.getMetaDataSigningCredential(), true);
String b64 = Base64Utils.encodeToString(DomUtils.serializeNode(
- XMLObjectSupport.getMarshaller(signedAuthnReq).marshall(signedAuthnReq)).getBytes("UTF-8"));
+ XMLObjectSupport.getMarshaller(signedAuthnReq).marshall(signedAuthnReq)).getBytes("UTF-8"));
httpReq.setParameter("SAMLRequest", b64);
-
+
final org.springframework.core.io.Resource resource = resourceLoader.getResource(
"classpath:/data/metadata_valid.xml");
Timer timer = new Timer("PVP metadata-resolver refresh");
- ResourceBackedMetadataResolver fileSystemResolver =
+ ResourceBackedMetadataResolver fileSystemResolver =
new ResourceBackedMetadataResolver(timer, new OpenSaml3ResourceAdapter(resource));
fileSystemResolver.setId("test");
fileSystemResolver.setParserPool(XMLObjectProviderRegistrySupport.getParserPool());
- fileSystemResolver.initialize();
+ fileSystemResolver.initialize();
metadataProvider.addMetadataResolverIntoChain(fileSystemResolver);
-
-
+
+
//request SAML2 authentication
try {
controller.pvpIdpPostRequest(httpReq, httpResp);
Assert.fail("wrong AuthnRequest not detected");
-
+
}catch (EaafException e) {
- Assert.assertEquals("wrong errorId", "pvp2.21", e.getErrorId());
-
- }
+ Assert.assertEquals("wrong errorId", "pvp2.21", e.getErrorId());
+
+ }
}
-
+
@Test
- public void authnReqMetadataExpired() throws EaafException, XMLParserException, UnmarshallingException,
- UnsupportedEncodingException, TransformerException, IOException, MarshallingException,
+ public void authnReqMetadataExpired() throws EaafException, XMLParserException, UnmarshallingException,
+ UnsupportedEncodingException, TransformerException, IOException, MarshallingException,
ComponentInitializationException {
//initialize test
final RequestAbstractType authnReq = (RequestAbstractType) XMLObjectSupport.unmarshallFromInputStream(
@@ -207,34 +207,34 @@ public class Pvp2SProfileEndPointTest {
RequestAbstractType signedAuthnReq =
Saml2Utils.signSamlObject(authnReq, credentialProvider.getMetaDataSigningCredential(), true);
String b64 = Base64Utils.encodeToString(DomUtils.serializeNode(
- XMLObjectSupport.getMarshaller(signedAuthnReq).marshall(signedAuthnReq)).getBytes("UTF-8"));
+ XMLObjectSupport.getMarshaller(signedAuthnReq).marshall(signedAuthnReq)).getBytes("UTF-8"));
httpReq.setParameter("SAMLRequest", b64);
-
+
final org.springframework.core.io.Resource resource = resourceLoader.getResource(
"classpath:/data/metadata_expired.xml");
Timer timer = new Timer("PVP metadata-resolver refresh");
- ResourceBackedMetadataResolver fileSystemResolver =
+ ResourceBackedMetadataResolver fileSystemResolver =
new ResourceBackedMetadataResolver(timer, new OpenSaml3ResourceAdapter(resource));
fileSystemResolver.setId("test");
fileSystemResolver.setParserPool(XMLObjectProviderRegistrySupport.getParserPool());
- fileSystemResolver.initialize();
+ fileSystemResolver.initialize();
metadataProvider.addMetadataResolverIntoChain(fileSystemResolver);
-
-
+
+
//request SAML2 authentication
try {
controller.pvpIdpPostRequest(httpReq, httpResp);
Assert.fail("wrong AuthnRequest not detected");
-
+
}catch (EaafException e) {
- Assert.assertEquals("wrong errorId", "pvp2.21", e.getErrorId());
-
- }
+ Assert.assertEquals("wrong errorId", "pvp2.21", e.getErrorId());
+
+ }
}
-
+
@Test
- public void authnReqValid() throws EaafException, XMLParserException, UnmarshallingException,
- UnsupportedEncodingException, TransformerException, IOException, MarshallingException,
+ public void authnReqValid() throws EaafException, XMLParserException, UnmarshallingException,
+ UnsupportedEncodingException, TransformerException, IOException, MarshallingException,
ComponentInitializationException {
//initialize test
final RequestAbstractType authnReq = (RequestAbstractType) XMLObjectSupport.unmarshallFromInputStream(
@@ -244,67 +244,67 @@ public class Pvp2SProfileEndPointTest {
RequestAbstractType signedAuthnReq =
Saml2Utils.signSamlObject(authnReq, credentialProvider.getMessageSigningCredential(), true);
String b64 = Base64Utils.encodeToString(DomUtils.serializeNode(
- XMLObjectSupport.getMarshaller(signedAuthnReq).marshall(signedAuthnReq)).getBytes("UTF-8"));
+ XMLObjectSupport.getMarshaller(signedAuthnReq).marshall(signedAuthnReq)).getBytes("UTF-8"));
httpReq.setParameter("SAMLRequest", b64);
-
+
final org.springframework.core.io.Resource resource = resourceLoader.getResource(
"classpath:/data/metadata_valid.xml");
Timer timer = new Timer("PVP metadata-resolver refresh");
- ResourceBackedMetadataResolver fileSystemResolver =
+ ResourceBackedMetadataResolver fileSystemResolver =
new ResourceBackedMetadataResolver(timer, new OpenSaml3ResourceAdapter(resource));
fileSystemResolver.setId("test");
fileSystemResolver.setParserPool(XMLObjectProviderRegistrySupport.getParserPool());
- fileSystemResolver.initialize();
+ fileSystemResolver.initialize();
metadataProvider.addMetadataResolverIntoChain(fileSystemResolver);
-
-
+
+
//request SAML2 authentication
controller.pvpIdpPostRequest(httpReq, httpResp);
-
-
+
+
//validate state
Assert.assertEquals("http statuscode", 200, httpResp.getStatus());
Assert.assertEquals("Wrong http ContentType", "text/html;charset=UTF-8", httpResp.getContentType());
-
+
String html = httpResp.getContentAsString();
Assert.assertNotNull("html result is null", html);
- Assert.assertFalse("html result is empty", html.isEmpty());
+ Assert.assertFalse("html result is empty", html.isEmpty());
Assert.assertTrue("Wrong page", html.contains("action=\"/myHomeCountry\""));
-
- String pattern = "<input type=\"hidden\" name=\"pendingid\" value=\"";
+
+ String pattern = "<input type=\"hidden\" name=\"pendingid\" value=\"";
int pendingIdStart = html.indexOf(pattern) + pattern.length();
- int pendingIdEnd = html.indexOf("\"", pendingIdStart);
- String pendingReqId = html.substring(pendingIdStart, pendingIdEnd);
+ int pendingIdEnd = html.indexOf("\"", pendingIdStart);
+ String pendingReqId = html.substring(pendingIdStart, pendingIdEnd);
Assert.assertFalse("pendingReqId is empty", pendingReqId.isEmpty());
-
+
IRequest pendingReq = storage.getPendingRequest(pendingReqId);
- Assert.assertNotNull("pendingReq", pendingReq);
+ Assert.assertNotNull("pendingReq", pendingReq);
Assert.assertNotNull("piiTransId", pendingReq.getUniquePiiTransactionIdentifier());
Assert.assertNotNull("piiTransId", pendingReq.getUniqueTransactionIdentifier());
-
- Assert.assertEquals("wrong OA Id", "https://demo.egiz.gv.at/demoportal-openID_demo",
+
+ Assert.assertEquals("wrong OA Id", "https://demo.egiz.gv.at/demoportal-openID_demo",
pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID, String.class));
- Assert.assertEquals("wrong bPK Target", "urn:publicid:gv.at:cdid+BF",
+ Assert.assertEquals("wrong bPK Target", "urn:publicid:gv.at:cdid+BF",
pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier());
-
-
+
+
}
-
+
@Test
- public void checkSaml2Metadata() throws EaafException, UnsupportedEncodingException, XMLParserException,
+ public void checkSaml2Metadata() throws EaafException, UnsupportedEncodingException, XMLParserException,
UnmarshallingException, CertificateException, SignatureException {
-
+
//request SAML2 Metadata
controller.pvpMetadataRequest(httpReq, httpResp);
-
+
//validate state
Assert.assertEquals("http statuscode", 200, httpResp.getStatus());
Assert.assertEquals("Wrong http ContentType", "application/xml", httpResp.getContentType());
-
+
String html = httpResp.getContentAsString();
Assert.assertNotNull("html result is null", html);
- Assert.assertFalse("html result is empty", html.isEmpty());
-
+ Assert.assertFalse("html result is empty", html.isEmpty());
+
final EntityDescriptor entity = (EntityDescriptor) XMLObjectSupport.unmarshallFromInputStream(
XMLObjectProviderRegistrySupport.getParserPool(),
@@ -320,18 +320,18 @@ public class Pvp2SProfileEndPointTest {
final Credential cred = new BasicX509Credential((X509Certificate) fact.generateCertificate(
Pvp2SProfileEndPointTest.class.getResourceAsStream("/config/keys/Metadata.pem")));
SignatureValidator.validate(entity.getSignature(), cred);
-
+
Assert.assertEquals("wrong entityId", "http://localhost/pvp/metadata", entity.getEntityID());
Assert.assertNotNull("IDPSSODescr", entity.getRoleDescriptors(IDPSSODescriptor.DEFAULT_ELEMENT_NAME));
Assert.assertNotNull("SPSSODescr", entity.getRoleDescriptors(SPSSODescriptor.DEFAULT_ELEMENT_NAME));
- Assert.assertEquals("SPSSODescr. size", 0,
+ Assert.assertEquals("SPSSODescr. size", 0,
entity.getRoleDescriptors(SPSSODescriptor.DEFAULT_ELEMENT_NAME).size());
-
+
List<RoleDescriptor> idp = entity.getRoleDescriptors(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
Assert.assertEquals("IDP descr. size", 1, idp.size());
Assert.assertEquals("IDP descr. endpoints", 2, idp.get(0).getEndpoints().size());
Assert.assertEquals("IDP descr. keyDescr", 1, idp.get(0).getKeyDescriptors().size());
-
+
}
-
+
}