diff options
Diffstat (limited to 'connector')
-rw-r--r-- | connector/pom.xml | 12 | ||||
-rw-r--r-- | connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java | 214 |
2 files changed, 107 insertions, 119 deletions
diff --git a/connector/pom.xml b/connector/pom.xml index 0386e1f1..77651483 100644 --- a/connector/pom.xml +++ b/connector/pom.xml @@ -151,18 +151,6 @@ <scope>test</scope> </dependency> <dependency> - <groupId>org.powermock</groupId> - <artifactId>powermock-module-junit4</artifactId> - <version>2.0.7</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.powermock</groupId> - <artifactId>powermock-api-mockito2</artifactId> - <version>2.0.7</version> - <scope>test</scope> - </dependency> - <dependency> <groupId>com.squareup.okhttp3</groupId> <artifactId>mockwebserver</artifactId> <scope>test</scope> diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java index fcb0e73a..37a389b4 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java @@ -1,7 +1,7 @@ package at.asitplus.eidas.specific.connector.test; import static org.mockito.ArgumentMatchers.any; -import static org.powermock.api.mockito.PowerMockito.when; +import static org.mockito.Mockito.when; import java.io.ByteArrayInputStream; import java.io.IOException; @@ -92,7 +92,7 @@ import szrservices.SignContentResponseType; @SpringBootTest @ContextConfiguration(initializers = { org.springframework.boot.context.config.DelegatingApplicationContextInitializer.class, - SpringBootApplicationContextInitializer.class + SpringBootApplicationContextInitializer.class }) @TestPropertySource(locations = { "file:src/test/resources/config/junit_config_1_springboot.properties" }) @DirtiesContext(classMode = ClassMode.AFTER_CLASS) @@ -100,23 +100,23 @@ import szrservices.SignContentResponseType; public class FullStartUpAndProcessTest { private static final String FINAL_REDIRECT = "http://localhost/finalizeAuthProtocol?pendingid="; - + @Autowired private WebApplicationContext wac; @Autowired private PvpEndPointCredentialProvider credentialProvider; @Autowired private PvpMetadataProvider metadataProvider; @Autowired private ResourceLoader resourceLoader; @Autowired private EidasAttributeRegistry attrRegistry; - + @Autowired private Pvp2SProfileEndpoint sProfile; @Autowired private ProcessEngineSignalController signal; @Autowired private EidasSignalServlet eidasSignal; @Autowired private ProtocolFinalizationController finalize; - + @Rule public final SoapServiceRule soap = SoapServiceRule.newInstance(); - + private SZR szrMock; - + private String cc; private String givenName; private String familyName; @@ -124,8 +124,8 @@ public class FullStartUpAndProcessTest { private String personalId; private String vsz; private String eidasBind; - - + + /** * jUnit class initializer. * @throws InterruptedException In case of an error @@ -137,7 +137,7 @@ public class FullStartUpAndProcessTest { public static void classInitializer() throws InterruptedException, InitializationException, ComponentInitializationException { final String current = new java.io.File(".").toURI().toString(); System.clearProperty("eidas.ms.configuration"); - + //eIDAS Ref. Impl. properties System.setProperty("EIDAS_CONFIG_REPOSITORY", current.substring("file:".length()) + "../basicConfig/eIDAS/"); @@ -145,11 +145,11 @@ public class FullStartUpAndProcessTest { + "../basicConfig/eIDAS/"); System.setProperty("SPECIFIC_PROXY_SERVICE_CONFIG_REPOSITORY", current.substring("file:".length()) + "../basicConfig/eIDAS/"); - + EaafOpenSaml3xInitializer.eaafInitialize(); - + } - + /** * Test shut-down. * @@ -160,12 +160,12 @@ public class FullStartUpAndProcessTest { System.out.println("Closiong Ignite Node ... "); Ignition.stopAll(true); - + //set Ignite-node holder to 'null' because static holders are shared between different tests final Field field = IgniteInstanceInitializerSpecificCommunication.class.getDeclaredField("instance"); field.setAccessible(true); field.set(null, null); - + } /** @@ -181,27 +181,27 @@ public class FullStartUpAndProcessTest { for (FilterRegistrationBean<?> filter : filters.values()) { if (filter.isEnabled()) { builder.addFilter(filter.getFilter(), "/*"); - + } } szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr"); - - - + + + cc = RandomStringUtils.randomAlphabetic(2).toUpperCase(); personalId = cc + "/AT/" + RandomStringUtils.randomNumeric(64); familyName = RandomStringUtils.randomAlphabetic(10); givenName = RandomStringUtils.randomAlphabetic(10); dateOfBirth = "2015-10-12"; - + vsz = RandomStringUtils.randomNumeric(10); eidasBind = RandomStringUtils.randomAlphanumeric(50); - + } - + @Test - public void userStopProcess() throws UnsupportedEncodingException, XMLParserException, UnmarshallingException, + public void userStopProcess() throws UnsupportedEncodingException, XMLParserException, UnmarshallingException, TransformerException, IOException, MarshallingException, ComponentInitializationException, EaafException { //start authentication process by sending a SAML2 Authn-Request MockHttpServletRequest saml2Req = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); @@ -209,74 +209,74 @@ public class FullStartUpAndProcessTest { MockHttpServletResponse selectCountryResp = new MockHttpServletResponse(); RequestContextHolder.resetRequestAttributes(); RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(saml2Req, selectCountryResp)); - - // send SAML2 AuthnRequest + + // send SAML2 AuthnRequest sProfile.pvpIdpPostRequest(saml2Req, selectCountryResp); - + //check country-selection response Assert.assertEquals("no country-selection page", 200, selectCountryResp.getStatus()); Assert.assertEquals("cc-selection page", "text/html;charset=UTF-8", selectCountryResp.getContentType()); String selectionPage = selectCountryResp.getContentAsString(); Assert.assertNotNull("selectionPage is null", selectionPage); Assert.assertFalse("selectionPage is empty", selectionPage.isEmpty()); - - String pendingReqId = extractRequestToken(selectionPage, + + String pendingReqId = extractRequestToken(selectionPage, "<input type=\"hidden\" name=\"pendingid\" value=\""); Assert.assertFalse("PendingReqId", pendingReqId.isEmpty()); - - + + // set-up user-stop request MockHttpServletRequest userStopReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); userStopReq.setParameter("pendingid", pendingReqId); userStopReq.setParameter(EaafConstants.PARAM_HTTP_STOP_PROCESS, "true"); - + MockHttpServletResponse finalizeResp = new MockHttpServletResponse(); RequestContextHolder.resetRequestAttributes(); RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(userStopReq, finalizeResp)); - + // send user-stop request signal.performGenericAuthenticationProcess(userStopReq, finalizeResp); - + //validate state Assert.assertEquals("forward to finalization", 302, finalizeResp.getStatus()); Assert.assertNotNull("missing redirect header", finalizeResp.getHeader("Location")); Assert.assertTrue("wrong redirect header", finalizeResp.getHeader("Location").startsWith(FINAL_REDIRECT)); String finalPendingReqId = finalizeResp.getHeader("Location").substring(FINAL_REDIRECT.length()); Assert.assertFalse("final pendingRequestId", finalPendingReqId.isEmpty()); - + //set-up finalization request MockHttpServletRequest finalizationReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); finalizationReq.setParameter("pendingid", finalPendingReqId); - + MockHttpServletResponse saml2Resp = new MockHttpServletResponse(); RequestContextHolder.resetRequestAttributes(); RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(finalizationReq, saml2Resp)); - + // exexcute finalization step finalize.finalizeAuthProtocol(finalizationReq, saml2Resp); - + //validate state Assert.assertEquals("forward to finalization", 200, saml2Resp.getStatus()); Assert.assertEquals("forward to eIDAS Node page", "text/html;charset=UTF-8", saml2Resp.getContentType()); String saml2RespPage = saml2Resp.getContentAsString(); Assert.assertNotNull("selectionPage is null", saml2RespPage); Assert.assertFalse("selectionPage is empty", saml2RespPage.isEmpty()); - + //validate SAML2 response - String saml2RespB64 = extractRequestToken(saml2RespPage, + String saml2RespB64 = extractRequestToken(saml2RespPage, "<input type=\"hidden\" name=\"SAMLResponse\" value=\""); Assert.assertNotNull("SAML2 response", saml2RespB64); - + StatusResponseType saml2 = (StatusResponseType) XMLObjectSupport.unmarshallFromInputStream( - XMLObjectProviderRegistrySupport.getParserPool(), + XMLObjectProviderRegistrySupport.getParserPool(), new ByteArrayInputStream(Base64Utils.decodeFromString(saml2RespB64))); - Assert.assertEquals("SAML2 status", "urn:oasis:names:tc:SAML:2.0:status:Responder", + Assert.assertEquals("SAML2 status", "urn:oasis:names:tc:SAML:2.0:status:Responder", saml2.getStatus().getStatusCode().getValue()); - Assert.assertEquals("ms-connector status", "1005", + Assert.assertEquals("ms-connector status", "1005", saml2.getStatus().getStatusCode().getStatusCode().getValue()); - + } - + @Test public void fullSuccessProcess() throws EaafException, Exception { //start authentication process by sending a SAML2 Authn-Request @@ -285,147 +285,147 @@ public class FullStartUpAndProcessTest { MockHttpServletResponse selectCountryResp = new MockHttpServletResponse(); RequestContextHolder.resetRequestAttributes(); RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(saml2Req, selectCountryResp)); - - // send SAML2 AuthnRequest + + // send SAML2 AuthnRequest sProfile.pvpIdpPostRequest(saml2Req, selectCountryResp); - + //check country-selection response Assert.assertEquals("no country-selection page", 200, selectCountryResp.getStatus()); Assert.assertEquals("cc-selection page", "text/html;charset=UTF-8", selectCountryResp.getContentType()); String selectionPage = selectCountryResp.getContentAsString(); Assert.assertNotNull("selectionPage is null", selectionPage); Assert.assertFalse("selectionPage is empty", selectionPage.isEmpty()); - - String pendingReqId = extractRequestToken(selectionPage, + + String pendingReqId = extractRequestToken(selectionPage, "<input type=\"hidden\" name=\"pendingid\" value=\""); Assert.assertFalse("PendingReqId", pendingReqId.isEmpty()); - - + + // set-up country-selection request MockHttpServletRequest selectCountryReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); selectCountryReq.setParameter("pendingid", pendingReqId); selectCountryReq.setParameter("selectedCountry", cc); - + MockHttpServletResponse forwardEidasNodeResp = new MockHttpServletResponse(); RequestContextHolder.resetRequestAttributes(); RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(selectCountryReq, forwardEidasNodeResp)); - + // send country-selection request signal.performGenericAuthenticationProcess(selectCountryReq, forwardEidasNodeResp); - + //check forward to eIDAS node response Assert.assertEquals("forward to eIDAS Node", 200, forwardEidasNodeResp.getStatus()); Assert.assertEquals("forward to eIDAS Node page", "text/html;charset=UTF-8", forwardEidasNodeResp.getContentType()); String forwardPage = forwardEidasNodeResp.getContentAsString(); Assert.assertNotNull("forward to eIDAS Node is null", forwardPage); Assert.assertFalse("forward to eIDAS Node is empty", forwardPage.isEmpty()); - - String eidasNodeReqToken = extractRequestToken(forwardPage, + + String eidasNodeReqToken = extractRequestToken(forwardPage, "<input type=\"hidden\" name=\"token\" value=\""); Assert.assertFalse("eidas req. token", eidasNodeReqToken.isEmpty()); - + //check eIDAS node request and build respose String eidasRespToken = validateEidasNodeRequestAndBuildResponse(eidasNodeReqToken); Assert.assertFalse("eidas resp. token", eidasRespToken.isEmpty()); - - + + // set-up eIDAS-node response MockHttpServletRequest eidasNodeRespReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); eidasNodeRespReq.setParameter("token", eidasRespToken); - + MockHttpServletResponse finalizeResp = new MockHttpServletResponse(); RequestContextHolder.resetRequestAttributes(); RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(eidasNodeRespReq, finalizeResp)); - + injectSzrResponse(); - + //excute eIDAS node response eidasSignal.restoreEidasAuthProcess(eidasNodeRespReq, finalizeResp); - + //validate state Assert.assertEquals("forward to finalization", 302, finalizeResp.getStatus()); Assert.assertNotNull("missing redirect header", finalizeResp.getHeader("Location")); Assert.assertTrue("wrong redirect header", finalizeResp.getHeader("Location").startsWith(FINAL_REDIRECT)); String finalPendingReqId = finalizeResp.getHeader("Location").substring(FINAL_REDIRECT.length()); Assert.assertFalse("final pendingRequestId", finalPendingReqId.isEmpty()); - - + + //set-up finalization request MockHttpServletRequest finalizationReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); finalizationReq.setParameter("pendingid", finalPendingReqId); - + MockHttpServletResponse saml2Resp = new MockHttpServletResponse(); RequestContextHolder.resetRequestAttributes(); RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(finalizationReq, saml2Resp)); - + // exexcute finalization step finalize.finalizeAuthProtocol(finalizationReq, saml2Resp); - + //validate state Assert.assertEquals("forward to finalization", 200, saml2Resp.getStatus()); Assert.assertEquals("forward to eIDAS Node page", "text/html;charset=UTF-8", saml2Resp.getContentType()); String saml2RespPage = saml2Resp.getContentAsString(); Assert.assertNotNull("selectionPage is null", saml2RespPage); Assert.assertFalse("selectionPage is empty", saml2RespPage.isEmpty()); - + //validate SAML2 response - String saml2RespB64 = extractRequestToken(saml2RespPage, + String saml2RespB64 = extractRequestToken(saml2RespPage, "<input type=\"hidden\" name=\"SAMLResponse\" value=\""); Assert.assertNotNull("SAML2 response", saml2RespB64); - + StatusResponseType saml2 = (StatusResponseType) XMLObjectSupport.unmarshallFromInputStream( - XMLObjectProviderRegistrySupport.getParserPool(), + XMLObjectProviderRegistrySupport.getParserPool(), new ByteArrayInputStream(Base64Utils.decodeFromString(saml2RespB64))); Assert.assertEquals("SAML2 status", Constants.SUCCESS_URI, saml2.getStatus().getStatusCode().getValue()); - + final AssertionAttributeExtractor extractor = new AssertionAttributeExtractor(saml2); Assert.assertEquals("wrong resp attr. size", 6, extractor.getAllIncludeAttributeNames().size()); - Assert.assertEquals("Wrong attr: LoA ", "http://eidas.europa.eu/LoA/high", + Assert.assertEquals("Wrong attr: LoA ", "http://eidas.europa.eu/LoA/high", extractor.getSingleAttributeValue("urn:oid:1.2.40.0.10.2.1.1.261.108")); - Assert.assertEquals("Wrong attr: PVP_VERSION ", "2.2", + Assert.assertEquals("Wrong attr: PVP_VERSION ", "2.2", extractor.getSingleAttributeValue("urn:oid:1.2.40.0.10.2.1.1.261.10")); - Assert.assertEquals("Wrong attr: EID_ISSUER_NATION ", cc, + Assert.assertEquals("Wrong attr: EID_ISSUER_NATION ", cc, extractor.getSingleAttributeValue("urn:oid:1.2.40.0.10.2.1.1.261.32")); - Assert.assertEquals("Wrong attr: eidasBind", eidasBind, + Assert.assertEquals("Wrong attr: eidasBind", eidasBind, extractor.getSingleAttributeValue("urn:eidgvat:attributes.eidbind")); - Assert.assertNotNull("Wrong attr: authBlock", + Assert.assertNotNull("Wrong attr: authBlock", extractor.getSingleAttributeValue("urn:eidgvat:attributes.authblock.signed")); - Assert.assertNotNull("Wrong attr: piiTras.Id ", + Assert.assertNotNull("Wrong attr: piiTras.Id ", extractor.getSingleAttributeValue("urn:eidgvat:attributes.piiTransactionId")); - + } private void injectSzrResponse() throws Exception { - - when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz); + + when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(vsz); val signContentResp = new SignContentResponseType(); final SignContentEntry signContentEntry = new SignContentEntry(); signContentEntry.setValue(eidasBind); signContentResp.getOut().add(signContentEntry); - when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp); - + when(szrMock.signContent(any(), any(), any())).thenReturn(signContentResp); + } - private String validateEidasNodeRequestAndBuildResponse(String eidasNodeReqToken) + private String validateEidasNodeRequestAndBuildResponse(String eidasNodeReqToken) throws SpecificCommunicationException, URISyntaxException { final SpecificCommunicationService springManagedSpecificConnectorCommunicationService = (SpecificCommunicationService) wac.getBean( SpecificCommunicationDefinitionBeanNames.SPECIFIC_CONNECTOR_COMMUNICATION_SERVICE.toString()); - - //read request and validate basic properties - ILightRequest req = springManagedSpecificConnectorCommunicationService.getAndRemoveRequest(eidasNodeReqToken, + + //read request and validate basic properties + ILightRequest req = springManagedSpecificConnectorCommunicationService.getAndRemoveRequest(eidasNodeReqToken, attrRegistry.getCoreAttributeRegistry().getAttributes()); - + Assert.assertNotNull("eIDAS Node req", req); Assert.assertEquals("Wrong CC", cc, req.getCitizenCountryCode()); Assert.assertEquals("Wrong CC", EaafConstants.EIDAS_LOA_HIGH, req.getLevelOfAssurance()); - - + + //set response from eIDAS node BinaryLightToken respoToken = springManagedSpecificConnectorCommunicationService.putResponse( buildDummyAuthResponse(Constants.SUCCESS_URI, req.getId())); return Base64Utils.encodeToString(respoToken.getTokenBytes()); - + } private AuthenticationResponse buildDummyAuthResponse(String statusCode, String reqId) throws URISyntaxException { @@ -437,7 +437,7 @@ public class FullStartUpAndProcessTest { Constants.eIDAS_ATTR_CURRENTGIVENNAME).first(); final AttributeDefinition<?> attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( Constants.eIDAS_ATTR_DATEOFBIRTH).first(); - + final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder() .put(attributeDef, personalId) .put(attributeDef2, familyName) @@ -454,40 +454,40 @@ public class FullStartUpAndProcessTest { .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) .attributes(attributeMap) .build(); - + } - + private String extractRequestToken(String selectionPage, String selector) { int start = selectionPage.indexOf(selector); Assert.assertTrue("find no pendingReqId location start", start > 0); int end = selectionPage.indexOf("\"", start + selector.length()); Assert.assertTrue("find no pendingReqId location end", end > 0); return selectionPage.substring(start + selector.length(), end); - + } - private void injectSaml2AuthnReq(MockHttpServletRequest saml2Req) throws XMLParserException, UnmarshallingException, - SamlSigningException, CredentialsNotAvailableException, UnsupportedEncodingException, TransformerException, + private void injectSaml2AuthnReq(MockHttpServletRequest saml2Req) throws XMLParserException, UnmarshallingException, + SamlSigningException, CredentialsNotAvailableException, UnsupportedEncodingException, TransformerException, IOException, MarshallingException, ComponentInitializationException { final RequestAbstractType authnReq = (RequestAbstractType) XMLObjectSupport.unmarshallFromInputStream( XMLObjectProviderRegistrySupport.getParserPool(), Pvp2SProfileEndPointTest.class.getResourceAsStream("/data/pvp2_authn_1.xml")); - authnReq.setIssueInstant(DateTime.now()); - RequestAbstractType signedAuthnReq = - Saml2Utils.signSamlObject(authnReq, credentialProvider.getMessageSigningCredential(), true); + authnReq.setIssueInstant(DateTime.now()); + RequestAbstractType signedAuthnReq = + Saml2Utils.signSamlObject(authnReq, credentialProvider.getMessageSigningCredential(), true); String b64 = Base64Utils.encodeToString(DomUtils.serializeNode( - XMLObjectSupport.getMarshaller(signedAuthnReq).marshall(signedAuthnReq)).getBytes("UTF-8")); + XMLObjectSupport.getMarshaller(signedAuthnReq).marshall(signedAuthnReq)).getBytes("UTF-8")); saml2Req.setParameter("SAMLRequest", b64); - + final org.springframework.core.io.Resource resource = resourceLoader.getResource( "classpath:/data/metadata_valid_without_encryption.xml"); Timer timer = new Timer("PVP metadata-resolver refresh"); - ResourceBackedMetadataResolver fileSystemResolver = + ResourceBackedMetadataResolver fileSystemResolver = new ResourceBackedMetadataResolver(timer, new OpenSaml3ResourceAdapter(resource)); fileSystemResolver.setId("test"); fileSystemResolver.setParserPool(XMLObjectProviderRegistrySupport.getParserPool()); - fileSystemResolver.initialize(); + fileSystemResolver.initialize(); metadataProvider.addMetadataResolverIntoChain(fileSystemResolver); - + } } |