aboutsummaryrefslogtreecommitdiff
path: root/eidas_modules/authmodule-eIDAS-v2/src/test/java
diff options
context:
space:
mode:
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2/src/test/java')
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java4
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java244
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java143
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java45
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java316
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java464
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskFirstTest.java122
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskSecondTest.java140
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java486
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskThirdTest.java106
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskFirstTest.java27
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java193
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java139
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java (renamed from eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAttributePostProcessingTest.java)6
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java (renamed from eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasRequestPreProcessingFirstTest.java)15
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java (renamed from eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasRequestPreProcessingSecondTest.java)31
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java333
17 files changed, 2310 insertions, 504 deletions
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java
index c66d8ec0..088c835c 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java
@@ -30,7 +30,9 @@ import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
public class EidasAuthenticationModulImplTest {
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java
new file mode 100644
index 00000000..62d5c556
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java
@@ -0,0 +1,244 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+
+import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+
+import java.io.IOException;
+import java.net.URISyntaxException;
+import java.util.Arrays;
+import java.util.Base64;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+
+import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummySpConfiguration;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyProtocolAuthService;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import eu.eidas.auth.commons.EidasParameterKeys;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse.Builder;
+import eu.eidas.auth.commons.tx.BinaryLightToken;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@PrepareForTest(CreateIdentityLinkTask.class)
+@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
+@EnableWebMvc
+public class EidasSignalServletTest {
+
+ @Autowired private MsConnectorDummyConfigMap basicConfig;
+ @Autowired private EidasSignalServlet controller;
+ @Autowired private IRequestStorage storage;
+ @Autowired private ITransactionStorage transStore;
+ @Autowired private DummyProtocolAuthService protAuthService;
+ @Autowired private DummySpecificCommunicationService connector;
+
+
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+ private TestRequestImpl pendingReq;
+ private MsConnectorDummySpConfiguration oaParam;
+
+
+ /**
+ * jUnit test set-up.
+ */
+ @Before
+ public void setUp() throws EaafStorageException, URISyntaxException {
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ final Map<String, String> spConfig = new HashMap<>();
+ spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+ spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+ spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true");
+ oaParam = new MsConnectorDummySpConfiguration(spConfig, basicConfig);
+ oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH));
+ pendingReq = new TestRequestImpl();
+
+ pendingReq.setSpConfig(oaParam);
+ pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+ pendingReq.setAuthUrl("http://test.com/");
+ pendingReq.setTransactionId("avaasbav");
+ pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
+
+ connector.setiLightResponse(null);
+
+
+ }
+
+ @Test
+ public void noResponsToken() throws IOException, EaafException {
+ //set-up
+
+ //execute test
+ controller.restoreEidasAuthProcess(httpReq, httpResp);
+
+ //validate state
+ Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+ Assert.assertNotNull("missing error", protAuthService.getException());
+ Assert.assertEquals("Wrong errorId", "auth.26",
+ ((EaafException) protAuthService.getException()).getErrorId());
+
+ }
+
+ @Test
+ public void unknownResponseToken() throws IOException, EaafException {
+ //set-up
+ httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),
+ RandomStringUtils.randomAlphanumeric(10));
+
+ //execute test
+ controller.restoreEidasAuthProcess(httpReq, httpResp);
+
+ //validate state
+ Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+ Assert.assertNotNull("missing error", protAuthService.getException());
+ Assert.assertEquals("Wrong errorId", "auth.26",
+ ((EaafException) protAuthService.getException()).getErrorId());
+
+ }
+
+ @Test
+ public void withRelayState() throws IOException, EaafException, SpecificCommunicationException {
+ //set-up
+ String relayState = RandomStringUtils.randomAlphanumeric(10);
+ pendingReq.setPendingReqId(relayState);
+ storage.storePendingRequest(pendingReq);
+
+ Builder iLightResponse = new AuthenticationResponse.Builder();
+ iLightResponse.id("_".concat(Random.nextHexRandom16()))
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .subject(RandomStringUtils.randomAlphabetic(10))
+ .statusCode(Constants.SUCCESS_URI)
+ .inResponseTo("_".concat(Random.nextHexRandom16()))
+ .subjectNameIdFormat("afaf")
+ .relayState(relayState);
+
+ AuthenticationResponse eidasResp = iLightResponse.build();
+ BinaryLightToken token = connector.putResponse(eidasResp);
+ httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),
+ Base64.getEncoder().encodeToString(token.getTokenBytes()));
+
+
+ //execute test
+ controller.restoreEidasAuthProcess(httpReq, httpResp);
+
+
+ //validate state
+ Assert.assertNotNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+ Assert.assertEquals("wrong eIDAS response", eidasResp,
+ httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+
+ Assert.assertNotNull("missing error", protAuthService.getException());
+ Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'",
+ ((EaafException) protAuthService.getException()).getErrorId());
+
+ }
+
+ @Test
+ public void withOutRelayStateMissingPendingReq() throws IOException, EaafException, SpecificCommunicationException {
+ //set-up
+ String pendingReqId = RandomStringUtils.randomAlphanumeric(10);
+ pendingReq.setPendingReqId(pendingReqId);
+ storage.storePendingRequest(pendingReq);
+
+ String inResponseTo = "_".concat(Random.nextHexRandom16());
+
+ Builder iLightResponse = new AuthenticationResponse.Builder();
+ iLightResponse.id("_".concat(Random.nextHexRandom16()))
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .subject(RandomStringUtils.randomAlphabetic(10))
+ .statusCode(Constants.SUCCESS_URI)
+ .inResponseTo(inResponseTo)
+ .subjectNameIdFormat("afaf");
+
+ AuthenticationResponse eidasResp = iLightResponse.build();
+ BinaryLightToken token = connector.putResponse(eidasResp);
+ httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),
+ Base64.getEncoder().encodeToString(token.getTokenBytes()));
+
+
+ //execute test
+ controller.restoreEidasAuthProcess(httpReq, httpResp);
+
+
+ //validate state
+ Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+ Assert.assertNotNull("missing error", protAuthService.getException());
+ Assert.assertEquals("Wrong errorId", "auth.26",
+ ((EaafException) protAuthService.getException()).getErrorId());
+
+ }
+
+ @Test
+ public void withInResponseToElement() throws IOException, EaafException, SpecificCommunicationException {
+ //set-up
+ String pendingReqId = RandomStringUtils.randomAlphanumeric(10);
+ pendingReq.setPendingReqId(pendingReqId);
+ storage.storePendingRequest(pendingReq);
+
+ String inResponseTo = "_".concat(Random.nextHexRandom16());
+ transStore.put(inResponseTo, pendingReqId, -1);
+
+ Builder iLightResponse = new AuthenticationResponse.Builder();
+ iLightResponse.id("_".concat(Random.nextHexRandom16()))
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .subject(RandomStringUtils.randomAlphabetic(10))
+ .statusCode(Constants.SUCCESS_URI)
+ .inResponseTo(inResponseTo)
+ .subjectNameIdFormat("afaf");
+
+ AuthenticationResponse eidasResp = iLightResponse.build();
+ BinaryLightToken token = connector.putResponse(eidasResp);
+ httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),
+ Base64.getEncoder().encodeToString(token.getTokenBytes()));
+
+
+ //execute test
+ controller.restoreEidasAuthProcess(httpReq, httpResp);
+
+
+ //validate state
+ Assert.assertNotNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+ Assert.assertEquals("wrong eIDAS response", eidasResp,
+ httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+
+ Assert.assertNotNull("missing error", protAuthService.getException());
+ Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'",
+ ((EaafException) protAuthService.getException()).getErrorId());
+
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java
index 9709aeb9..cf4ed95c 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java
@@ -31,7 +31,6 @@ import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchProviderException;
-import java.util.Arrays;
import java.util.List;
import javax.xml.bind.JAXBContext;
@@ -40,12 +39,14 @@ import javax.xml.bind.Unmarshaller;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.ws.soap.SOAPFaultException;
+import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.cxf.binding.soap.SoapFault;
+import org.joda.time.DateTime;
+import org.jose4j.lang.JoseException;
import org.junit.Assert;
import org.junit.Before;
-import org.junit.BeforeClass;
import org.junit.Ignore;
import org.junit.Rule;
import org.junit.Test;
@@ -59,9 +60,14 @@ import org.springframework.util.Base64Utils;
import org.w3c.dom.Element;
import org.xml.sax.SAXException;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.JsonMappingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
import com.skjolberg.mockito.soap.SoapServiceRule;
+import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient;
@@ -69,7 +75,6 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils
import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType;
import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType;
import at.gv.egiz.eaaf.core.api.data.EaafConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
import at.gv.egiz.eaaf.core.exceptions.EaafParserException;
import at.gv.egiz.eaaf.core.impl.data.Triple;
@@ -88,15 +93,17 @@ import szrservices.SignContentResponseType;
import szrservices.TravelDocumentType;
@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
public class SzrClientTest {
private static final Logger log = LoggerFactory.getLogger(SzrClientTest.class);
- @Autowired
- SzrClient szrClient;
- @Autowired
- IConfiguration basicConfig;
+ @Autowired SzrClient szrClient;
+ @Autowired MsConnectorDummyConfigMap basicConfig;
+ private static ObjectMapper mapper = new ObjectMapper();
+
private static final String givenName = "Franz";
private static final String familyName = "Mustermann";
private static final String dateOfBirth = "1989-05-05";
@@ -104,24 +111,12 @@ public class SzrClientTest {
private static final String DUMMY_TARGET = EaafConstants.URN_PREFIX_CDID + "ZP";
private SZR szrMock = null;
-
+ ErnbEidData eidData = null;
@Rule
public SoapServiceRule soap = SoapServiceRule.newInstance();
/**
- * jUnit class initializer.
- *
- * @throws IOException In case of an error
- */
- @BeforeClass
- public static void classInitializer() throws IOException {
- final String current = new java.io.File(".").toURI().toString();
- System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties");
-
- }
-
- /**
* Initialize jUnit test.
*/
@Before
@@ -130,6 +125,16 @@ public class SzrClientTest {
szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr");
}
+
+ eidData = new ErnbEidData();
+ eidData.setFamilyName(familyName);
+ eidData.setGivenName(givenName);
+ eidData.setDateOfBirth(new DateTime());
+ eidData.setCitizenCountryCode("IS");
+ eidData.setPseudonym("1234sdgsdfg56789ABCDEF");
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject", "false");
+
}
@@ -158,7 +163,7 @@ public class SzrClientTest {
}
@Test
- public void getBcBindValid() throws SZRException_Exception, SzrCommunicationException {
+ public void getEidasBindRealSzrResponse() throws SZRException_Exception, SzrCommunicationException, IOException {
final SignContentResponse szrResponse = new SignContentResponse();
final SignContentEntry result1 = new SignContentEntry();
final SignContentResponseType content = new SignContentResponseType();
@@ -166,50 +171,116 @@ public class SzrClientTest {
szrResponse.setSignContentResponse(content);
result1.setKey("bcBindReq");
- result1.setValue(RandomStringUtils.randomAlphanumeric(100));
+ result1.setValue(IOUtils.toString(SzrClient.class.getResourceAsStream("/data/szr/signed_eidasBind.jws")));
when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content);
final String bcBind = szrClient
- .getBcBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
- RandomStringUtils.randomAlphabetic(10));
+ .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+ RandomStringUtils.randomAlphabetic(10), eidData);
Assert.assertNotNull("bcBind is null", bcBind);
Assert.assertEquals("bcBind not match", result1.getValue(), bcBind);
+
+ }
+ @Test
+ public void eidasBindNull() throws SZRException_Exception {
when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(null);
- try {
+
+ try {
szrClient
- .getBcBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
- RandomStringUtils.randomAlphabetic(10));
+ .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+ RandomStringUtils.randomAlphabetic(10), eidData);
} catch (SzrCommunicationException e) {
Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01"));
- }
-
+
+ }
+ }
+
+ @Test
+ public void eidasBindInvalidResponse() throws SZRException_Exception {
final SignContentEntry result2 = new SignContentEntry();
final SignContentResponseType content1 = new SignContentResponseType();
content1.getOut().add(result2);
when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content1);
+
try {
szrClient
- .getBcBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
- RandomStringUtils.randomAlphabetic(10));
+ .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+ RandomStringUtils.randomAlphabetic(10), eidData);
} catch (SzrCommunicationException e) {
Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01"));
+
}
-
+ }
+
+ public void eidasBindEmptyResponse() throws SZRException_Exception {
+ final SignContentEntry result2 = new SignContentEntry();
+ final SignContentResponseType content1 = new SignContentResponseType();
+ content1.getOut().add(result2);
result2.setKey("bcBindReq");
result2.setValue("");
when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content1);
+
try {
szrClient
- .getBcBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
- RandomStringUtils.randomAlphabetic(10));
+ .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+ RandomStringUtils.randomAlphabetic(10), eidData);
} catch (SzrCommunicationException e) {
Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01"));
- }
+
+ }
}
+
+ @Test
+ public void eidasBindValid() throws SZRException_Exception, SzrCommunicationException, JsonMappingException,
+ JsonProcessingException, JoseException {
+ final SignContentResponse szrResponse = new SignContentResponse();
+ final SignContentEntry result1 = new SignContentEntry();
+ final SignContentResponseType content = new SignContentResponseType();
+ content.getOut().add(result1);
+ szrResponse.setSignContentResponse(content);
+ result1.setKey("bcBindReq");
+ result1.setValue(RandomStringUtils.randomAlphanumeric(100));
+
+ when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content);
+
+ final String bcBind = szrClient
+ .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+ RandomStringUtils.randomAlphabetic(10), eidData);
+
+ Assert.assertNotNull("bcBind is null", bcBind);
+ Assert.assertEquals("bcBind not match", result1.getValue(), bcBind);
+
+ }
+
+ @Test
+ public void eidasBindValidWithMds() throws SZRException_Exception, SzrCommunicationException, JoseException,
+ JsonMappingException, JsonProcessingException {
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject", "true");
+
+ final SignContentResponse szrResponse = new SignContentResponse();
+ final SignContentEntry result1 = new SignContentEntry();
+ final SignContentResponseType content = new SignContentResponseType();
+ content.getOut().add(result1);
+ szrResponse.setSignContentResponse(content);
+
+ result1.setKey("bcBindReq");
+ result1.setValue(RandomStringUtils.randomAlphanumeric(100));
+
+ when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content);
+
+ final String bcBind = szrClient
+ .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+ RandomStringUtils.randomAlphabetic(10), eidData);
+
+ Assert.assertNotNull("bcBind is null", bcBind);
+ Assert.assertEquals("bcBind not match", result1.getValue(), bcBind);
+
+ }
+
@Test
public void getIdentityLinkRawModeValidResponse()
throws SZRException_Exception, EaafParserException, NoSuchProviderException, IOException, InvalidKeyException,
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java
index 2f573f53..1e7ff369 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java
@@ -29,19 +29,26 @@ import java.security.MessageDigest;
import java.security.NoSuchProviderException;
import java.util.List;
+import org.apache.commons.lang3.RandomStringUtils;
import org.apache.commons.lang3.StringUtils;
+import org.bouncycastle.util.encoders.Base64;
+import org.joda.time.DateTime;
+import org.junit.Assert;
import org.junit.Ignore;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.IfProfileValue;
import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.TestPropertySource;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.util.Base64Utils;
import org.w3c.dom.Element;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient;
@@ -59,9 +66,16 @@ import szrservices.PersonInfoType;
import szrservices.SZRException_Exception;
import szrservices.TravelDocumentType;
-@Ignore
+
+@IfProfileValue(name = "spring.profiles.active", value = "devEnvironment")
@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_basic_test.xml")
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_realConfig.xml"})
+@TestPropertySource(locations = {
+ //"classpath:/application.properties",
+ "file:/home/tlenz/Projekte/config/ms_connector/default_config.properties",
+ })
public class SzrClientTestProduction {
private static final Logger log = LoggerFactory.getLogger(SzrClientTestProduction.class);
@@ -84,6 +98,33 @@ public class SzrClientTestProduction {
}
@Test
+ public void getVsz() throws SzrCommunicationException, EidasSAuthenticationException {
+ String vsz = szrClient.getEncryptedStammzahl(getPersonInfo());
+ Assert.assertNotNull("vsz", vsz);
+
+ }
+
+ @Test
+ public void getEidasBind() throws SzrCommunicationException, EidasSAuthenticationException {
+ String vsz = RandomStringUtils.randomAlphanumeric(10);
+ String bindingPubKey = Base64.toBase64String(RandomStringUtils.random(20).getBytes());
+ String eidStatus = "urn:eidgvat:eid.status.eidas";
+ ErnbEidData eidData = new ErnbEidData();
+ eidData.setFamilyName(familyName);
+ eidData.setGivenName(givenName);
+ eidData.setDateOfBirth(new DateTime());
+ eidData.setCitizenCountryCode("IS");
+ eidData.setPseudonym("1234sdgsdfg56789ABCDEF");
+
+
+ String eidasBind = szrClient.getEidsaBind(vsz, bindingPubKey, eidStatus, eidData);
+
+ Assert.assertNotNull("eidasBind", eidasBind);
+
+ }
+
+
+ @Test
public void getIdentityLinkRawMode() throws SZRException_Exception, EaafParserException,
NoSuchProviderException, IOException, InvalidKeyException, EidasSAuthenticationException {
log.debug("Starting connecting SZR Gateway");
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
index dd485ee6..2e6790c5 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
@@ -2,10 +2,10 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
import static org.powermock.api.mockito.PowerMockito.when;
-import java.io.IOException;
-import java.net.URI;
import java.net.URISyntaxException;
import java.security.KeyStore;
import java.security.Provider;
@@ -13,11 +13,10 @@ import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
+import java.util.Iterator;
import java.util.List;
import java.util.Map;
-import javax.xml.namespace.QName;
-
import org.apache.commons.lang3.RandomStringUtils;
import org.jetbrains.annotations.NotNull;
import org.jose4j.jwa.AlgorithmConstraints;
@@ -25,10 +24,10 @@ import org.jose4j.jwa.AlgorithmConstraints.ConstraintType;
import org.jose4j.jws.AlgorithmIdentifiers;
import org.junit.Assert;
import org.junit.Before;
-import org.junit.BeforeClass;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
+import org.mockito.ArgumentCaptor;
import org.powermock.core.classloader.annotations.PrepareForTest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.mock.web.MockHttpServletRequest;
@@ -39,19 +38,23 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
import com.skjolberg.mockito.soap.SoapServiceRule;
import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.AuthBlockSigningService;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils.JwsResult;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
import at.gv.egiz.eaaf.core.api.data.EaafConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
@@ -64,28 +67,31 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
import eu.eidas.auth.commons.attribute.AttributeDefinition;
import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
-import eu.eidas.auth.commons.attribute.PersonType;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap.Builder;
import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
import lombok.val;
+import szrservices.JwsHeaderParam;
+import szrservices.PersonInfoType;
import szrservices.SZR;
import szrservices.SignContentEntry;
import szrservices.SignContentResponseType;
@RunWith(SpringJUnit4ClassRunner.class)
-//@RunWith(PowerMockRunner.class)
-//@PowerMockRunnerDelegate(SpringJUnit4ClassRunner.class)
@PrepareForTest(CreateIdentityLinkTask.class)
@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
public class CreateIdentityLinkTaskEidNewTest {
@Autowired(required = true)
private CreateIdentityLinkTask task;
@Autowired(required = true)
- private IConfiguration basicConfig;
+ private MsConnectorDummyConfigMap basicConfig;
@Autowired
protected EidasAttributeRegistry attrRegistry;
@@ -93,7 +99,7 @@ public class CreateIdentityLinkTaskEidNewTest {
EaafKeyStoreFactory keyStoreFactory;
@Autowired
- private AuthBlockSigningService authBlockSigner;
+ private IRequestStorage requestStorage;
final ExecutionContext executionContext = new ExecutionContextImpl();
private MockHttpServletRequest httpReq;
@@ -110,22 +116,14 @@ public class CreateIdentityLinkTaskEidNewTest {
AlgorithmIdentifiers.ECDSA_USING_P521_CURVE_AND_SHA512, AlgorithmIdentifiers.RSA_PSS_USING_SHA256,
AlgorithmIdentifiers.RSA_PSS_USING_SHA512));
+ private static ObjectMapper mapper = new ObjectMapper();
+
+ private AuthenticationResponse response;
+
@Rule
public final SoapServiceRule soap = SoapServiceRule.newInstance();
/**
- * jUnit class initializer.
- *
- * @throws IOException In case of an error
- */
- @BeforeClass
- public static void classInitializer() throws IOException {
- final String current = new java.io.File(".").toURI().toString();
- System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_3.properties");
-
- }
-
- /**
* jUnit test set-up.
*/
@Before
@@ -135,7 +133,9 @@ public class CreateIdentityLinkTaskEidNewTest {
httpResp = new MockHttpServletResponse();
RequestContextHolder.resetRequestAttributes();
RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
-
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+
final Map<String, String> spConfig = new HashMap<>();
spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
@@ -143,15 +143,17 @@ public class CreateIdentityLinkTaskEidNewTest {
oaParam = new DummySpConfiguration(spConfig, basicConfig);
pendingReq = new TestRequestImpl();
- final AuthenticationResponse response = buildDummyAuthResponse();
-
+ response = buildDummyAuthResponse(false);
pendingReq.getSessionData(AuthProcessDataWrapper.class)
.setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+
+
pendingReq.setSpConfig(oaParam);
pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
pendingReq.setAuthUrl("http://test.com/");
pendingReq.setTransactionId("avaasbav");
-
+ pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
+
executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "XX");
executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true);
@@ -159,38 +161,223 @@ public class CreateIdentityLinkTaskEidNewTest {
}
@Test
- public void successfulProcess() throws Exception {
+ public void successfulProcessWithDeInfos() throws Exception {
//initialize test
- when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(RandomStringUtils.randomNumeric(10));
+ response = buildDummyAuthResponse(true);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+
+ String vsz = RandomStringUtils.randomNumeric(10);
+ when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz);
val signContentResp = new SignContentResponseType();
final SignContentEntry signContentEntry = new SignContentEntry();
signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10));
signContentResp.getOut().add(signContentEntry);
when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp);
+ String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+
//perform test
task.execute(pendingReq, executionContext);
- //validate state
- final AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+ //validate state
+ // check if pendingRequest was stored
+ IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+
+ //check data in session
+ final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
Assert.assertNotNull("AuthProcessData", authProcessData);
Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class));
String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);
Assert.assertNotNull("AuthBlock", authBlock);
-
- //check authblock signature
+
+ Assert.assertTrue("EID process", authProcessData.isEidProcess());
+ Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+ Assert.assertEquals("EID-ISSUING_NATION", "LU",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+ Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+ Assert.assertEquals("LoA", response.getLevelOfAssurance(),
+ authProcessData.getQaaLevel());
+
+
+ // check authblock signature
final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT,
BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.toArray(new String[BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));
Pair<KeyStore, Provider> keyStore = getKeyStore();
X509Certificate[] trustedCerts = EaafKeyStoreUtils
.getPrivateKeyAndCertificates(keyStore.getFirst(), ALIAS, PW.toCharArray(), true, "junit").getSecond();
JwsResult result = JoseUtils.validateSignature(authBlock, Arrays.asList(trustedCerts), constraints);
- Assert.assertTrue("AuthBlock not valid", result.isValid());
+ Assert.assertTrue("AuthBlock not valid", result.isValid());
+ JsonNode authBlockJson = mapper.readTree(result.getPayLoad());
+ Assert.assertNotNull("deserialized AuthBlock", authBlockJson);
+
+ Assert.assertNotNull("no piiTransactionId in pendingRequesdt",
+ storedPendingReq.getUniquePiiTransactionIdentifier());
+ Assert.assertEquals("piiTransactionId", storedPendingReq.getUniquePiiTransactionIdentifier(),
+ authBlockJson.get("piiTransactionId").asText());
+ Assert.assertEquals("appId", randomTestSp, authBlockJson.get("appId").asText());
+ Assert.assertFalse("'challenge' is null", authBlockJson.get("challenge").asText().isEmpty());
+ Assert.assertFalse("'timestamp' is null", authBlockJson.get("timestamp").asText().isEmpty());
+
+
+ // check vsz request
+ ArgumentCaptor<PersonInfoType> argument4 = ArgumentCaptor.forClass(PersonInfoType.class);
+ ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class);
+ verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture());
+
+ Boolean param5 = argument5.getValue();
+ Assert.assertTrue("insertERnP flag", param5);
+ PersonInfoType person = argument4.getValue();
+ Assert.assertEquals("FamilyName",
+ response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue(
+ response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()),
+ person.getPerson().getName().getFamilyName());
+ Assert.assertEquals("GivenName",
+ response.getAttributes().getAttributeValuesByFriendlyName("FirstName").getFirstValue(
+ response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()),
+ person.getPerson().getName().getGivenName());
+ Assert.assertEquals("DateOfBirth",
+ response.getAttributes().getAttributeValuesByFriendlyName("DateOfBirth").getFirstValue(
+ response.getAttributes().getDefinitionsByFriendlyName("DateOfBirth").iterator().next())
+ .toString().split("T")[0],
+ person.getPerson().getDateOfBirth());
+
+ Assert.assertEquals("PlaceOfBirth",
+ response.getAttributes().getAttributeValuesByFriendlyName("PlaceOfBirth").getFirstValue(
+ response.getAttributes().getDefinitionsByFriendlyName("PlaceOfBirth").iterator().next()),
+ person.getPerson().getPlaceOfBirth());
+ Assert.assertEquals("BirthName",
+ response.getAttributes().getAttributeValuesByFriendlyName("BirthName").getFirstValue(
+ response.getAttributes().getDefinitionsByFriendlyName("BirthName").iterator().next()),
+ person.getPerson().getAlternativeName().getFamilyName());
+
+ Assert.assertEquals("CitizenCountry", "LU", person.getTravelDocument().getIssuingCountry());
+ Assert.assertEquals("DocumentType", "ELEKTR_DOKUMENT", person.getTravelDocument().getDocumentType());
+
+ Assert.assertEquals("Identifier",
+ response.getAttributes().getAttributeValuesByFriendlyName("PersonIdentifier").getFirstValue(
+ response.getAttributes().getDefinitionsByFriendlyName("PersonIdentifier").iterator().next())
+ .toString().split("/")[2],
+ person.getTravelDocument().getDocumentNumber());
+
+ // check bcBind singing request
+ ArgumentCaptor<Boolean> argument1 = ArgumentCaptor.forClass(Boolean.class);
+ ArgumentCaptor<List<JwsHeaderParam>> argument2 = ArgumentCaptor.forClass(List.class);
+ ArgumentCaptor<List<SignContentEntry>> argument3 = ArgumentCaptor.forClass(List.class);
+ verify(szrMock, times(1)).signContent(argument1.capture(), argument2.capture(), argument3.capture());
+ Boolean param1 = argument1.getValue();
+ Assert.assertFalse("addCert flag", param1);
+
+ List<JwsHeaderParam> param2 = argument2.getValue();
+ Assert.assertNotNull("JWS Headers", param2);
+ Assert.assertFalse("JWS Headers empty", param2.isEmpty());
+ Assert.assertEquals("Wrong JWS header size", 1, param2.size());
+ Assert.assertEquals("Missing JWS header key", "urn:at.gv.eid:bindtype", param2.get(0).getKey());
+ Assert.assertEquals("Missing JWS header value", "urn:at.gv.eid:eidasBind", param2.get(0).getValue());
+
+ List<SignContentEntry> param3 = argument3.getValue();
+ Assert.assertNotNull("sign Payload", param3);
+ Assert.assertEquals("wrong sign-payload size", 1, param3.size());
+ Assert.assertNotNull("payload", param3.get(0).getValue().getBytes());
+ JsonNode bcBind = mapper.readTree(param3.get(0).getValue().getBytes());
+ Assert.assertNotNull("bcbind req", bcBind);
+
+ Assert.assertEquals("vsz", vsz, bcBind.get("urn:eidgvat:attributes.vsz.value").asText());
+ Assert.assertEquals("eid status", "urn:eidgvat:eid.status.eidas",
+ bcBind.get("urn:eidgvat:attributes.eid.status").asText());
+ Assert.assertTrue("pubKeys", bcBind.has("urn:eidgvat:attributes.user.pubkeys"));
+ Assert.assertTrue("pubKeys", bcBind.get("urn:eidgvat:attributes.user.pubkeys").isArray());
+ Iterator<JsonNode> pubKeys = bcBind.get("urn:eidgvat:attributes.user.pubkeys").elements();
+ Assert.assertTrue("No PubKey", pubKeys.hasNext());
+ Assert.assertEquals("Wrong pubKey",
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxcB5jnrAwGn7xjgVFv1UBUv1pluwDRFQx7x5O6rSn7pblYfwaWeKa8y"
+ + "jS5BDDaZ00mhhnSlm2XByNrkg5yBGetTgBGtQVAxV5apfuAWN8TS3uSXgdZol7Khd6kraUITtnulvLe8tNaboom5P0zN6UxbJN"
+ + "NVLishVp80HiRXiDbplCTUk8b5cYtmivdb0+5JBTa7L5N/anRVnHHoJCXgNPTouO8daUHZbG1mPk0HgqD8rhZ+OBzE+APKH9No"
+ + "agedSrGRDLdIgZxkrg0mxmfsZQIi2wdJSi3y0PAjEps/s4j0nmw9bPRgCMNLBqqjxtN5JKC8E1yyLm7YefXv/nPaMwIDAQAB",
+ pubKeys.next().asText());
+ Assert.assertFalse("More than one PubKey", pubKeys.hasNext());
}
@Test
+ public void successfulProcessWithStandardInfos() throws Exception {
+ //initialize test
+ String vsz = RandomStringUtils.randomNumeric(10);
+ when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz);
+ val signContentResp = new SignContentResponseType();
+ final SignContentEntry signContentEntry = new SignContentEntry();
+ signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10));
+ signContentResp.getOut().add(signContentEntry);
+ when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp);
+
+ String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ // check if pendingRequest was stored
+ IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+
+ //check data in session
+ final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+ Assert.assertNotNull("AuthProcessData", authProcessData);
+ Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class));
+
+ String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);
+ Assert.assertNotNull("AuthBlock", authBlock);
+
+ Assert.assertTrue("EID process", authProcessData.isEidProcess());
+ Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+ Assert.assertEquals("EID-ISSUING_NATION", "LU",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+ Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+ Assert.assertEquals("LoA", response.getLevelOfAssurance(),
+ authProcessData.getQaaLevel());
+
+ // check vsz request
+ ArgumentCaptor<PersonInfoType> argument4 = ArgumentCaptor.forClass(PersonInfoType.class);
+ ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class);
+ verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture());
+
+ Boolean param5 = argument5.getValue();
+ Assert.assertTrue("insertERnP flag", param5);
+ PersonInfoType person = argument4.getValue();
+ Assert.assertEquals("FamilyName",
+ response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue(
+ response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()),
+ person.getPerson().getName().getFamilyName());
+ Assert.assertEquals("GivenName",
+ response.getAttributes().getAttributeValuesByFriendlyName("FirstName").getFirstValue(
+ response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()),
+ person.getPerson().getName().getGivenName());
+ Assert.assertEquals("DateOfBirth",
+ response.getAttributes().getAttributeValuesByFriendlyName("DateOfBirth").getFirstValue(
+ response.getAttributes().getDefinitionsByFriendlyName("DateOfBirth").iterator().next())
+ .toString().split("T")[0],
+ person.getPerson().getDateOfBirth());
+
+ Assert.assertNull("PlaceOfBirth", person.getPerson().getPlaceOfBirth());
+ Assert.assertNull("BirthName", person.getPerson().getAlternativeName());
+
+ Assert.assertEquals("CitizenCountry", "LU", person.getTravelDocument().getIssuingCountry());
+ Assert.assertEquals("DocumentType", "ELEKTR_DOKUMENT", person.getTravelDocument().getDocumentType());
+
+ Assert.assertEquals("Identifier",
+ response.getAttributes().getAttributeValuesByFriendlyName("PersonIdentifier").getFirstValue(
+ response.getAttributes().getDefinitionsByFriendlyName("PersonIdentifier").iterator().next())
+ .toString().split("/")[2],
+ person.getTravelDocument().getDocumentNumber());
+
+
+ }
+
+ @Test
public void getStammzahlEncryptedExceptionTest() throws Exception {
try {
when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(null);
@@ -242,31 +429,40 @@ public class CreateIdentityLinkTaskEidNewTest {
}
@NotNull
- private AuthenticationResponse buildDummyAuthResponse() throws URISyntaxException {
- final AttributeDefinition attributeDef = AttributeDefinition.builder()
- .friendlyName(Constants.eIDAS_ATTR_PERSONALIDENTIFIER).nameUri(new URI("ad", "sd", "ff"))
- .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", "af"))
- .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller").build();
- final AttributeDefinition attributeDef2 = AttributeDefinition.builder()
- .friendlyName(Constants.eIDAS_ATTR_CURRENTFAMILYNAME).nameUri(new URI("ad", "sd", "fff"))
- .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", "aff"))
- .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller").build();
- final AttributeDefinition attributeDef3 = AttributeDefinition.builder()
- .friendlyName(Constants.eIDAS_ATTR_CURRENTGIVENNAME).nameUri(new URI("ad", "sd", "ffff"))
- .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", "afff"))
- .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller").build();
- final AttributeDefinition attributeDef4 = AttributeDefinition.builder()
- .friendlyName(Constants.eIDAS_ATTR_DATEOFBIRTH).nameUri(new URI("ad", "sd", "fffff"))
- .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", "affff"))
- .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.DateTimeAttributeValueMarshaller").build();
-
- final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder()
- .put(attributeDef, "de/st/" + RandomStringUtils.randomNumeric(64))
- .put(attributeDef2, RandomStringUtils.randomAlphabetic(10))
- .put(attributeDef3, RandomStringUtils.randomAlphabetic(10)).put(attributeDef4, "2001-01-01").build();
+ private AuthenticationResponse buildDummyAuthResponse(boolean withAll) throws URISyntaxException {
+ final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+ final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first();
+ final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_CURRENTGIVENNAME).first();
+ final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_DATEOFBIRTH).first();
+ final AttributeDefinition attributeDef5 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_PLACEOFBIRTH).first();
+ final AttributeDefinition attributeDef6 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_BIRTHNAME).first();
+
+ final Builder attributeMap = ImmutableAttributeMap.builder();
+ attributeMap.put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64));
+ attributeMap.put(attributeDef2, RandomStringUtils.randomAlphabetic(10));
+ attributeMap.put(attributeDef3, RandomStringUtils.randomAlphabetic(10));
+ attributeMap.put(attributeDef4, "2001-01-01");
+ if (withAll) {
+ attributeMap.put(attributeDef5, RandomStringUtils.randomAlphabetic(10));
+ attributeMap.put(attributeDef6, RandomStringUtils.randomAlphabetic(10));
+
+ }
val b = new AuthenticationResponse.Builder();
- return b.id("aasdf").issuer("asd").subject("asf").statusCode("200").inResponseTo("asdf").subjectNameIdFormat("afaf")
- .attributes(attributeMap).build();
+ return b.id("_".concat(Random.nextHexRandom16()))
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .subject(RandomStringUtils.randomAlphabetic(10))
+ .statusCode(Constants.SUCCESS_URI)
+ .inResponseTo("_".concat(Random.nextHexRandom16()))
+ .subjectNameIdFormat("afaf")
+ .levelOfAssurance(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5))
+ .attributes(attributeMap.build())
+ .build();
}
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
new file mode 100644
index 00000000..8c7558dd
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
@@ -0,0 +1,464 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+import static org.mockito.ArgumentMatchers.any;
+
+import java.net.URISyntaxException;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Unmarshaller;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.jetbrains.annotations.NotNull;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import com.skjolberg.mockito.soap.SoapServiceRule;
+
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
+import lombok.val;
+import szrservices.GetBPK;
+import szrservices.GetBPKResponse;
+import szrservices.GetIdentityLinkEidasResponse;
+import szrservices.PersonInfoType;
+import szrservices.SZR;
+import szrservices.SZRException_Exception;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@PrepareForTest(CreateIdentityLinkTask.class)
+@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
+public class CreateIdentityLinkTaskTest {
+
+ @Autowired(required = true)
+ private CreateIdentityLinkTask task;
+
+ @Autowired(required = true)
+ private MsConnectorDummyConfigMap basicConfig;
+ @Autowired
+ protected EidasAttributeRegistry attrRegistry;
+
+ @Autowired
+ EaafKeyStoreFactory keyStoreFactory;
+
+ @Autowired
+ private IRequestStorage requestStorage;
+
+ final ExecutionContext executionContext = new ExecutionContextImpl();
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+ private TestRequestImpl pendingReq;
+ private DummySpConfiguration oaParam;
+ private SZR szrMock;
+
+ private AuthenticationResponse response;
+ private Map<String, String> spConfig;
+
+ @Rule
+ public final SoapServiceRule soap = SoapServiceRule.newInstance();
+
+ /**
+ * jUnit test set-up.
+ */
+ @Before
+ public void setUp() throws EaafStorageException, URISyntaxException {
+
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "false");
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "false");
+
+ spConfig = new HashMap<>();
+ spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+ spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+ spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "false");
+ oaParam = new DummySpConfiguration(spConfig, basicConfig);
+ pendingReq = new TestRequestImpl();
+
+ response = buildDummyAuthResponse();
+
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+ pendingReq.setSpConfig(oaParam);
+ pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+ pendingReq.setAuthUrl("http://test.com/");
+ pendingReq.setTransactionId("avaasbav");
+ pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
+
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "XX");
+ executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true);
+
+ szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr");
+ }
+
+
+ @Test
+ public void buildIdentityLink() throws Exception {
+ //initialize test
+ setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+
+ String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+
+
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+
+ //validate state
+ // check if pendingRequest was stored
+ IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+
+ //check data in session
+ final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+ Assert.assertNotNull("AuthProcessData", authProcessData);
+ Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class));
+
+ String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);
+ Assert.assertNull("AuthBlock", authBlock);
+
+ Assert.assertFalse("EID process", authProcessData.isEidProcess());
+ Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+ Assert.assertEquals("EID-ISSUING_NATION", "LU",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+ Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+ Assert.assertEquals("LoA", response.getLevelOfAssurance(),
+ authProcessData.getQaaLevel());
+
+ Assert.assertNotNull("IDL", authProcessData.getIdentityLink());
+ checkElement("Mustermann", authProcessData.getIdentityLink().getFamilyName());
+ checkElement("Hans", authProcessData.getIdentityLink().getGivenName());
+ checkElement("1989-05-05", authProcessData.getIdentityLink().getDateOfBirth());
+ checkElement("urn:publicid:gv.at:baseid", authProcessData.getIdentityLink().getIdentificationType());
+ checkElement("k+zDM1BVpN1WJO4x7ZQ3ng==", authProcessData.getIdentityLink().getIdentificationValue());
+ Assert.assertNotNull(authProcessData.getIdentityLink().getSerializedSamlAssertion());
+ Assert.assertNotNull(authProcessData.getIdentityLink().getSamlAssertion());
+
+ Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+ Assert.assertEquals("wrong bPK", "XX:FkXtOaSSeR3elyL9KLLvijIYDMU=",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+
+ }
+
+ @Test
+ public void buildIdentityLinkWithWbpk() throws Exception {
+ //initialize test
+ setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+ spConfig.put("target", EaafConstants.URN_PREFIX_WBPK + "FN+123456i");
+
+ String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
+
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+
+ //validate state
+ // check if pendingRequest was stored
+ IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+
+ //check data in session
+ final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+ Assert.assertNotNull("AuthProcessData", authProcessData);
+ Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class));
+
+ String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);
+ Assert.assertNull("AuthBlock", authBlock);
+
+ Assert.assertFalse("EID process", authProcessData.isEidProcess());
+ Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+ Assert.assertEquals("EID-ISSUING_NATION", "LU",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+ Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+ Assert.assertEquals("LoA", response.getLevelOfAssurance(),
+ authProcessData.getQaaLevel());
+
+ Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+ Assert.assertEquals("wrong bPK", "FN+123456i:D26vJncPS2W790RH/LP04V+vNOQ=",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+
+ }
+
+ @Test
+ public void buildIdentityLinkWithEidasBpk() throws Exception {
+ //initialize test
+ setSzrResponseIdentityLink("/data/szr/szr_resp_valid_2.xml");
+ spConfig.put("target", EaafConstants.URN_PREFIX_EIDAS + "AT+EU");
+
+ String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
+
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+
+ //validate state
+ // check if pendingRequest was stored
+ IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+
+ //check data in session
+ final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+ Assert.assertNotNull("AuthProcessData", authProcessData);
+ Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class));
+
+ String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);
+ Assert.assertNull("AuthBlock", authBlock);
+
+ Assert.assertFalse("EID process", authProcessData.isEidProcess());
+ Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+ Assert.assertEquals("EID-ISSUING_NATION", "LU",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+ Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+ Assert.assertEquals("LoA", response.getLevelOfAssurance(),
+ authProcessData.getQaaLevel());
+
+ Assert.assertNotNull("IDL", authProcessData.getIdentityLink());
+ checkElement("Musterfrau", authProcessData.getIdentityLink().getFamilyName());
+ checkElement("Martina", authProcessData.getIdentityLink().getGivenName());
+ checkElement("1991-04-15", authProcessData.getIdentityLink().getDateOfBirth());
+ checkElement("urn:publicid:gv.at:baseid", authProcessData.getIdentityLink().getIdentificationType());
+ checkElement("k+zDM1BV1312312332x7ZQ3ng==", authProcessData.getIdentityLink().getIdentificationValue());
+
+ Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+ Assert.assertEquals("wrong bPK", "AT+EU:AT/EU/1+wqDl059/02Ptny0g+LyuLDJV0=",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+
+ }
+
+ @Test
+ public void buildIdentityLinkWithUnknownBpk() throws Exception {
+ //initialize test
+ setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+ spConfig.put("target", "urn:notextis:1234");
+
+ String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
+
+ try {
+ task.execute(pendingReq, executionContext);
+ Assert.fail("unknown bPKType not detected");
+
+ } catch (TaskExecutionException e) {
+ Assert.assertEquals("ErrorId", "builder.33",
+ ((EaafException) e.getOriginalException()).getErrorId());
+ Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())
+ .getParams().length);
+
+ }
+ }
+
+ @Test
+ public void noBpkResult() throws Exception {
+ //initialize test
+ setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+ GetBPKResponse getBpkResp = new GetBPKResponse();
+ org.mockito.Mockito.when(szrMock.getBPK(any(GetBPK.class))).thenReturn(getBpkResp );
+
+ spConfig.put("target", "urn:notextis:1234");
+
+ String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "true");
+
+ try {
+ task.execute(pendingReq, executionContext);
+ Assert.fail("unknown bPKType not detected");
+
+ } catch (TaskExecutionException e) {
+ Assert.assertEquals("ErrorId", "ernb.01",
+ ((EaafException) e.getOriginalException()).getErrorId());
+
+ }
+ }
+
+ @Test
+ public void bPKFromSzr() throws Exception {
+ //initialize test
+ setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+ String bpk = RandomStringUtils.randomAlphanumeric(10);
+ GetBPKResponse getBpkResp = new GetBPKResponse();
+ getBpkResp.getGetBPKReturn().add(bpk);
+ org.mockito.Mockito.when(szrMock.getBPK(any(GetBPK.class))).thenReturn(getBpkResp );
+
+ spConfig.put("target", "urn:notextis:1234");
+
+ String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "true");
+
+ //execute test
+ task.execute(pendingReq, executionContext);
+
+
+ //validate state
+ // check if pendingRequest was stored
+ IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+
+ //check data in session
+ final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+ Assert.assertNotNull("AuthProcessData", authProcessData);
+ Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class));
+
+ String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);
+ Assert.assertNull("AuthBlock", authBlock);
+
+ Assert.assertFalse("EID process", authProcessData.isEidProcess());
+ Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+ Assert.assertEquals("EID-ISSUING_NATION", "LU",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+ Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+ Assert.assertEquals("LoA", response.getLevelOfAssurance(),
+ authProcessData.getQaaLevel());
+
+ Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+ Assert.assertEquals("wrong bPK", bpk,
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+ }
+
+ @Test
+ public void buildDummyIdl() throws Exception {
+ //initialize test
+ String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "true");
+
+
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+
+ //validate state
+ // check if pendingRequest was stored
+ IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+
+ //check data in session
+ final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+ Assert.assertNotNull("AuthProcessData", authProcessData);
+ Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class));
+
+ String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);
+ Assert.assertNull("AuthBlock", authBlock);
+
+ Assert.assertFalse("EID process", authProcessData.isEidProcess());
+ Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+ Assert.assertEquals("EID-ISSUING_NATION", "LU",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+ Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+ Assert.assertEquals("LoA", response.getLevelOfAssurance(),
+ authProcessData.getQaaLevel());
+
+ Assert.assertNotNull("IDL", authProcessData.getIdentityLink());
+
+ }
+
+ private void setSzrResponseIdentityLink(String responseXmlPath) throws JAXBException, SZRException_Exception {
+ final JAXBContext jaxbContext = JAXBContext
+ .newInstance(szrservices.ObjectFactory.class, org.w3._2001._04.xmldsig_more.ObjectFactory.class,
+ org.w3._2000._09.xmldsig.ObjectFactory.class,
+ at.gv.e_government.reference.namespace.persondata._20020228.ObjectFactory.class);
+ final Unmarshaller jaxbUnmarshaller = jaxbContext.createUnmarshaller();
+ final GetIdentityLinkEidasResponse szrResponse = (GetIdentityLinkEidasResponse) jaxbUnmarshaller
+ .unmarshal(this.getClass().getResourceAsStream(responseXmlPath));
+ org.mockito.Mockito.when(szrMock.getIdentityLinkEidas(any(PersonInfoType.class))).thenReturn(szrResponse.getGetIdentityLinkReturn());
+
+ }
+ private void checkElement(String expected, String value) {
+ Assert.assertNotNull(value);
+ Assert.assertEquals(expected, value);
+
+ }
+
+ @NotNull
+ private AuthenticationResponse buildDummyAuthResponse() throws URISyntaxException {
+ final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+ final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first();
+ final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_CURRENTGIVENNAME).first();
+ final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_DATEOFBIRTH).first();
+
+ final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder()
+ .put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64))
+ .put(attributeDef2, RandomStringUtils.randomAlphabetic(10))
+ .put(attributeDef3, RandomStringUtils.randomAlphabetic(10)).put(attributeDef4, "2001-01-01").build();
+
+ val b = new AuthenticationResponse.Builder();
+ return b.id("_".concat(Random.nextHexRandom16()))
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .subject(RandomStringUtils.randomAlphabetic(10))
+ .statusCode("200")
+ .inResponseTo("_".concat(Random.nextHexRandom16()))
+ .subjectNameIdFormat("afaf")
+ .levelOfAssurance(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5))
+ .attributes(attributeMap)
+ .build();
+ }
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskFirstTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskFirstTest.java
deleted file mode 100644
index e8fcdd3d..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskFirstTest.java
+++ /dev/null
@@ -1,122 +0,0 @@
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
-
-import java.io.IOException;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.test.annotation.DirtiesContext;
-import org.springframework.test.annotation.DirtiesContext.ClassMode;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-import org.springframework.web.context.request.RequestContextHolder;
-import org.springframework.web.context.request.ServletRequestAttributes;
-
-import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService;
-import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
-import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
-import at.gv.egiz.eaaf.core.exceptions.EaafException;
-import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
-import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
-import eu.eidas.auth.commons.light.ILightRequest;
-import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
-
-@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
-@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
-public class GenerateAuthnRequestTaskFirstTest {
-
- @Autowired(required = true)
- private GenerateAuthnRequestTask task;
- @Autowired(required = true)
- private DummySpecificCommunicationService commService;
- @Autowired(required = true)
- private IConfiguration basicConfig;
-
- final ExecutionContext executionContext = new ExecutionContextImpl();
- private MockHttpServletRequest httpReq;
- private MockHttpServletResponse httpResp;
- private TestRequestImpl pendingReq;
- private DummySpConfiguration oaParam;
-
- /**
- * jUnit class initializer.
- *
- * @throws IOException In case of an error
- */
- @BeforeClass
- public static void classInitializer() throws IOException {
- final String current = new java.io.File(".").toURI().toString();
- System.setProperty("eidas.ms.configuration", current
- + "src/test/resources/config/junit_config_1.properties");
-
- }
-
- /**
- * jUnit test set-up.
- *
- */
- @Before
- public void setUp() {
-
- httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
- httpResp = new MockHttpServletResponse();
- RequestContextHolder.resetRequestAttributes();
- RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
-
- final Map<String, String> spConfig = new HashMap<>();
- spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
- spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
- oaParam = new DummySpConfiguration(spConfig, basicConfig);
-
- pendingReq = new TestRequestImpl();
- pendingReq.setSpConfig(oaParam);
- pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
- pendingReq.setAuthUrl("http://test.com/");
-
- }
-
- @Test
- @DirtiesContext
- public void withCustomStaticProviderNameForPublicSPs() throws TaskExecutionException,
- SpecificCommunicationException {
- executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
-
- try {
- task.execute(pendingReq, executionContext);
-
- } catch (final TaskExecutionException e) {
- // forward URL is not set in example config
- org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(),
- "Wrong exception");
- Assert.assertEquals("wrong errorCode", "config.08", ((EaafException) e.getOriginalException())
- .getErrorId());
- Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())
- .getParams().length);
- Assert.assertEquals("wrong errorMsg", Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL, ((EaafException) e
- .getOriginalException()).getParams()[0]);
-
- }
-
- final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
-
- Assert.assertEquals("ProviderName is not Static", "myNode", eidasReq.getProviderName());
- Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
- Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskSecondTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskSecondTest.java
deleted file mode 100644
index 10896f48..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskSecondTest.java
+++ /dev/null
@@ -1,140 +0,0 @@
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
-
-import java.io.IOException;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.test.annotation.DirtiesContext;
-import org.springframework.test.annotation.DirtiesContext.ClassMode;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-import org.springframework.web.context.request.RequestContextHolder;
-import org.springframework.web.context.request.ServletRequestAttributes;
-
-import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService;
-import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
-import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
-import at.gv.egiz.eaaf.core.exceptions.EaafException;
-import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
-import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
-import eu.eidas.auth.commons.light.ILightRequest;
-import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
-
-@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
-@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
-public class GenerateAuthnRequestTaskSecondTest {
-
- @Autowired(required = true)
- private GenerateAuthnRequestTask task;
- @Autowired(required = true)
- private DummySpecificCommunicationService commService;
- @Autowired(required = true)
- private IConfiguration basicConfig;
-
- final ExecutionContext executionContext = new ExecutionContextImpl();
- private MockHttpServletRequest httpReq;
- private MockHttpServletResponse httpResp;
- private TestRequestImpl pendingReq;
- private DummySpConfiguration oaParam;
-
- /**
- * jUnit class initializer.
- *
- * @throws IOException In case of an error
- */
- @BeforeClass
- public static void classInitializer() throws IOException {
- final String current = new java.io.File(".").toURI().toString();
- System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties");
-
- }
-
- /**
- * jUnit test set-up.
- *
- */
- @Before
- public void setUp() {
-
- httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
- httpResp = new MockHttpServletResponse();
- RequestContextHolder.resetRequestAttributes();
- RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
-
- final Map<String, String> spConfig = new HashMap<>();
- spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
- spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
- oaParam = new DummySpConfiguration(spConfig, basicConfig);
-
- pendingReq = new TestRequestImpl();
- pendingReq.setSpConfig(oaParam);
- pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
- pendingReq.setAuthUrl("http://test.com/");
-
- }
-
- @Test
- public void noCountryCode() {
- try {
- task.execute(pendingReq, executionContext);
- Assert.fail("No countryCode not detected");
-
- } catch (final TaskExecutionException e) {
- Assert.assertEquals("wrong pendingReqId", pendingReq.getPendingRequestId(), e.getPendingRequestID());
- org.springframework.util.Assert.isInstanceOf(EidasSAuthenticationException.class, e
- .getOriginalException(), "Wrong exception");
- Assert.assertEquals("wrong errorCode", "eidas.03", ((EaafException) e.getOriginalException())
- .getErrorId());
-
- }
-
- }
-
- @Test
- @DirtiesContext
- public void withStaticProviderNameForPublicSPs() throws TaskExecutionException,
- SpecificCommunicationException {
- executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
-
- try {
- task.execute(pendingReq, executionContext);
-
- } catch (final TaskExecutionException e) {
- // forward URL is not set in example config
- org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(),
- "Wrong exception");
- Assert.assertEquals("wrong errorCode", "config.08", ((EaafException) e.getOriginalException())
- .getErrorId());
- Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())
- .getParams().length);
- Assert.assertEquals("wrong errorMsg", Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL, ((EaafException) e
- .getOriginalException()).getParams()[0]);
-
- }
-
- final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
-
- Assert.assertEquals("ProviderName is not Static",
- Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, eidasReq.getProviderName());
- Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
- Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java
new file mode 100644
index 00000000..c416b515
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java
@@ -0,0 +1,486 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import java.io.UnsupportedEncodingException;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.exceptions.GuiBuildException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import eu.eidas.auth.commons.light.ILightRequest;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
+@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
+public class GenerateAuthnRequestTaskTest {
+
+ @Autowired(required = true)
+ private GenerateAuthnRequestTask task;
+ @Autowired(required = true)
+ private DummySpecificCommunicationService commService;
+ @Autowired(required = true)
+ private MsConnectorDummyConfigMap basicConfig;
+
+ final ExecutionContext executionContext = new ExecutionContextImpl();
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+ private TestRequestImpl pendingReq;
+ private DummySpConfiguration oaParam;
+ private Map<String, String> spConfig;
+
+
+ /**
+ * jUnit test set-up.
+ *
+ */
+ @Before
+ public void setUp() {
+
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ spConfig = new HashMap<>();
+ spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+ spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+ oaParam = new DummySpConfiguration(spConfig, basicConfig);
+
+ pendingReq = new TestRequestImpl();
+ pendingReq.setSpConfig(oaParam);
+ pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+ pendingReq.setAuthUrl("http://test.com/");
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.entityId",
+ RandomStringUtils.randomAlphabetic(10));
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.endpoint",
+ "http://test/" + RandomStringUtils.randomAlphabetic(5));
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+
+ }
+
+ @Test
+ public void missingIssuer() {
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+ basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.entityId");
+
+ //execute test
+ try {
+ task.execute(pendingReq, executionContext);
+ Assert.fail("Missing Issuer not detected");
+
+ } catch (final TaskExecutionException e) {
+ // forward URL is not set in example config
+ org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(),
+ "Wrong exception");
+ Assert.assertEquals("wrong errorCode", "config.27", ((EaafException) e.getOriginalException())
+ .getErrorId());
+ Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())
+ .getParams().length);
+
+ }
+ }
+
+ @Test
+ public void missingForwardUrl() {
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+ basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.forward.endpoint");
+
+ //execute test
+ try {
+ task.execute(pendingReq, executionContext);
+ Assert.fail("Missing Forward-URL not detected");
+
+ } catch (final TaskExecutionException e) {
+ // forward URL is not set in example config
+ org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(),
+ "Wrong exception");
+ Assert.assertEquals("wrong errorCode", "config.08", ((EaafException) e.getOriginalException())
+ .getErrorId());
+ Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())
+ .getParams().length);
+ Assert.assertEquals("wrong errorMsg", Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL, ((EaafException) e
+ .getOriginalException()).getParams()[0]);
+
+ }
+ }
+
+ @Test
+ public void selectUnknownStage() {
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+ String stage = RandomStringUtils.randomAlphabetic(5);
+ executionContext.put("selectedEnvironment", stage);
+
+ //execute test
+ try {
+ task.execute(pendingReq, executionContext);
+ Assert.fail("Missing Forward-URL not detected");
+
+ } catch (final TaskExecutionException e) {
+ // forward URL is not set in example config
+ org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(),
+ "Wrong exception");
+ Assert.assertEquals("wrong errorCode", "config.08", ((EaafException) e.getOriginalException())
+ .getErrorId());
+ Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())
+ .getParams().length);
+ Assert.assertEquals("wrong errorMsg", Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL + "." + stage, ((EaafException) e
+ .getOriginalException()).getParams()[0]);
+
+ }
+ }
+
+ @Test
+ public void selectQsEndpoint() throws TaskExecutionException,
+ SpecificCommunicationException, EaafStorageException {
+ //set-up test
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+ executionContext.put("selectedEnvironment", "qs");
+
+ String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.endpoint.qs", dynEndPoint);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+
+
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+ Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+ Assert.assertTrue("Wrong redirect endpoint",
+ ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+
+ }
+
+ @Test
+ public void selectTestEndpoint() throws TaskExecutionException,
+ SpecificCommunicationException, EaafStorageException {
+ //set-up test
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+ executionContext.put("selectedEnvironment", "test");
+
+ String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.endpoint.test", dynEndPoint);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+
+
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+ Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+ Assert.assertTrue("Wrong redirect endpoint",
+ ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+
+ }
+
+ @Test
+ public void selectDevEndpoint() throws TaskExecutionException,
+ SpecificCommunicationException, EaafStorageException {
+ //set-up test
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+ executionContext.put("selectedEnvironment", "dev");
+
+ String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.endpoint.dev", dynEndPoint);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+
+
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+ Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+ Assert.assertTrue("Wrong redirect endpoint",
+ ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+
+ }
+
+ @Test
+ public void noCountryCode() {
+ try {
+ task.execute(pendingReq, executionContext);
+ Assert.fail("No countryCode not detected");
+
+ } catch (final TaskExecutionException e) {
+ Assert.assertEquals("wrong pendingReqId", pendingReq.getPendingRequestId(), e.getPendingRequestID());
+ org.springframework.util.Assert.isInstanceOf(EidasSAuthenticationException.class, e
+ .getOriginalException(), "Wrong exception");
+ Assert.assertEquals("wrong errorCode", "eidas.03", ((EaafException) e.getOriginalException())
+ .getErrorId());
+
+ }
+ }
+
+ @Test
+ public void withStaticProviderNameForPublicSPs() throws TaskExecutionException,
+ SpecificCommunicationException {
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.publicSectorTargets", ".*");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true");
+ basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs");
+
+
+ //execute test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+ Assert.assertEquals("ProviderName is not Static",
+ Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, eidasReq.getProviderName());
+ Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
+ Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
+
+ }
+
+ @Test
+ public void withCustomStaticProviderNameForPublicSPs() throws TaskExecutionException,
+ SpecificCommunicationException {
+ String cc = RandomStringUtils.randomAlphabetic(2);
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, cc);
+
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.publicSectorTargets", ".*");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs", "myNode");
+
+ //execute test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+ Assert.assertEquals("wrong issuer",
+ basicConfig.getBasicConfiguration("eidas.ms.auth.eIDAS.node_v2.entityId"), eidasReq.getIssuer());
+ Assert.assertEquals("ProviderName is not Static", "myNode", eidasReq.getProviderName());
+ Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
+ Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
+ Assert.assertEquals("wrong CC", cc, eidasReq.getCitizenCountryCode());
+ Assert.assertEquals("NameIdFormat", Constants.eIDAS_REQ_NAMEID_FORMAT, eidasReq.getNameIdFormat());
+
+
+ }
+
+ @Test
+ public void withDynamicProviderNameForPublicSPs() throws TaskExecutionException,
+ SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException {
+ //set-up test
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+ executionContext.put("selectedEnvironment", "prod");
+
+ String providerName = RandomStringUtils.randomAlphanumeric(10);
+ pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+
+ basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false");
+
+ String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+
+ //execute test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+ Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+ Assert.assertTrue("Wrong redirect endpoint",
+ ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+
+
+ final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+ Assert.assertNotNull("ProviderName found", eidasReq.getProviderName());
+ Assert.assertEquals("PrividerName", providerName, eidasReq.getProviderName());
+ Assert.assertNull("RequesterId found", eidasReq.getRequesterId());
+ Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
+ Assert.assertEquals("wrong LoA", EaafConstants.EIDAS_LOA_HIGH,
+ eidasReq.getLevelOfAssurance());
+
+ Assert.assertEquals("Wrong req. attr. size", 4, eidasReq.getRequestedAttributes().size());
+
+ }
+
+ @Test
+ public void withEidasNodePostReqNotValidTemplate() throws TaskExecutionException,
+ SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException {
+ //set-up test
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+ String providerName = RandomStringUtils.randomAlphanumeric(10);
+ pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+
+ basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false");
+
+
+ String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.method", "POST");
+
+ //execute test
+ try {
+ task.execute(pendingReq, executionContext);
+ Assert.fail("Missing template not detected");
+
+ } catch (TaskExecutionException e) {
+ Assert.assertEquals("ErrorCode", "Could not resolve view with name 'eidas_node_forward.html' ",
+ ((GuiBuildException) e.getOriginalException()).getMessage());
+
+ }
+ }
+
+ @Test
+ public void withDynamicProviderNameForPrivateSPs() throws TaskExecutionException,
+ SpecificCommunicationException, EaafStorageException {
+ //set-up test
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+ spConfig.put("target",
+ EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+" + RandomStringUtils.randomNumeric(6));
+ String providerName = RandomStringUtils.randomAlphanumeric(10);
+ pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+
+ basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false");
+
+ String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+
+
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+ Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+ Assert.assertTrue("Wrong redirect endpoint",
+ ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+
+
+ final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+ Assert.assertEquals("PrividerName", providerName, eidasReq.getProviderName());
+ Assert.assertEquals("RequesterId", providerName, eidasReq.getRequesterId());
+ Assert.assertEquals("no PublicSP", "private", eidasReq.getSpType());
+ Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
+
+ }
+
+ @Test
+ public void withoutProviderNameForPublicSPs() throws TaskExecutionException,
+ SpecificCommunicationException, EaafStorageException {
+ //set-up test
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+ String providerName = RandomStringUtils.randomAlphanumeric(10);
+ pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+
+ basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "false");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "false");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false");
+
+
+ String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+
+
+ //execute test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+
+ final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+ Assert.assertNull("ProviderName found", eidasReq.getProviderName());
+ Assert.assertNull("RequesterId found", eidasReq.getRequesterId());
+ Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
+ Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
+
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskThirdTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskThirdTest.java
deleted file mode 100644
index f2e44ed1..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskThirdTest.java
+++ /dev/null
@@ -1,106 +0,0 @@
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
-
-import java.io.IOException;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.test.annotation.DirtiesContext;
-import org.springframework.test.annotation.DirtiesContext.ClassMode;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-import org.springframework.web.context.request.RequestContextHolder;
-import org.springframework.web.context.request.ServletRequestAttributes;
-
-import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService;
-import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
-import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
-import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
-import eu.eidas.auth.commons.light.ILightRequest;
-import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
-
-@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
-@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
-public class GenerateAuthnRequestTaskThirdTest {
-
- @Autowired(required = true)
- private GenerateAuthnRequestTask task;
- @Autowired(required = true)
- private DummySpecificCommunicationService commService;
- @Autowired(required = true)
- private IConfiguration basicConfig;
-
- final ExecutionContext executionContext = new ExecutionContextImpl();
- private MockHttpServletRequest httpReq;
- private MockHttpServletResponse httpResp;
- private TestRequestImpl pendingReq;
- private DummySpConfiguration oaParam;
-
- /**
- * jUnit class initializer.
- *
- * @throws IOException In case of an error
- */
- @BeforeClass
- public static void classInitializer() throws IOException {
- final String current = new java.io.File(".").toURI().toString();
- System.setProperty("eidas.ms.configuration", current
- + "src/test/resources/config/junit_config_2.properties");
-
- }
-
- /**
- * jUnit test set-up.
- *
- */
- @Before
- public void setUp() {
-
- httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
- httpResp = new MockHttpServletResponse();
- RequestContextHolder.resetRequestAttributes();
- RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
-
- final Map<String, String> spConfig = new HashMap<>();
- spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
- spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
- oaParam = new DummySpConfiguration(spConfig, basicConfig);
-
- pendingReq = new TestRequestImpl();
- pendingReq.setSpConfig(oaParam);
- pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
- pendingReq.setAuthUrl("http://test.com/");
-
- }
-
- @Test
- @DirtiesContext
- public void withDynamicProviderNameForPublicSPs() throws TaskExecutionException,
- SpecificCommunicationException {
- executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
-
- task.execute(pendingReq, executionContext);
- Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
-
- final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
-
- Assert.assertNull("ProviderName found", eidasReq.getProviderName());
- Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
- Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
- }
-
-}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskFirstTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskFirstTest.java
index 62c00813..f2dc6d55 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskFirstTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskFirstTest.java
@@ -72,7 +72,10 @@ import java.util.Random;
import static org.junit.Assert.assertThrows;
@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"
+})
@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
public class InitialSearchTaskFirstTest {
@@ -96,17 +99,17 @@ public class InitialSearchTaskFirstTest {
private final String randomBirthName = RandomStringUtils.randomAlphabetic(10);
private final String randomDate = "2011-01-" + (10 + new Random().nextInt(18));
- /**
- * jUnit class initializer.
- *
- * @throws IOException In case of an error
- */
- @BeforeClass
- public static void classInitializer() throws IOException {
- final String current = new java.io.File(".").toURI().toString();
- System.setProperty("eidas.ms.configuration", current
- + "src/test/resources/config/junit_config_1.properties");
- }
+// /**
+// * jUnit class initializer.
+// *
+// * @throws IOException In case of an error
+// */
+// @BeforeClass
+// public static void classInitializer() throws IOException {
+// final String current = new java.io.File(".").toURI().toString();
+// System.setProperty("eidas.ms.configuration", current
+// + "src/test/resources/config/junit_config_1.properties");
+// }
/**
* jUnit test set-up.
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java
new file mode 100644
index 00000000..de9b2d3b
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java
@@ -0,0 +1,193 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+
+import java.net.URISyntaxException;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.jetbrains.annotations.NotNull;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummySpConfiguration;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveAuthnResponseTask;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
+import lombok.val;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@PrepareForTest(CreateIdentityLinkTask.class)
+@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
+public class ReceiveEidasResponseTaskTest {
+
+ @Autowired(required = true)
+ private ReceiveAuthnResponseTask task;
+
+ @Autowired(required = true)
+ private MsConnectorDummyConfigMap basicConfig;
+ @Autowired
+ protected EidasAttributeRegistry attrRegistry;
+
+ @Autowired private IRequestStorage storage;
+
+ final ExecutionContext executionContext = new ExecutionContextImpl();
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+ private TestRequestImpl pendingReq;
+ private MsConnectorDummySpConfiguration oaParam;
+
+ /**
+ * jUnit test set-up.
+ */
+ @Before
+ public void setUp() throws EaafStorageException, URISyntaxException {
+
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+
+ final Map<String, String> spConfig = new HashMap<>();
+ spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+ spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+ spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true");
+ oaParam = new MsConnectorDummySpConfiguration(spConfig, basicConfig);
+ oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH));
+ pendingReq = new TestRequestImpl();
+
+ pendingReq.setSpConfig(oaParam);
+ pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+ pendingReq.setAuthUrl("http://test.com/");
+ pendingReq.setTransactionId("avaasbav");
+ pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
+
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");
+ executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true);
+
+ }
+
+ @Test
+ public void missingEidasResponse() {
+ try {
+ task.execute(pendingReq, executionContext);
+ Assert.fail("No eIDAS response not detected");
+
+ } catch (TaskExecutionException e) {
+ Assert.assertEquals("ErrorId", "eidas.01",
+ ((EaafException) e.getOriginalException()).getErrorId());
+
+ }
+ }
+
+ @Test
+ public void notSuccessEidasResponse() throws URISyntaxException {
+ String statusCode = RandomStringUtils.randomAlphabetic(10);
+ httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE,
+ buildDummyAuthResponse(statusCode));
+
+
+ try {
+ task.execute(pendingReq, executionContext);
+ Assert.fail("No eIDAS response not detected");
+
+ } catch (TaskExecutionException e) {
+ Assert.assertEquals("ErrorId", "eidas.02",
+ ((EaafException) e.getOriginalException()).getErrorId());
+ Assert.assertEquals("wrong parameter size", 2, ((EaafException) e.getOriginalException())
+ .getParams().length);
+ Assert.assertEquals("wrong errorMsg", statusCode, ((EaafException) e
+ .getOriginalException()).getParams()[0]);
+
+ }
+ }
+
+ @Test
+ public void success() throws URISyntaxException, TaskExecutionException, PendingReqIdValidationException {
+ @NotNull
+ AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI);
+ httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");
+
+ //execute test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedReq);
+
+ final AuthProcessDataWrapper authProcessData = storedReq.getSessionData(AuthProcessDataWrapper.class);
+ Assert.assertEquals("LoA", eidasResponse.getLevelOfAssurance(), authProcessData.getQaaLevel());
+ Assert.assertNotNull("eIDAS response",
+ authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+ Assert.assertEquals("eIDAS response", eidasResponse,
+ authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+
+ }
+
+ @NotNull
+ private AuthenticationResponse buildDummyAuthResponse(String statusCode) throws URISyntaxException {
+ final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+ final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first();
+ final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_CURRENTGIVENNAME).first();
+ final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_DATEOFBIRTH).first();
+
+ final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder()
+ .put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64))
+ .put(attributeDef2, RandomStringUtils.randomAlphabetic(10))
+ .put(attributeDef3, RandomStringUtils.randomAlphabetic(10)).put(attributeDef4, "2001-01-01").build();
+
+ val b = new AuthenticationResponse.Builder();
+ return b.id("_".concat(Random.nextHexRandom16()))
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .subject(RandomStringUtils.randomAlphabetic(10))
+ .statusCode(statusCode)
+ .inResponseTo("_".concat(Random.nextHexRandom16()))
+ .subjectNameIdFormat("afaf")
+ .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+ .attributes(attributeMap)
+ .build();
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java
new file mode 100644
index 00000000..ad38e371
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java
@@ -0,0 +1,139 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.utils;
+
+import java.io.IOException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.Provider;
+import java.security.cert.X509Certificate;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.jose4j.jwa.AlgorithmConstraints;
+import org.jose4j.jwa.AlgorithmConstraints.ConstraintType;
+import org.jose4j.jws.AlgorithmIdentifiers;
+import org.jose4j.lang.JoseException;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils.JwsResult;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreUtils;
+import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration;
+import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@PrepareForTest(CreateIdentityLinkTask.class)
+@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
+public class JoseUtilsTest {
+
+ @Autowired private EaafKeyStoreFactory keyStoreFactory;
+
+ private static final List<String> AUTH_ALGORITHM_WHITELIST_SIGNING = Collections.unmodifiableList(
+ Arrays.asList(
+ AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256,
+ AlgorithmIdentifiers.ECDSA_USING_P521_CURVE_AND_SHA512,
+ AlgorithmIdentifiers.RSA_PSS_USING_SHA256,
+ AlgorithmIdentifiers.RSA_PSS_USING_SHA512));
+
+
+ @Test
+ public void missingKey() throws EaafException, JoseException, KeyStoreException, IOException {
+
+ KeyStoreConfiguration config = new KeyStoreConfiguration();
+ config.setFriendlyName("jUnittest");
+ config.setKeyStoreType(KeyStoreType.JKS);
+ config.setSoftKeyStoreFilePath("../data/junit.jks");
+ config.setSoftKeyStorePassword("password");
+
+ Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config);
+ String payLoad = RandomStringUtils.randomAlphanumeric(100);
+
+ //check signing
+ try {
+ JoseUtils.createSignature(keyStore, "notExist", "password".toCharArray(), payLoad , true, "jUnitTest");
+ Assert.fail("missing Key not detected");
+
+ } catch (EaafException e) {
+ Assert.assertEquals("ErrorId", "internal.keystore.09", e.getErrorId());
+
+ }
+ }
+
+ @Test
+ public void createRsaSignature() throws EaafException, JoseException, KeyStoreException, IOException {
+
+ KeyStoreConfiguration config = new KeyStoreConfiguration();
+ config.setFriendlyName("jUnittest");
+ config.setKeyStoreType(KeyStoreType.JKS);
+ config.setSoftKeyStoreFilePath("../data/junit.jks");
+ config.setSoftKeyStorePassword("password");
+
+ Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config);
+ String payLoad = RandomStringUtils.randomAlphanumeric(100);
+
+ //check signing
+ String result = JoseUtils.createSignature(keyStore, "meta", "password".toCharArray(), payLoad , true, "jUnitTest");
+
+ Assert.assertNotNull("signed message", result);
+ Assert.assertFalse("signed msg empty", result.isEmpty());
+
+
+ //validate
+ List<X509Certificate> trustedCerts = EaafKeyStoreUtils.readCertsFromKeyStore(keyStore.getFirst());
+ final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT,
+ AUTH_ALGORITHM_WHITELIST_SIGNING
+ .toArray(new String[AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));
+ JwsResult verify = JoseUtils.validateSignature(result, trustedCerts, constraints);
+
+ Assert.assertTrue("sig. verify", verify.isValid());
+ Assert.assertEquals("payload", payLoad, verify.getPayLoad());
+
+ }
+
+ @Test
+ public void createEccSignature() throws EaafException, JoseException, KeyStoreException, IOException {
+
+ KeyStoreConfiguration config = new KeyStoreConfiguration();
+ config.setFriendlyName("jUnittest");
+ config.setKeyStoreType(KeyStoreType.JKS);
+ config.setSoftKeyStoreFilePath("../data/junit.jks");
+ config.setSoftKeyStorePassword("password");
+
+ Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config);
+ String payLoad = RandomStringUtils.randomAlphanumeric(100);
+
+ //check signing
+ String result = JoseUtils.createSignature(keyStore, "sig", "password".toCharArray(), payLoad , true, "jUnitTest");
+
+ Assert.assertNotNull("signed message", result);
+ Assert.assertFalse("signed msg empty", result.isEmpty());
+
+
+ //validate
+ List<X509Certificate> trustedCerts = EaafKeyStoreUtils.readCertsFromKeyStore(keyStore.getFirst());
+ final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT,
+ AUTH_ALGORITHM_WHITELIST_SIGNING
+ .toArray(new String[AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));
+ JwsResult verify = JoseUtils.validateSignature(result, trustedCerts, constraints);
+
+ Assert.assertTrue("sig. verify", verify.isValid());
+ Assert.assertEquals("payload", payLoad, verify.getPayLoad());
+
+ }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAttributePostProcessingTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java
index 55a3ce99..9bb51cd9 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAttributePostProcessingTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java
@@ -21,7 +21,7 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation;
import static org.junit.Assert.fail;
@@ -45,7 +45,9 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService;
@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
public class EidasAttributePostProcessingTest {
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasRequestPreProcessingFirstTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java
index 880c32ae..d0ab50f4 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasRequestPreProcessingFirstTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java
@@ -21,7 +21,7 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation;
import java.io.IOException;
import java.util.HashMap;
@@ -37,12 +37,14 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.annotation.DirtiesContext.ClassMode;
import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.TestPropertySource;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService;
import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
@@ -50,7 +52,10 @@ import eu.eidas.auth.commons.light.impl.LightRequest;
import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_realConfig.xml"})
+@TestPropertySource(locations = {"classpath:/config/junit_config_de_attributes.properties"})
@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
public class EidasRequestPreProcessingFirstTest {
@@ -70,8 +75,9 @@ public class EidasRequestPreProcessingFirstTest {
*/
@BeforeClass
public static void classInitializer() throws IOException {
- final String current = new java.io.File(".").toURI().toString();
- System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties");
+// final String current = new java.io.File(".").toURI().toString();
+// System.setProperty("eidas.ms.configuration",
+// current + "src/test/resources/config/junit_config_de_attributes.properties");
}
@@ -95,6 +101,7 @@ public class EidasRequestPreProcessingFirstTest {
authnRequestBuilder = LightRequest.builder();
authnRequestBuilder.id(UUID.randomUUID().toString());
authnRequestBuilder.issuer("Test");
+ authnRequestBuilder.levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH);
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasRequestPreProcessingSecondTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java
index e7bacded..23175a18 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasRequestPreProcessingSecondTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java
@@ -21,16 +21,14 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation;
-import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
import org.junit.Assert;
import org.junit.Before;
-import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
@@ -39,22 +37,25 @@ import org.springframework.test.annotation.DirtiesContext.ClassMode;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService;
import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
import eu.eidas.auth.commons.light.impl.LightRequest;
import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration("/SpringTest-context_tasks_test.xml")
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
public class EidasRequestPreProcessingSecondTest {
@Autowired
- private IConfigurationWithSP basicConfig;
+ private MsConnectorDummyConfigMap basicConfig;
@Autowired
private CcSpecificEidProcessingService preProcessor;
@@ -62,18 +63,6 @@ public class EidasRequestPreProcessingSecondTest {
private DummySpConfiguration oaParam;
private Builder authnRequestBuilder;
- /**
- * jUnit class initializer.
- *
- * @throws IOException In case of an error
- */
- @BeforeClass
- public static void classInitializer() throws IOException {
- final String current = new java.io.File(".").toURI().toString();
- System.setProperty("eidas.ms.configuration", current
- + "src/test/resources/config/junit_config_1.properties");
-
- }
/**
* jUnit test set-up.
@@ -95,12 +84,16 @@ public class EidasRequestPreProcessingSecondTest {
authnRequestBuilder = LightRequest.builder();
authnRequestBuilder.id(UUID.randomUUID().toString());
authnRequestBuilder.issuer("Test");
+ authnRequestBuilder.levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH);
}
@Test
public void prePreProcessDeUnknownAttribute() throws EidPostProcessingException {
-
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs", "myNode");
+ basicConfig.putConfigValue(
+ "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true");
+
final String testCountry = "DE";
authnRequestBuilder.citizenCountryCode(testCountry);
preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java
new file mode 100644
index 00000000..e0f15c8c
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java
@@ -0,0 +1,333 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation;
+
+import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+
+import java.net.URISyntaxException;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import com.google.common.collect.ImmutableSet;
+
+import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummySpConfiguration;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasValidationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.validator.EidasResponseValidator;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap.Builder;
+import eu.eidas.auth.commons.attribute.impl.StringAttributeValue;
+import eu.eidas.auth.commons.light.ILightResponse;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
+import lombok.val;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@PrepareForTest(CreateIdentityLinkTask.class)
+@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
+public class EidasResponseValidatorTest {
+
+ @Autowired private MsConnectorDummyConfigMap basicConfig;
+ @Autowired protected EidasAttributeRegistry attrRegistry;
+
+ private TestRequestImpl pendingReq;
+ private MsConnectorDummySpConfiguration oaParam;
+
+
+ /**
+ * jUnit test set-up.
+ */
+ @Before
+ public void setUp() throws EaafStorageException, URISyntaxException {
+
+ final Map<String, String> spConfig = new HashMap<>();
+ spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+ spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+ spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true");
+ oaParam = new MsConnectorDummySpConfiguration(spConfig, basicConfig);
+ oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH));
+ pendingReq = new TestRequestImpl();
+
+ pendingReq.setSpConfig(oaParam);
+ pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+ pendingReq.setAuthUrl("http://test.com/");
+ pendingReq.setTransactionId("avaasbav");
+ pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
+
+ }
+
+
+ @Test
+ public void loaFromResponseToLow() throws URISyntaxException {
+ //set-up
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ "LU/AT/" + RandomStringUtils.randomNumeric(10),
+ EaafConstants.EIDAS_LOA_LOW,
+ false);
+ String spCountry = "AT";
+ String citizenCountryCode = "XX";
+
+ //execute test
+ try {
+ EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+ Assert.fail("Wrong eIDAS response not detected");
+
+ } catch (EidasValidationException e) {
+ Assert.assertEquals("ErrorId", "eidas.06", e.getErrorId());
+ Assert.assertEquals("wrong parameter size", 1, e.getParams().length);
+ Assert.assertEquals("wrong errorMsg", "http://eidas.europa.eu/LoA/low",
+ e.getParams()[0]);
+
+ }
+ }
+
+ @Test
+ public void noEidasSpCountry() throws URISyntaxException {
+ //set-up
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ "LU/AT/" + RandomStringUtils.randomNumeric(10),
+ EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+ false);
+ String spCountry = null;
+ String citizenCountryCode = "LU";
+
+ oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+
+
+ //execute test
+ try {
+ EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+ Assert.fail("Wrong eIDAS response not detected");
+
+ } catch (EidasValidationException e) {
+ Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());
+ Assert.assertEquals("wrong parameter size", 2, e.getParams().length);
+ Assert.assertEquals("wrong errorMsg", "PersonIdentifier",
+ e.getParams()[0]);
+ Assert.assertEquals("wrong errorMsg",
+ "Destination country does not match to SP country",
+ e.getParams()[1]);
+
+ }
+ }
+
+ @Test
+ public void noEidasResponseCountry() throws URISyntaxException {
+ //set-up
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ "LU/AT/" + RandomStringUtils.randomNumeric(10),
+ EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+ false);
+ String spCountry = "AT";
+ String citizenCountryCode = null;
+
+ oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+
+
+ //execute test
+ try {
+ EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+ Assert.fail("Wrong eIDAS response not detected");
+
+ } catch (EidasValidationException e) {
+ Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());
+ Assert.assertEquals("wrong parameter size", 2, e.getParams().length);
+ Assert.assertEquals("wrong errorMsg", "PersonIdentifier",
+ e.getParams()[0]);
+ Assert.assertEquals("wrong errorMsg",
+ "Citizen country does not match to eIDAS-node country that generates the response",
+ e.getParams()[1]);
+
+ }
+ }
+
+ @Test
+ public void wrongEidasResponseCountry() throws URISyntaxException {
+ //set-up
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ "LU/AT/" + RandomStringUtils.randomNumeric(10),
+ EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+ false);
+ String spCountry = "AT";
+ String citizenCountryCode = "XX";
+
+ oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+
+
+ //execute test
+ try {
+ EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+ Assert.fail("Wrong eIDAS response not detected");
+
+ } catch (EidasValidationException e) {
+ Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());
+ Assert.assertEquals("wrong parameter size", 2, e.getParams().length);
+ Assert.assertEquals("wrong errorMsg", "PersonIdentifier",
+ e.getParams()[0]);
+ Assert.assertEquals("wrong errorMsg",
+ "Citizen country does not match to eIDAS-node country that generates the response",
+ e.getParams()[1]);
+
+ }
+ }
+
+ @Test
+ public void missingPersonalIdentifier() throws URISyntaxException {
+ //set-up
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ null,
+ EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+ false);
+ String spCountry = "AT";
+ String citizenCountryCode = "LU";
+
+ oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+
+
+ //execute test
+ try {
+ EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+ Assert.fail("Wrong eIDAS response not detected");
+
+ } catch (EidasValidationException e) {
+ Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId());
+ Assert.assertEquals("wrong parameter size", 1, e.getParams().length);
+ Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte",
+ e.getParams()[0]);
+
+ }
+ }
+
+ @Test
+ public void moreThanOnePersonalIdentifier() throws URISyntaxException {
+ //set-up
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ null,
+ EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+ true);
+ String spCountry = "AT";
+ String citizenCountryCode = "LU";
+
+ oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+
+
+ //execute test
+ try {
+ EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+ Assert.fail("Wrong eIDAS response not detected");
+
+ } catch (EidasValidationException e) {
+ Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId());
+ Assert.assertEquals("wrong parameter size", 1, e.getParams().length);
+ Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte",
+ e.getParams()[0]);
+
+ }
+ }
+
+ @Test
+ public void emptyPersonalIdentifier() throws URISyntaxException {
+ //set-up
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ "",
+ EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+ false);
+ String spCountry = "AT";
+ String citizenCountryCode = "LU";
+
+ oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+
+
+ //execute test
+ try {
+ EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+ Assert.fail("Wrong eIDAS response not detected");
+
+ } catch (EidasValidationException e) {
+ Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());
+ Assert.assertEquals("wrong parameter size", 2, e.getParams().length);
+ Assert.assertEquals("wrong errorMsg", "PersonIdentifier",
+ e.getParams()[0]);
+ Assert.assertEquals("wrong errorMsg",
+ "Wrong identifier format",
+ e.getParams()[1]);
+
+ }
+ }
+
+ @Test
+ public void validResponse() throws URISyntaxException, EidasValidationException {
+ //set-up
+
+ String spCountry = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+ String cCountry = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ cCountry + "/" + spCountry + "/" + RandomStringUtils.randomAlphanumeric(20),
+ EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+ false);
+
+ oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+
+
+ //execute test
+
+ EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, cCountry, attrRegistry);
+
+ }
+
+
+ private AuthenticationResponse buildDummyAuthResponse(String personalId, String loa, boolean moreThanOnePersonalId)
+ throws URISyntaxException {
+
+
+ final AttributeDefinition personIdattributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+
+ final Builder attributeMap = ImmutableAttributeMap.builder();
+ if (personalId != null) {
+ if (moreThanOnePersonalId) {
+ ImmutableSet values = ImmutableSet.of(new StringAttributeValue(personalId),
+ new StringAttributeValue("XX/YY/" + RandomStringUtils.randomAlphanumeric(10)));
+ attributeMap.put(personIdattributeDef, values);
+
+ } else {
+ attributeMap.put(personIdattributeDef, personalId);
+
+ }
+ }
+
+ val b = new AuthenticationResponse.Builder();
+ return b.id("_".concat(Random.nextHexRandom16()))
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .subject(RandomStringUtils.randomAlphabetic(10))
+ .statusCode(Constants.SUCCESS_URI)
+ .inResponseTo("_".concat(Random.nextHexRandom16()))
+ .subjectNameIdFormat("afaf")
+ .levelOfAssurance(loa)
+ .attributes(attributeMap.build())
+ .build();
+ }
+}
+