diff options
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2/src')
83 files changed, 0 insertions, 14825 deletions
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java deleted file mode 100644 index 90451e87..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java +++ /dev/null @@ -1,186 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2; - -import at.gv.egiz.eaaf.core.api.data.EaafConstants; - -public class Constants { - - public static final String DATA_REQUESTERID = "req_requesterId"; - public static final String DATA_PROVIDERNAME = "req_providerName"; - public static final String DATA_REQUESTED_LOA_LIST = "req_requestedLoA"; - public static final String DATA_REQUESTED_LOA_COMPERISON = "req_requestedLoAComperision"; - public static final String DATA_FULL_EIDAS_RESPONSE = "resp_fulleIDASResponse"; - - // templates for post-binding forwarding - public static final String TEMPLATE_POST_FORWARD_NAME = "eidas_node_forward.html"; - public static final String TEMPLATE_POST_FORWARD_ENDPOINT = "endPoint"; - public static final String TEMPLATE_POST_FORWARD_TOKEN_NAME = "tokenName"; - public static final String TEMPLATE_POST_FORWARD_TOKEN_VALUE = "tokenValue"; - - // configuration properties - public static final String CONIG_PROPS_EIDAS_PREFIX = "auth.eIDAS"; - - public static final String CONIG_PROPS_EIDAS_WORKAROUND_STAGING_MS_CONNECTOR = - CONIG_PROPS_EIDAS_PREFIX + ".workarounds.staging.msconnector.endpoint"; - - public static final String CONIG_PROPS_EIDAS_IS_TEST_IDENTITY = CONIG_PROPS_EIDAS_PREFIX - + ".eid.testidentity.default"; - public static final String CONIG_PROPS_EIDAS_NODE = CONIG_PROPS_EIDAS_PREFIX + ".node_v2"; - public static final String CONIG_PROPS_EIDAS_NODE_COUNTRYCODE = CONIG_PROPS_EIDAS_NODE + ".countrycode"; - public static final String CONIG_PROPS_EIDAS_NODE_PUBLICSECTOR_TARGETS = CONIG_PROPS_EIDAS_NODE - + ".publicSectorTargets"; - public static final String CONIG_PROPS_EIDAS_NODE_ENTITYID = CONIG_PROPS_EIDAS_NODE + ".entityId"; - public static final String CONIG_PROPS_EIDAS_NODE_FORWARD_URL = CONIG_PROPS_EIDAS_NODE - + ".forward.endpoint"; - public static final String CONIG_PROPS_EIDAS_NODE_FORWARD_METHOD = CONIG_PROPS_EIDAS_NODE - + ".forward.method"; - public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_DEFAULT_ONLYNATURAL = - CONIG_PROPS_EIDAS_NODE + ".attributes.requested.onlynatural"; - public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_CC_SPECIFIC_ONLYNATURAL = - CONIG_PROPS_EIDAS_NODE + ".attributes.requested.{0}.onlynatural"; - public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_REPRESENTATION = - CONIG_PROPS_EIDAS_NODE + ".attributes.requested.representation"; - - public static final String CONIG_PROPS_EIDAS_NODE_REQUESTERID_USE_HASHED_VERSION = - CONIG_PROPS_EIDAS_NODE + ".requesterId.useHashedForm"; - public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USE_STATIC_REQUESTERID_FOR_LUX = - CONIG_PROPS_EIDAS_NODE + ".requesterId.lu.useStaticRequesterForAll"; - - public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_ADD_ALWAYS_PROVIDERNAME = - CONIG_PROPS_EIDAS_NODE + ".workarounds.addAlwaysProviderName"; - public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USEREQUESTIDASTRANSACTIONIDENTIFIER = - CONIG_PROPS_EIDAS_NODE + ".workarounds.useRequestIdAsTransactionIdentifier"; - - public static final String CONFIG_PROP_EIDAS_NODE_NAMEIDFORMAT = - CONIG_PROPS_EIDAS_NODE + ".requested.nameIdFormat"; - - public static final String CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = CONIG_PROPS_EIDAS_NODE - + ".staticProviderNameForPublicSPs"; - public static final String DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = "Austria"; - - public static final String FORWARD_METHOD_POST = "POST"; - public static final String FORWARD_METHOD_GET = "GET"; - - public static final String CONIG_PROPS_EIDAS_SZRCLIENT = CONIG_PROPS_EIDAS_PREFIX + ".szrclient"; - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_USETESTSERVICE = CONIG_PROPS_EIDAS_SZRCLIENT - + ".useTestService"; - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_TRACEMESSAGES = CONIG_PROPS_EIDAS_SZRCLIENT - + ".debug.logfullmessages"; - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USEDUMMY = CONIG_PROPS_EIDAS_SZRCLIENT - + ".debug.useDummySolution"; - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_SET_MDS_TO_EIDASBIND = CONIG_PROPS_EIDAS_SZRCLIENT - + ".eidasbind.mds.inject"; - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_TIMEOUT_CONNECTION = CONIG_PROPS_EIDAS_SZRCLIENT - + ".timeout.connection"; - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_TIMEOUT_RESPONSE = CONIG_PROPS_EIDAS_SZRCLIENT - + ".timeout.response"; - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_ENDPOINT_PROD = CONIG_PROPS_EIDAS_SZRCLIENT - + ".endpoint.prod"; - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_ENDPOINT_TEST = CONIG_PROPS_EIDAS_SZRCLIENT - + ".endpoint.test"; - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_SSL_KEYSTORE_PATH = CONIG_PROPS_EIDAS_SZRCLIENT - + ".ssl.keyStore.path"; - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_SSL_KEYSTORE_PASSWORD = CONIG_PROPS_EIDAS_SZRCLIENT - + ".ssl.keyStore.password"; - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_SSL_TRUSTSTORE_PATH = CONIG_PROPS_EIDAS_SZRCLIENT - + ".ssl.trustStore.path"; - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_SSL_TRUSTSTORE_PASSWORD = CONIG_PROPS_EIDAS_SZRCLIENT - + ".ssl.trustStore.password"; - - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE = CONIG_PROPS_EIDAS_SZRCLIENT - + ".params.documenttype"; - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ = CONIG_PROPS_EIDAS_SZRCLIENT - + ".params.vkz"; - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_DATE = CONIG_PROPS_EIDAS_SZRCLIENT - + ".params.issuingdate"; - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_AUTHORITY = - CONIG_PROPS_EIDAS_SZRCLIENT + ".params.issuingauthority"; - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_KEYS_USEDUMMY = CONIG_PROPS_EIDAS_SZRCLIENT - + ".params.usedummykeys"; - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USESRZFORBPKGENERATION = - CONIG_PROPS_EIDAS_SZRCLIENT + ".params.useSZRForbPKCalculation"; - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETPLACEOFBIRTHIFAVAILABLE = - CONIG_PROPS_EIDAS_SZRCLIENT + ".params.setPlaceOfBirthIfAvailable"; - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETBIRTHNAMEIFAVAILABLE = - CONIG_PROPS_EIDAS_SZRCLIENT + ".params.setBirthNameIfAvailable"; - - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_REVISIONLOGDATASTORE_ACTIVE = - CONIG_PROPS_EIDAS_SZRCLIENT + ".revisionlog.eidmapping.active"; - - @Deprecated - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_URL = - CONIG_PROPS_EIDAS_SZRCLIENT + ".workarounds.datastore.sqlite.url"; - @Deprecated - public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_ACTIVE = - CONIG_PROPS_EIDAS_SZRCLIENT + ".workarounds.datastore.sqlite.active"; - - // http endpoint descriptions - public static final String eIDAS_HTTP_ENDPOINT_SP_POST = "/eidas/light/sp/post"; - public static final String eIDAS_HTTP_ENDPOINT_SP_REDIRECT = "/eidas/light/sp/redirect"; - public static final String eIDAS_HTTP_ENDPOINT_IDP_COLLEAGUEREQUEST = "/eidas/light/ColleagueRequest"; - public static final String eIDAS_HTTP_ENDPOINT_METADATA = "/eidas/light/metadata"; - - // eIDAS request parameters - public static final String eIDAS_REQ_NAMEID_FORMAT = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"; - - // eIDAS attribute names - public static final String eIDAS_ATTR_PERSONALIDENTIFIER = "PersonIdentifier"; - public static final String eIDAS_ATTR_DATEOFBIRTH = "DateOfBirth"; - public static final String eIDAS_ATTR_CURRENTGIVENNAME = "FirstName"; - public static final String eIDAS_ATTR_CURRENTFAMILYNAME = "FamilyName"; - public static final String eIDAS_ATTR_PLACEOFBIRTH = "PlaceOfBirth"; - public static final String eIDAS_ATTR_BIRTHNAME = "BirthName"; - public static final String eIDAS_ATTR_CURRENTADDRESS = "CurrentAddress"; - - public static final String eIDAS_ATTR_LEGALPERSONIDENTIFIER = "LegalPersonIdentifier"; - public static final String eIDAS_ATTR_LEGALNAME = "LegalName"; - - public static final String eIDAS_REQ_PARAM_SECTOR_PUBLIC = "public"; - public static final String eIDAS_REQ_PARAM_SECTOR_PRIVATE = "private"; - - public static final String POLICY_DEFAULT_ALLOWED_TARGETS = - EaafConstants.URN_PREFIX_CDID.replaceAll("\\.", "\\\\.").replaceAll("\\+", "\\\\+") + ".*"; - - // SAML2 Constants - public static final String SUCCESS_URI = "urn:oasis:names:tc:SAML:2.0:status:Success"; - - public static final String HTTP_CLIENT_DEFAULT_TIMEOUT_CONNECTION = "30"; // seconds - public static final String HTTP_CLIENT_DEFAULT_TIMEOUT_RESPONSE = "60"; // seconds - - public static final String SZR_SCHEMA_LOCATIONS = - "urn:SZRServices" + " " + "/szr_client/szr.xsd"; - - // Default values for SZR communication - public static final String SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE = "ELEKTR_DOKUMENT"; - - // TODO remove!!! - public static final String SZR_CONSTANTS_DEFAULT_ISSUING_DATE = "2014-01-01"; - public static final String SZR_CONSTANTS_DEFAULT_ISSUING_AUTHORITY = "ms-specific eIDAS-Node for AT"; - public static final String SZR_CONSTANTS_DEFAULT_PUBKEY_EXPONENT = "AQAB"; - public static final String SZR_CONSTANTS_DEFAULT_PUBKEY_MODULUS = - "AJZyj/+sdCMDRq9RkvbFcgSTVn/OfS8EUE81ddwP8MNuJ1kd1SWBUJPaQX2JLJHrL54mkOhrkhH2M/zcuOTu8nW9TOEg" - + "XGjrRB/0HpiYKpV+VDJViyyc/GacNLxN4Anw4pima6gHYaJIw9hQkL/nuO2hyh8PGJd7rxeFXJmbLy+X"; - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasAuthenticationModulImpl.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasAuthenticationModulImpl.java deleted file mode 100644 index 85f0873e..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasAuthenticationModulImpl.java +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2; - -import java.io.Serializable; - -import org.apache.commons.lang3.StringUtils; - -import at.asitplus.eidas.specific.core.MsEidasNodeConstants; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; - -/** - * eIDAS authentication-process selector. - * - * @author tlenz - * - */ -public class EidasAuthenticationModulImpl implements AuthModule { - - private int priority = 1; - - @Override - public int getPriority() { - return priority; - } - - /** - * Sets the priority of this module. Default value is {@code 0}. - * - * @param priority The priority. - */ - public void setPriority(int priority) { - this.priority = priority; - } - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv. - * egovernment.moa.id.process.api.ExecutionContext) - */ - @Override - public String selectProcess(ExecutionContext context, IRequest pendingReq) { - Serializable flagObj = context.get(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY); - if (flagObj != null && flagObj instanceof String - && StringUtils.isNotBlank((String) context.get(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY))) { - return "eIDASAuthentication_v2"; - } else { - return null; - } - - } - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getProcessDefinitions() - */ - @Override - public String[] getProcessDefinitions() { - return new String[] { "classpath:eIDAS.Authentication.process.xml" }; - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasAuthenticationSpringResourceProvider.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasAuthenticationSpringResourceProvider.java deleted file mode 100644 index 535e4f97..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasAuthenticationSpringResourceProvider.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2; - -import org.springframework.core.io.ClassPathResource; -import org.springframework.core.io.Resource; - -import at.gv.egiz.components.spring.api.SpringResourceProvider; - -public class EidasAuthenticationSpringResourceProvider implements SpringResourceProvider { - - @Override - public String getName() { - return "Auth. module for eIDAS Ref. Impl. v2.x"; - } - - @Override - public String[] getPackagesToScan() { - // TODO Auto-generated method stub - return null; - } - - @Override - public Resource[] getResourcesToLoad() { - final ClassPathResource eidasAuthConfig = new ClassPathResource("/eidas_v2_auth.beans.xml", - EidasAuthenticationSpringResourceProvider.class); - - return new Resource[] { eidasAuthConfig }; - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasSignalServlet.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasSignalServlet.java deleted file mode 100644 index d3cac80c..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasSignalServlet.java +++ /dev/null @@ -1,161 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2; - -import java.io.IOException; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.commons.lang3.StringUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.ApplicationContext; -import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; - -import com.google.common.collect.ImmutableSortedSet; - -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController; -import eu.eidas.auth.commons.EidasParameterKeys; -import eu.eidas.auth.commons.light.ILightResponse; -import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames; -import eu.eidas.specificcommunication.exception.SpecificCommunicationException; -import eu.eidas.specificcommunication.protocol.SpecificCommunicationService; - -/** - * Controler implementation for eIDAS Node communication. - * - * @author tlenz - * - */ -@Controller -public class EidasSignalServlet extends AbstractProcessEngineSignalController { - - private static final Logger log = LoggerFactory.getLogger(EidasSignalServlet.class); - @Autowired - private ApplicationContext context; - @Autowired - private EidasAttributeRegistry attrRegistry; - - /** - * eIDAS Node communication end-point implementation. - * - */ - public EidasSignalServlet() { - super(); - log.debug("Registering servlet {} with mappings '{}' and '{}'.", - getClass().getName(), Constants.eIDAS_HTTP_ENDPOINT_SP_POST, - Constants.eIDAS_HTTP_ENDPOINT_SP_REDIRECT); - - } - - @RequestMapping(value = { - Constants.eIDAS_HTTP_ENDPOINT_SP_POST, - Constants.eIDAS_HTTP_ENDPOINT_SP_REDIRECT - }, - method = { RequestMethod.POST, RequestMethod.GET }) - public void restoreEidasAuthProcess(HttpServletRequest req, HttpServletResponse resp) throws IOException, - EaafException { - signalProcessManagement(req, resp); - } - - /** - * Protocol specific implementation to get the pending-requestID from http - * request object. - * - * @param request The http Servlet-Request object - * @return The Pending-request id - * - */ - @Override - public String getPendingRequestId(HttpServletRequest request) { - // String sessionId = super.getPendingRequestId(request); - - try { - // get token from Request - final String tokenBase64 = request.getParameter(EidasParameterKeys.TOKEN.toString()); - if (StringUtils.isEmpty(tokenBase64)) { - log.warn("NO eIDAS message token found."); - throw new EidasSAuthenticationException("eidas.04", null); - - } - log.trace("Receive eIDAS-node token: " + tokenBase64 + " Starting transaction-restore process ... "); - - final SpecificCommunicationService specificConnectorCommunicationService = - (SpecificCommunicationService) context.getBean( - SpecificCommunicationDefinitionBeanNames.SPECIFIC_CONNECTOR_COMMUNICATION_SERVICE.toString()); - final ILightResponse eidasResponse = specificConnectorCommunicationService.getAndRemoveResponse( - tokenBase64, - ImmutableSortedSet.copyOf(attrRegistry.getCoreAttributeRegistry().getAttributes())); - - String pendingReqId = null; - if (StringUtils.isEmpty(eidasResponse.getRelayState())) { - log.debug("eIDAS Node returns no RelayState. "); - - if (authConfig.getBasicConfigurationBoolean( - Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_USEREQUESTIDASTRANSACTIONIDENTIFIER, - false)) { - log.trace("Use lightRequestId to recover session ... "); - pendingReqId = transactionStorage.get(eidasResponse.getInResponseToId(), String.class); - if (StringUtils.isNotEmpty(pendingReqId)) { - log.debug("Restoring session with lightRequestId ... "); - transactionStorage.remove(eidasResponse.getInResponseToId()); - - } - } - - } else { - log.debug("Find transaction identifier in SAML2 'RelayState': " + eidasResponse.getRelayState()); - pendingReqId = eidasResponse.getRelayState(); - - } - - if (StringUtils.isNotEmpty(pendingReqId)) { - request.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse); - return pendingReqId; - - } - - log.info("NO transaction identifier found! Stopping process ...."); - log.trace("FullResponse: " + eidasResponse.toString()); - - } catch (final SpecificCommunicationException e) { - log.warn("Can NOT load eIDAS Response from cache.", e); - log.debug("eIDAS response token was: " + request.getParameter(EidasParameterKeys.TOKEN.toString())); - - } catch (final Exception e) { - log.warn("Unable to retrieve moa session id.", e); - - } - - return null; - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/ErnbEidData.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/ErnbEidData.java deleted file mode 100644 index 6c7eeb6b..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/ErnbEidData.java +++ /dev/null @@ -1,115 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.dao; - -import java.text.SimpleDateFormat; - -import org.joda.time.DateTime; - -import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType; - -public class ErnbEidData { - - private String citizenCountryCode = null; - - // MDS - private String pseudonym = null; - private String givenName = null; - private String familyName = null; - private DateTime dateOfBirth = null; - - // additional attributes - private String placeOfBirth = null; - private String birthName = null; - private PostalAddressType address = null; - - public String getCitizenCountryCode() { - return citizenCountryCode; - } - - public void setCitizenCountryCode(String citizenCountryCode) { - this.citizenCountryCode = citizenCountryCode; - } - - public String getPseudonym() { - return pseudonym; - } - - public void setPseudonym(String pseudonym) { - this.pseudonym = pseudonym; - } - - public String getGivenName() { - return givenName; - } - - public void setGivenName(String givenName) { - this.givenName = givenName; - } - - public String getFamilyName() { - return familyName; - } - - public void setFamilyName(String familyName) { - this.familyName = familyName; - } - - public DateTime getDateOfBirth() { - return dateOfBirth; - } - - public void setDateOfBirth(DateTime dateOfBirth) { - this.dateOfBirth = dateOfBirth; - } - - public String getPlaceOfBirth() { - return placeOfBirth; - } - - public void setPlaceOfBirth(String placeOfBirth) { - this.placeOfBirth = placeOfBirth; - } - - public String getBirthName() { - return birthName; - } - - public void setBirthName(String birthName) { - this.birthName = birthName; - } - - public PostalAddressType getAddress() { - return address; - } - - public void setAddress(PostalAddressType address) { - this.address = address; - } - - public String getFormatedDateOfBirth() { - return new SimpleDateFormat("yyyy-MM-dd").format(dateOfBirth.toDate()); - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidPostProcessingException.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidPostProcessingException.java deleted file mode 100644 index f4c0be67..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidPostProcessingException.java +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.exception; - -public class EidPostProcessingException extends EidasSAuthenticationException { - - private static final long serialVersionUID = 6780652273831172456L; - - public EidPostProcessingException(String internalMsgId, Object[] params) { - super(internalMsgId, params); - - } - - public EidPostProcessingException(String internalMsgId, Object[] params, Throwable e) { - super(internalMsgId, params, e); - - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasAttributeException.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasAttributeException.java deleted file mode 100644 index 49736d58..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasAttributeException.java +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.exception; - -public class EidasAttributeException extends EidasSAuthenticationException { - private static final long serialVersionUID = 1L; - - public EidasAttributeException(String attrbuteName) { - super("eidas.00", new Object[] { attrbuteName }); - - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasSAuthenticationException.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasSAuthenticationException.java deleted file mode 100644 index 8ff218e3..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasSAuthenticationException.java +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.exception; - -import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; - -public class EidasSAuthenticationException extends EaafAuthenticationException { - - - private static final long serialVersionUID = 1L; - - public EidasSAuthenticationException(String internalMsgId, Object[] params) { - super(internalMsgId, params); - } - - public EidasSAuthenticationException(String internalMsgId, Object[] params, Throwable e) { - super(internalMsgId, params, e); - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasValidationException.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasValidationException.java deleted file mode 100644 index 2988dd6f..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasValidationException.java +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.exception; - -public class EidasValidationException extends EidasSAuthenticationException { - - private static final long serialVersionUID = 1L; - - public EidasValidationException(String internalMsgId, Object[] params) { - super(internalMsgId, params); - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/SqliteServiceException.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/SqliteServiceException.java deleted file mode 100644 index d48abec9..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/SqliteServiceException.java +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.exception; - -public class SqliteServiceException extends EidasSAuthenticationException { - - private static final long serialVersionUID = 2278259367925102676L; - - public SqliteServiceException(String internalMsgId, Object[] params, Throwable e) { - super(internalMsgId, params, e); - - } - - public SqliteServiceException(String internalMsgId, Object[] params) { - super(internalMsgId, params); - - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/SzrCommunicationException.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/SzrCommunicationException.java deleted file mode 100644 index c736cadb..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/SzrCommunicationException.java +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.exception; - -public class SzrCommunicationException extends EidasSAuthenticationException { - - private static final long serialVersionUID = 1L; - - public SzrCommunicationException(String internalMsgId, Object[] params) { - super(internalMsgId, params); - } - - public SzrCommunicationException(String internalMsgId, Object[] params, Throwable e) { - super(internalMsgId, params, e); - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java deleted file mode 100644 index 90be9a7a..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java +++ /dev/null @@ -1,418 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler; - -import java.nio.charset.StandardCharsets; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.util.Base64; -import java.util.Map; -import java.util.regex.Matcher; -import java.util.regex.Pattern; - -import org.apache.commons.lang3.StringUtils; -import org.joda.time.DateTime; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.lang.NonNull; - -import com.google.common.collect.ImmutableSortedSet; - -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils; -import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.data.EaafConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; -import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; -import at.gv.egiz.eaaf.core.impl.data.Triple; -import eu.eidas.auth.commons.attribute.AttributeDefinition; -import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; -import eu.eidas.auth.commons.light.impl.LightRequest.Builder; -import eu.eidas.auth.commons.protocol.eidas.SpType; -import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress; - -public abstract class AbstractEidProcessor implements INationalEidProcessor { - private static final Logger log = LoggerFactory.getLogger(AbstractEidProcessor.class); - - @Autowired - protected EidasAttributeRegistry attrRegistry; - @Autowired - protected IConfigurationWithSP basicConfig; - - @Override - public final void preProcess(IRequest pendingReq, Builder authnRequestBuilder) { - - buildLevelOfAssurance(pendingReq.getServiceProviderConfiguration(), authnRequestBuilder); - buildProviderNameAndRequesterIdAttribute(pendingReq, authnRequestBuilder); - buildRequestedAttributes(authnRequestBuilder); - - } - - - @Override - public final ErnbEidData postProcess(Map<String, Object> eidasAttrMap) throws EidPostProcessingException, - EidasAttributeException { - final ErnbEidData result = new ErnbEidData(); - - final Object eIdentifierObj = eidasAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER); - final Triple<String, String, String> eIdentifier = - EidasResponseUtils.parseEidasPersonalIdentifier((String) eIdentifierObj); - result.setCitizenCountryCode(eIdentifier.getFirst()); - - // MDS attributes - result.setPseudonym(processPseudonym(eidasAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER))); - result.setFamilyName(processFamilyName(eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTFAMILYNAME))); - result.setGivenName(processGivenName(eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTGIVENNAME))); - result.setDateOfBirth(processDateOfBirth(eidasAttrMap.get(Constants.eIDAS_ATTR_DATEOFBIRTH))); - - // additional attributes - result.setPlaceOfBirth(processPlaceOfBirth(eidasAttrMap.get(Constants.eIDAS_ATTR_PLACEOFBIRTH))); - result.setBirthName(processBirthName(eidasAttrMap.get(Constants.eIDAS_ATTR_BIRTHNAME))); - result.setAddress(processAddress(eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTADDRESS))); - - return result; - - } - - - /** - * Get a Map of country-specific requested attributes. - * - * @return - */ - @NonNull - protected abstract Map<String, Boolean> getCountrySpecificRequestedAttributes(); - - /** - * Post-Process the eIDAS CurrentAddress attribute. - * - * @param currentAddressObj eIDAS current address information - * @return current address or null if no attribute is available - * @throws EidPostProcessingException if post-processing fails - * @throws EidasAttributeException if eIDAS attribute is of a wrong type - */ - protected PostalAddressType processAddress(Object currentAddressObj) throws EidPostProcessingException, - EidasAttributeException { - - if (currentAddressObj != null) { - if (currentAddressObj instanceof PostalAddress) { - final PostalAddressType result = new PostalAddressType(); - result.setPostalCode(((PostalAddress) currentAddressObj).getPostCode()); - result.setMunicipality(((PostalAddress) currentAddressObj).getPostName()); - - // TODO: add more mappings - - return result; - - } else { - log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_CURRENTADDRESS + " is of WRONG type"); - throw new EidasAttributeException(Constants.eIDAS_ATTR_CURRENTADDRESS); - - } - - } else { - log.debug("NO '" + Constants.eIDAS_ATTR_CURRENTADDRESS + "' attribute. Post-Processing skipped ... "); - } - - return null; - - } - - /** - * Post-Process the eIDAS BirthName attribute. - * - * @param birthNameObj eIDAS birthname information - * @return birthName or null if no attribute is available - * @throws EidPostProcessingException if post-processing fails - * @throws EidasAttributeException if eIDAS attribute is of a wrong type - */ - protected String processBirthName(Object birthNameObj) throws EidPostProcessingException, - EidasAttributeException { - if (birthNameObj != null) { - if (birthNameObj instanceof String) { - return (String) birthNameObj; - - } else { - log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_BIRTHNAME + " is of WRONG type"); - throw new EidasAttributeException(Constants.eIDAS_ATTR_BIRTHNAME); - - } - - } else { - log.debug("NO '" + Constants.eIDAS_ATTR_BIRTHNAME + "' attribute. Post-Processing skipped ... "); - } - - return null; - - } - - /** - * Post-Process the eIDAS PlaceOfBirth attribute. - * - * @param placeOfBirthObj eIDAS Place-of-Birth information - * @return place of Birth or null if no attribute is available - * @throws EidPostProcessingException if post-processing fails - * @throws EidasAttributeException if eIDAS attribute is of a wrong type - */ - protected String processPlaceOfBirth(Object placeOfBirthObj) throws EidPostProcessingException, - EidasAttributeException { - if (placeOfBirthObj != null) { - if (placeOfBirthObj instanceof String) { - return (String) placeOfBirthObj; - - } else { - log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_PLACEOFBIRTH + " is of WRONG type"); - throw new EidasAttributeException(Constants.eIDAS_ATTR_PLACEOFBIRTH); - - } - - } else { - log.debug("NO '" + Constants.eIDAS_ATTR_PLACEOFBIRTH + "' attribute. Post-Processing skipped ... "); - } - - return null; - - } - - /** - * Post-Process the eIDAS DateOfBirth attribute. - * - * @param dateOfBirthObj eIDAS date-of-birth attribute information - * @return formated user's date-of-birth - * @throws EidasAttributeException if NO attribute is available - * @throws EidPostProcessingException if post-processing fails - */ - protected DateTime processDateOfBirth(Object dateOfBirthObj) throws EidPostProcessingException, - EidasAttributeException { - if (dateOfBirthObj == null || !(dateOfBirthObj instanceof DateTime)) { - throw new EidasAttributeException(Constants.eIDAS_ATTR_DATEOFBIRTH); - } - - return (DateTime) dateOfBirthObj; - - } - - /** - * Post-Process the eIDAS GivenName attribute. - * - * @param givenNameObj eIDAS givenName attribute information - * @return formated user's givenname - * @throws EidasAttributeException if NO attribute is available - * @throws EidPostProcessingException if post-processing fails - */ - protected String processGivenName(Object givenNameObj) throws EidPostProcessingException, - EidasAttributeException { - if (givenNameObj == null || !(givenNameObj instanceof String)) { - throw new EidasAttributeException(Constants.eIDAS_ATTR_CURRENTGIVENNAME); - } - - return (String) givenNameObj; - - } - - /** - * Post-Process the eIDAS FamilyName attribute. - * - * @param familyNameObj eIDAS familyName attribute information - * @return formated user's familyname - * @throws EidasAttributeException if NO attribute is available - * @throws EidPostProcessingException if post-processing fails - */ - protected String processFamilyName(Object familyNameObj) throws EidPostProcessingException, - EidasAttributeException { - if (familyNameObj == null || !(familyNameObj instanceof String)) { - throw new EidasAttributeException(Constants.eIDAS_ATTR_CURRENTFAMILYNAME); - } - - return (String) familyNameObj; - - } - - /** - * Post-Process the eIDAS pseudonym to ERnB unique identifier. - * - * @param personalIdObj eIDAS PersonalIdentifierAttribute - * @return Unique personal identifier without country-code information - * @throws EidasAttributeException if NO attribute is available - * @throws EidPostProcessingException if post-processing fails - */ - protected String processPseudonym(Object personalIdObj) throws EidPostProcessingException, - EidasAttributeException { - if (personalIdObj == null || !(personalIdObj instanceof String)) { - throw new EidasAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER); - } - - final Triple<String, String, String> eIdentifier = - EidasResponseUtils.parseEidasPersonalIdentifier((String) personalIdObj); - - return eIdentifier.getThird(); - - } - - /** - * Set ProviderName and RequestId into eIDAS AuthnRequest. - * - * @param pendingReq Current pendingRequest - * @param authnRequestBuilder AuthnREquest builer - */ - protected void buildProviderNameAndRequesterIdAttribute(IRequest pendingReq, Builder authnRequestBuilder) { - final ISpConfiguration spConfig = pendingReq.getServiceProviderConfiguration(); - - // set correct SPType for requested target sector - final String publicSectorTargetSelector = basicConfig.getBasicConfiguration( - Constants.CONIG_PROPS_EIDAS_NODE_PUBLICSECTOR_TARGETS, - Constants.POLICY_DEFAULT_ALLOWED_TARGETS); - final Pattern p = Pattern.compile(publicSectorTargetSelector); - final Matcher m = p.matcher(spConfig.getAreaSpecificTargetIdentifier()); - if (m.matches()) { - log.debug("Map " + spConfig.getAreaSpecificTargetIdentifier() + " to 'PublicSector'"); - authnRequestBuilder.spType(SpType.PUBLIC.getValue()); - - final String providerName = pendingReq.getRawData(Constants.DATA_PROVIDERNAME, String.class); - if (basicConfig.getBasicConfigurationBoolean( - Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_ADD_ALWAYS_PROVIDERNAME, - false)) { - //TODO: only for eIDAS ref. node 2.0 and 2.1 because it need 'Providername' for - if (StringUtils.isNotEmpty(providerName)) { - log.debug("Set 'providername' to: {}", providerName); - authnRequestBuilder.providerName(providerName); - - } else { - authnRequestBuilder.providerName(basicConfig.getBasicConfiguration( - Constants.CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, - Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP)); - - } - } - - } else { - log.debug("Map " + spConfig.getAreaSpecificTargetIdentifier() + " to 'PrivateSector'"); - authnRequestBuilder.spType(SpType.PRIVATE.getValue()); - - // TODO: switch to RequesterId in further version - // set provider name for private sector applications - final String providerName = pendingReq.getRawData(Constants.DATA_PROVIDERNAME, String.class); - if (StringUtils.isNotEmpty(providerName)) { - authnRequestBuilder.providerName(providerName); - - } - - authnRequestBuilder.requesterId( - generateRequesterId(pendingReq.getRawData(Constants.DATA_REQUESTERID, String.class))); - - } - } - - private String generateRequesterId(String requesterId) { - if (requesterId != null && basicConfig.getBasicConfigurationBoolean( - Constants.CONIG_PROPS_EIDAS_NODE_REQUESTERID_USE_HASHED_VERSION, true)) { - try { - log.trace("Building hashed 'requesterId' for private SP ... "); - MessageDigest digest = MessageDigest.getInstance("SHA-256"); - String encodedRequesterId = Base64.getEncoder().encodeToString( - digest.digest(requesterId.getBytes(StandardCharsets.UTF_8))); - log.debug("Set 'requesterId' for: {} to: {}", requesterId, encodedRequesterId); - return encodedRequesterId; - - } catch (NoSuchAlgorithmException e) { - log.error("Can NOT generate hashed 'requesterId' from: {}. Use it as it is", requesterId, e); - - } - - } - - return requesterId; - - } - - - private void buildRequestedAttributes(Builder authnRequestBuilder) { - // build and add requested attribute set - final Map<String, Boolean> ccSpecificReqAttr = getCountrySpecificRequestedAttributes(); - log.debug("Get #{} country-specific requested attributes", ccSpecificReqAttr.size()); - - final Map<String, Boolean> mdsReqAttr = attrRegistry.getDefaultAttributeSetFromConfiguration(); - log.trace("Get #{} default requested attributes", mdsReqAttr.size()); - - // put it together - ccSpecificReqAttr.putAll(mdsReqAttr); - - // convert it to eIDAS attributes - final ImmutableAttributeMap reqAttrMap = translateToEidasAttributes(ccSpecificReqAttr); - authnRequestBuilder.requestedAttributes(reqAttrMap); - - } - - private ImmutableAttributeMap translateToEidasAttributes(final Map<String, Boolean> requiredAttributes) { - final ImmutableAttributeMap.Builder builder = ImmutableAttributeMap.builder(); - for (final Map.Entry<String, Boolean> attribute : requiredAttributes.entrySet()) { - final String name = attribute.getKey(); - final ImmutableSortedSet<AttributeDefinition<?>> byFriendlyName = attrRegistry - .getCoreAttributeRegistry().getByFriendlyName(name); - if (!byFriendlyName.isEmpty()) { - final AttributeDefinition<?> attributeDefinition = byFriendlyName.first(); - builder.put(AttributeDefinition.builder(attributeDefinition).required(attribute.getValue()).build()); - - } else { - log.warn("Can NOT request UNKNOWN attribute: " + attribute.getKey() + " Ignore it!"); - } - - } - - return builder.build(); - - } - - private void buildLevelOfAssurance(ISpConfiguration spConfig, Builder authnRequestBuilder) { - // TODO: set matching mode if eIDAS ref. impl. support this method - - // TODO: update if eIDAS ref. impl. supports exact matching for non-notified LoA - // schemes - String loa = EaafConstants.EIDAS_LOA_HIGH; - if (spConfig.getRequiredLoA() != null) { - if (spConfig.getRequiredLoA().isEmpty()) { - log.info("No eIDAS LoA requested. Use LoA HIGH as default"); - } else { - if (spConfig.getRequiredLoA().size() > 1) { - log.info( - "Currently only ONE requested LoA is supported for service provider. Use first one ... "); - } - - loa = spConfig.getRequiredLoA().get(0); - - } - } - - log.debug("Request eIdAS node with LoA: " + loa); - authnRequestBuilder.levelOfAssurance(loa); - - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeEidProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeEidProcessor.java deleted file mode 100644 index 6dc08181..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeEidProcessor.java +++ /dev/null @@ -1,113 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler; - -import java.io.UnsupportedEncodingException; -import java.util.Base64; -import java.util.Map; - -import org.apache.commons.codec.DecoderException; -import org.apache.commons.codec.binary.Hex; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils; -import at.gv.egiz.eaaf.core.impl.data.Triple; - - -public class DeEidProcessor extends AbstractEidProcessor { - private static final Logger log = LoggerFactory.getLogger(DeEidProcessor.class); - private static final String canHandleCC = "DE"; - - private int priority = 1; - - @Override - public int getPriority() { - return priority; - } - - @Override - public boolean canHandle(String countryCode) { - return countryCode != null && countryCode.equalsIgnoreCase(canHandleCC); - - } - - public void setPriority(int priority) { - this.priority = priority; - } - - @Override - public String getName() { - return "DE-PostProcessor"; - - } - - @Override - protected String processPseudonym(Object uniqeIdentifierObj) throws EidPostProcessingException, - EidasAttributeException { - if (uniqeIdentifierObj == null || !(uniqeIdentifierObj instanceof String)) { - throw new EidasAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER); - } - - final Triple<String, String, String> eIdentifier = - EidasResponseUtils.parseEidasPersonalIdentifier((String) uniqeIdentifierObj); - - log.trace(getName() + " starts processing of attribute: " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER); - final String result = convertDeIdentifier(eIdentifier.getThird()); - log.debug(getName() + " finished processing of attribute: " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER); - - return result; - - } - - private String convertDeIdentifier(String hexEncodedDeIdentifier) throws EidPostProcessingException { - if (hexEncodedDeIdentifier.length() != 64) { - throw new EidPostProcessingException("ernb.03", new Object[] { - "Input has wrong length, expected 64 chars" }); - } - - byte[] data; - try { - data = Hex.decodeHex(hexEncodedDeIdentifier); - final byte[] encoded = Base64.getEncoder().encode(data); - return new String(encoded, "UTF-8"); - - } catch (final DecoderException | UnsupportedEncodingException e) { - throw new EidPostProcessingException("ernb.03", null, e); - - } - - - } - - @Override - protected Map<String, Boolean> getCountrySpecificRequestedAttributes() { - return attrRegistry.getAttributeSetFromConfiguration(canHandleCC); - - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/GenericEidProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/GenericEidProcessor.java deleted file mode 100644 index 69949435..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/GenericEidProcessor.java +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler; - -import java.util.HashMap; -import java.util.Map; - -public class GenericEidProcessor extends AbstractEidProcessor { - - private int priority = 0; - - @Override - public int getPriority() { - return priority; - - } - - @Override - public boolean canHandle(String countryCode) { - return true; - - } - - public void setPriority(int priority) { - this.priority = priority; - } - - @Override - public String getName() { - return "Default-PostProcessor"; - - } - - @Override - protected Map<String, Boolean> getCountrySpecificRequestedAttributes() { - return new HashMap<>(); - - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/INationalEidProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/INationalEidProcessor.java deleted file mode 100644 index 577efbcd..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/INationalEidProcessor.java +++ /dev/null @@ -1,81 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler; - -import java.util.Map; - -import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException; -import at.gv.egiz.eaaf.core.api.IRequest; -import eu.eidas.auth.commons.light.ILightRequest; -import eu.eidas.auth.commons.light.impl.LightRequest.Builder; - -public interface INationalEidProcessor { - - /** - * Get a friendlyName of this post-processor implementation. - * - * @return - */ - String getName(); - - /** - * Get the priority of this eID Post-Processor <br> - * If more than one Post-Processor implementations can handle the eID data, the - * post-processor with the highest priority are selected. The Default-Processor - * has priority '0' - * - * @return Priority of this handler - */ - int getPriority(); - - /** - * Check if this postProcessor is sensitive for a specific country. - * - * @param countryCode of the eID data that should be processed - * @return true if this implementation can handle the country, otherwise false - * - */ - boolean canHandle(String countryCode); - - /** - * Post-Process eIDAS eID data into national format. - * - * @param eidasAttrMap Map of eIDAS attributes in format friendlyName and - * attribute - * @throws EidPostProcessingException In case of a post-processing error - * @throws EidasAttributeException In case of an invalid eIDAS attribute - */ - ErnbEidData postProcess(Map<String, Object> eidasAttrMap) throws EidPostProcessingException, - EidasAttributeException; - - /** - * Pre-Process eIDAS Request to national requirements. - * - * @param pendingReq current pending request - * @param authnRequestBuilder eIDAS {@link ILightRequest} builder - */ - void preProcess(IRequest pendingReq, Builder authnRequestBuilder); -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/LuEidProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/LuEidProcessor.java deleted file mode 100644 index 8402457f..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/LuEidProcessor.java +++ /dev/null @@ -1,61 +0,0 @@ -package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler; - -import java.util.HashMap; -import java.util.Map; - -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.gv.egiz.eaaf.core.api.IRequest; -import eu.eidas.auth.commons.light.impl.LightRequest.Builder; -import lombok.Getter; -import lombok.Setter; -import lombok.extern.slf4j.Slf4j; - -@Slf4j -public class LuEidProcessor extends AbstractEidProcessor { - - - - private static final String canHandleCC = "LU"; - - @Getter - @Setter - private int priority = 1; - - @Override - public String getName() { - return "LU-PostProcessor"; - - } - - @Override - public boolean canHandle(String countryCode) { - return countryCode != null && countryCode.equalsIgnoreCase(canHandleCC); - - } - - @Override - protected void buildProviderNameAndRequesterIdAttribute(IRequest pendingReq, Builder authnRequestBuilder) { - super.buildProviderNameAndRequesterIdAttribute(pendingReq, authnRequestBuilder); - if (basicConfig.getBasicConfigurationBoolean( - Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_USE_STATIC_REQUESTERID_FOR_LUX, true)) { - String staticName = basicConfig.getBasicConfiguration( - Constants.CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, - Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP); - authnRequestBuilder.providerName(staticName); - authnRequestBuilder.requesterId(staticName); - log.debug("Use static name: {} as 'providerName' and 'RequesterId' for all 'LU' requests ", staticName); - - } else { - log.info("Static 'providerName' and 'RequesterId' for country: LU is deactivated"); - - } - - } - - @Override - protected Map<String, Boolean> getCountrySpecificRequestedAttributes() { - return new HashMap<>(); - - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/AuthBlockSigningService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/AuthBlockSigningService.java deleted file mode 100644 index 098e76ce..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/AuthBlockSigningService.java +++ /dev/null @@ -1,211 +0,0 @@ -package at.asitplus.eidas.specific.modules.auth.eidas.v2.service; - -import java.security.Key; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.Provider; -import java.security.cert.X509Certificate; -import java.time.LocalDateTime; -import java.time.ZoneOffset; -import java.time.temporal.ChronoUnit; -import java.util.Base64; -import java.util.UUID; - -import javax.annotation.PostConstruct; - -import org.apache.commons.lang3.StringUtils; -import org.jose4j.lang.JoseException; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; - -import com.fasterxml.jackson.annotation.JsonFormat; -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.databind.annotation.JsonDeserialize; -import com.fasterxml.jackson.databind.annotation.JsonSerialize; -import com.fasterxml.jackson.datatype.jsr310.deser.LocalDateTimeDeserializer; -import com.fasterxml.jackson.datatype.jsr310.ser.LocalDateTimeSerializer; - -import at.asitplus.eidas.specific.core.MsEidasNodeConstants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.exception.EaafKeyAccessException; -import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory; -import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreUtils; -import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration; -import at.gv.egiz.eaaf.core.impl.data.Pair; -import lombok.Data; -import lombok.extern.slf4j.Slf4j; - -/** - * Service to build and sign AuthBlock's for E-ID system. - * - * @author tlenz - * - */ -@Slf4j -@Service("authBlockSigningService") -public class AuthBlockSigningService { - - private static final String KEYSTORE_FRIENDLYNAME = "AuthBlock_Signing"; - - private static ObjectMapper mapper = new ObjectMapper(); - - @Autowired - IConfiguration basicConfig; - - @Autowired - EaafKeyStoreFactory keyStoreFactory; - - - private Pair<KeyStore, Provider> keyStore; - - /** - * Build and sign an AuthBlock for E-ID system. - * - * @param pendingReq data that should be added into AuthBlock - * @return serialized JWS - * @throws JsonProcessingException In case of a AuthBlock generation error - * @throws JoseException In case of a JWS signing error - * @throws EaafException In case of a KeyStore or Key error - */ - public String buildSignedAuthBlock(IRequest pendingReq) - throws JsonProcessingException, EaafException, JoseException { - - //TODO: set Challenge to SAML2 requestId to create link between authentication request and authBlock - - // build AuthBlock - EidasAuchBlock authBlock = new EidasAuchBlock(); - authBlock.setChallenge(UUID.randomUUID().toString()); - authBlock.setTimestamp(LocalDateTime.now(ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)); - authBlock.setUniqueId(pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID, String.class)); - authBlock.setPiiTransactionId(pendingReq.getUniquePiiTransactionIdentifier()); - - //set Binding PublicKey if available - Object bindingPubKey = pendingReq.getRawData(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME); - if (bindingPubKey instanceof String) { - authBlock.setBindingPublicKey((String) bindingPubKey); - - } - - String jwsPayload = mapper.writeValueAsString(authBlock); - log.debug("Building and sign authBlock with data: {}", jwsPayload); - - //sign JWS - return JoseUtils - .createSignature(keyStore, getKeyAlias(), getKeyPassword(), jwsPayload, false, - KEYSTORE_FRIENDLYNAME); - } - - - /** - * Get the Base64 encoded PublicKey that is used to sign the AuthBlock. - * - * @return Base64 encoded PublicKey - * @throws EaafKeyAccessException In case of an unknown or invalid key - */ - public String getBase64EncodedPublicKey() throws EaafKeyAccessException { - Pair<Key, X509Certificate[]> keyPair = EaafKeyStoreUtils.getPrivateKeyAndCertificates( - keyStore.getFirst(), getKeyAlias(), getKeyPassword(), true, KEYSTORE_FRIENDLYNAME); - return Base64.getEncoder().encodeToString(keyPair.getSecond()[0].getPublicKey().getEncoded()); - - } - - @PostConstruct - private void initialize() throws KeyStoreException, EaafException { - log.debug("Initializing AuthBlock signing service ... "); - // read Connector wide config data TODO connector wide! - String keyStoreName = basicConfig - .getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_NAME); - String keyStorePw = basicConfig - .getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_PASSWORD); - String keyStorePath = basicConfig - .getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_PATH); - String keyStoreType = basicConfig - .getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_TYPE); - - - //build new KeyStore configuration - KeyStoreConfiguration keyStoreConfiguration = new KeyStoreConfiguration(); - keyStoreConfiguration.setFriendlyName(KEYSTORE_FRIENDLYNAME); - - keyStoreConfiguration.setSoftKeyStoreFilePath(keyStorePath); - keyStoreConfiguration.setSoftKeyStorePassword(keyStorePw); - keyStoreConfiguration.setKeyStoreType(KeyStoreConfiguration.KeyStoreType.fromString(keyStoreType)); - keyStoreConfiguration.setKeyStoreName(keyStoreName); - - //validate KeyStore configuration - keyStoreConfiguration.validate(); - - //validate key alias - if (StringUtils.isEmpty(getKeyAlias())) { - throw new EaafConfigurationException("config.08", - new Object[] {MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEY_ALIAS}); - - } - - //build new KeyStore based on configuration - keyStore = keyStoreFactory.buildNewKeyStore(keyStoreConfiguration); - - //check if Key is accessible - EaafKeyStoreUtils.getPrivateKeyAndCertificates( - keyStore.getFirst(), getKeyAlias(), getKeyPassword(), true, KEYSTORE_FRIENDLYNAME); - - log.info("AuthBlock signing-service successful initialized"); - - } - - private char[] getKeyPassword() { - final String value = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEY_PASSWORD); - if (value != null) { - return value.trim().toCharArray(); - } - - return null; - - } - - - private String getKeyAlias() { - return basicConfig - .getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEY_ALIAS); - - } - - /** - * Technical AuthBlock for eIDAS Authentication. - * - * @author tlenz - * - */ - @Data - @JsonInclude(JsonInclude.Include.NON_NULL) - private static class EidasAuchBlock { - - @JsonProperty("challenge") - private String challenge; - - @JsonProperty("timestamp") - @JsonSerialize(using = LocalDateTimeSerializer.class) - @JsonDeserialize(using = LocalDateTimeDeserializer.class) - @JsonFormat(pattern = "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'", timezone = "UTC") - private LocalDateTime timestamp; - - @JsonProperty("appId") - private String uniqueId; - - @JsonProperty("piiTransactionId") - private String piiTransactionId; - - @JsonProperty("bindingPublicKey") - private String bindingPublicKey; - - } - - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/CcSpecificEidProcessingService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/CcSpecificEidProcessingService.java deleted file mode 100644 index 230d6052..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/CcSpecificEidProcessingService.java +++ /dev/null @@ -1,135 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.service; - -import java.util.ArrayList; -import java.util.Collections; -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.Map.Entry; - -import javax.annotation.PostConstruct; - -import org.apache.commons.lang3.StringUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.ApplicationContext; -import org.springframework.stereotype.Service; - -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.INationalEidProcessor; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.impl.data.Triple; -import eu.eidas.auth.commons.light.impl.LightRequest.Builder; - -@Service -public class CcSpecificEidProcessingService implements ICcSpecificEidProcessingService { - private static final Logger log = LoggerFactory.getLogger(CcSpecificEidProcessingService.class); - - @Autowired - private ApplicationContext context; - - private final List<INationalEidProcessor> handlers = new ArrayList<>(); - - @PostConstruct - private void initialize() { - log.debug("Initialize eID PostProcessing-Service ... "); - final Map<String, INationalEidProcessor> postProcessors = context.getBeansOfType( - INationalEidProcessor.class); - final Iterator<Entry<String, INationalEidProcessor>> iterator = postProcessors.entrySet().iterator(); - while (iterator.hasNext()) { - final Entry<String, INationalEidProcessor> el = iterator.next(); - log.debug("Find eID-PostProcessor with name: " + el.getKey()); - handlers.add(el.getValue()); - - } - - log.trace("Sorting eID-PostProcessors on priority ... "); - Collections.sort(handlers, (thisAuthModule, otherAuthModule) -> { - final int thisOrder = thisAuthModule.getPriority(); - final int otherOrder = otherAuthModule.getPriority(); - return thisOrder < otherOrder ? 1 : thisOrder == otherOrder ? 0 : -1; - }); - - log.info("# " + handlers.size() + " eID PostProcessing services are registrated"); - - } - - @Override - public void preProcess(String selectedCitizenCountry, IRequest pendingReq, Builder authnRequestBuilder) - throws EidPostProcessingException { - if (StringUtils.isEmpty(selectedCitizenCountry)) { - log.info("No CountryCode for eID Pre-Processor. Default Pre-Processor will be used"); - } - - for (final INationalEidProcessor el : handlers) { - if (el.canHandle(selectedCitizenCountry)) { - log.debug("Pre-Process eIDAS request for " + selectedCitizenCountry + " by using: " + el.getName()); - el.preProcess(pendingReq, authnRequestBuilder); - return; - - } - } - - log.error("NO eID PostProcessor FOUND. Looks like a depentency problem!"); - throw new EidPostProcessingException("internal.00", null); - - } - - @Override - public ErnbEidData postProcess(Map<String, Object> eidasAttrMap) throws EidPostProcessingException, - EidasAttributeException { - // extract citizen country from eIDAS unique identifier - final Object eIdentifierObj = eidasAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER); - if (eIdentifierObj == null || !(eIdentifierObj instanceof String)) { - throw new EidasAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER); - } - - final Triple<String, String, String> eIdentifier = - EidasResponseUtils.parseEidasPersonalIdentifier((String) eIdentifierObj); - final String citizenCountry = eIdentifier.getFirst(); - - if (StringUtils.isEmpty(citizenCountry)) { - log.info("No CountryCode for eID PostProcessor. Default-PostProcessor will be used"); - } - - for (final INationalEidProcessor el : handlers) { - if (el.canHandle(citizenCountry)) { - log.debug("Post-Process eIDAS eID from " + citizenCountry + " by using: " + el.getName()); - return el.postProcess(eidasAttrMap); - - } - } - - log.error("NO eID PostProcessor FOUND. Looks like a depentency problem!"); - throw new EidPostProcessingException("internal.00", null); - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasAttributeRegistry.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasAttributeRegistry.java deleted file mode 100644 index e73491ab..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasAttributeRegistry.java +++ /dev/null @@ -1,180 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.service; - -import java.io.File; -import java.text.MessageFormat; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import javax.annotation.PostConstruct; - -import org.apache.commons.lang3.StringUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.lang.NonNull; -import org.springframework.stereotype.Service; - -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; -import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; -import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; -import eu.eidas.auth.commons.attribute.AttributeRegistries; -import eu.eidas.auth.commons.attribute.AttributeRegistry; - -@Service("attributeRegistry") -public class EidasAttributeRegistry { - private static final Logger log = LoggerFactory.getLogger(EidasAttributeRegistry.class); - @Autowired - private IConfigurationWithSP basicConfig; - - private AttributeRegistry coreAttributeRegistry; - - private String eidasAttributesFile; - private String additionalAttributesFile; - - @PostConstruct - private void initialize() throws RuntimeException { - try { - if (eidasAttributesFile.isEmpty()) { - log.error("Basic eIDAS addribute definition NOT defined"); - throw new EaafConfigurationException("config.30", - new Object[] { "eidas-attributes.xml" }); - - } - - boolean additionalAttrAvailabe = false; - if (!additionalAttributesFile.isEmpty()) { - final File file = new File(additionalAttributesFile); - if (file.exists()) { - additionalAttrAvailabe = true; - } - - } - - if (!additionalAttrAvailabe) { - log.info("Start eIDAS ref. impl. Core without additional eIDAS attribute definitions ... "); - coreAttributeRegistry = AttributeRegistries.fromFiles(eidasAttributesFile, null); - - } else { - // load attribute definitions - log.info("Start eIDAS ref. impl. Core with additional eIDAS attribute definitions ... "); - coreAttributeRegistry = AttributeRegistries.fromFiles(eidasAttributesFile, null, - additionalAttributesFile); - - } - - } catch (final Throwable e) { - log.error("Can NOT initialize eIDAS attribute definition.", e); - throw new RuntimeException("Can NOT initialize eIDAS attribute definition.", e); - - } - } - - public AttributeRegistry getCoreAttributeRegistry() { - return coreAttributeRegistry; - } - - /** - * Get Map of attributes that are requested by default. - * - * @return Map of AttributeIdentifier, isRequired flag - */ - @NonNull - public Map<String, Boolean> getDefaultAttributeSetFromConfiguration() { - /* - * TODO: select set for representation if mandates should be used. It's an open - * task in respect to requested eIDAS attributes and isRequired flag, because - * there can be a decision problem in case of natural or legal person - * representation! From an Austrian use-case point of view, an Austrian service - * provider can support mandates for natural and legal persons at the same time. - * However, we CAN NOT request attributes for natural AND legal persons on the - * same time, because it's not possible to represent both simultaneously. - */ - final Map<String, String> configAttributes = - basicConfig.getBasicConfigurationWithPrefix( - Constants.CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_DEFAULT_ONLYNATURAL); - return processAttributeInfosFromConfig(configAttributes); - - } - - /** - * Get a Map of attributes that are additionally requested for a specific country. - * - * @param countryCode Country Code - * @return Map of AttributeIdentifier, isRequired flag - */ - @NonNull - public Map<String, Boolean> getAttributeSetFromConfiguration(String countryCode) { - - /* - * TODO: select set for representation if mandates should be used. It's an open - * task in respect to requested eIDAS attributes and isRequired flag, because - * there can be a decision problem in case of natural or legal person - * representation! From an Austrian use-case point of view, an Austrian service - * provider can support mandates for natural and legal persons at the same time. - * However, we CAN NOT request attributes for natural AND legal persons on the - * same time, because it's not possible to represent both simultaneously. - */ - final Map<String, String> configAttributes = - basicConfig.getBasicConfigurationWithPrefix( - MessageFormat.format( - Constants.CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_CC_SPECIFIC_ONLYNATURAL, - countryCode.toLowerCase())); - return processAttributeInfosFromConfig(configAttributes); - - } - - private Map<String, Boolean> processAttributeInfosFromConfig(Map<String, String> configAttributes) { - - final Map<String, Boolean> result = new HashMap<>(); - for (final String el : configAttributes.values()) { - if (StringUtils.isNotEmpty(el.trim())) { - final List<String> attrDef = KeyValueUtils.getListOfCsvValues(el.trim()); - boolean isRequired = false; - if (attrDef.size() == 2) { - isRequired = Boolean.parseBoolean(attrDef.get(1)); - } - - result.put(attrDef.get(0), isRequired); - - } - } - - log.trace("Load #" + result.size() + " requested attributes from configuration"); - return result; - - } - - public void setEidasAttributesFile(String eidasAttributesFile) { - this.eidasAttributesFile = eidasAttributesFile; - } - - public void setAdditionalAttributesFile(String additionalAttributesFile) { - this.additionalAttributesFile = additionalAttributesFile; - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasDataStore.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasDataStore.java deleted file mode 100644 index 549aa65c..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasDataStore.java +++ /dev/null @@ -1,363 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH AT-specific eIDAS Connector has been developed - * in a cooperation between EGIZ, A-SIT Plus GmbH, A-SIT, and Graz University of - * Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. You may - * obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. The "NOTICE" text file - * is part of the distribution. Any derivative works that you distribute must - * include a readable copy of the "NOTICE" text file. - */ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.service; - -//import java.io.File; -//import java.io.IOException; -//import java.sql.Connection; -//import java.sql.DriverManager; -//import java.sql.PreparedStatement; -//import java.sql.ResultSet; -//import java.sql.SQLException; -//import java.sql.Statement; -//import java.time.Instant; -//import java.util.Properties; -// -//import javax.annotation.PostConstruct; -// -//import org.slf4j.Logger; -//import org.slf4j.LoggerFactory; -//import org.springframework.beans.factory.annotation.Autowired; -//import org.springframework.stereotype.Component; -//import org.sqlite.SQLiteConfig; -//import org.sqlite.SQLiteConfig.LockingMode; -//import org.sqlite.SQLiteConfig.SynchronousMode; -//import org.sqlite.SQLiteErrorCode; -// -//import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -//import at.asitplus.eidas.specific.modules.auth.eidas.v2.DAO.eIDASPersonalIdStoreDAO; -//import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SQLiteServiceException; -//import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -//import at.gv.egiz.eaaf.core.impl.data.Pair; -//import at.gv.egiz.eaaf.core.impl.data.Trible; -// -//@Component -//@Deprecated -//public class EidasDataStore { -// -// private static final String SQLITE_JDBC_DRIVER_CLASS = "org.sqlite.JDBC"; -// private static final String SQLITE_CONNECTION_PARAM = "jdbc:sqlite:%s"; -// private static final boolean sleep = true; -// private static final int howLongToSleepOnBusyLock_ = 100; -// -// private static final Logger log = LoggerFactory.getLogger(EidasDataStore.class); -// -// @Autowired -// private IConfiguration basicConfig; -// -// private String connectionUrl; -// private Connection conn = null; -// -// @PostConstruct -// private void initialize() throws SQLiteServiceException { -// try { -// final String sqlLiteDbUrl = basicConfig.getBasicConfiguration( -// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_URL, -// basicConfig.getConfigurationRootDirectory().toString() + "/sqlite/database.db" -// -// ); -// -// log.info("Use SQLite database with URL: " + sqlLiteDbUrl); -// -// // check if SQLite lib is in Classpath -// Class.forName(SQLITE_JDBC_DRIVER_CLASS); -// -// // open DB connection -// boolean isNewFileCreated = false; -// -// // open file or create file if not already exists -// final File dbFile = new File(sqlLiteDbUrl); -// if (!dbFile.exists()) { -// log.info("SQLite database does not exist. Creating new database file ... "); -// dbFile.createNewFile(); -// isNewFileCreated = true; -// -// } -// -// // open database connection -// connectionUrl = String.format(SQLITE_CONNECTION_PARAM, dbFile.getPath()); -// -// // create DB scheme if new DB file was created -// if (isNewFileCreated) { -// executeUpdate(startConnection().createStatement(), eIDASPersonalIdStoreDAO.CREATE); -// log.debug("SQLite db scheme created"); -// -// } -// -// } catch (final ClassNotFoundException e) { -// log.warn("Can NOT initialize SQLite database for temporarly identity mapping. ", e); -// throw new SQLiteServiceException("internal.05", new Object[] { e.getMessage() }, e); -// -// } catch (SQLException | IOException e) { -// log.warn("Can NOT initialize SQLite database for temporarly identity mapping. ", e); -// throw new SQLiteServiceException("internal.05", new Object[] { e.getMessage() }, e); -// -// } -// -// } -// -// /** -// * Store a mapping entry with eIDAS personal identifier (source country / -// * destination country / personal identifier) and the identifier that is used -// * for ERnB communication. -// * -// * @param transactionId Id of this authentication transaction -// * @param eidasId eIDAS personal identifier without country prefixes -// * @param ernbId personal identifier that is used to request the ERnB -// * @throws SQLiteServiceException In case of a database error -// */ -// public void storeNationalId(String transactionId, Trible<String, String, String> eidasId, String ernbId) -// throws SQLiteServiceException { -// try { -// final PreparedStatement preStatment = startConnection().prepareStatement( -// eIDASPersonalIdStoreDAO.INSERT, -// Statement.RETURN_GENERATED_KEYS); -// -// for (int i = 1; i <= eIDASPersonalIdStoreDAO.TABLE_COLS.size(); i++) { -// final Pair<String, eIDASPersonalIdStoreDAO.T> col = eIDASPersonalIdStoreDAO.TABLE_COLS.get(i - 1); -// if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.timestamp.name())) { -// preStatment.setDate(i, new java.sql.Date(Instant.now().toEpochMilli())); -// } else if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.transactionId.name())) { -// preStatment.setString(i, transactionId); -// } else if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.eidasId.name())) { -// preStatment.setString(i, eidasId.getThird()); -// } else if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.eidasSourceCountry.name())) { -// preStatment.setString(i, eidasId.getFirst()); -// } else if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.eidasDestinationCountry.name())) { -// preStatment.setString(i, eidasId.getSecond()); -// } else if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.ernbId.name())) { -// preStatment.setString(i, ernbId); -// } else { -// log.warn("SQLite table:" + eIDASPersonalIdStoreDAO.NAME + " contains no col with name:" + col -// .getFirst()); -// } -// -// } -// -// // execute SQL query -// final int sqlResult = preStatment.executeUpdate(); -// -// if (sqlResult != 1) { -// log.warn("SQLite query execution FAILED!"); -// throw new SQLiteServiceException("internal.06", new Object[] { "Queryresult is '-1'" }); -// -// } -// -// } catch (SQLiteServiceException | SQLException e) { -// log.warn("SQLite query execution FAILED!", e); -// throw new SQLiteServiceException("internal.05", new Object[] { e.getMessage() }, e); -// -// } -// -// } -// -// /** -// * Get the ERnB related national identifier from mapping database. -// * -// * @param eidasId eIDAS related identifier -// * @return Mapped ERnB identifier -// * @throws SQLiteServiceException In case of a database error -// */ -// public String getErnbNationalId(Trible<String, String, String> eidasId) throws SQLiteServiceException { -// try { -// final PreparedStatement preStatment = startConnection().prepareStatement( -// eIDASPersonalIdStoreDAO.SELECT_BY_EIDAS_RAW_ID, -// Statement.RETURN_GENERATED_KEYS); -// -// preStatment.setString(1, eidasId.getThird()); -// preStatment.setString(2, eidasId.getFirst()); -// -// final ResultSet rs = preStatment.executeQuery(); -// -// if (!rs.next()) { -// return null; -// } else { -// return rs.getString(eIDASPersonalIdStoreDAO.COLS.ernbId.name()); -// } -// -// } catch (SQLiteServiceException | SQLException e) { -// log.warn("SQLite query execution FAILED!", e); -// throw new SQLiteServiceException("internal.05", new Object[] { e.getMessage() }, e); -// -// } -// -// } -// -// /** -// * Get the eIDAS identifier from an ERnB identifier. -// * -// * @param ernbId ERnB specific identifier -// * @return eIDAS unqiue identifier -// * @throws SQLiteServiceException In case of a database error -// */ -// public String getEidasRawNationalId(String ernbId) throws SQLiteServiceException { -// try { -// final PreparedStatement preStatment = startConnection().prepareStatement( -// eIDASPersonalIdStoreDAO.SELECT_BY_ERNB_ID, -// Statement.RETURN_GENERATED_KEYS); -// -// preStatment.setString(1, ernbId); -// -// final ResultSet rs = preStatment.executeQuery(); -// -// if (!rs.next()) { -// return null; -// } else { -// return rs.getString(eIDASPersonalIdStoreDAO.COLS.eidasId.name()); -// } -// -// } catch (SQLiteServiceException | SQLException e) { -// log.warn("SQLite query execution FAILED!", e); -// throw new SQLiteServiceException("internal.05", new Object[] { e.getMessage() }, e); -// -// } -// -// } -// -// private Connection startConnection() throws SQLiteServiceException { -// int i = howLongToSleepOnBusyLock_; -// -// while (true) { -// try { -// if (conn == null) { -// log.info("Initializing SQLite database with URL: " + connectionUrl + " ... "); -// conn = DriverManager.getConnection(connectionUrl, getConnectionProperties()); -// -// } else { -// if (!conn.isValid(10)) { -// log.info("SQLite connection is not valid any more --> restarting connection ..."); -// conn.close(); -// conn = DriverManager.getConnection(connectionUrl, getConnectionProperties()); -// } -// } -// -// log.info("SQLite database connected"); -// return conn; -// -// } catch (final SQLException e) { -// final String msg = e.getLocalizedMessage(); -// if (isBusyLocked(e)) { -// log.warn(msg, e); -// try { -// if (sleep) { -// Thread.sleep(i++); -// } -// -// } catch (final InterruptedException e1) { -// throw new SQLiteServiceException("internal.05", new Object[] { e1.getMessage() }, e1); -// -// } -// continue; -// -// } -// throw new SQLiteServiceException("internal.05", new Object[] { e.getMessage() }, e); -// -// } -// } -// } -// -// /* -// * SQLite query code -// */ -// -// protected Properties getConnectionProperties() { -// final SQLiteConfig config = new SQLiteConfig(); -// config.enforceForeignKeys(true); -// config.setCacheSize(8000); -// config.setLockingMode(LockingMode.NORMAL); -// config.setSharedCache(false); -// config.setReadUncommited(true); -// config.setSynchronous(SynchronousMode.NORMAL); -// return config.toProperties(); -// -// } -// -// private int executeUpdate(Statement statement, String sql) throws SQLiteServiceException { -// final int i = 10; -// -// int rc = -1; -// while (true) { -// try { -// rc = statement.executeUpdate(sql); -// break; -// -// } catch (final SQLException e) { -// try { -// if (executeUpdateError(e, i)) { -// continue; -// } else { -// throw new SQLiteServiceException("internal.06", -// new Object[] { e.getMessage() }, e); -// } -// -// } catch (final SQLiteServiceException e1) { -// log.warn("\n" + sql + "\n" + e1.getMessage()); -// throw e1; -// -// } -// } -// } -// -// return rc; -// -// } -// -// private boolean isBusyLocked(SQLException e) { -// final int eC = e.getErrorCode(); -// -// if (eC == SQLiteErrorCode.SQLITE_LOCKED.code -// || eC == SQLiteErrorCode.SQLITE_BUSY.code) { -// log.trace("SQLite db is busy looked"); -// return true; -// -// } -// -// final String msg = e.getMessage(); -// if (msg.contains("[SQLITE_LOCKED]") || msg.contains("[SQLITE_BUSY]")) { -// log.trace("SQLite db is busy looked"); -// return true; -// } -// -// return false; -// } -// -// private boolean executeUpdateError(SQLException e, int theadSleepCounter) throws SQLiteServiceException { -// if (isBusyLocked(e)) { -// try { -// if (sleep) { -// Thread.sleep(theadSleepCounter++); -// } -// -// } catch (final InterruptedException e1) { -// throw new SQLiteServiceException("internal.05", new Object[] { e1.getMessage() }, e1); -// -// } -// -// return true; -// } -// -// return false; -// -// } -//} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/ICcSpecificEidProcessingService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/ICcSpecificEidProcessingService.java deleted file mode 100644 index ebbc15e4..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/ICcSpecificEidProcessingService.java +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.service; - -import java.util.Map; - -import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException; -import at.gv.egiz.eaaf.core.api.IRequest; -import eu.eidas.auth.commons.light.ILightRequest; -import eu.eidas.auth.commons.light.impl.LightRequest.Builder; - -public interface ICcSpecificEidProcessingService { - - /** - * Post-process eIDAS eID attributes into national format. - * - * @param eidasAttrMap Map of eIDAS attributes in format friendlyName and - * attribute - * - * @return eID attributes for SZR request - * @throws EidPostProcessingException In case of a post-processing error - * @throws EidasAttributeException In case of an invalid eIDAS attribute value - */ - ErnbEidData postProcess(Map<String, Object> eidasAttrMap) throws EidPostProcessingException, - EidasAttributeException; - - /** - * Pre Process eIDAS request into national requirements. - * - * @param selectedCC Citizen Country from selection - * @param pendingReq current pending request - * @param authnRequestBuilder eIDAS {@link ILightRequest} builder - * @throws EidPostProcessingException In case of a pre-processing error - */ - void preProcess(String selectedCC, IRequest pendingReq, Builder authnRequestBuilder) - throws EidPostProcessingException; - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java deleted file mode 100644 index 1f5837d6..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java +++ /dev/null @@ -1,522 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.szr; - -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.net.URL; -import java.security.KeyManagementException; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.SecureRandom; -import java.security.UnrecoverableKeyException; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import javax.annotation.PostConstruct; -import javax.net.ssl.KeyManager; -import javax.net.ssl.KeyManagerFactory; -import javax.net.ssl.SSLContext; -import javax.net.ssl.TrustManager; -import javax.net.ssl.TrustManagerFactory; -import javax.xml.XMLConstants; -import javax.xml.bind.JAXBContext; -import javax.xml.bind.Marshaller; -import javax.xml.namespace.QName; -import javax.xml.transform.Source; -import javax.xml.transform.Transformer; -import javax.xml.transform.TransformerException; -import javax.xml.transform.TransformerFactory; -import javax.xml.transform.stream.StreamResult; -import javax.xml.transform.stream.StreamSource; -import javax.xml.ws.BindingProvider; -import javax.xml.ws.Dispatch; -import javax.xml.ws.handler.Handler; - -import org.apache.commons.lang3.StringUtils; -import org.apache.cxf.configuration.jsse.TLSClientParameters; -import org.apache.cxf.endpoint.Client; -import org.apache.cxf.frontend.ClientProxy; -import org.apache.cxf.jaxws.DispatchImpl; -import org.apache.cxf.transport.http.HTTPConduit; -import org.apache.cxf.transports.http.configuration.HTTPClientPolicy; -import org.apache.xpath.XPathAPI; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; -import org.w3c.dom.Document; -import org.w3c.dom.Element; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.ObjectMapper; - -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.LoggingHandler; -import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; -import at.gv.egiz.eaaf.core.api.data.XmlNamespaceConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.impl.utils.DomUtils; -import at.gv.egiz.eaaf.core.impl.utils.FileUtils; -import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils; -import szrservices.GetBPK; -import szrservices.GetBPKResponse; -import szrservices.GetIdentityLinkEidas; -import szrservices.GetIdentityLinkEidasResponse; -import szrservices.IdentityLinkType; -import szrservices.JwsHeaderParam; -import szrservices.ObjectFactory; -import szrservices.PersonInfoType; -import szrservices.SZR; -import szrservices.SZRException_Exception; -import szrservices.SignContent; -import szrservices.SignContentEntry; -import szrservices.SignContentResponseType; - - -@Service("SZRClientForeIDAS") -public class SzrClient { - private static final Logger log = LoggerFactory.getLogger(SzrClient.class); - - private static final String CLIENT_DEFAULT = "DefaultClient"; - private static final String CLIENT_RAW = "RawClient"; - - private static final String ATTR_NAME_VSZ = "urn:eidgvat:attributes.vsz.value"; - private static final String ATTR_NAME_PUBKEYS = "urn:eidgvat:attributes.user.pubkeys"; - private static final String ATTR_NAME_STATUS = "urn:eidgvat:attributes.eid.status"; - private static final String KEY_BC_BIND = "bcBindReq"; - private static final String JOSE_HEADER_USERCERTPINNING_TYPE = "urn:at.gv.eid:bindtype"; - private static final String JOSE_HEADER_USERCERTPINNING_EIDASBIND = "urn:at.gv.eid:eidasBind"; - public static final String ATTR_NAME_MDS = "urn:eidgvat:mds"; - - @Autowired - private IConfiguration basicConfig; - - // client for anything, without identitylink - private SZR szr = null; - - // RAW client is needed for identitylink - private Dispatch<Source> dispatch = null; - - private SzrService szrService = null; - private String szrUrl = null; - private QName qname = null; - - final ObjectMapper mapper = new ObjectMapper(); - - /** - * Get IdentityLink of a person. - * - * @param personInfo Person identification information - * @return IdentityLink - * @throws SzrCommunicationException In case of a SZR error - */ - public IdentityLinkType getIdentityLinkInRawMode(PersonInfoType personInfo) - throws SzrCommunicationException { - try { - final GetIdentityLinkEidas getIdl = new GetIdentityLinkEidas(); - getIdl.setPersonInfo(personInfo); - - final JAXBContext jaxbContext = JAXBContext.newInstance(ObjectFactory.class); - final Marshaller jaxbMarshaller = jaxbContext.createMarshaller(); - - final ByteArrayOutputStream outputStream = new ByteArrayOutputStream(); - jaxbMarshaller.marshal(getIdl, outputStream); - outputStream.flush(); - - final Source source = new StreamSource(new ByteArrayInputStream(outputStream.toByteArray())); - outputStream.close(); - - log.trace("Requesting SZR ... "); - final Source response = dispatch.invoke(source); - log.trace("Receive RAW response from SZR"); - - final byte[] szrResponse = sourceToByteArray(response); - final GetIdentityLinkEidasResponse jaxbElement = (GetIdentityLinkEidasResponse) jaxbContext - .createUnmarshaller().unmarshal(new ByteArrayInputStream(szrResponse)); - - // build response - log.trace(new String(szrResponse, "UTF-8")); - - // ok, we have success - final Document doc = DomUtils.parseDocument( - new ByteArrayInputStream(szrResponse), - true, - XmlNamespaceConstants.ALL_SCHEMA_LOCATIONS + " " + Constants.SZR_SCHEMA_LOCATIONS, - null, null); - final String xpathExpression = "//saml:Assertion"; - final Element nsNode = doc.createElementNS("urn:oasis:names:tc:SAML:1.0:assertion", "saml:NSNode"); - - log.trace("Selecting signed doc " + xpathExpression); - final Element documentNode = (Element) XPathAPI.selectSingleNode(doc, - xpathExpression, nsNode); - log.trace("Signed document: " + DomUtils.serializeNode(documentNode)); - - final IdentityLinkType idl = new IdentityLinkType(); - idl.setAssertion(documentNode); - idl.setPersonInfo(jaxbElement.getGetIdentityLinkReturn().getPersonInfo()); - - return idl; - - } catch (final Exception e) { - log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e); - throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e); - - } - - } - - /** - * Get bPK of person. - * - * @param personInfo Person identification information - * @param target requested bPK target - * @param vkz Verfahrenskennzeichen - * @return bPK for this person - * @throws SzrCommunicationException In case of a SZR error - */ - public List<String> getBpk(PersonInfoType personInfo, String target, String vkz) - throws SzrCommunicationException { - try { - final GetBPK parameters = new GetBPK(); - parameters.setPersonInfo(personInfo); - parameters.getBereichsKennung().add(target); - parameters.setVKZ(vkz); - final GetBPKResponse result = this.szr.getBPK(parameters); - - return result.getGetBPKReturn(); - - } catch (final SZRException_Exception e) { - log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e); - throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e); - - } - - } - - /** - * Request a encryped baseId from SRZ. - * - * @param personInfo Minimum dataset of person - * @return encrypted baseId - * @throws SzrCommunicationException In case of a SZR error - */ - public String getEncryptedStammzahl(final PersonInfoType personInfo) - throws SzrCommunicationException { - - final String resp; - try { - resp = this.szr.getStammzahlEncrypted(personInfo, true); - } catch (SZRException_Exception e) { - throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e); - } - - if (StringUtils.isEmpty(resp)) { - throw new SzrCommunicationException("ernb.01", new Object[]{"Stammzahl response empty"}); // TODO error handling - } - - return resp; - - } - - /** - * Sign an eidasBind data-structure that combines vsz with user's pubKey and E-ID status. - * - * @param vsz encryped baseId - * @param bindingPubKey binding PublikKey as PKCS1# (ASN.1) container - * @param eidStatus Status of the E-ID - * @param eidData eID information that was used for ERnP registration - * @return bPK for this person - * @throws SzrCommunicationException In case of a SZR error - */ - public String getEidsaBind(final String vsz, final String bindingPubKey, final String eidStatus, - ErnbEidData eidData)throws SzrCommunicationException { - - final Map<String, Object> eidsaBindMap = new HashMap<>(); - eidsaBindMap.put(ATTR_NAME_VSZ, vsz); - eidsaBindMap.put(ATTR_NAME_STATUS, eidStatus); - eidsaBindMap.put(ATTR_NAME_PUBKEYS, Arrays.asList(bindingPubKey)); - eidsaBindMap.put(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, eidData.getCitizenCountryCode()); - injectMdsIfAvailableAndActive(eidsaBindMap, eidData); - - try { - final String serializedEidasBind = mapper.writeValueAsString(eidsaBindMap); - final SignContent req = new SignContent(); - final SignContentEntry eidasBindInfo = new SignContentEntry(); - eidasBindInfo.setKey(KEY_BC_BIND); - eidasBindInfo.setValue(serializedEidasBind); - req.getIn().add(eidasBindInfo); - req.setAppendCert(false); - final JwsHeaderParam eidasBindJoseHeader = new JwsHeaderParam(); - eidasBindJoseHeader.setKey(JOSE_HEADER_USERCERTPINNING_TYPE); - eidasBindJoseHeader.setValue(JOSE_HEADER_USERCERTPINNING_EIDASBIND); - req.getJWSHeaderParam().add(eidasBindJoseHeader); - - log.trace("Requesting SZR to sign bcBind datastructure ... "); - final SignContentResponseType resp = szr.signContent(req.isAppendCert(), req.getJWSHeaderParam(), req.getIn()); - log.trace("Receive SZR response on bcBind siging operation "); - - if (resp == null || resp.getOut() == null - || resp.getOut().isEmpty() - || StringUtils.isEmpty(resp.getOut().get(0).getValue())) { - throw new SzrCommunicationException("ernb.01", new Object[]{"BcBind response empty"}); - } - - return resp.getOut().get(0).getValue(); - - } catch (final JsonProcessingException | SZRException_Exception e) { - log.warn("Requesting bcBind by using SZR FAILED. Reason: {}", e.getMessage(), null, e); - throw new SzrCommunicationException("ernb.02", - new Object[]{e.getMessage()}, e); - } - } - - @PostConstruct - private void initialize() { - log.info("Starting SZR-Client initialization .... "); - final URL url = SzrClient.class.getResource("/szr_client/SZR_v4.0.wsdl"); - - final boolean useTestSzr = basicConfig.getBasicConfigurationBoolean( - Constants.CONIG_PROPS_EIDAS_SZRCLIENT_USETESTSERVICE, - true); - - if (useTestSzr) { - log.debug("Initializing SZR test environment configuration."); - qname = SzrService.SZRTestumgebung; - szrService = new SzrService(url, new QName("urn:SZRServices", "SZRService")); - szr = szrService.getSzrTestumgebung(); - szrUrl = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_ENDPOINT_TEST); - - } else { - log.debug("Initializing SZR productive configuration."); - qname = SzrService.SZRProduktionsumgebung; - szrService = new SzrService(url, new QName("urn:SZRServices", "SZRService")); - szr = szrService.getSzrProduktionsumgebung(); - szrUrl = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_ENDPOINT_PROD); - - } - - // create raw client; - dispatch = szrService.createDispatch(qname, Source.class, javax.xml.ws.Service.Mode.PAYLOAD); - - if (StringUtils.isEmpty(szrUrl)) { - log.error("No SZR service-URL found. SZR-Client initalisiation failed."); - throw new RuntimeException("No SZR service URL found. SZR-Client initalisiation failed."); - - } - - // check if Clients can be initialized - if (szr == null) { - log.error("SZR " + CLIENT_DEFAULT + " is 'NULL'. Something goes wrong"); - throw new RuntimeException("SZR " + CLIENT_DEFAULT + " is 'NULL'. Something goes wrong"); - - } - if (dispatch == null) { - log.error("SZR " + CLIENT_RAW + " is 'NULL'. Something goes wrong"); - throw new RuntimeException("SZR " + CLIENT_RAW + " is 'NULL'. Something goes wrong"); - - } - - // inject handler - log.info("Use SZR service-URL: " + szrUrl); - injectBindingProvider((BindingProvider) szr, CLIENT_DEFAULT); - injectBindingProvider(dispatch, CLIENT_RAW); - - // inject http parameters and SSL context - log.debug("Inject HTTP client settings ... "); - injectHttpClient(szr, CLIENT_DEFAULT); - injectHttpClient(dispatch, CLIENT_RAW); - - log.info("SZR-Client initialization successfull"); - } - - private void injectHttpClient(Object raw, String clientType) { - // extract client from implementation - Client client = null; - if (raw instanceof DispatchImpl<?>) { - client = ((DispatchImpl<?>) raw).getClient(); - } else if (raw instanceof Client) { - client = ClientProxy.getClient(raw); - } else { - throw new RuntimeException("SOAP Client for SZR connection is of UNSUPPORTED type: " + raw.getClass() - .getName()); - } - - // set basic connection policies - final HTTPConduit http = (HTTPConduit) client.getConduit(); - - // set timeout policy - final HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy(); - httpClientPolicy.setConnectionTimeout( - Integer.parseInt(basicConfig.getBasicConfiguration( - Constants.CONIG_PROPS_EIDAS_SZRCLIENT_TIMEOUT_CONNECTION, - Constants.HTTP_CLIENT_DEFAULT_TIMEOUT_CONNECTION)) * 1000); - httpClientPolicy.setReceiveTimeout( - Integer.parseInt(basicConfig.getBasicConfiguration( - Constants.CONIG_PROPS_EIDAS_SZRCLIENT_TIMEOUT_RESPONSE, - Constants.HTTP_CLIENT_DEFAULT_TIMEOUT_RESPONSE)) * 1000); - http.setClient(httpClientPolicy); - - // inject SSL context in case of https - if (szrUrl.toLowerCase().startsWith("https")) { - log.debug("Adding SSLContext to client: " + clientType + " ... "); - final TLSClientParameters tlsParams = new TLSClientParameters(); - tlsParams.setSSLSocketFactory(createSslContext(clientType).getSocketFactory()); - http.setTlsClientParameters(tlsParams); - log.info("SSLContext initialized for client: " + clientType); - - } - - } - - private void injectBindingProvider(BindingProvider bindingProvider, String clientType) { - final Map<String, Object> requestContext = bindingProvider.getRequestContext(); - requestContext.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, szrUrl); - - log.trace("Adding JAX-WS request/response trace handler to client: " + clientType); - List<Handler> handlerList = bindingProvider.getBinding().getHandlerChain(); - if (handlerList == null) { - handlerList = new ArrayList<>(); - bindingProvider.getBinding().setHandlerChain(handlerList); - - } - - // add logging handler to trace messages if required - if (basicConfig.getBasicConfigurationBoolean( - Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_TRACEMESSAGES, - false)) { - final LoggingHandler loggingHandler = new LoggingHandler(); - handlerList.add(loggingHandler); - - } - bindingProvider.getBinding().setHandlerChain(handlerList); - } - - private SSLContext createSslContext(String clientType) { - try { - final SSLContext context = SSLContext.getInstance("TLS"); - - // initialize key-mangager for SSL client-authentication - KeyManager[] keyManager = null; - final String keyStorePath = basicConfig.getBasicConfiguration( - Constants.CONIG_PROPS_EIDAS_SZRCLIENT_SSL_KEYSTORE_PATH); - final String keyStorePassword = basicConfig.getBasicConfiguration( - Constants.CONIG_PROPS_EIDAS_SZRCLIENT_SSL_KEYSTORE_PASSWORD); - if (StringUtils.isNotEmpty(keyStorePath)) { - log.trace("Find keyStore path: " + keyStorePath + " Injecting SSL client certificate ... "); - try { - final KeyStore keyStore = KeyStoreUtils.loadKeyStore( - FileUtils.makeAbsoluteUrl(keyStorePath, basicConfig.getConfigurationRootDirectory()), - keyStorePassword); - - final KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); - kmf.init(keyStore, keyStorePassword.toCharArray()); - keyManager = kmf.getKeyManagers(); - log.debug("SSL client certificate injected to client: " + clientType); - - } catch (KeyStoreException | IOException | UnrecoverableKeyException e) { - log.error("Can NOT load SSL client certificate from path: " + keyStorePath); - throw new RuntimeException("Can NOT load SSL client certificate from path: " + keyStorePath, e); - - } - } else { - log.debug( - "No KeyStore for SSL Client Auth. found. Initializing SSLContext without authentication ... "); - - } - - // initialize SSL TrustStore - TrustManager[] trustManager = null; - final String trustStorePath = basicConfig.getBasicConfiguration( - Constants.CONIG_PROPS_EIDAS_SZRCLIENT_SSL_TRUSTSTORE_PATH); - final String trustStorePassword = basicConfig.getBasicConfiguration( - Constants.CONIG_PROPS_EIDAS_SZRCLIENT_SSL_TRUSTSTORE_PASSWORD); - if (StringUtils.isNotEmpty(trustStorePath)) { - log.trace("Find trustStore path: " + trustStorePath + " Injecting SSL TrustStore ... "); - try { - final KeyStore trustStore = KeyStoreUtils.loadKeyStore( - FileUtils.makeAbsoluteUrl(trustStorePath, basicConfig.getConfigurationRootDirectory()), - trustStorePassword); - - final TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); - tmf.init(trustStore); - trustManager = tmf.getTrustManagers(); - log.debug("SSL TrustStore injected to client: " + clientType); - - } catch (KeyStoreException | IOException e) { - log.error("Can NOT open SSL TrustStore from path: " + trustStorePath); - throw new RuntimeException("Can NOT open SSL TrustStore from path: " + trustStorePath, e); - - } - - } else { - log.debug("No custom SSL TrustStore found. Initializing SSLContext with JVM default truststore ... "); - - } - - context.init(keyManager, trustManager, new SecureRandom()); - return context; - - } catch (NoSuchAlgorithmException | KeyManagementException e) { - log.error("SSLContext initialization FAILED.", e); - throw new RuntimeException("SSLContext initialization FAILED.", e); - - } - - } - - private void injectMdsIfAvailableAndActive(Map<String, Object> eidsaBindMap, ErnbEidData eidData) { - if (basicConfig.getBasicConfigurationBoolean( - Constants.CONIG_PROPS_EIDAS_SZRCLIENT_SET_MDS_TO_EIDASBIND, false)) { - log.info("Injecting MDS into eidasBind ... "); - final Map<String, Object> mds = new HashMap<>(); - mds.put(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, eidData.getFamilyName()); - mds.put(PvpAttributeDefinitions.GIVEN_NAME_NAME, eidData.getGivenName()); - mds.put(PvpAttributeDefinitions.BIRTHDATE_NAME, eidData.getFormatedDateOfBirth()); - eidsaBindMap.put(ATTR_NAME_MDS, mds); - - } - } - - private byte[] sourceToByteArray(Source result) throws TransformerException { - final TransformerFactory factory = TransformerFactory.newInstance(); - factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); - final Transformer transformer = factory.newTransformer(); - transformer.setOutputProperty("omit-xml-declaration", "yes"); - transformer.setOutputProperty("method", "xml"); - final ByteArrayOutputStream out = new ByteArrayOutputStream(); - final StreamResult streamResult = new StreamResult(); - streamResult.setOutputStream(out); - transformer.transform(result, streamResult); - return out.toByteArray(); - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrService.java deleted file mode 100644 index dde868b1..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrService.java +++ /dev/null @@ -1,164 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.szr; - -import java.net.URL; - -import javax.xml.namespace.QName; -import javax.xml.ws.Service; -import javax.xml.ws.WebEndpoint; -import javax.xml.ws.WebServiceClient; -import javax.xml.ws.WebServiceFeature; - -import szrservices.SZR; - -/** - * This class was generated by Apache CXF 3.1.16 2018-07-10T09:36:01.466+02:00 - * Generated source version: 3.1.16 - * - */ -@WebServiceClient(name = "SZRService", - wsdlLocation = "./src/main/resources/szr_client/SZR-1.WSDL", - targetNamespace = "urn:SZRServices") -public class SzrService extends Service { - - public static final URL WSDL_LOCATION; - - public static final QName SERVICE = new QName("urn:SZRServices", "SZRService"); - public static final QName SZRProduktionsumgebung = new QName("urn:SZRServices", "SZRProduktionsumgebung"); - public static final QName SZRTestumgebung = new QName("urn:SZRServices", "SZRTestumgebung"); - public static final QName SZRBusinesspartnerTestumgebung = new QName("urn:SZRServices", - "SZRBusinesspartnerTestumgebung"); - - static { - URL url = SzrService.class.getResource("./src/main/resources/szr_client/SZR-1.WSDL"); - if (url == null) { - url = SzrService.class.getClassLoader().getResource("/szr_client/SZR-1.WSDL"); - } - if (url == null) { - java.util.logging.Logger.getLogger(SzrService.class.getName()) - .log(java.util.logging.Level.INFO, - "Can not initialize the default wsdl from {0}", "/szr_client/SZR-1.WSDL"); - } - WSDL_LOCATION = url; - - } - - public SzrService(URL wsdlLocation) { - super(wsdlLocation, SERVICE); - } - - public SzrService(URL wsdlLocation, QName serviceName) { - super(wsdlLocation, serviceName); - } - - public SzrService() { - super(WSDL_LOCATION, SERVICE); - } - - public SzrService(WebServiceFeature... features) { - super(WSDL_LOCATION, SERVICE, features); - } - - public SzrService(URL wsdlLocation, WebServiceFeature... features) { - super(wsdlLocation, SERVICE, features); - } - - public SzrService(URL wsdlLocation, QName serviceName, WebServiceFeature... features) { - super(wsdlLocation, serviceName, features); - } - - /** - * Get SZR Web-Service. - * - * @return returns SZR - */ - @WebEndpoint(name = "SZRProduktionsumgebung") - public SZR getSzrProduktionsumgebung() { - return super.getPort(SZRProduktionsumgebung, SZR.class); - } - - /** - * Get SZR Web-Service. - * - * @param features A list of {@link javax.xml.ws.WebServiceFeature} to configure - * on the proxy. Supported features not in the - * <code>features</code> parameter will have their default - * values. - * @return returns SZR - */ - @WebEndpoint(name = "SZRProduktionsumgebung") - public SZR getSzrProduktionsumgebung(WebServiceFeature... features) { - return super.getPort(SZRProduktionsumgebung, SZR.class, features); - } - - /** - *Get SZR Web-Service. - * - * @return returns SZR - */ - @WebEndpoint(name = "SZRTestumgebung") - public SZR getSzrTestumgebung() { - return super.getPort(SZRTestumgebung, SZR.class); - } - - /** - * Get SZR Web-Service. - * - * @param features A list of {@link javax.xml.ws.WebServiceFeature} to configure - * on the proxy. Supported features not in the - * <code>features</code> parameter will have their default - * values. - * @return returns SZR - */ - @WebEndpoint(name = "SZRTestumgebung") - public SZR getSzrTestumgebung(WebServiceFeature... features) { - return super.getPort(SZRTestumgebung, SZR.class, features); - } - - /** - * Get SZR Web-Service. - * - * @return returns SZR - */ - @WebEndpoint(name = "SZRBusinesspartnerTestumgebung") - public SZR getSzrBusinesspartnerTestumgebung() { - return super.getPort(SZRBusinesspartnerTestumgebung, SZR.class); - } - - /** - * Get SZR Web-Service. - * - * @param features A list of {@link javax.xml.ws.WebServiceFeature} to configure - * on the proxy. Supported features not in the - * <code>features</code> parameter will have their default - * values. - * @return returns SZR - */ - @WebEndpoint(name = "SZRBusinesspartnerTestumgebung") - public SZR getSzrBusinesspartnerTestumgebung(WebServiceFeature... features) { - return super.getPort(SZRBusinesspartnerTestumgebung, SZR.class, features); - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java deleted file mode 100644 index 6b1b96de..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java +++ /dev/null @@ -1,503 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks; - -import java.io.IOException; -import java.io.InputStream; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.xml.parsers.ParserConfigurationException; - -import org.apache.commons.lang3.StringUtils; -import org.joda.time.DateTime; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Component; -import org.w3c.dom.Element; -import org.w3c.dom.Node; -import org.xml.sax.SAXException; - -import com.google.common.collect.ImmutableMap; -import com.google.common.collect.ImmutableSet; - -import at.asitplus.eidas.specific.core.MsConnectorEventCodes; -import at.asitplus.eidas.specific.core.MsEidasNodeConstants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.AuthBlockSigningService; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils; -import at.gv.e_government.reference.namespace.persondata._20020228.AlternativeNameType; -import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType; -import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType; -import at.gv.egiz.eaaf.core.api.data.EaafConstants; -import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; -import at.gv.egiz.eaaf.core.impl.builder.BpkBuilder; -import at.gv.egiz.eaaf.core.impl.data.Pair; -import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; -import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; -import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; -import at.gv.egiz.eaaf.core.impl.utils.DomUtils; -import at.gv.egiz.eaaf.core.impl.utils.XPathUtils; -import eu.eidas.auth.commons.attribute.AttributeDefinition; -import eu.eidas.auth.commons.attribute.AttributeValue; -import eu.eidas.auth.commons.light.ILightResponse; -import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress; -import lombok.Data; -import lombok.extern.slf4j.Slf4j; -import szrservices.IdentityLinkType; -import szrservices.PersonInfoType; -import szrservices.TravelDocumentType; - -/** - * Task that creates the IdentityLink for an eIDAS authenticated person. - * - * @author tlenz - */ -@Slf4j -@Component("CreateIdentityLinkTask") -public class CreateIdentityLinkTask extends AbstractAuthServletTask { - - @Autowired - private IConfiguration basicConfig; - @Autowired - private SzrClient szrClient; - @Autowired - private ICcSpecificEidProcessingService eidPostProcessor; - - @Autowired - private AuthBlockSigningService authBlockSigner; - - private static final String EID_STATUS = "urn:eidgvat:eid.status.eidas"; - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv. - * egovernment.moa.id.process.api.ExecutionContext, - * javax.servlet.http.HttpServletRequest, - * javax.servlet.http.HttpServletResponse) - */ - @Override - public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) - throws TaskExecutionException { - try { - final AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class); - final ILightResponse eidasResponse = authProcessData - .getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE, ILightResponse.class); - - final Map<String, Object> simpleAttrMap = convertEidasAttrToSimpleMap( - eidasResponse.getAttributes().getAttributeMap()); - - // post-process eIDAS attributes - final ErnbEidData eidData = eidPostProcessor.postProcess(simpleAttrMap); - - // write MDS into technical log and revision log - writeMdsLogInformation(eidData); - - //build IdentityLink or VSZ and eidasBind - if (basicConfig.getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USEDUMMY, false)) { - SzrResultHolder idlResult = createDummyIdentityLinkForTestDeployment(eidData); - //inject personal-data into session - authProcessData.setIdentityLink(idlResult.getIdentityLink()); - - // set bPK and bPKType into auth session - authProcessData.setGenericDataToSession(PvpAttributeDefinitions.BPK_NAME, extendBpkByPrefix( - idlResult.getBpK(), pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier())); - authProcessData.setGenericDataToSession(PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME, - pendingReq.getServiceProviderConfiguration() - .getAreaSpecificTargetIdentifier()); - - } else { - //build SZR request from eIDAS data - final PersonInfoType personInfo = generateSzrRequest(eidData); - - //request SZR based on IDL or E-ID mode - if (pendingReq.getServiceProviderConfiguration() - .isConfigurationValue(MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE, false)) { - - // get encrypted baseId - String vsz = szrClient.getEncryptedStammzahl(personInfo); - - //write revision-Log entry and extended infos personal-identifier mapping - revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_VSZ_RECEIVED); - writeExtendedRevisionLogEntry(simpleAttrMap, eidData); - - - // get eIDAS bind - String signedEidasBind = szrClient.getEidsaBind(vsz, - authBlockSigner.getBase64EncodedPublicKey(), - EID_STATUS, eidData); - revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_EIDASBIND_RECEIVED); - authProcessData.setGenericDataToSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, signedEidasBind); - - //get signed AuthBlock - String jwsSignature = authBlockSigner.buildSignedAuthBlock(pendingReq); - revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.TECH_AUCHBLOCK_CREATED); - authProcessData.setGenericDataToSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, jwsSignature); - - //inject personal-data into session - authProcessData.setEidProcess(true); - - } else { - //request SZR - SzrResultHolder idlResult = requestSzrForIdentityLink(personInfo); - - //write revision-Log entry for personal-identifier mapping - writeExtendedRevisionLogEntry(simpleAttrMap, eidData); - - //check result-data and write revision-log based on current state - checkStateAndWriteRevisionLog(idlResult); - - //inject personal-data into session - authProcessData.setIdentityLink(idlResult.getIdentityLink()); - authProcessData.setEidProcess(false); - - // set bPK and bPKType into auth session - authProcessData.setGenericDataToSession(PvpAttributeDefinitions.BPK_NAME, extendBpkByPrefix( - idlResult.getBpK(), pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier())); - authProcessData.setGenericDataToSession(PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME, - pendingReq.getServiceProviderConfiguration() - .getAreaSpecificTargetIdentifier()); - - } - } - - //add generic info's into session - authProcessData.setForeigner(true); - authProcessData.setGenericDataToSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, EidasResponseUtils - .parseEidasPersonalIdentifier((String) simpleAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER)) - .getFirst()); - authProcessData.setQaaLevel(eidasResponse.getLevelOfAssurance()); - - // store pending-request - requestStoreage.storePendingRequest(pendingReq); - - - } catch (final EidasAttributeException e) { - throw new TaskExecutionException(pendingReq, "Minimum required eIDAS attributeset not found.", e); - - } catch (final EaafException e) { - throw new TaskExecutionException(pendingReq, "IdentityLink generation for foreign person FAILED.", e); - - } catch (final Exception e) { - log.error("IdentityLink generation for foreign person FAILED.", e); - throw new TaskExecutionException(pendingReq, "IdentityLink generation for foreign person FAILED.", e); - - } - } - - private void writeExtendedRevisionLogEntry(Map<String, Object> simpleAttrMap, ErnbEidData eidData) { - // write ERnB input-data into revision-log - if (basicConfig.getBasicConfigurationBoolean( - Constants.CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_REVISIONLOGDATASTORE_ACTIVE, false)) { - revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_ERNB_EIDAS_RAW_ID, - (String) simpleAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER)); - revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_ERNB_EIDAS_ERNB_ID, eidData.getPseudonym()); - - } - } - - private PersonInfoType generateSzrRequest(ErnbEidData eidData) { - log.debug("Starting connecting SZR Gateway"); - final PersonInfoType personInfo = new PersonInfoType(); - final PersonNameType personName = new PersonNameType(); - final PhysicalPersonType naturalPerson = new PhysicalPersonType(); - final TravelDocumentType eDocument = new TravelDocumentType(); - - naturalPerson.setName(personName); - personInfo.setPerson(naturalPerson); - personInfo.setTravelDocument(eDocument); - - // person information - personName.setFamilyName(eidData.getFamilyName()); - personName.setGivenName(eidData.getGivenName()); - naturalPerson.setDateOfBirth(eidData.getFormatedDateOfBirth()); - eDocument.setIssuingCountry(eidData.getCitizenCountryCode()); - eDocument.setDocumentNumber(eidData.getPseudonym()); - - // eID document information - eDocument.setDocumentType(basicConfig - .getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE, - Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE)); - - // set PlaceOfBirth if available - if (eidData.getPlaceOfBirth() != null) { - log.trace("Find 'PlaceOfBirth' attribute: " + eidData.getPlaceOfBirth()); - if (basicConfig - .getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETPLACEOFBIRTHIFAVAILABLE, - true)) { - naturalPerson.setPlaceOfBirth(eidData.getPlaceOfBirth()); - log.trace("Adding 'PlaceOfBirth' to ERnB request ... "); - - } - } - - // set BirthName if available - if (eidData.getBirthName() != null) { - log.trace("Find 'BirthName' attribute: " + eidData.getBirthName()); - if (basicConfig - .getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETBIRTHNAMEIFAVAILABLE, - true)) { - final AlternativeNameType alternativeName = new AlternativeNameType(); - naturalPerson.setAlternativeName(alternativeName); - alternativeName.setFamilyName(eidData.getBirthName()); - log.trace("Adding 'BirthName' to ERnB request ... "); - - } - } - - return personInfo; - - } - - private SzrResultHolder requestSzrForIdentityLink(PersonInfoType personInfo) - throws SzrCommunicationException, EaafException { - //request IdentityLink from SZR - final IdentityLinkType result = szrClient.getIdentityLinkInRawMode(personInfo); - - final Element idlFromSzr = (Element) result.getAssertion(); - IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSzr).parseIdentityLink(); - - // get bPK from SZR - String bpk = null; - if (basicConfig - .getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USESRZFORBPKGENERATION, true)) { - List<String> bpkList = szrClient - .getBpk(personInfo, pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier(), - basicConfig - .getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ, "no VKZ defined")); - if (!bpkList.isEmpty()) { - bpk = bpkList.get(0); - - } - - - } else { - log.debug("Calculating bPK from baseId ... "); - new BpkBuilder(); - final Pair<String, String> bpkCalc = BpkBuilder - .generateAreaSpecificPersonIdentifier(identityLink.getIdentificationValue(), - identityLink.getIdentificationType(), - pendingReq.getServiceProviderConfiguration() - .getAreaSpecificTargetIdentifier()); - bpk = bpkCalc.getFirst(); - - } - - return new SzrResultHolder(identityLink, bpk); - - } - - private void checkStateAndWriteRevisionLog(SzrResultHolder idlResult) throws SzrCommunicationException { - // write some infos into revision log - if (idlResult.getIdentityLink() == null) { - log.error("ERnB did not return an identity link."); - throw new SzrCommunicationException("ernb.00", null); - - } - revisionsLogger.logEvent(pendingReq, - MsConnectorEventCodes.SZR_IDL_RECEIVED, - idlResult.getIdentityLink().getSamlAssertion() - .getAttribute(SimpleIdentityLinkAssertionParser.ASSERTIONID)); - - if (idlResult.getBpK() == null) { - log.error("ERnB did not return a bPK for target: " + pendingReq.getServiceProviderConfiguration() - .getAreaSpecificTargetIdentifier()); - throw new SzrCommunicationException("ernb.01", null); - - } - revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_BPK_RECEIVED); - log.debug("ERnB communication was successfull"); - - } - - private String extendBpkByPrefix(String bpk, String type) { - String bpkType = null; - - if (type.startsWith(EaafConstants.URN_PREFIX_WBPK)) { - bpkType = type.substring(EaafConstants.URN_PREFIX_WBPK.length()); - } else if (type.startsWith(EaafConstants.URN_PREFIX_CDID)) { - bpkType = type.substring(EaafConstants.URN_PREFIX_CDID.length()); - } else if (type.startsWith(EaafConstants.URN_PREFIX_EIDAS)) { - bpkType = type.substring(EaafConstants.URN_PREFIX_EIDAS.length()); - } - - if (bpkType != null) { - log.trace("Authenticate user with bPK/wbPK " + bpk + " and Type=" + bpkType); - return bpkType + ":" + bpk; - - } else { - log.warn("Service Provider Target with: " + type + " is NOT supported. Set bPK as it is ..."); - return bpk; - - } - - } - - private Map<String, Object> convertEidasAttrToSimpleMap( - ImmutableMap<AttributeDefinition<?>, ImmutableSet<? extends AttributeValue<?>>> attributeMap) { - final Map<String, Object> result = new HashMap<>(); - - for (final AttributeDefinition<?> el : attributeMap.keySet()) { - - final Class<?> parameterizedType = el.getParameterizedType(); - if (DateTime.class.equals(parameterizedType)) { - final DateTime attribute = EidasResponseUtils.translateDateAttribute(el, attributeMap.get(el).asList()); - if (attribute != null) { - result.put(el.getFriendlyName(), attribute); - log.trace("Find attr '" + el.getFriendlyName() + "' with value: " + attribute.toString()); - - } else { - log.info("Ignore empty 'DateTime' attribute"); - } - - } else if (PostalAddress.class.equals(parameterizedType)) { - final PostalAddress addressAttribute = EidasResponseUtils - .translateAddressAttribute(el, attributeMap.get(el).asList()); - if (addressAttribute != null) { - result.put(el.getFriendlyName(), addressAttribute); - log.trace("Find attr '" + el.getFriendlyName() + "' with value: " + addressAttribute.toString()); - - } else { - log.info("Ignore empty 'PostalAddress' attribute"); - } - - } else { - final List<String> natPersonIdObj = EidasResponseUtils - .translateStringListAttribute(el, attributeMap.get(el)); - final String stringAttr = natPersonIdObj.get(0); - if (StringUtils.isNotEmpty(stringAttr)) { - result.put(el.getFriendlyName(), stringAttr); - log.trace("Find attr '" + el.getFriendlyName() + "' with value: " + stringAttr); - - } else { - log.info("Ignore empty 'String' attribute"); - } - - } - } - - log.debug("Receive #" + result.size() + " attributes with names: " + result.keySet().toString()); - - return result; - } - - private void writeMdsLogInformation(ErnbEidData eidData) { - // log MDS and country code into technical log - if (basicConfig - .getBasicConfigurationBoolean(MsEidasNodeConstants.PROP_CONFIG_TECHNICALLOG_WRITE_MDS_INTO_TECH_LOG, false)) { - log.info("eIDAS Auth. for user: " + eidData.getGivenName() + " " + eidData.getFamilyName() + " " + eidData - .getFormatedDateOfBirth() + " " + "from " + eidData.getCitizenCountryCode()); - } - - // log MDS and country code into revision log - if (basicConfig - .getBasicConfigurationBoolean(MsEidasNodeConstants.PROP_CONFIG_REVISIONLOG_WRITE_MDS_INTO_REVISION_LOG, - false)) { - revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_MDSDATA, - "{" + eidData.getGivenName() + "," + eidData.getFamilyName() + "," + eidData - .getFormatedDateOfBirth() + "," + eidData.getCitizenCountryCode() + "}"); - } - - } - - @Data - private static class SzrResultHolder { - final IIdentityLink identityLink; - final String bpK; - - } - - /** - * Build a dummy IdentityLink and a dummy bPK based on eIDAS information. - * - * <br><br> - * <b>FOR LOCAL TESTING ONLY!!!</b> - * - * @param eidData Information from eIDAS response - * @return IdentityLink and bPK - * @throws ParserConfigurationException In case of an IDL processing error - * @throws SAXException In case of an IDL processing error - * @throws IOException In case of an IDL processing error - * @throws EaafException In case of a bPK generation error - */ - private SzrResultHolder createDummyIdentityLinkForTestDeployment(ErnbEidData eidData) - throws ParserConfigurationException, SAXException, IOException, EaafException { - log.warn("SZR-Dummy IS ACTIVE! IdentityLink is NOT VALID!!!!"); - // create fake IdL - // - fetch IdL template from resources - final InputStream s = CreateIdentityLinkTask.class - .getResourceAsStream("/resources/xmldata/fakeIdL_IdL_template.xml"); - final Element idlTemplate = DomUtils.parseXmlValidating(s); - - IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlTemplate).parseIdentityLink(); - - // replace data - final Element idlassertion = identityLink.getSamlAssertion(); - - // - set fake baseID; - final Node prIdentification = XPathUtils - .selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH); - prIdentification.getFirstChild().setNodeValue(eidData.getPseudonym()); - - // - set last name - final Node prFamilyName = XPathUtils - .selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_FAMILY_NAME_XPATH); - prFamilyName.getFirstChild().setNodeValue(eidData.getFamilyName()); - - // - set first name - final Node prGivenName = XPathUtils - .selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_GIVEN_NAME_XPATH); - prGivenName.getFirstChild().setNodeValue(eidData.getGivenName()); - - // - set date of birth - final Node prDateOfBirth = XPathUtils - .selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_DATE_OF_BIRTH_XPATH); - - prDateOfBirth.getFirstChild().setNodeValue(eidData.getFormatedDateOfBirth()); - - identityLink = new SimpleIdentityLinkAssertionParser(idlassertion).parseIdentityLink(); - - final Pair<String, String> bpkCalc = BpkBuilder - .generateAreaSpecificPersonIdentifier(identityLink.getIdentificationValue(), - identityLink.getIdentificationType(), - pendingReq.getServiceProviderConfiguration() - .getAreaSpecificTargetIdentifier()); - return new SzrResultHolder(identityLink, bpkCalc.getFirst()); - - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java deleted file mode 100644 index 0f1b5432..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java +++ /dev/null @@ -1,274 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks; - -import java.util.UUID; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.commons.lang3.StringUtils; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.ApplicationContext; -import org.springframework.stereotype.Component; -import org.springframework.web.util.UriComponentsBuilder; - -import at.asitplus.eidas.specific.core.MsConnectorEventCodes; -import at.asitplus.eidas.specific.core.MsEidasNodeConstants; -import at.asitplus.eidas.specific.core.gui.StaticGuiBuilderConfiguration; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService; -import at.gv.egiz.eaaf.core.api.gui.ISpringMvcGuiFormBuilder; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; -import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; -import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; -import eu.eidas.auth.commons.EidasParameterKeys; -import eu.eidas.auth.commons.light.ILightRequest; -import eu.eidas.auth.commons.light.impl.LightRequest; -import eu.eidas.auth.commons.tx.BinaryLightToken; -import eu.eidas.specificcommunication.BinaryLightTokenHelper; -import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames; -import eu.eidas.specificcommunication.exception.SpecificCommunicationException; -import eu.eidas.specificcommunication.protocol.SpecificCommunicationService; -import lombok.extern.slf4j.Slf4j; - -/** - * Authentication-process task that generates the Authn. Request to eIDAS Node. - * - * @author tlenz - * - */ -@Slf4j -@Component("ConnecteIDASNodeTask") -public class GenerateAuthnRequestTask extends AbstractAuthServletTask { - - @Autowired - IConfiguration basicConfig; - @Autowired - ApplicationContext context; - @Autowired - ITransactionStorage transactionStore; - @Autowired - ISpringMvcGuiFormBuilder guiBuilder; - @Autowired - ICcSpecificEidProcessingService ccSpecificProcessing; - - @Override - public void execute(ExecutionContext executionContext, - HttpServletRequest request, HttpServletResponse response) - throws TaskExecutionException { - - try { - // get target, environment and validate citizen countryCode - final String citizenCountryCode = (String) executionContext.get( - MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY); - final String environment = (String) executionContext.get( - MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT); - - if (StringUtils.isEmpty(citizenCountryCode)) { - // illegal state; task should not have been executed without a selected country - throw new EidasSAuthenticationException("eidas.03", new Object[] { "" }); - - } - - // TODO: maybe add countryCode validation before request ref. impl. eIDAS node - log.info("Request eIDAS auth. for citizen of country: " + citizenCountryCode); - revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.COUNTRY_SELECTED, citizenCountryCode); - - // build eIDAS AuthnRequest - final LightRequest.Builder authnRequestBuilder = LightRequest.builder(); - authnRequestBuilder.id(UUID.randomUUID().toString()); - - // set nameIDFormat - authnRequestBuilder.nameIdFormat( - authConfig.getBasicConfiguration(Constants.CONFIG_PROP_EIDAS_NODE_NAMEIDFORMAT)); - - // set citizen country code for foreign uses - authnRequestBuilder.citizenCountryCode(citizenCountryCode); - - //set Issuer - final String issur = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_ENTITYID); - if (StringUtils.isEmpty(issur)) { - log.error("Found NO 'eIDAS node issuer' in configuration. Authentication NOT possible!"); - throw new EaafConfigurationException("config.27", - new Object[] { "Application config containts NO " + Constants.CONIG_PROPS_EIDAS_NODE_ENTITYID }); - - } - authnRequestBuilder.issuer(issur); - - - // Add country-specific informations into eIDAS request - ccSpecificProcessing.preProcess(citizenCountryCode, pendingReq, authnRequestBuilder); - - // build request - final LightRequest lightAuthnReq = authnRequestBuilder.build(); - - // put request into shared cache - final BinaryLightToken token = putRequestInCommunicationCache(lightAuthnReq); - final String tokenBase64 = BinaryLightTokenHelper.encodeBinaryLightTokenBase64(token); - - // Workaround for ms-connector staging - injectStagingWorkaroundForMsConnector(); - - // Workaround, because eIDAS node ref. impl. does not return relayState - if (basicConfig.getBasicConfigurationBoolean( - Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_USEREQUESTIDASTRANSACTIONIDENTIFIER, - false)) { - log.trace("Put lightRequestId into transactionstore as session-handling backup"); - transactionStore.put(lightAuthnReq.getId(), pendingReq.getPendingRequestId(), -1); - - } - - // select forward URL regarding the selected environment - String forwardUrl = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL); - if (StringUtils.isNotEmpty(environment)) { - forwardUrl = selectedForwardUrlForEnvironment(environment); - } - - if (StringUtils.isEmpty(forwardUrl)) { - log.warn("NO ForwardURL defined in configuration. Can NOT forward to eIDAS node! Process stops"); - throw new EaafConfigurationException("config.08", new Object[] { - environment == null ? Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL - : Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL + "." + environment - }); - - } - log.debug("ForwardURL: " + forwardUrl + " selected to forward eIDAS request"); - - if (basicConfig.getBasicConfiguration( - Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_METHOD, - Constants.FORWARD_METHOD_GET).equals(Constants.FORWARD_METHOD_GET)) { - - log.debug("Use http-redirect for eIDAS node forwarding ... "); - // send redirect - final UriComponentsBuilder redirectUrl = UriComponentsBuilder.fromHttpUrl(forwardUrl); - redirectUrl.queryParam(EidasParameterKeys.TOKEN.toString(), tokenBase64); - response.sendRedirect(redirectUrl.build().encode().toString()); - - } else { - log.debug("Use http-post for eIDAS node forwarding ... "); - final StaticGuiBuilderConfiguration config = new StaticGuiBuilderConfiguration( - basicConfig, - pendingReq, - Constants.TEMPLATE_POST_FORWARD_NAME, - null, - resourceLoader); - - config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_ENDPOINT, forwardUrl); - config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_TOKEN_NAME, - EidasParameterKeys.TOKEN.toString()); - config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_TOKEN_VALUE, - tokenBase64); - - guiBuilder.build(request, response, config, "Forward to eIDASNode form"); - - } - - revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.EIDAS_NODE_CONNECTED, lightAuthnReq.getId()); - - } catch (final EidasSAuthenticationException e) { - throw new TaskExecutionException(pendingReq, "eIDAS AuthnRequest generation FAILED.", e); - - } catch (final Exception e) { - log.warn("eIDAS AuthnRequest generation FAILED.", e); - throw new TaskExecutionException(pendingReq, e.getMessage(), e); - - } - - } - - - private void injectStagingWorkaroundForMsConnector() throws EaafException { - String alternativReturnEndpoint = basicConfig.getBasicConfiguration( - Constants.CONIG_PROPS_EIDAS_WORKAROUND_STAGING_MS_CONNECTOR); - if (StringUtils.isNotEmpty(alternativReturnEndpoint)) { - log.info("Inject alternative MS-Connector end-point: {}", alternativReturnEndpoint); - pendingReq.setRawDataToTransaction( - MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING, alternativReturnEndpoint); - - // store pending request after update - requestStoreage.storePendingRequest(pendingReq); - - } - } - - /** - * Select a forward URL from configuration for a specific environment <br> - * <br> - * <b>Info: </b> This method is needed, because eIDAS Ref. Impl only supports - * one countrycode on each instance. In consequence, more than one eIDAS Ref. - * Impl nodes are required to support producation, testing, or QS stages for one - * country by using one ms-specific eIDAS connector - * - * @param environment Environment selector from CountrySlection page - * @return - */ - private String selectedForwardUrlForEnvironment(String environment) { - log.trace("Starting endpoint selection process for environment: " + environment + " ... "); - if (environment.equalsIgnoreCase(MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_PRODUCTION)) { - return basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL); - } else if (environment.equalsIgnoreCase(MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_QS)) { - return basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL - + "." + MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_QS); - } else if (environment.equalsIgnoreCase( - MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_TESTING)) { - return basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL - + "." + MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_TESTING); - } else if (environment.equalsIgnoreCase( - MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_DEVELOPMENT)) { - return basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL - + "." + MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_DEVELOPMENT); - } - - log.info("Environment selector: " + environment + " is not supported"); - return null; - - } - - private BinaryLightToken putRequestInCommunicationCache(ILightRequest lightRequest) - throws ServletException { - final BinaryLightToken binaryLightToken; - try { - final SpecificCommunicationService springManagedSpecificConnectorCommunicationService = - (SpecificCommunicationService) context.getBean( - SpecificCommunicationDefinitionBeanNames.SPECIFIC_CONNECTOR_COMMUNICATION_SERVICE.toString()); - - binaryLightToken = springManagedSpecificConnectorCommunicationService.putRequest(lightRequest); - - } catch (final SpecificCommunicationException e) { - log.error("Unable to process specific request"); - throw new ServletException(e); - - } - - return binaryLightToken; - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java deleted file mode 100644 index c918b7a4..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java +++ /dev/null @@ -1,177 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks; - -import java.io.IOException; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.commons.lang3.StringUtils; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.ApplicationContext; -import org.springframework.stereotype.Component; -import org.springframework.web.util.UriComponentsBuilder; - -import at.asitplus.eidas.specific.core.MsConnectorEventCodes; -import at.asitplus.eidas.specific.core.MsEidasNodeConstants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.validator.EidasResponseValidator; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; -import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper; -import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; -import eu.eidas.auth.commons.EidasParameterKeys; -import eu.eidas.auth.commons.light.ILightResponse; -import eu.eidas.auth.commons.tx.BinaryLightToken; -import eu.eidas.specificcommunication.BinaryLightTokenHelper; -import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames; -import eu.eidas.specificcommunication.exception.SpecificCommunicationException; -import eu.eidas.specificcommunication.protocol.SpecificCommunicationService; -import lombok.extern.slf4j.Slf4j; - -@Slf4j -@Component("ReceiveResponseFromeIDASNodeTask") -public class ReceiveAuthnResponseTask extends AbstractAuthServletTask { - - @Autowired - ApplicationContext context; - - @Autowired - private IConfiguration basicConfig; - @Autowired - private EidasAttributeRegistry attrRegistry; - - @Override - public void execute(ExecutionContext executionContext, HttpServletRequest request, - HttpServletResponse response) throws TaskExecutionException { - try { - final ILightResponse eidasResponse = (ILightResponse) request.getAttribute( - Constants.DATA_FULL_EIDAS_RESPONSE); - if (eidasResponse == null) { - log.warn("NO eIDAS response-message found."); - throw new EidasSAuthenticationException("eidas.01", null); - - } - - String stagingEndpoint = pendingReq.getRawData( - MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING, String.class); - if (StringUtils.isNotEmpty(stagingEndpoint)) { - log.info("Find ms-connector staging to: {}. Forwarding to that endpoint ... ", stagingEndpoint); - forwardToOtherStage(response, executionContext, eidasResponse, stagingEndpoint); - - } else { - executionContext.put(MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING, false); - processResponseOnThatStage(executionContext, eidasResponse); - - } - - } catch (final EaafException e) { - revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE_NOT_VALID); - throw new TaskExecutionException(pendingReq, "eIDAS Response processing FAILED.", e); - - } catch (final Exception e) { - log.warn("eIDAS Response processing FAILED.", e); - revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE_NOT_VALID); - throw new TaskExecutionException(pendingReq, e.getMessage(), - new EidasSAuthenticationException("eidas.05", new Object[] { e.getMessage() }, e)); - - } - } - - private void forwardToOtherStage(HttpServletResponse response, ExecutionContext executionContext, - ILightResponse eidasResponse, String stagingEndpoint) throws SpecificCommunicationException, IOException { - executionContext.put(MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING, true); - - final SpecificCommunicationService specificConnectorCommunicationService = - (SpecificCommunicationService) context.getBean( - SpecificCommunicationDefinitionBeanNames.SPECIFIC_CONNECTOR_COMMUNICATION_SERVICE.toString()); - BinaryLightToken token = specificConnectorCommunicationService.putResponse(eidasResponse); - final String tokenBase64 = BinaryLightTokenHelper.encodeBinaryLightTokenBase64(token); - - final UriComponentsBuilder redirectUrl = UriComponentsBuilder.fromHttpUrl(stagingEndpoint); - redirectUrl.queryParam(EidasParameterKeys.TOKEN.toString(), tokenBase64); - - log.debug("Forward to other stage .... "); - response.sendRedirect(redirectUrl.build().encode().toString()); - - } - - private void processResponseOnThatStage(ExecutionContext executionContext, ILightResponse eidasResponse) - throws EaafException { - log.debug("Receive eIDAS response with RespId:" + eidasResponse.getId() + " for ReqId:" + eidasResponse - .getInResponseToId()); - log.trace("Full eIDAS-Resp: " + eidasResponse.toString()); - revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE, eidasResponse - .getId()); - - // check response StatusCode - if (!eidasResponse.getStatus().getStatusCode().equals(Constants.SUCCESS_URI)) { - log.info("Receice eIDAS Response with StatusCode:" + eidasResponse.getStatus().getStatusCode() - + " Subcode:" + eidasResponse.getStatus().getSubStatusCode() + " Msg:" + eidasResponse.getStatus() - .getStatusMessage()); - throw new EidasSAuthenticationException("eidas.02", new Object[] { eidasResponse.getStatus() - .getStatusCode(), eidasResponse.getStatus().getStatusMessage() }); - - } - - // extract all Attributes from response - - // ********************************************************** - // ******* MS-specificresponse validation ********** - // ********************************************************** - final String spCountry = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRYCODE, - "AT"); - final String citizenCountryCode = (String) executionContext.get( - MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY); - EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, - attrRegistry); - - // ********************************************************** - // ******* Store resonse infos into session object ********** - // ********************************************************** - - // update MOA-Session data with received information - log.debug("Store eIDAS response information into pending-request."); - final EidAuthProcessDataWrapper authProcessData = pendingReq.getSessionData(EidAuthProcessDataWrapper.class); - authProcessData.setQaaLevel(eidasResponse.getLevelOfAssurance()); - authProcessData.setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse); - - - //inject set flag to inject - authProcessData.setTestIdentity( - basicConfig.getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_IS_TEST_IDENTITY, false)); - - // store MOA-session to database - requestStoreage.storePendingRequest(pendingReq); - - revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE_VALID); - - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java deleted file mode 100644 index c8c5a069..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java +++ /dev/null @@ -1,179 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.utils; - -import java.util.ArrayList; -import java.util.List; -import java.util.regex.Matcher; -import java.util.regex.Pattern; - -import javax.annotation.Nullable; - -import org.apache.commons.lang3.StringUtils; -import org.joda.time.DateTime; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import com.google.common.collect.ImmutableList; -import com.google.common.collect.ImmutableSet; - -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.gv.egiz.eaaf.core.impl.data.Triple; -import eu.eidas.auth.commons.attribute.AttributeDefinition; -import eu.eidas.auth.commons.attribute.AttributeValue; -import eu.eidas.auth.commons.attribute.AttributeValueMarshaller; -import eu.eidas.auth.commons.attribute.AttributeValueMarshallingException; -import eu.eidas.auth.commons.attribute.AttributeValueTransliterator; -import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress; - -public class EidasResponseUtils { - private static final Logger log = LoggerFactory.getLogger(EidasResponseUtils.class); - - public static final String PERSONALIDENIFIER_VALIDATION_PATTERN = "^[A-Z,a-z]{2}/[A-Z,a-z]{2}/.*"; - - /** - * Validate a eIDAS PersonalIdentifier attribute value This validation is done - * according to eIDAS SAML Attribute Profile - Section 2.2.3 Unique Identifier - * - * @param uniqueID eIDAS attribute value of a unique identifier - * @return true if the uniqueID matches to eIDAS to Unique Identifier - * specification, otherwise false - */ - public static boolean validateEidasPersonalIdentifier(String uniqueID) { - final Pattern pattern = Pattern.compile(PERSONALIDENIFIER_VALIDATION_PATTERN); - final Matcher matcher = pattern.matcher(uniqueID); - return matcher.matches(); - - } - - /** - * Parse an eIDAS PersonalIdentifier attribute value into it components. This - * processing is done according to eIDAS SAML Attribute Profile - Section 2.2.3 - * Unique Identifier - * - * @param uniqueID eIDAS attribute value of a unique identifier - * @return {@link Trible} that contains: <br> - * First : citizen country <br> - * Second: destination country <br> - * Third : unique identifier <br> - * or null if the attribute value has a wrong format - */ - public static Triple<String, String, String> parseEidasPersonalIdentifier(String uniqueID) { - if (!validateEidasPersonalIdentifier(uniqueID)) { - log.error("eIDAS attribute value for {} looks wrong formated. Value: {}", - Constants.eIDAS_ATTR_PERSONALIDENTIFIER, uniqueID); - return null; - - } - return Triple.newInstance(uniqueID.substring(0, 2), uniqueID.substring(3, 5), uniqueID.substring(6)); - - } - - /** - * Get eIDAS attribute-values from eIDAS Node attributes. - * - * @param attributeDefinition eIDAS attribute definition - * @param attributeValues Attributes from eIDAS response - * @return Set of attribute values. If more then one value than the first value contains the 'Latin' value. - */ - // TODO: check possible problem with nonLatinCharacters - public static List<String> translateStringListAttribute(AttributeDefinition<?> attributeDefinition, - ImmutableSet<? extends AttributeValue<?>> attributeValues) { - final List<String> stringListAttribute = new ArrayList<>(); - if (attributeValues != null) { - final AttributeValueMarshaller<?> attributeValueMarshaller = attributeDefinition - .getAttributeValueMarshaller(); - for (final AttributeValue<?> attributeValue : attributeValues.asList()) { - String valueString = null; - try { - valueString = attributeValueMarshaller.marshal((AttributeValue) attributeValue); - - log.trace("Find attr: {} with value: {} nonLatinFlag: {} needTransliteration: {}", - attributeDefinition.getFriendlyName(), attributeValue.toString(), - attributeValue.isNonLatinScriptAlternateVersion(), - AttributeValueTransliterator.needsTransliteration(valueString)); - - // if (attributeValue.isNonLatinScriptAlternateVersion()) { - if (!AttributeValueTransliterator.needsTransliteration(valueString)) { - stringListAttribute.add(0, valueString); - - } else { - log.trace("Find 'needsTransliteration' flag. Setting this value at last list element ... "); - stringListAttribute.add(valueString); - - } - - } catch (final AttributeValueMarshallingException e) { - throw new IllegalStateException(e); - - } - } - - log.trace("Extract values: {} for attr: {}", - StringUtils.join(stringListAttribute, ","), attributeDefinition.getFriendlyName()); - - } else { - log.info("Can not extract infos from 'null' attribute value"); - - } - - return stringListAttribute; - - } - - /** - * Convert eIDAS DateTime attribute to Java Object. - * - * @param attributeDefinition eIDAS attribute definition. - * @param attributeValues eIDAS attribute value - * @return - */ - @Nullable - public static DateTime translateDateAttribute(AttributeDefinition<?> attributeDefinition, - ImmutableList<? extends AttributeValue<?>> attributeValues) { - if (attributeValues.size() != 0) { - final AttributeValue<?> firstAttributeValue = attributeValues.get(0); - return (DateTime) firstAttributeValue.getValue(); - - } - - return null; - } - - /** - * Concert eIDAS Address attribute to Java object. - * - * @param attributeDefinition eIDAS attribute definition - * @param attributeValues eIDAS attribute value - * @return - */ - @Nullable - public static PostalAddress translateAddressAttribute(AttributeDefinition<?> attributeDefinition, - ImmutableList<? extends AttributeValue<?>> attributeValues) { - final AttributeValue<?> firstAttributeValue = attributeValues.get(0); - return (PostalAddress) firstAttributeValue.getValue(); - - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/JoseUtils.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/JoseUtils.java deleted file mode 100644 index e81c4c92..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/JoseUtils.java +++ /dev/null @@ -1,305 +0,0 @@ -package at.asitplus.eidas.specific.modules.auth.eidas.v2.utils; - -import at.gv.egiz.eaaf.core.exception.EaafKeyUsageException; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreUtils; -import at.gv.egiz.eaaf.core.impl.data.Pair; -import at.gv.egiz.eaaf.core.impl.utils.X509Utils; -import lombok.AllArgsConstructor; -import lombok.Getter; -import lombok.extern.slf4j.Slf4j; -import org.apache.commons.lang3.StringUtils; -import org.jose4j.jca.ProviderContext; -import org.jose4j.jwa.AlgorithmConstraints; -import org.jose4j.jws.AlgorithmIdentifiers; -import org.jose4j.jws.JsonWebSignature; -import org.jose4j.jwx.Headers; -import org.jose4j.jwx.JsonWebStructure; -import org.jose4j.keys.resolvers.X509VerificationKeyResolver; -import org.jose4j.lang.JoseException; -import org.springframework.util.Base64Utils; - -import javax.annotation.Nonnull; -import java.io.IOException; -import java.security.Key; -import java.security.KeyStore; -import java.security.Provider; -import java.security.cert.CertificateEncodingException; -import java.security.cert.X509Certificate; -import java.security.interfaces.ECPrivateKey; -import java.security.interfaces.RSAPrivateKey; -import java.util.Collections; -import java.util.List; -import java.util.Map; -import java.util.Map.Entry; - -/** - * {@link JoseUtils} provides static methods JWS and JWE processing. - * - * @author tlenz - * - */ -@Slf4j -public class JoseUtils { - - /** - * Create a JWS signature. - * - * <p> - * Use {@link AlgorithmIdentifiers.RSA_PSS_USING_SHA256} in case - * of a RSA based key and - * {@link AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256} - * in case of an ECC based key. - * </p> - * - * @param keyStore KeyStore that should be used - * @param keyAlias Alias of the private key - * @param keyPassword Password to access the key - * @param payLoad PayLoad to sign - * @param addFullCertChain If true the full certificate chain will be - * added, otherwise only the - * X509CertSha256Fingerprint is added into JOSE - * header - * @param friendlyNameForLogging FriendlyName for the used KeyStore for logging - * purposes only - * @return Signed PayLoad in serialized form - * @throws EaafException In case of a key-access or key-usage error - * @throws JoseException In case of a JOSE error - */ - public static String createSignature(@Nonnull Pair<KeyStore, Provider> keyStore, - @Nonnull final String keyAlias, @Nonnull final char[] keyPassword, - @Nonnull final String payLoad, boolean addFullCertChain, - @Nonnull String friendlyNameForLogging) throws EaafException, JoseException { - return createSignature(keyStore, keyAlias, keyPassword, payLoad, addFullCertChain, Collections.emptyMap(), - AlgorithmIdentifiers.RSA_PSS_USING_SHA256, AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256, - friendlyNameForLogging); - - } - - /** - * Create a JWS signature. - * - * <p> - * Use {@link AlgorithmIdentifiers.RSA_PSS_USING_SHA256} in case - * of a RSA based key and - * {@link AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256} - * in case of an ECC based key. - * </p> - * - * @param keyStore KeyStore that should be used - * @param keyAlias Alias of the private key - * @param keyPassword Password to access the key - * @param payLoad PayLoad to sign - * @param addFullCertChain If true the full certificate chain will be - * added, otherwise only the - * X509CertSha256Fingerprint is added into JOSE - * header - * @param joseHeaders HeaderName and HeaderValue that should be set - * into JOSE header - * @param friendlyNameForLogging FriendlyName for the used KeyStore for logging - * purposes only - * @return Signed PayLoad in serialized form - * @throws EaafException In case of a key-access or key-usage error - * @throws JoseException In case of a JOSE error - */ - public static String createSignature(@Nonnull Pair<KeyStore, Provider> keyStore, - @Nonnull final String keyAlias, @Nonnull final char[] keyPassword, - @Nonnull final String payLoad, boolean addFullCertChain, - @Nonnull final Map<String, String> joseHeaders, - @Nonnull String friendlyNameForLogging) throws EaafException, JoseException { - return createSignature(keyStore, keyAlias, keyPassword, payLoad, addFullCertChain, joseHeaders, - AlgorithmIdentifiers.RSA_PSS_USING_SHA256, AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256, - friendlyNameForLogging); - - } - - /** - * Create a JWS signature. - * - * @param keyStore KeyStore that should be used - * @param keyAlias Alias of the private key - * @param keyPassword Password to access the key - * @param payLoad PayLoad to sign - * @param addFullCertChain If true the full certificate chain will be - * added, otherwise only the - * X509CertSha256Fingerprint is added into JOSE - * header - * @param joseHeaders HeaderName and HeaderValue that should be set - * into JOSE header - * @param rsaAlgToUse Signing algorithm that should be used in case - * of a signing key based on RSA - * @param eccAlgToUse Signing algorithm that should be used in case - * of a signing key based on ECC - * @param friendlyNameForLogging FriendlyName for the used KeyStore for logging - * purposes only - * @return Signed PayLoad in serialized form - * @throws EaafException In case of a key-access or key-usage error - * @throws JoseException In case of a JOSE error - */ - public static String createSignature(@Nonnull Pair<KeyStore, Provider> keyStore, - @Nonnull final String keyAlias, @Nonnull final char[] keyPassword, - @Nonnull final String payLoad, boolean addFullCertChain, - @Nonnull final Map<String, String> joseHeaders, - @Nonnull final String rsaAlgToUse, @Nonnull final String eccAlgToUse, - @Nonnull String friendlyNameForLogging) throws EaafException, JoseException { - - final JsonWebSignature jws = new JsonWebSignature(); - - // set payload - jws.setPayload(payLoad); - - // set JOSE headers - for (final Entry<String, String> el : joseHeaders.entrySet()) { - log.trace("Set JOSE header: {} with value: {} into JWS", el.getKey(), el.getValue()); - jws.setHeader(el.getKey(), el.getValue()); - - } - - // set signing information - final Pair<Key, X509Certificate[]> signingCred = EaafKeyStoreUtils.getPrivateKeyAndCertificates( - keyStore.getFirst(), keyAlias, keyPassword, true, friendlyNameForLogging); - jws.setKey(signingCred.getFirst()); - jws.setAlgorithmHeaderValue(getKeyOperationAlgorithmFromCredential( - jws.getKey(), rsaAlgToUse, eccAlgToUse, friendlyNameForLogging)); - - // set special provider if required - if (keyStore.getSecond() != null) { - log.trace("Injecting special Java Security Provider: {}", keyStore.getSecond().getName()); - final ProviderContext providerCtx = new ProviderContext(); - providerCtx.getSuppliedKeyProviderContext().setSignatureProvider( - keyStore.getSecond().getName()); - jws.setProviderContext(providerCtx); - - } - - if (addFullCertChain) { - jws.setCertificateChainHeaderValue(signingCred.getSecond()); - - } - - jws.setX509CertSha256ThumbprintHeaderValue(signingCred.getSecond()[0]); - - return jws.getCompactSerialization(); - - } - - /** - * Verify a JOSE signature. - * - * @param serializedContent Serialized content that should be verified - * @param trustedCerts Trusted certificates that should be used for - * verification - * @param constraints {@link AlgorithmConstraints} for verification - * @return {@link JwsResult} object - * @throws JoseException In case of a signature verification error - * @throws IOException In case of a general error - */ - public static JwsResult validateSignature(@Nonnull final String serializedContent, - @Nonnull final List<X509Certificate> trustedCerts, @Nonnull final AlgorithmConstraints constraints) - throws JoseException, IOException { - final JsonWebSignature jws = new JsonWebSignature(); - // set payload - jws.setCompactSerialization(serializedContent); - - // set security constrains - jws.setAlgorithmConstraints(constraints); - - // load signinc certs - Key selectedKey = null; - final List<X509Certificate> x5cCerts = jws.getCertificateChainHeaderValue(); - final String x5t256 = jws.getX509CertSha256ThumbprintHeaderValue(); - if (x5cCerts != null) { - log.debug("Found x509 certificate in JOSE header ... "); - log.trace("Sorting received X509 certificates ... "); - final List<X509Certificate> sortedX5cCerts = X509Utils.sortCertificates(x5cCerts); - - if (trustedCerts.contains(sortedX5cCerts.get(0))) { - selectedKey = sortedX5cCerts.get(0).getPublicKey(); - - } else { - log.info("Can NOT find JOSE certificate in truststore."); - if (log.isDebugEnabled()) { - try { - log.debug("Cert: {}", Base64Utils.encodeToString(sortedX5cCerts.get(0).getEncoded())); - - } catch (final CertificateEncodingException e) { - log.warn("Can not create DEBUG output", e); - - } - } - } - - } else if (StringUtils.isNotEmpty(x5t256)) { - log.debug("Found x5t256 fingerprint in JOSE header .... "); - final X509VerificationKeyResolver x509VerificationKeyResolver = new X509VerificationKeyResolver( - trustedCerts); - selectedKey = x509VerificationKeyResolver.resolveKey(jws, Collections.<JsonWebStructure>emptyList()); - - } else { - throw new JoseException("JWS contains NO signature certificate or NO certificate fingerprint"); - - } - - if (selectedKey == null) { - throw new JoseException("Can NOT select verification key for JWS. Signature verification FAILED"); - - } - - // set verification key - jws.setKey(selectedKey); - - // load payLoad - return new JwsResult( - jws.verifySignature(), - jws.getUnverifiedPayload(), - jws.getHeaders(), - x5cCerts); - - } - - /** - * Select signature algorithm for a given credential. - * - * @param key {@link X509Credential} that will be used for - * key operations - * @param rsaSigAlgorithm RSA based algorithm that should be used in case - * of RSA credential - * @param ecSigAlgorithm EC based algorithm that should be used in case - * of RSA credential - * @param friendlyNameForLogging KeyStore friendlyName for logging purposes - * @return either the RSA based algorithm or the EC based algorithm - * @throws EaafKeyUsageException In case of an unsupported private-key type - */ - private static String getKeyOperationAlgorithmFromCredential(Key key, - String rsaSigAlgorithm, String ecSigAlgorithm, String friendlyNameForLogging) - throws EaafKeyUsageException { - if (key instanceof RSAPrivateKey) { - return rsaSigAlgorithm; - - } else if (key instanceof ECPrivateKey) { - return ecSigAlgorithm; - - } else { - log.warn("Could NOT select the cryptographic algorithm from Private-Key type"); - throw new EaafKeyUsageException(EaafKeyUsageException.ERROR_CODE_01, - friendlyNameForLogging, - "Can not select cryptographic algorithm"); - - } - - } - - private JoseUtils() { - - } - - @Getter - @AllArgsConstructor - public static class JwsResult { - final boolean valid; - final String payLoad; - final Headers fullJoseHeader; - final List<X509Certificate> x5cCerts; - - } -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/LoggingHandler.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/LoggingHandler.java deleted file mode 100644 index 70290cd3..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/LoggingHandler.java +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.utils; - -import java.io.ByteArrayOutputStream; -import java.util.Set; - -import javax.xml.namespace.QName; -import javax.xml.soap.SOAPMessage; -import javax.xml.ws.handler.MessageContext; -import javax.xml.ws.handler.soap.SOAPHandler; -import javax.xml.ws.handler.soap.SOAPMessageContext; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class LoggingHandler implements SOAPHandler<SOAPMessageContext> { - - Logger log = LoggerFactory.getLogger(LoggingHandler.class); - - @Override - public boolean handleMessage(SOAPMessageContext context) { - final SOAPMessage msg = context.getMessage(); - final ByteArrayOutputStream bos = new ByteArrayOutputStream(); - - try { - msg.writeTo(bos); - log.trace(bos.toString("UTF-8")); - log.trace(new String(bos.toByteArray(), "UTF-8")); - - } catch (final Exception e) { - log.trace(e.getMessage(), e); - } - return true; - } - - @Override - public boolean handleFault(SOAPMessageContext context) { - return handleMessage(context); - } - - @Override - public void close(MessageContext context) { - } - - @Override - public Set<QName> getHeaders() { - return null; - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/validator/EidasResponseValidator.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/validator/EidasResponseValidator.java deleted file mode 100644 index 9d9a0647..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/validator/EidasResponseValidator.java +++ /dev/null @@ -1,175 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.validator; - -import java.util.List; - -import org.apache.commons.lang3.StringUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import com.google.common.collect.ImmutableSet; - -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasValidationException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.impl.data.Triple; -import eu.eidas.auth.commons.attribute.AttributeDefinition; -import eu.eidas.auth.commons.attribute.AttributeValue; -import eu.eidas.auth.commons.light.ILightResponse; -import eu.eidas.auth.commons.protocol.eidas.LevelOfAssurance; - -/** - * eIDAS Response validator implementation. - * - * @author tlenz - * - */ -public class EidasResponseValidator { - private static final Logger log = LoggerFactory.getLogger(EidasResponseValidator.class); - - /** - * Validate an eIDAS Response according to internal state. - * - * @param pendingReq Current pending request - * @param eidasResponse eIDAS response object - * @param spCountry Country-Code of the Service Provider - * @param citizenCountryCode Country-Code of the Citizen - * @param attrRegistry eIDAS Attribute registry implementation - * @throws EidasValidationException In case of an validation error - */ - public static void validateResponse(IRequest pendingReq, ILightResponse eidasResponse, String spCountry, - String citizenCountryCode, EidasAttributeRegistry attrRegistry) throws EidasValidationException { - - /*-----------------------------------------------------| - * validate received LoA against minimum required LoA | - *_____________________________________________________| - */ - final LevelOfAssurance respLoA = LevelOfAssurance.fromString(eidasResponse.getLevelOfAssurance()); - final List<String> allowedLoAs = pendingReq.getServiceProviderConfiguration().getRequiredLoA(); - boolean loaValid = false; - for (final String allowedLoaString : allowedLoAs) { - final LevelOfAssurance allowedLoa = LevelOfAssurance.fromString(allowedLoaString); - if (respLoA.numericValue() >= allowedLoa.numericValue()) { - log.debug("Response contains valid LoA. Resume process ... "); - loaValid = true; - break; - - } else { - log.trace("Allowed LoA: " + allowedLoaString + " DOES NOT match response LoA: " + eidasResponse - .getLevelOfAssurance()); - } - - } - - if (!loaValid) { - log.error("eIDAS Response LevelOfAssurance is lower than the required! " - + "(Resp-LoA:{} Req-LoA:{} )", respLoA.getValue(), allowedLoAs.toArray()); - throw new EidasValidationException("eidas.06", new Object[] { respLoA.getValue() }); - - } - - /*-----------------------------------------------------| - * validate 'PersonalIdentifier' attribute | - *_____________________________________________________| - */ - final AttributeDefinition<?> attrDefinition = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first(); - final ImmutableSet<? extends AttributeValue<?>> attributeValues = eidasResponse.getAttributes() - .getAttributeMap().get(attrDefinition); - final List<String> personalIdObj = EidasResponseUtils.translateStringListAttribute(attrDefinition, - attributeValues); - - // check if attribute exists - if (personalIdObj == null || personalIdObj.isEmpty()) { - log.warn("eIDAS Response include NO 'PersonalIdentifier' attriubte " - + ".... That can be a BIG problem in further processing steps"); - throw new EidasValidationException("eidas.05", new Object[] { "NO 'PersonalIdentifier' attriubte" }); - - } else if (personalIdObj.size() > 1) { - log.warn("eIDAS Response include MORE THAN ONE 'PersonalIdentifier' attriubtes " - + ".... That can be a BIG problem in further processing steps"); - throw new EidasValidationException("eidas.05", new Object[] { - "MORE THAN ONE 'PersonalIdentifier' attriubtes" }); - - } else { - final String natPersId = personalIdObj.get(0); - // validate attribute value format - final Triple<String, String, String> split = - EidasResponseUtils.parseEidasPersonalIdentifier(natPersId); - if (split == null) { - throw new EidasValidationException("eidas.07", - new Object[] { - Constants.eIDAS_ATTR_PERSONALIDENTIFIER, - "Wrong identifier format" }); - - } else { - // validation according to eIDAS SAML Attribute Profile, Section 2.2.3 - if (StringUtils.isEmpty(split.getSecond())) { - log.warn("eIDAS attribute value for " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER - + " includes NO destination country. Value:" + natPersId); - throw new EidasValidationException("eidas.07", - new Object[] { - Constants.eIDAS_ATTR_PERSONALIDENTIFIER, - "No or empty destination country" }); - - } - if (!split.getSecond().equalsIgnoreCase(spCountry)) { - log.warn("eIDAS attribute value for " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER - + " includes wrong destination country. Value:" + natPersId - + " SP-Country:" + spCountry); - throw new EidasValidationException("eidas.07", - new Object[] { - Constants.eIDAS_ATTR_PERSONALIDENTIFIER, - "Destination country does not match to SP country" }); - - } - - if (StringUtils.isEmpty(split.getFirst())) { - log.warn("eIDAS attribute value for " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER - + " includes NO citizen country. Value:" + natPersId); - throw new EidasValidationException("eidas.07", - new Object[] { - Constants.eIDAS_ATTR_PERSONALIDENTIFIER, - "No or empty citizen country" }); - - } - if (!split.getFirst().equalsIgnoreCase(citizenCountryCode)) { - log.warn("eIDAS attribute value for " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER - + " includes a citizen country that does not match to service-provider country. " - + " Value:" + natPersId - + " citiczen Country:" + spCountry); - throw new EidasValidationException("eidas.07", - new Object[] { - Constants.eIDAS_ATTR_PERSONALIDENTIFIER, - "Citizen country does not match to eIDAS-node country that generates the response" }); - - } - } - } - - } -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider deleted file mode 100644 index a8d2991d..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider +++ /dev/null @@ -1 +0,0 @@ -at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasAuthenticationSpringResourceProvider
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eIDAS.Authentication.process.xml b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eIDAS.Authentication.process.xml deleted file mode 100644 index e645c50e..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eIDAS.Authentication.process.xml +++ /dev/null @@ -1,26 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<pd:ProcessDefinition id="eIDASAuthentication_v2" - xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"> - - - <pd:Task id="createAuthnRequest" class="ConnecteIDASNodeTask" /> - <pd:Task id="receiveAuthnResponse" - class="ReceiveResponseFromeIDASNodeTask" async="true" /> - <pd:Task id="finalizeAuthentication" - class="FinalizeAuthenticationTask" /> - <pd:Task id="generateIdentityLink" - class="CreateIdentityLinkTask" /> - - <pd:StartEvent id="start" /> - - <pd:Transition from="start" to="createAuthnRequest" /> - <pd:Transition from="createAuthnRequest" to="receiveAuthnResponse" /> - <pd:Transition conditionExpression="ctx['msConnectorStaging']" - from="receiveAuthnResponse" to="end" /> - <pd:Transition from="receiveAuthnResponse" to="generateIdentityLink" /> - <pd:Transition from="generateIdentityLink" to="finalizeAuthentication" /> - <pd:Transition from="finalizeAuthentication" to="end" /> - - <pd:EndEvent id="end" /> - -</pd:ProcessDefinition> diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eIDAS/additional-attributes.xml b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eIDAS/additional-attributes.xml deleted file mode 100644 index a72ac1e8..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eIDAS/additional-attributes.xml +++ /dev/null @@ -1,42 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- - ~ Copyright (c) 2017 by European Commission - ~ - ~ Licensed under the EUPL, Version 1.2 or - as soon they will be - ~ approved by the European Commission - subsequent versions of the - ~ EUPL (the "Licence"); - ~ You may not use this work except in compliance with the Licence. - ~ You may obtain a copy of the Licence at: - ~ https://joinup.ec.europa.eu/page/eupl-text-11-12 - ~ - ~ Unless required by applicable law or agreed to in writing, software - ~ distributed under the Licence is distributed on an "AS IS" basis, - ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - ~ implied. - ~ See the Licence for the specific language governing permissions and - ~ limitations under the Licence. - --> - -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> -<properties> - <comment>Dynamic attributes</comment> - - <entry key="1.NameUri">http://eidas.europa.eu/attributes/naturalperson/AdditionalAttribute</entry> - <entry key="1.FriendlyName">AdditionalAttribute</entry> - <entry key="1.PersonType">NaturalPerson</entry> - <entry key="1.Required">false</entry> - <entry key="1.XmlType.NamespaceUri">http://www.w3.org/2001/XMLSchema</entry> - <entry key="1.XmlType.LocalPart">string</entry> - <entry key="1.XmlType.NamespacePrefix">xs</entry> - <entry key="1.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="2.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalAdditionalAttribute</entry> - <entry key="2.FriendlyName">LegalAdditionalAttribute</entry> - <entry key="2.PersonType">LegalPerson</entry> - <entry key="2.Required">false</entry> - <entry key="2.XmlType.NamespaceUri">http://www.w3.org/2001/XMLSchema</entry> - <entry key="2.XmlType.LocalPart">string</entry> - <entry key="2.XmlType.NamespacePrefix">xs</entry> - <entry key="2.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - -</properties> diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eIDAS/eidas-attributes.xml b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eIDAS/eidas-attributes.xml deleted file mode 100644 index c9288d59..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eIDAS/eidas-attributes.xml +++ /dev/null @@ -1,379 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- - ~ Copyright (c) 2017 by European Commission - ~ - ~ Licensed under the EUPL, Version 1.2 or - as soon they will be - ~ approved by the European Commission - subsequent versions of the - ~ EUPL (the "Licence"); - ~ You may not use this work except in compliance with the Licence. - ~ You may obtain a copy of the Licence at: - ~ https://joinup.ec.europa.eu/page/eupl-text-11-12 - ~ - ~ Unless required by applicable law or agreed to in writing, software - ~ distributed under the Licence is distributed on an "AS IS" basis, - ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - ~ implied. - ~ See the Licence for the specific language governing permissions and - ~ limitations under the Licence. - --> - -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> -<properties> - <comment>eIDAS attributes</comment> - - <entry key="1.NameUri">http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</entry> - <entry key="1.FriendlyName">PersonIdentifier</entry> - <entry key="1.PersonType">NaturalPerson</entry> - <entry key="1.Required">true</entry> - <entry key="1.UniqueIdentifier">true</entry> - <entry key="1.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> - <entry key="1.XmlType.LocalPart">PersonIdentifierType</entry> - <entry key="1.XmlType.NamespacePrefix">eidas-natural</entry> - <entry key="1.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="2.NameUri">http://eidas.europa.eu/attributes/naturalperson/CurrentFamilyName</entry> - <entry key="2.FriendlyName">FamilyName</entry> - <entry key="2.PersonType">NaturalPerson</entry> - <entry key="2.Required">true</entry> - <entry key="2.TransliterationMandatory">true</entry> - <entry key="2.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> - <entry key="2.XmlType.LocalPart">CurrentFamilyNameType</entry> - <entry key="2.XmlType.NamespacePrefix">eidas-natural</entry> - <entry key="2.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="3.NameUri">http://eidas.europa.eu/attributes/naturalperson/CurrentGivenName</entry> - <entry key="3.FriendlyName">FirstName</entry> - <entry key="3.PersonType">NaturalPerson</entry> - <entry key="3.Required">true</entry> - <entry key="3.TransliterationMandatory">true</entry> - <entry key="3.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> - <entry key="3.XmlType.LocalPart">CurrentGivenNameType</entry> - <entry key="3.XmlType.NamespacePrefix">eidas-natural</entry> - <entry key="3.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="4.NameUri">http://eidas.europa.eu/attributes/naturalperson/DateOfBirth</entry> - <entry key="4.FriendlyName">DateOfBirth</entry> - <entry key="4.PersonType">NaturalPerson</entry> - <entry key="4.Required">true</entry> - <entry key="4.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> - <entry key="4.XmlType.LocalPart">DateOfBirthType</entry> - <entry key="4.XmlType.NamespacePrefix">eidas-natural</entry> - <entry key="4.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.DateTimeAttributeValueMarshaller</entry> - - <entry key="5.NameUri">http://eidas.europa.eu/attributes/naturalperson/BirthName</entry> - <entry key="5.FriendlyName">BirthName</entry> - <entry key="5.PersonType">NaturalPerson</entry> - <entry key="5.Required">false</entry> - <entry key="5.TransliterationMandatory">true</entry> - <entry key="5.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> - <entry key="5.XmlType.LocalPart">BirthNameType</entry> - <entry key="5.XmlType.NamespacePrefix">eidas-natural</entry> - <entry key="5.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="6.NameUri">http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth</entry> - <entry key="6.FriendlyName">PlaceOfBirth</entry> - <entry key="6.PersonType">NaturalPerson</entry> - <entry key="6.Required">false</entry> - <entry key="6.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> - <entry key="6.XmlType.LocalPart">PlaceOfBirthType</entry> - <entry key="6.XmlType.NamespacePrefix">eidas-natural</entry> - <entry key="6.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="7.NameUri">http://eidas.europa.eu/attributes/naturalperson/CurrentAddress</entry> - <entry key="7.FriendlyName">CurrentAddress</entry> - <entry key="7.PersonType">NaturalPerson</entry> - <entry key="7.Required">false</entry> - <entry key="7.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> - <entry key="7.XmlType.LocalPart">CurrentAddressType</entry> - <entry key="7.XmlType.NamespacePrefix">eidas-natural</entry> - <entry key="7.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.CurrentAddressAttributeValueMarshaller</entry> - - <entry key="8.NameUri">http://eidas.europa.eu/attributes/naturalperson/Gender</entry> - <entry key="8.FriendlyName">Gender</entry> - <entry key="8.PersonType">NaturalPerson</entry> - <entry key="8.Required">false</entry> - <entry key="8.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> - <entry key="8.XmlType.LocalPart">GenderType</entry> - <entry key="8.XmlType.NamespacePrefix">eidas-natural</entry> - <entry key="8.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.GenderAttributeValueMarshaller</entry> - - <entry key="9.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalPersonIdentifier</entry> - <entry key="9.FriendlyName">LegalPersonIdentifier</entry> - <entry key="9.PersonType">LegalPerson</entry> - <entry key="9.Required">true</entry> - <entry key="9.UniqueIdentifier">true</entry> - <entry key="9.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> - <entry key="9.XmlType.LocalPart">LegalPersonIdentifierType</entry> - <entry key="9.XmlType.NamespacePrefix">eidas-legal</entry> - <entry key="9.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="10.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalName</entry> - <entry key="10.FriendlyName">LegalName</entry> - <entry key="10.PersonType">LegalPerson</entry> - <entry key="10.Required">true</entry> - <entry key="10.TransliterationMandatory">true</entry> - <entry key="10.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> - <entry key="10.XmlType.LocalPart">LegalNameType</entry> - <entry key="10.XmlType.NamespacePrefix">eidas-legal</entry> - <entry key="10.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="11.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalPersonAddress</entry> - <entry key="11.FriendlyName">LegalAddress</entry> - <entry key="11.PersonType">LegalPerson</entry> - <entry key="11.Required">false</entry> - <entry key="11.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> - <entry key="11.XmlType.LocalPart">LegalPersonAddressType</entry> - <entry key="11.XmlType.NamespacePrefix">eidas-legal</entry> - <entry key="11.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.LegalAddressAttributeValueMarshaller</entry> - - <entry key="12.NameUri">http://eidas.europa.eu/attributes/legalperson/VATRegistrationNumber</entry> - <entry key="12.FriendlyName">VATRegistration</entry> - <entry key="12.PersonType">LegalPerson</entry> - <entry key="12.Required">false</entry> - <entry key="12.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> - <entry key="12.XmlType.LocalPart">VATRegistrationNumberType</entry> - <entry key="12.XmlType.NamespacePrefix">eidas-legal</entry> - <entry key="12.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="13.NameUri">http://eidas.europa.eu/attributes/legalperson/TaxReference</entry> - <entry key="13.FriendlyName">TaxReference</entry> - <entry key="13.PersonType">LegalPerson</entry> - <entry key="13.Required">false</entry> - <entry key="13.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> - <entry key="13.XmlType.LocalPart">TaxReferenceType</entry> - <entry key="13.XmlType.NamespacePrefix">eidas-legal</entry> - <entry key="13.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="14.NameUri">http://eidas.europa.eu/attributes/legalperson/D-2012-17-EUIdentifier</entry> - <entry key="14.FriendlyName">D-2012-17-EUIdentifier</entry> - <entry key="14.PersonType">LegalPerson</entry> - <entry key="14.Required">false</entry> - <entry key="14.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> - <entry key="14.XmlType.LocalPart">D-2012-17-EUIdentifierType</entry> - <entry key="14.XmlType.NamespacePrefix">eidas-legal</entry> - <entry key="14.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="15.NameUri">http://eidas.europa.eu/attributes/legalperson/LEI</entry> - <entry key="15.FriendlyName">LEI</entry> - <entry key="15.PersonType">LegalPerson</entry> - <entry key="15.Required">false</entry> - <entry key="15.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> - <entry key="15.XmlType.LocalPart">LEIType</entry> - <entry key="15.XmlType.NamespacePrefix">eidas-legal</entry> - <entry key="15.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="16.NameUri">http://eidas.europa.eu/attributes/legalperson/EORI</entry> - <entry key="16.FriendlyName">EORI</entry> - <entry key="16.PersonType">LegalPerson</entry> - <entry key="16.Required">false</entry> - <entry key="16.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> - <entry key="16.XmlType.LocalPart">EORIType</entry> - <entry key="16.XmlType.NamespacePrefix">eidas-legal</entry> - <entry key="16.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="17.NameUri">http://eidas.europa.eu/attributes/legalperson/SEED</entry> - <entry key="17.FriendlyName">SEED</entry> - <entry key="17.PersonType">LegalPerson</entry> - <entry key="17.Required">false</entry> - <entry key="17.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> - <entry key="17.XmlType.LocalPart">SEEDType</entry> - <entry key="17.XmlType.NamespacePrefix">eidas-legal</entry> - <entry key="17.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="18.NameUri">http://eidas.europa.eu/attributes/legalperson/SIC</entry> - <entry key="18.FriendlyName">SIC</entry> - <entry key="18.PersonType">LegalPerson</entry> - <entry key="18.Required">false</entry> - <entry key="18.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> - <entry key="18.XmlType.LocalPart">SICType</entry> - <entry key="18.XmlType.NamespacePrefix">eidas-legal</entry> - <entry key="18.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="19.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/PersonIdentifier</entry> - <entry key="19.FriendlyName">RepresentativePersonIdentifier</entry> - <entry key="19.PersonType">RepresentativeNaturalPerson</entry> - <entry key="19.Required">false</entry> - <entry key="19.UniqueIdentifier">true</entry> - <entry key="19.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> - <entry key="19.XmlType.LocalPart">PersonIdentifierType</entry> - <entry key="19.XmlType.NamespacePrefix">eidas-natural</entry> - <entry key="19.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="20.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/CurrentFamilyName</entry> - <entry key="20.FriendlyName">RepresentativeFamilyName</entry> - <entry key="20.PersonType">RepresentativeNaturalPerson</entry> - <entry key="20.Required">false</entry> - <entry key="20.TransliterationMandatory">true</entry> - <entry key="20.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> - <entry key="20.XmlType.LocalPart">CurrentFamilyNameType</entry> - <entry key="20.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> - <entry key="20.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="21.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/CurrentGivenName</entry> - <entry key="21.FriendlyName">RepresentativeFirstName</entry> - <entry key="21.PersonType">RepresentativeNaturalPerson</entry> - <entry key="21.Required">false</entry> - <entry key="21.TransliterationMandatory">true</entry> - <entry key="21.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> - <entry key="21.XmlType.LocalPart">CurrentGivenNameType</entry> - <entry key="21.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> - <entry key="21.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="22.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/DateOfBirth</entry> - <entry key="22.FriendlyName">RepresentativeDateOfBirth</entry> - <entry key="22.PersonType">RepresentativeNaturalPerson</entry> - <entry key="22.Required">false</entry> - <entry key="22.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> - <entry key="22.XmlType.LocalPart">DateOfBirthType</entry> - <entry key="22.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> - <entry key="22.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.DateTimeAttributeValueMarshaller</entry> - - <entry key="23.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/BirthName</entry> - <entry key="23.FriendlyName">RepresentativeBirthName</entry> - <entry key="23.PersonType">RepresentativeNaturalPerson</entry> - <entry key="23.Required">false</entry> - <entry key="23.TransliterationMandatory">true</entry> - <entry key="23.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> - <entry key="23.XmlType.LocalPart">BirthNameType</entry> - <entry key="23.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> - <entry key="23.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="24.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/PlaceOfBirth</entry> - <entry key="24.FriendlyName">RepresentativePlaceOfBirth</entry> - <entry key="24.PersonType">RepresentativeNaturalPerson</entry> - <entry key="24.Required">false</entry> - <entry key="24.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> - <entry key="24.XmlType.LocalPart">PlaceOfBirthType</entry> - <entry key="24.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> - <entry key="24.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="25.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/CurrentAddress</entry> - <entry key="25.FriendlyName">RepresentativeCurrentAddress</entry> - <entry key="25.PersonType">RepresentativeNaturalPerson</entry> - <entry key="25.Required">false</entry> - <entry key="25.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> - <entry key="25.XmlType.LocalPart">CurrentAddressType</entry> - <entry key="25.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> - <entry key="25.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.RepvCurrentAddressAttributeValueMarshaller</entry> - - <entry key="26.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/Gender</entry> - <entry key="26.FriendlyName">RepresentativeGender</entry> - <entry key="26.PersonType">RepresentativeNaturalPerson</entry> - <entry key="26.Required">false</entry> - <entry key="26.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> - <entry key="26.XmlType.LocalPart">GenderType</entry> - <entry key="26.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> - <entry key="26.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.GenderAttributeValueMarshaller</entry> - - <entry key="27.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalPersonIdentifier</entry> - <entry key="27.FriendlyName">RepresentativeLegalPersonIdentifier</entry> - <entry key="27.PersonType">RepresentativeLegalPerson</entry> - <entry key="27.Required">false</entry> - <entry key="27.UniqueIdentifier">true</entry> - <entry key="27.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="27.XmlType.LocalPart">LegalPersonIdentifierType</entry> - <entry key="27.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="27.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="28.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalName</entry> - <entry key="28.FriendlyName">RepresentativeLegalName</entry> - <entry key="28.PersonType">RepresentativeLegalPerson</entry> - <entry key="28.Required">false</entry> - <entry key="28.TransliterationMandatory">true</entry> - <entry key="28.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="28.XmlType.LocalPart">LegalNameType</entry> - <entry key="28.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="28.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="29.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalPersonAddress</entry> - <entry key="29.FriendlyName">RepresentativeLegalAddress</entry> - <entry key="29.PersonType">RepresentativeLegalPerson</entry> - <entry key="29.Required">false</entry> - <entry key="29.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="29.XmlType.LocalPart">LegalPersonAddressType</entry> - <entry key="29.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="29.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.RepvLegalAddressAttributeValueMarshaller</entry> - - <entry key="30.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/VATRegistrationNumber</entry> - <entry key="30.FriendlyName">RepresentativeVATRegistration</entry> - <entry key="30.PersonType">RepresentativeLegalPerson</entry> - <entry key="30.Required">false</entry> - <entry key="30.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="30.XmlType.LocalPart">VATRegistrationNumberType</entry> - <entry key="30.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="30.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="31.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/TaxReference</entry> - <entry key="31.FriendlyName">RepresentativeTaxReference</entry> - <entry key="31.PersonType">RepresentativeLegalPerson</entry> - <entry key="31.Required">false</entry> - <entry key="31.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="31.XmlType.LocalPart">TaxReferenceType</entry> - <entry key="31.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="31.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="32.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/D-2012-17-EUIdentifier</entry> - <entry key="32.FriendlyName">RepresentativeD-2012-17-EUIdentifier</entry> - <entry key="32.PersonType">RepresentativeLegalPerson</entry> - <entry key="32.Required">false</entry> - <entry key="32.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="32.XmlType.LocalPart">D-2012-17-EUIdentifierType</entry> - <entry key="32.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="32.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="33.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LEI</entry> - <entry key="33.FriendlyName">RepresentativeLEI</entry> - <entry key="33.PersonType">RepresentativeLegalPerson</entry> - <entry key="33.Required">false</entry> - <entry key="33.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="33.XmlType.LocalPart">LEIType</entry> - <entry key="33.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="33.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="34.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/EORI</entry> - <entry key="34.FriendlyName">RepresentativeEORI</entry> - <entry key="34.PersonType">RepresentativeLegalPerson</entry> - <entry key="34.Required">false</entry> - <entry key="34.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="34.XmlType.LocalPart">EORIType</entry> - <entry key="34.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="34.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="35.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/SEED</entry> - <entry key="35.FriendlyName">RepresentativeSEED</entry> - <entry key="35.PersonType">RepresentativeLegalPerson</entry> - <entry key="35.Required">false</entry> - <entry key="35.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="35.XmlType.LocalPart">SEEDType</entry> - <entry key="35.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="35.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="36.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/SIC</entry> - <entry key="36.FriendlyName">RepresentativeSIC</entry> - <entry key="36.PersonType">RepresentativeLegalPerson</entry> - <entry key="36.Required">false</entry> - <entry key="36.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="36.XmlType.LocalPart">SICType</entry> - <entry key="36.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="36.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="39.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalPersonAddress</entry> - <entry key="39.FriendlyName">RepresentativeLegalAddress</entry> - <entry key="39.PersonType">RepresentativeLegalPerson</entry> - <entry key="39.Required">false</entry> - <entry key="39.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="39.XmlType.LocalPart">LegalPersonAddressType</entry> - <entry key="39.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="39.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.RepvLegalAddressAttributeValueMarshaller</entry> - - <entry key="40.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/VATRegistrationNumber</entry> - <entry key="40.FriendlyName">RepresentativeVATRegistration</entry> - <entry key="40.PersonType">RepresentativeLegalPerson</entry> - <entry key="40.Required">false</entry> - <entry key="40.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="40.XmlType.LocalPart">VATRegistrationNumberType</entry> - <entry key="40.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="40.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - -</properties> diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml deleted file mode 100644 index 3b0cee54..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml +++ /dev/null @@ -1,95 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<beans xmlns="http://www.springframework.org/schema/beans" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xmlns:context="http://www.springframework.org/schema/context" - xmlns:tx="http://www.springframework.org/schema/tx" - xmlns:aop="http://www.springframework.org/schema/aop" - xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd - http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd - http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd - http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> - - <context:annotation-config /> - - <import - resource="classpath:specificCommunicationDefinitionApplicationContext.xml" /> - - <bean id="SZRClientForeIDAS" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient" /> - - <bean id="specificConnectorAttributesFile" - class="java.lang.String"> - <constructor-arg value="eidas-attributes.xml" /> - </bean> - - <bean id="specificAdditionalAttributesFile" - class="java.lang.String"> - <constructor-arg value="additional-attributes.xml" /> - </bean> - - <bean id="specificConnectorAttributesFileWithPath" - class="java.lang.String"> - <constructor-arg - value="#{specificConnectorConfigRepository}#{specificConnectorAttributesFile}" /> - </bean> - - <bean id="specificConnectorAdditionalAttributesFileWithPath" - class="java.lang.String"> - <constructor-arg - value="#{specificConnectorConfigRepository}#{specificAdditionalAttributesFile}" /> - </bean> - - <bean id="eIDASAuthModule" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasAuthenticationModulImpl"> - <property name="priority" value="2" /> - </bean> - - <bean id="eIDASSignalServlet" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet" /> - - <bean id="attributeRegistry" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry"> - <property name="eidasAttributesFile" - ref="specificConnectorAttributesFileWithPath" /> - <property name="additionalAttributesFile" - ref="specificConnectorAdditionalAttributesFileWithPath" /> - </bean> - - <!-- <bean id="eIDASDataStore" class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.eIDASDataStore" - /> --> - - <bean id="authBlockSigningService" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.AuthBlockSigningService" /> - - <bean id="EIDPostProcessingService" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService" /> - - <bean id="DE-Processor" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.DeEidProcessor"> - <property name="priority" value="1" /> - </bean> - - <bean id="LU-Processor" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.LuEidProcessor"> - <property name="priority" value="1" /> - </bean> - - <bean id="Default-Processor" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.GenericEidProcessor"> - <property name="priority" value="0" /> - </bean> - - <!-- Authentication Process Tasks --> - <bean id="ConnecteIDASNodeTask" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask" - scope="prototype" /> - - <bean id="ReceiveResponseFromeIDASNodeTask" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveAuthnResponseTask" - scope="prototype" /> - - <bean id="CreateIdentityLinkTask" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask" - scope="prototype" /> - -</beans>
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/resources/xmldata/fakeIdL_IdL_template.xml b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/resources/xmldata/fakeIdL_IdL_template.xml deleted file mode 100644 index 91b8e5e4..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/resources/xmldata/fakeIdL_IdL_template.xml +++ /dev/null @@ -1,122 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<saml:Assertion - xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" - xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" - xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" - xmlns:si="http://www.w3.org/2001/XMLSchema-instance" - AssertionID="szr.bmi.gv.at-AssertionID13456264458587874" - IssueInstant="2012-08-22T11:07:25+01:00" - Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" - MinorVersion="0" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> - <saml:AttributeStatement> - <saml:Subject> - <saml:SubjectConfirmation> - <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches - </saml:ConfirmationMethod> - <saml:SubjectConfirmationData> - <pr:Person si:type="pr:PhysicalPersonType"> - <pr:Identification> - <pr:Value>wJO/bvDJjUysG0yARn7I6w==</pr:Value> - <pr:Type>urn:publicid:gv.at:baseid</pr:Type> - </pr:Identification> - <pr:Name> - <pr:GivenName>XXXRúùd</pr:GivenName> - <pr:FamilyName primary="undefined">XXXVà n Nisteĺrooy - </pr:FamilyName> - </pr:Name> - <pr:DateOfBirth>1969-02-13</pr:DateOfBirth> - </pr:Person> - </saml:SubjectConfirmationData> - </saml:SubjectConfirmation> - </saml:Subject> - <saml:Attribute AttributeName="CitizenPublicKey" - AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2"> - <saml:AttributeValue> - <ecdsa:ECDSAKeyValue> - <ecdsa:DomainParameters> - <ecdsa:NamedCurve - URN="urn:oid:1.2.840.10045.3.1.7" /> - </ecdsa:DomainParameters> - <ecdsa:PublicKey> - <ecdsa:X - Value="22280299907126338788314199678167217078072953115254374209747379168424021905237" - si:type="ecdsa:PrimeFieldElemType" /> - <ecdsa:Y - Value="40387096985250872237992703378062984723606079359080588656963239072881568409170" - si:type="ecdsa:PrimeFieldElemType" /> - </ecdsa:PublicKey> - </ecdsa:ECDSAKeyValue> - </saml:AttributeValue> - </saml:Attribute> - <saml:Attribute AttributeName="CitizenPublicKey" - AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2"> - <saml:AttributeValue> - <dsig:RSAKeyValue> - <dsig:Modulus>4Y4FL09VhczsfYQgFPuycP8quJNZBAAu1R1rFXNodI2711B6BTMjAGQn6xuFWfd3/nyFav/MLTr/ - t2VazvANS4TRFxJAcWyIx7xbxCdzZr6gJ+FCmq4g5JPrQvt50v3JX+wKSYft1gHBOWlDn90Ia4Gm - P8MVuze21T+VVKM6ZklmS6d5PT1er/uYQFydGErmJ17xlSQG6Fi5xuftopBDyJxG1tL1KIebpLFg - gaM2EyuB1HxH8/+Mfqa4UgeqIH65 - </dsig:Modulus> - <dsig:Exponent>AQAB</dsig:Exponent> - </dsig:RSAKeyValue> - </saml:AttributeValue> - </saml:Attribute> - </saml:AttributeStatement> - <dsig:Signature> - <dsig:SignedInfo> - <dsig:CanonicalizationMethod - Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> - <dsig:SignatureMethod - Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> - <dsig:Reference URI=""> - <dsig:Transforms> - <dsig:Transform - Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> - <dsig:XPath>not(ancestor-or-self::pr:Identification) - </dsig:XPath> - </dsig:Transform> - <dsig:Transform - Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /> - </dsig:Transforms> - <dsig:DigestMethod - Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> - <dsig:DigestValue>KEQEPY2O3Z3IRaISSSoRZVPzsHE= - </dsig:DigestValue> - </dsig:Reference> - <dsig:Reference - Type="http://www.w3.org/2000/09/xmldsig#Manifest" - URI="#manifest"> - <dsig:DigestMethod - Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> - <dsig:DigestValue>gzGhjH1kdmPcPbgen0xojNIoJLk= - </dsig:DigestValue> - </dsig:Reference> - </dsig:SignedInfo> - <dsig:SignatureValue> - 06wqWHgplwpu3N5HMhzb6QC5NkXMO1z4N4oc1L6eDqwZlvFJ9X1XGW//QqviKO9oog3il7IzdfJwnjygR4trgGCIqx+JYCDHJCrG9l8zlxlSW0ZqfsygGXthutcQ1aeUpfO6jYuhnWOUywa8BgzukRtWT+AOJBQZPRYTb8IBmey+uAwlhFLni94eMOd81l+efCvkWi3jRajwsG8ZOaNxSZT3aEV5vj+32Aqtx2MPEVzQWtIA7GqZi+EzcdSdHQvHhg7UB+8kqbU70ENAJbEMTANFZYvLOJ0Om9KfDtPf/+R2TvTc360fNo9RnPl04pHPhCIjcGZhFZorBpUhXFwd2Q== - </dsig:SignatureValue> - <dsig:KeyInfo> - <dsig:X509Data> - <dsig:X509Certificate>MIIF3TCCBMWgAwIBAgIDByniMA0GCSqGSIb3DQEBBQUAMIGfMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMSIwIAYDVQQLDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMSIwIAYDVQQDDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMB4XDTEwMDcyODExMzY0M1oXDTE1MDcyODExMzY0M1owgbYxCzAJBgNVBAYTAkFUMR4wHAYDVQQKDBVEYXRlbnNjaHV0emtvbW1pc3Npb24xIjAgBgNVBAsMGVN0YW1temFobHJlZ2lzdGVyYmVob2VyZGUxLjAsBgNVBAMMJVNpZ25hdHVyc2VydmljZSBEYXRlbnNjaHV0emtvbW1pc3Npb24xFTATBgNVBAUTDDMyNTkyODMyMzk5ODEcMBoGCSqGSIb3DQEJARYNZHNrQGRzay5ndi5hdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN+dBSEBGj2jUXIK1Mp3lVxc/Za+pJMiyKrX3G1ZxgX/ikx7D9scsPYMt473LlAWl9cmCbHbJK+PV2XNNdURLMUCIX+4vUNs2MHeDTQtX8BXjJFpwJYSoaRJQ39FVS/1r5sWcra9Hhdm7w5Gtx/2ukyDX0kdkxawkhP4EQEzi/SI+Fugn+WqgQ1nAdlbxb/dcBw5w1h9b3lmuwUf4z3ooQWUD2DgA/kKd1KejNR43mLUsmvSzevPxT9zs78pOR1OacB7IszTVJPXeOEaaNZHnnB/UeO3g8LEV/3OkXcUgcMkbIIiaBHlll71Pq0COj9kqjXoe7OrRjLY5i3KwOpa6TMCAwEAAaOCAgcwggIDMBMGA1UdIwQMMAqACEkcWDpP6A0DMH8GCCsGAQUFBwEBBHMwcTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AuYS10cnVzdC5hdC9vY3NwMEYGCCsGAQUFBzAChjpodHRwOi8vd3d3LmEtdHJ1c3QuYXQvY2VydHMvYS1zaWduLWNvcnBvcmF0ZS1saWdodC0wMmEuY3J0MFQGA1UdIARNMEswSQYGKigAEQESMD8wPQYIKwYBBQUHAgEWMWh0dHA6Ly93d3cuYS10cnVzdC5hdC9kb2NzL2NwL2Etc2lnbi1BbXRzc2lnbmF0dXIwgZ4GA1UdHwSBljCBkzCBkKCBjaCBioaBh2xkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLWNvcnBvcmF0ZS1saWdodC0wMixvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQITAgOnhr0tbowDgYDVR0PAQH/BAQDAgSwMCAGA1UdEQQZMBeBFW1hcmN1cy5oaWxkQGRzay5ndi5hdDAJBgNVHRMEAjAAMA4GByooAAoBBwEEAwEB/zAUBgcqKAAKAQEBBAkMB0JTQi1EU0swDQYJKoZIhvcNAQEFBQADggEBAHTklnvPCH/bJSOlIPbLUEkSGuFHsektSZ8Vr22x/Yv7EzsxoQrJIiz2mQ2gQqFuExdWYxvsowjiSbiis9iUf1c0zscvDS3mIZxGs4M89XHsjHnIyb+Fuwnamw65QrFvM1tNB1ZMjxJ3x+YmHLHdtT3BEBcr3/NCRHd2S0HoBspNz9HVgJaZY1llR7poKBvnAc4g1i+QTvyVb00PtKxR9Lw/9ABInX/1pzpxqrPy7Ib2OP8z6dd3WHmIsCiSHUaj0Dxwwln6fYJjhxZ141SnbovlCLYtrsZLXoi9ljIqX4xO0PwMI2RfNc9cXxTRrRS6rEOvX7PpvgXiDXhp592Yyp4= - </dsig:X509Certificate> - </dsig:X509Data> - </dsig:KeyInfo> - <dsig:Object> - <dsig:Manifest Id="manifest"> - <dsig:Reference URI=""> - <dsig:Transforms> - <dsig:Transform - Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> - <dsig:XPath>not(ancestor-or-self::dsig:Signature) - </dsig:XPath> - </dsig:Transform> - </dsig:Transforms> - <dsig:DigestMethod - Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> - <dsig:DigestValue>8e7RjLnA4Mgltq5ruIJzheKGxu0= - </dsig:DigestValue> - </dsig:Reference> - </dsig:Manifest> - </dsig:Object> - </dsig:Signature> -</saml:Assertion>
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/SZR-1.1.WSDL b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/SZR-1.1.WSDL deleted file mode 100644 index 3c34458d..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/SZR-1.1.WSDL +++ /dev/null @@ -1,939 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<definitions targetNamespace="urn:SZRServices" xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pd="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:pvp="http://egov.gv.at/pvp1.xsd" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:szr="urn:SZRServices" xmlns:wsdlsoap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:xs="http://www.w3.org/2001/XMLSchema"> - <types> - <xs:schema elementFormDefault="qualified" targetNamespace="http://reference.e-government.gv.at/namespace/persondata/20020228#"> - <xs:complexType name="PhysicalPersonType"> - <xs:sequence> - <xs:element minOccurs="0" name="Identification" type="pd:IdentificationType" /> - <xs:element minOccurs="1" name="Name" type="pd:PersonNameType" /> - <xs:element minOccurs="0" name="AlternativeName" type="pd:AlternativeNameType" /> - <xs:element minOccurs="0" name="Sex" type="xs:string" /> - <xs:element minOccurs="0" name="DateOfBirth" type="xs:string" /> - <xs:element minOccurs="0" name="PlaceOfBirth" type="xs:string" /> - <xs:element minOccurs="0" name="CountryOfBirth" type="xs:string" /> - <xs:element minOccurs="0" name="Nationality" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="IdentificationType"> - <xs:sequence> - <xs:element minOccurs="0" name="Value" type="xs:string" /> - <xs:element minOccurs="0" name="Type" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="PersonNameType"> - <xs:sequence> - <xs:element minOccurs="0" name="PrefixedDegree" type="xs:string" /> - <xs:element name="GivenName" type="xs:string" nillable="true" /> - <xs:element name="FamilyName" type="xs:string" nillable="true" /> - <xs:element minOccurs="0" name="SuffixedDegree" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="AlternativeNameType"> - <xs:sequence> - <xs:element name="FamilyName" type="xs:string" nillable="true" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="PostalAddressType"> - <xs:sequence> - <xs:element minOccurs="0" name="PostalCode" type="xs:string" /> - <xs:element minOccurs="0" name="Municipality" type="xs:string" /> - <xs:element minOccurs="0" name="Locality" type="xs:string" /> - <xs:element minOccurs="0" name="StateCode3" type="xs:string" /> - <xs:element minOccurs="0" name="DeliveryAddress" type="pd:DeliveryAddressType" /> - <xs:element minOccurs="0" name="HistoricRecord" type="xs:boolean" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="DeliveryAddressType"> - <xs:sequence> - <xs:element minOccurs="0" name="AddressLine" type="xs:string" /> - <xs:element minOccurs="0" name="StreetName" type="xs:string" /> - <xs:element minOccurs="0" name="BuildingNumber" type="xs:string" /> - <xs:element minOccurs="0" name="Unit" type="xs:string" /> - <xs:element minOccurs="0" name="DoorNumber" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:schema> - <xs:schema elementFormDefault="qualified" targetNamespace="http://www.w3.org/2001/04/xmldsig-more#"> - <xs:element name="ECDSAKeyValue" type="ecdsa:ECDSAKeyValueType" nillable="true" /> - <xs:complexType name="ECDSAKeyValueType"> - <xs:sequence> - <xs:element minOccurs="0" name="DomainParameters" type="ecdsa:DomainParamsType" /> - <xs:element name="PublicKey" type="ecdsa:ECPointType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="DomainParamsType"> - <xs:sequence> - <xs:element minOccurs="0" name="NamedCurve" type="ecdsa:NamedCurveType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="NamedCurveType"> - <xs:attribute name="URN" type="xs:string" use="required" /> - </xs:complexType> - <xs:complexType name="ECPointType"> - <xs:sequence minOccurs="0"> - <xs:element name="X" type="ecdsa:PrimeFieldElemType" /> - <xs:element name="Y" type="ecdsa:PrimeFieldElemType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="PrimeFieldElemType"> - <xs:attribute name="Value" type="xs:string" use="required" /> - </xs:complexType> - </xs:schema> - <xs:schema elementFormDefault="qualified" targetNamespace="http://www.w3.org/2000/09/xmldsig#" xmlns="http://www.w3.org/2001/XMLSchema"> - <xs:import namespace="http://www.w3.org/2001/04/xmldsig-more#" /> - <xs:complexType name="KeyValueType"> - <xs:sequence> - <xs:element minOccurs="0" name="DSAKeyValue" type="dsig:DSAKeyValueType" /> - <xs:element minOccurs="0" name="RSAKeyValue" type="dsig:RSAKeyValueType" /> - <xs:element minOccurs="0" ref="ecdsa:ECDSAKeyValue" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="DSAKeyValueType"> - <xs:sequence> - <xs:element minOccurs="0" name="P" type="xs:string" /> - <xs:element minOccurs="0" name="Q" type="xs:string" /> - <xs:element minOccurs="0" name="J" type="xs:string" /> - <xs:element minOccurs="0" name="G" type="xs:string" /> - <xs:element minOccurs="0" name="Y" type="xs:string" /> - <!-- https://www.w3.org/TR/xmldsig-core/ defines PgenCounter THEN Seed, SZR.wsdl used Seed BEFORE PgenCounter. To keep it backwards compatible but allow the usual order, both ways are allowed. --> - <xs:choice maxOccurs="unbounded"> - <xs:element minOccurs="0" name="PgenCounter" type="xs:string" /> - <xs:element minOccurs="0" name="Seed" type="xs:string" /> - </xs:choice> - </xs:sequence> - </xs:complexType> - <xs:complexType name="RSAKeyValueType"> - <xs:sequence> - <xs:element minOccurs="0" name="Modulus" type="xs:string" /> - <xs:element minOccurs="0" name="Exponent" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:schema> - <xs:schema elementFormDefault="qualified" targetNamespace="urn:SZRServices"> - <xs:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" /> - <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" /> - <xs:element name="SZRException" type="szr:SZRException" /> - <xs:complexType name="SZRException" /> - <xs:complexType name="PersonInfoType"> - <xs:sequence> - <xs:element name="Person" type="pd:PhysicalPersonType" /> - <xs:element minOccurs="0" name="RegularDomicile" type="pd:PostalAddressType" /> - <xs:element minOccurs="0" name="AddressCodes" type="szr:AddressCodesType" /> - <xs:element minOccurs="0" name="TravelDocument" type="szr:TravelDocumentType" /> - <xs:element minOccurs="0" name="DateOfBirthWildcard" type="xs:boolean" /> - <xs:element minOccurs="0" name="AuskunftssperreGesetzt" type="xs:boolean" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="TravelDocumentType"> - <xs:sequence> - <xs:element minOccurs="0" name="DocumentNumber" type="xs:string" /> - <xs:element minOccurs="0" name="DocumentType" type="xs:string" /> - <xs:element minOccurs="0" name="IssueDate" type="xs:string" /> - <xs:element minOccurs="0" name="IssuingAuthority" type="xs:string" /> - <xs:element minOccurs="0" name="IssuingCountry" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="AddressCodesType"> - <xs:sequence> - <xs:element minOccurs="0" name="GKZ" type="xs:string" /> - <xs:element minOccurs="0" name="OKZ" type="xs:string" /> - <xs:element minOccurs="0" name="SKZ" type="xs:string" /> - <xs:element minOccurs="0" name="ADRCD" type="xs:string" /> - <xs:element minOccurs="0" name="SUBCD" type="xs:string" /> - <xs:element minOccurs="0" name="OBJNR" type="xs:string" /> - <xs:element minOccurs="0" name="NTZLNR" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:element name="TransformBPK"> - <xs:complexType> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element name="InputBPK" type="xs:string" /> - <xs:element name="InputBereichsKennung" type="xs:string" /> - <xs:element name="Begruendung" type="xs:string" /> - <xs:element maxOccurs="unbounded" name="Target" type="szr:FremdBPKRequestType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="TransformBPKResponse"> - <xs:complexType> - <xs:sequence> - <xs:element maxOccurs="unbounded" name="TransformBPKReturn" type="szr:FremdBPKType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetVKZPermission"> - <xs:complexType> - <xs:sequence> - <xs:element name="VKZ" type="xs:string" /> - <xs:element name="BereichsKennung" type="xs:string" /> - <xs:element minOccurs="0" name="ParticipantId" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetVKZPermissionResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetVKZPermissionReturn" type="szr:GetVKZPermissionResponseType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:complexType name="IdentityLinkType"> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element name="Assertion" type="xs:anyType" /> - <xs:element minOccurs="0" name="AdditionalInfo" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="ResultRecord"> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element name="Register" type="xs:string" /> - <xs:element name="bPK" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GetBPKKombiRequestType"> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element minOccurs="0" name="InsertERnP"> - <xs:simpleType> - <xs:restriction base="xs:string"> - <xs:enumeration value="NoInsert" /> - <xs:enumeration value="InsertOnNoMatch" /> - <xs:enumeration value="ForceInsert" /> - </xs:restriction> - </xs:simpleType> - </xs:element> - <xs:element minOccurs="0" name="Suchwizard" type="xs:boolean" /> - <xs:element name="VKZ" type="xs:string" nillable="true" /> - <xs:element minOccurs="0" name="BehoerdenKennzeichen" type="xs:string" /> - <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" /> - <xs:element minOccurs="0" name="Sessionid" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GetBPKKombiResponseType"> - <xs:complexContent> - <xs:extension base="szr:GetBPKZPVResponseType"> - <xs:sequence> - <xs:element name="FoundWithSuchwizard" type="xs:boolean" /> - <xs:element name="Sessionid" type="xs:string" /> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="GetBPKZPVRequestType"> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" default="false" /> - <xs:element minOccurs="1" name="VKZ" type="xs:string" /> - <xs:element minOccurs="0" name="BehoerdenKennzeichen" type="xs:string" /> - <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GetBPKZPVResponseType"> - <xs:sequence> - <xs:element maxOccurs="unbounded" name="ResultRecord" type="szr:ResultRecord" /> - <xs:element name="InsertERnPResult" type="xs:boolean" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GetBPKFromStammzahlEncryptedRequestType"> - <xs:sequence> - <xs:element minOccurs="1" name="StammzahlEncrypted" type="xs:string" /> - <xs:element minOccurs="0" name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element minOccurs="1" name="VKZ" type="xs:string" /> - <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GetBPKFromStammzahlEncryptedResponseType"> - <xs:sequence> - <xs:element minOccurs="0" name="bPK" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" /> - </xs:sequence> - </xs:complexType> - <xs:element name="GetIdentityLink"> - <xs:complexType> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element minOccurs="0" maxOccurs="unbounded" name="KeyValue" type="dsig:KeyValueType" /> - <xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetIdentityLinkResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetIdentityLinkReturn" type="szr:IdentityLinkType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetIdentityLinkEidas"> - <xs:complexType> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetIdentityLinkEidasResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetIdentityLinkReturn" type="szr:IdentityLinkType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPK"> - <xs:complexType> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" /> - <xs:element minOccurs="0" name="VKZ" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" /> - <xs:element minOccurs="0" name="ListMultiplePersons" type="xs:boolean" /> - <xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKResponse"> - <xs:complexType> - <xs:sequence> - <xs:element minOccurs="0" name="GetBPKReturn" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" /> - <xs:element maxOccurs="5" minOccurs="0" name="PersonInfo" type="szr:PersonInfoType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKs"> - <xs:complexType> - <xs:sequence> - <xs:element maxOccurs="unbounded" name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" /> - <xs:element name="VKZ" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKsResponse"> - <xs:complexType> - <xs:sequence> - <xs:element maxOccurs="unbounded" name="ResultRecord" type="szr:GetBPKsResponseType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:complexType name="GetBPKsResponseType"> - <xs:sequence> - <xs:element minOccurs="0" name="BPK" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" /> - <xs:element minOccurs="0" name="Fault"> - <xs:complexType> - <xs:attribute name="Code" type="xs:string" /> - <xs:attribute name="String" type="xs:string" /> - </xs:complexType> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:element name="GetBPKKombi"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetBPKKombiRequest" type="szr:GetBPKKombiRequestType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKKombiResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetBPKKombiResponse" type="szr:GetBPKKombiResponseType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKZPV"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetBPKZPVRequest" type="szr:GetBPKZPVRequestType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKZPVResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetBPKZPVResponse" type="szr:GetBPKZPVResponseType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKFromStammzahlEncrypted"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetBPKFromStammzahlEncryptedRequest" type="szr:GetBPKFromStammzahlEncryptedRequestType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKFromStammzahlEncryptedResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetBPKFromStammzahlEncryptedResponse" type="szr:GetBPKFromStammzahlEncryptedResponseType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="ValidateIdentityLink"> - <xs:complexType> - <xs:sequence> - <xs:element name="IdentityLink" type="szr:IdentityLinkType" /> - <xs:element name="BereichsKennung" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="ValidateIdentityLinkResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="ValidateIdentityLinkReturn" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="BPKzuBasiszahl"> - <xs:complexType> - <xs:sequence> - <xs:element name="Bereich" type="xs:string" /> - <xs:element name="BPK" type="xs:string" /> - <xs:element maxOccurs="unbounded" name="BasisZahl" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="BPKzuBasiszahlResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="BPKzuBasiszahlReturn" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:complexType name="FremdBPKRequestType"> - <xs:sequence> - <xs:element name="BereichsKennung" type="xs:string" /> - <xs:element name="VKZ" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="FremdBPKType"> - <xs:sequence> - <xs:element name="BereichsKennung" type="xs:string" /> - <xs:element name="FremdBPK" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GetVKZPermissionResponseType"> - <xs:sequence> - <xs:element name="isAllowed" type="xs:boolean" /> - <xs:element minOccurs="0" name="behSchluessel" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:element name="BasiszahlZuBPK"> - <xs:complexType> - <xs:sequence> - <xs:element minOccurs="0" name="VKZ" type="xs:string" /> - <xs:element maxOccurs="unbounded" name="BasisZahl" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="Bereich" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKTargets" type="szr:FremdBPKRequestType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:complexType name="BasiszahlZuBPKReturnType"> - <xs:sequence> - <xs:element maxOccurs="unbounded" minOccurs="0" name="BPK" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKs" type="szr:FremdBPKType" /> - </xs:sequence> - </xs:complexType> - <xs:element name="BasiszahlZuBPKResponse"> - <xs:complexType> - <xs:sequence> - <xs:element maxOccurs="unbounded" name="BasiszahlZuBPKReturn" type="szr:BasiszahlZuBPKReturnType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="ZMRAnwendungsIntegration"> - <xs:complexType> - <xs:sequence> - <xs:element name="Bereich" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKTargets" type="szr:FremdBPKRequestType" /> - <xs:element maxOccurs="unbounded" name="ZMRfremdbPK" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:complexType name="ZMRAnwendungsIntegrationReturnType"> - <xs:sequence> - <xs:element name="BPK" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKs" type="szr:FremdBPKType" /> - </xs:sequence> - </xs:complexType> - <xs:element name="ZMRAnwendungsIntegrationResponse"> - <xs:complexType> - <xs:sequence> - <xs:element maxOccurs="unbounded" name="ZMRAnwendungsIntegrationReturn" type="szr:ZMRAnwendungsIntegrationReturnType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetStammzahl"> - <xs:complexType> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetStammzahlResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="Stammzahl" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetStammzahlEncrypted"> - <xs:complexType> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetStammzahlEncryptedResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="Stammzahl" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetVersion" nillable="true" /> - <xs:element name="GetVersionResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="Version" type="xs:string" /> - <xs:element name="Revision" type="xs:string" /> - <xs:element name="Time" type="xs:string" /> - <xs:element name="IdentityLinkNotAfter" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - </xs:schema> - <xs:schema targetNamespace="http://egov.gv.at/pvp1.xsd"> - <xs:include schemaLocation="pvp1.xsd" /> - </xs:schema> - <xs:schema elementFormDefault="qualified" targetNamespace="http://schemas.xmlsoap.org/ws/2002/04/secext"> - <xs:element name="Security"> - <xs:complexType> - <xs:sequence> - <!-- add the pvpToken here. You can also uncomment the following line if you support XSD 1.1 --> - <!-- <xs:element ref="pvp:pvpToken" /> --> - <xs:any processContents="lax" minOccurs="0" maxOccurs="unbounded" /> - </xs:sequence> - <xs:anyAttribute processContents="lax" /> - </xs:complexType> - </xs:element> - </xs:schema> - </types> - <message name="Header"> - <part name="SecurityHeader" element="wsse:Security" /> - </message> - <message name="GetIdentityLinkRequest"> - <part element="szr:GetIdentityLink" name="parameters" /> - </message> - <message name="GetIdentityLinkResponse"> - <part element="szr:GetIdentityLinkResponse" name="parameters" /> - </message> - <message name="GetIdentityLinkEidasRequest"> - <part element="szr:GetIdentityLinkEidas" name="parameters" /> - </message> - <message name="GetIdentityLinkEidasResponse"> - <part element="szr:GetIdentityLinkEidasResponse" name="parameters" /> - </message> - <message name="GetBPKRequest"> - <part element="szr:GetBPK" name="parameters" /> - </message> - <message name="GetBPKResponse"> - <part element="szr:GetBPKResponse" name="parameters" /> - </message> - <message name="GetBPKsRequest"> - <part element="szr:GetBPKs" name="parameters" /> - </message> - <message name="GetBPKsResponse"> - <part element="szr:GetBPKsResponse" name="parameters" /> - </message> - <message name="GetBPKKombiRequest"> - <part element="szr:GetBPKKombi" name="parameters" /> - </message> - <message name="GetBPKKombiResponse"> - <part element="szr:GetBPKKombiResponse" name="parameters" /> - </message> - <message name="GetBPKZPVRequest"> - <part element="szr:GetBPKZPV" name="parameters" /> - </message> - <message name="GetBPKZPVResponse"> - <part element="szr:GetBPKZPVResponse" name="parameters" /> - </message> - <message name="GetBPKFromStammzahlEncryptedRequest"> - <part element="szr:GetBPKFromStammzahlEncrypted" name="parameters" /> - </message> - <message name="GetBPKFromStammzahlEncryptedResponse"> - <part element="szr:GetBPKFromStammzahlEncryptedResponse" name="parameters" /> - </message> - <message name="BPKzuBasiszahlRequest"> - <part element="szr:BPKzuBasiszahl" name="parameters" /> - </message> - <message name="BPKzuBasiszahlResponse"> - <part element="szr:BPKzuBasiszahlResponse" name="parameters" /> - </message> - <message name="BasiszahlZuBPKRequest"> - <part element="szr:BasiszahlZuBPK" name="parameters" /> - </message> - <message name="BasiszahlZuBPKResponse"> - <part element="szr:BasiszahlZuBPKResponse" name="parameters" /> - </message> - <message name="ValidateIdentityLinkRequest"> - <part element="szr:ValidateIdentityLink" name="parameters" /> - </message> - <message name="ValidateIdentityLinkResponse"> - <part element="szr:ValidateIdentityLinkResponse" name="parameters" /> - </message> - <message name="TransformBPKRequest"> - <part element="szr:TransformBPK" name="parameters" /> - </message> - <message name="TransformBPKResponse"> - <part element="szr:TransformBPKResponse" name="parameters" /> - </message> - <message name="GetVKZPermissionRequest"> - <part element="szr:GetVKZPermission" name="parameters" /> - </message> - <message name="GetVKZPermissionResponse"> - <part element="szr:GetVKZPermissionResponse" name="parameters" /> - </message> - <message name="ZMRAnwendungsIntegrationRequest"> - <part element="szr:ZMRAnwendungsIntegration" name="parameters" /> - </message> - <message name="ZMRAnwendungsIntegrationResponse"> - <part element="szr:ZMRAnwendungsIntegrationResponse" name="parameters" /> - </message> - <message name="GetStammzahlRequest"> - <part element="szr:GetStammzahl" name="parameters" /> - </message> - <message name="GetStammzahlResponse"> - <part element="szr:GetStammzahlResponse" name="parameters" /> - </message> - <message name="GetStammzahlEncryptedRequest"> - <part element="szr:GetStammzahlEncrypted" name="parameters" /> - </message> - <message name="GetStammzahlEncryptedResponse"> - <part element="szr:GetStammzahlEncryptedResponse" name="parameters" /> - </message> - <message name="GetVersionRequest"> - <part element="szr:GetVersion" name="parameters" /> - </message> - <message name="GetVersionResponse"> - <part element="szr:GetVersionResponse" name="parameters" /> - </message> - <message name="SZRException"> - <part element="szr:SZRException" name="fault" /> - </message> - <portType name="SZR"> - <operation name="GetIdentityLink"> - <input message="szr:GetIdentityLinkRequest" name="GetIdentityLinkRequest" /> - <output message="szr:GetIdentityLinkResponse" name="GetIdentityLinkResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetIdentityLinkEidas"> - <input message="szr:GetIdentityLinkEidasRequest" name="GetIdentityLinkEidasRequest" /> - <output message="szr:GetIdentityLinkEidasResponse" name="GetIdentityLinkEidasResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetBPK"> - <jaxws:bindings xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"> - <jaxws:enableWrapperStyle>false</jaxws:enableWrapperStyle> - </jaxws:bindings> - <input message="szr:GetBPKRequest" name="GetBPKRequest" /> - <output message="szr:GetBPKResponse" name="GetBPKResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetBPKs"> - <input message="szr:GetBPKsRequest" name="GetBPKsRequest" /> - <output message="szr:GetBPKsResponse" name="GetBPKsResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetBPKKombi"> - <input message="szr:GetBPKKombiRequest" name="GetBPKKombiRequest" /> - <output message="szr:GetBPKKombiResponse" name="GetBPKKombiResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetBPKZPV"> - <input message="szr:GetBPKZPVRequest" name="GetBPKZPVRequest" /> - <output message="szr:GetBPKZPVResponse" name="GetBPKZPVResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetBPKFromStammzahlEncrypted"> - <input message="szr:GetBPKFromStammzahlEncryptedRequest" name="GetBPKFromStammzahlEncryptedRequest" /> - <output message="szr:GetBPKFromStammzahlEncryptedResponse" name="GetBPKFromStammzahlEncryptedResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="ValidateIdentityLink"> - <input message="szr:ValidateIdentityLinkRequest" name="ValidateIdentityLinkRequest" /> - <output message="szr:ValidateIdentityLinkResponse" name="ValidateIdentityLinkResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="TransformBPK"> - <input message="szr:TransformBPKRequest" name="TransformBPKRequest" /> - <output message="szr:TransformBPKResponse" name="TransformBPKResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetVKZPermission"> - <input message="szr:GetVKZPermissionRequest" name="GetVKZPermissionRequest" /> - <output message="szr:GetVKZPermissionResponse" name="GetVKZPermissionResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="BPKzuBasiszahl"> - <input message="szr:BPKzuBasiszahlRequest" name="BPKzuBasiszahlRequest" /> - <output message="szr:BPKzuBasiszahlResponse" name="BPKzuBasiszahlResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="BasiszahlZuBPK"> - <input message="szr:BasiszahlZuBPKRequest" name="BasiszahlZuBPKRequest" /> - <output message="szr:BasiszahlZuBPKResponse" name="BasiszahlZuBPKResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="ZMRAnwendungsIntegration"> - <input message="szr:ZMRAnwendungsIntegrationRequest" name="ZMRAnwendungsIntegrationRequest" /> - <output message="szr:ZMRAnwendungsIntegrationResponse" name="ZMRAnwendungsIntegrationResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetStammzahl"> - <input message="szr:GetStammzahlRequest" name="GetStammzahlRequest" /> - <output message="szr:GetStammzahlResponse" name="GetStammzahlResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetStammzahlEncrypted"> - <input message="szr:GetStammzahlEncryptedRequest" name="GetStammzahlEncryptedRequest" /> - <output message="szr:GetStammzahlEncryptedResponse" name="GetStammzahlEncryptedResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetVersion"> - <input message="szr:GetVersionRequest" name="GetVersionRequest" /> - <output message="szr:GetVersionResponse" name="GetVersionResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - </portType> - <binding name="SZRSoapBinding" type="szr:SZR"> - <wsdlsoap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http" /> - <operation name="GetIdentityLink"> - <wsdlsoap:operation soapAction="" /> - <input name="GetIdentityLinkRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetIdentityLinkResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetIdentityLinkEidas"> - <wsdlsoap:operation soapAction="" /> - <input name="GetIdentityLinkEidasRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetIdentityLinkEidasResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetBPK"> - <wsdlsoap:operation soapAction="" /> - <input name="GetBPKRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetBPKResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetBPKs"> - <wsdlsoap:operation soapAction="" /> - <input name="GetBPKsRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetBPKsResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetBPKKombi"> - <wsdlsoap:operation soapAction="" /> - <input name="GetBPKKombiRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetBPKKombiResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetBPKZPV"> - <wsdlsoap:operation soapAction="" /> - <input name="GetBPKZPVRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetBPKZPVResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetBPKFromStammzahlEncrypted"> - <wsdlsoap:operation soapAction="" /> - <input name="GetBPKFromStammzahlEncryptedRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetBPKFromStammzahlEncryptedResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetVKZPermission"> - <wsdlsoap:operation soapAction="" /> - <input name="GetVKZPermissionRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetVKZPermissionResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="ValidateIdentityLink"> - <wsdlsoap:operation soapAction="" /> - <input name="ValidateIdentityLinkRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="ValidateIdentityLinkResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="TransformBPK"> - <wsdlsoap:operation soapAction="" /> - <input name="TransformBPKRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="TransformBPKResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="BPKzuBasiszahl"> - <wsdlsoap:operation soapAction="" /> - <input name="BPKzuBasiszahlRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="BPKzuBasiszahlResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="BasiszahlZuBPK"> - <wsdlsoap:operation soapAction="" /> - <input name="BasiszahlZuBPKRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="BasiszahlZuBPKResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="ZMRAnwendungsIntegration"> - <wsdlsoap:operation soapAction="" /> - <input name="ZMRAnwendungsIntegrationRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="ZMRAnwendungsIntegrationResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetStammzahl"> - <wsdlsoap:operation soapAction="" /> - <input name="GetStammzahlRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetStammzahlResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetStammzahlEncrypted"> - <wsdlsoap:operation soapAction="" /> - <input name="GetStammzahlEncryptedRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetStammzahlEncryptedResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetVersion"> - <wsdlsoap:operation soapAction="" /> - <input name="GetVersionRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetVersionResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - </binding> - <service name="SZRService"> - <port binding="szr:SZRSoapBinding" name="SZRBusinesspartnerTestumgebung"> - <wsdlsoap:address location="https://pvawp.bmi.gv.at/at.gv.bmi.szrsrv-b/services/SZR" /> - </port> - <port binding="szr:SZRSoapBinding" name="SZRTestumgebung"> - <wsdlsoap:address location="https://pvawp.bmi.gv.at/bmi.gv.at/soap/SZ2Services-T/services/SZR" /> - </port> - <port binding="szr:SZRSoapBinding" name="SZRProduktionsumgebung"> - <wsdlsoap:address location="https://pvawp.bmi.gv.at/bmi.gv.at/soap/SZ2Services/services/SZR" /> - </port> - </service> -</definitions>
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/SZR-1.WSDL b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/SZR-1.WSDL deleted file mode 100644 index 4ad2645a..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/SZR-1.WSDL +++ /dev/null @@ -1,901 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<definitions targetNamespace="urn:SZRServices" xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pd="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:pvp="http://egov.gv.at/pvp1.xsd" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:szr="urn:SZRServices" xmlns:wsdlsoap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:xs="http://www.w3.org/2001/XMLSchema"> - <types> - <xs:schema elementFormDefault="qualified" targetNamespace="http://reference.e-government.gv.at/namespace/persondata/20020228#"> - <xs:complexType name="PhysicalPersonType"> - <xs:sequence> - <xs:element minOccurs="0" name="Identification" type="pd:IdentificationType" /> - <xs:element minOccurs="1" name="Name" type="pd:PersonNameType" /> - <xs:element minOccurs="0" name="AlternativeName" type="pd:AlternativeNameType" /> - <xs:element minOccurs="0" name="Sex" type="xs:string" /> - <xs:element minOccurs="0" name="DateOfBirth" type="xs:string" /> - <xs:element minOccurs="0" name="PlaceOfBirth" type="xs:string" /> - <xs:element minOccurs="0" name="CountryOfBirth" type="xs:string" /> - <xs:element minOccurs="0" name="Nationality" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="IdentificationType"> - <xs:sequence> - <xs:element minOccurs="0" name="Value" type="xs:string" /> - <xs:element minOccurs="0" name="Type" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="PersonNameType"> - <xs:sequence> - <xs:element minOccurs="0" name="PrefixedDegree" type="xs:string" /> - <xs:element name="GivenName" type="xs:string" nillable="true" /> - <xs:element name="FamilyName" type="xs:string" nillable="true" /> - <xs:element minOccurs="0" name="SuffixedDegree" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="AlternativeNameType"> - <xs:sequence> - <xs:element name="FamilyName" type="xs:string" nillable="true" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="PostalAddressType"> - <xs:sequence> - <xs:element minOccurs="0" name="PostalCode" type="xs:string" /> - <xs:element minOccurs="0" name="Municipality" type="xs:string" /> - <xs:element minOccurs="0" name="Locality" type="xs:string" /> - <xs:element minOccurs="0" name="StateCode3" type="xs:string" /> - <xs:element minOccurs="0" name="DeliveryAddress" type="pd:DeliveryAddressType" /> - <xs:element minOccurs="0" name="HistoricRecord" type="xs:boolean" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="DeliveryAddressType"> - <xs:sequence> - <xs:element minOccurs="0" name="AddressLine" type="xs:string" /> - <xs:element minOccurs="0" name="StreetName" type="xs:string" /> - <xs:element minOccurs="0" name="BuildingNumber" type="xs:string" /> - <xs:element minOccurs="0" name="Unit" type="xs:string" /> - <xs:element minOccurs="0" name="DoorNumber" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:schema> - <xs:schema elementFormDefault="qualified" targetNamespace="http://www.w3.org/2001/04/xmldsig-more#"> - <xs:element name="ECDSAKeyValue" type="ecdsa:ECDSAKeyValueType" nillable="true" /> - <xs:complexType name="ECDSAKeyValueType"> - <xs:sequence> - <xs:element minOccurs="0" name="DomainParameters" type="ecdsa:DomainParamsType" /> - <xs:element name="PublicKey" type="ecdsa:ECPointType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="DomainParamsType"> - <xs:sequence> - <xs:element minOccurs="0" name="NamedCurve" type="ecdsa:NamedCurveType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="NamedCurveType"> - <xs:attribute name="URN" type="xs:string" use="required" /> - </xs:complexType> - <xs:complexType name="ECPointType"> - <xs:sequence minOccurs="0"> - <xs:element name="X" type="ecdsa:PrimeFieldElemType" /> - <xs:element name="Y" type="ecdsa:PrimeFieldElemType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="PrimeFieldElemType"> - <xs:attribute name="Value" type="xs:string" use="required" /> - </xs:complexType> - </xs:schema> - <xs:schema elementFormDefault="qualified" targetNamespace="http://www.w3.org/2000/09/xmldsig#" xmlns="http://www.w3.org/2001/XMLSchema"> - <xs:import namespace="http://www.w3.org/2001/04/xmldsig-more#" /> - <xs:complexType name="KeyValueType"> - <xs:sequence> - <xs:element minOccurs="0" name="DSAKeyValue" type="dsig:DSAKeyValueType" /> - <xs:element minOccurs="0" name="RSAKeyValue" type="dsig:RSAKeyValueType" /> - <xs:element minOccurs="0" ref="ecdsa:ECDSAKeyValue" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="DSAKeyValueType"> - <xs:sequence> - <xs:element minOccurs="0" name="P" type="xs:string" /> - <xs:element minOccurs="0" name="Q" type="xs:string" /> - <xs:element minOccurs="0" name="J" type="xs:string" /> - <xs:element minOccurs="0" name="G" type="xs:string" /> - <xs:element minOccurs="0" name="Y" type="xs:string" /> - <!-- https://www.w3.org/TR/xmldsig-core/ defines PgenCounter THEN Seed, SZR.wsdl used Seed BEFORE PgenCounter. To keep it backwards compatible but allow the usual order, both ways are allowed. --> - <xs:choice maxOccurs="unbounded"> - <xs:element minOccurs="0" name="PgenCounter" type="xs:string" /> - <xs:element minOccurs="0" name="Seed" type="xs:string" /> - </xs:choice> - </xs:sequence> - </xs:complexType> - <xs:complexType name="RSAKeyValueType"> - <xs:sequence> - <xs:element minOccurs="0" name="Modulus" type="xs:string" /> - <xs:element minOccurs="0" name="Exponent" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:schema> - <xs:schema elementFormDefault="qualified" targetNamespace="urn:SZRServices"> - <xs:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" /> - <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" /> - <xs:element name="SZRException" type="szr:SZRException" /> - <xs:complexType name="SZRException" /> - <xs:complexType name="PersonInfoType"> - <xs:sequence> - <xs:element name="Person" type="pd:PhysicalPersonType" /> - <xs:element minOccurs="0" name="RegularDomicile" type="pd:PostalAddressType" /> - <xs:element minOccurs="0" name="AddressCodes" type="szr:AddressCodesType" /> - <xs:element minOccurs="0" name="TravelDocument" type="szr:TravelDocumentType" /> - <xs:element minOccurs="0" name="DateOfBirthWildcard" type="xs:boolean" /> - <xs:element minOccurs="0" name="AuskunftssperreGesetzt" type="xs:boolean" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="TravelDocumentType"> - <xs:sequence> - <xs:element minOccurs="0" name="DocumentNumber" type="xs:string" /> - <xs:element minOccurs="0" name="DocumentType" type="xs:string" /> - <xs:element minOccurs="0" name="IssueDate" type="xs:string" /> - <xs:element minOccurs="0" name="IssuingAuthority" type="xs:string" /> - <xs:element minOccurs="0" name="IssuingCountry" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="AddressCodesType"> - <xs:sequence> - <xs:element minOccurs="0" name="GKZ" type="xs:string" /> - <xs:element minOccurs="0" name="OKZ" type="xs:string" /> - <xs:element minOccurs="0" name="SKZ" type="xs:string" /> - <xs:element minOccurs="0" name="ADRCD" type="xs:string" /> - <xs:element minOccurs="0" name="SUBCD" type="xs:string" /> - <xs:element minOccurs="0" name="OBJNR" type="xs:string" /> - <xs:element minOccurs="0" name="NTZLNR" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:element name="TransformBPK"> - <xs:complexType> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element name="InputBPK" type="xs:string" /> - <xs:element name="InputBereichsKennung" type="xs:string" /> - <xs:element name="Begruendung" type="xs:string" /> - <xs:element maxOccurs="unbounded" name="Target" type="szr:FremdBPKRequestType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="TransformBPKResponse"> - <xs:complexType> - <xs:sequence> - <xs:element maxOccurs="unbounded" name="TransformBPKReturn" type="szr:FremdBPKType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetVKZPermission"> - <xs:complexType> - <xs:sequence> - <xs:element name="VKZ" type="xs:string" /> - <xs:element name="BereichsKennung" type="xs:string" /> - <xs:element minOccurs="0" name="ParticipantId" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetVKZPermissionResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetVKZPermissionReturn" type="szr:GetVKZPermissionResponseType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:complexType name="IdentityLinkType"> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element name="Assertion" type="xs:anyType" /> - <xs:element minOccurs="0" name="AdditionalInfo" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="ResultRecord"> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element name="Register" type="xs:string" /> - <xs:element name="bPK" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GetBPKKombiRequestType"> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element minOccurs="0" name="InsertERnP"> - <xs:simpleType> - <xs:restriction base="xs:string"> - <xs:enumeration value="NoInsert" /> - <xs:enumeration value="InsertOnNoMatch" /> - <xs:enumeration value="ForceInsert" /> - </xs:restriction> - </xs:simpleType> - </xs:element> - <xs:element minOccurs="0" name="Suchwizard" type="xs:boolean" /> - <xs:element name="VKZ" type="xs:string" nillable="true" /> - <xs:element minOccurs="0" name="BehoerdenKennzeichen" type="xs:string" /> - <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" /> - <xs:element minOccurs="0" name="Sessionid" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GetBPKKombiResponseType"> - <xs:complexContent> - <xs:extension base="szr:GetBPKZPVResponseType"> - <xs:sequence> - <xs:element name="FoundWithSuchwizard" type="xs:boolean" /> - <xs:element name="Sessionid" type="xs:string" /> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="GetBPKZPVRequestType"> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" default="false" /> - <xs:element minOccurs="1" name="VKZ" type="xs:string" /> - <xs:element minOccurs="0" name="BehoerdenKennzeichen" type="xs:string" /> - <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GetBPKZPVResponseType"> - <xs:sequence> - <xs:element maxOccurs="unbounded" name="ResultRecord" type="szr:ResultRecord" /> - <xs:element name="InsertERnPResult" type="xs:boolean" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GetBPKFromStammzahlEncryptedRequestType"> - <xs:sequence> - <xs:element minOccurs="1" name="StammzahlEncrypted" type="xs:string" /> - <xs:element minOccurs="0" name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element minOccurs="1" name="VKZ" type="xs:string" /> - <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GetBPKFromStammzahlEncryptedResponseType"> - <xs:sequence> - <xs:element minOccurs="0" name="bPK" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" /> - </xs:sequence> - </xs:complexType> - <xs:element name="GetIdentityLink"> - <xs:complexType> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element maxOccurs="unbounded" name="KeyValue" type="dsig:KeyValueType" /> - <xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetIdentityLinkResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetIdentityLinkReturn" type="szr:IdentityLinkType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPK"> - <xs:complexType> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" /> - <xs:element minOccurs="0" name="VKZ" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" /> - <xs:element minOccurs="0" name="ListMultiplePersons" type="xs:boolean" /> - <xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKResponse"> - <xs:complexType> - <xs:sequence> - <xs:element minOccurs="0" name="GetBPKReturn" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" /> - <xs:element maxOccurs="5" minOccurs="0" name="PersonInfo" type="szr:PersonInfoType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKs"> - <xs:complexType> - <xs:sequence> - <xs:element maxOccurs="unbounded" name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" /> - <xs:element name="VKZ" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKsResponse"> - <xs:complexType> - <xs:sequence> - <xs:element maxOccurs="unbounded" name="ResultRecord" type="szr:GetBPKsResponseType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:complexType name="GetBPKsResponseType"> - <xs:sequence> - <xs:element minOccurs="0" name="BPK" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" /> - <xs:element minOccurs="0" name="Fault"> - <xs:complexType> - <xs:attribute name="Code" type="xs:string" /> - <xs:attribute name="String" type="xs:string" /> - </xs:complexType> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:element name="GetBPKKombi"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetBPKKombiRequest" type="szr:GetBPKKombiRequestType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKKombiResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetBPKKombiResponse" type="szr:GetBPKKombiResponseType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKZPV"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetBPKZPVRequest" type="szr:GetBPKZPVRequestType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKZPVResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetBPKZPVResponse" type="szr:GetBPKZPVResponseType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKFromStammzahlEncrypted"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetBPKFromStammzahlEncryptedRequest" type="szr:GetBPKFromStammzahlEncryptedRequestType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKFromStammzahlEncryptedResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetBPKFromStammzahlEncryptedResponse" type="szr:GetBPKFromStammzahlEncryptedResponseType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="ValidateIdentityLink"> - <xs:complexType> - <xs:sequence> - <xs:element name="IdentityLink" type="szr:IdentityLinkType" /> - <xs:element name="BereichsKennung" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="ValidateIdentityLinkResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="ValidateIdentityLinkReturn" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="BPKzuBasiszahl"> - <xs:complexType> - <xs:sequence> - <xs:element name="Bereich" type="xs:string" /> - <xs:element name="BPK" type="xs:string" /> - <xs:element maxOccurs="unbounded" name="BasisZahl" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="BPKzuBasiszahlResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="BPKzuBasiszahlReturn" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:complexType name="FremdBPKRequestType"> - <xs:sequence> - <xs:element name="BereichsKennung" type="xs:string" /> - <xs:element name="VKZ" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="FremdBPKType"> - <xs:sequence> - <xs:element name="BereichsKennung" type="xs:string" /> - <xs:element name="FremdBPK" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GetVKZPermissionResponseType"> - <xs:sequence> - <xs:element name="isAllowed" type="xs:boolean" /> - <xs:element minOccurs="0" name="behSchluessel" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:element name="BasiszahlZuBPK"> - <xs:complexType> - <xs:sequence> - <xs:element minOccurs="0" name="VKZ" type="xs:string" /> - <xs:element maxOccurs="unbounded" name="BasisZahl" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="Bereich" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKTargets" type="szr:FremdBPKRequestType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:complexType name="BasiszahlZuBPKReturnType"> - <xs:sequence> - <xs:element maxOccurs="unbounded" minOccurs="0" name="BPK" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKs" type="szr:FremdBPKType" /> - </xs:sequence> - </xs:complexType> - <xs:element name="BasiszahlZuBPKResponse"> - <xs:complexType> - <xs:sequence> - <xs:element maxOccurs="unbounded" name="BasiszahlZuBPKReturn" type="szr:BasiszahlZuBPKReturnType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="ZMRAnwendungsIntegration"> - <xs:complexType> - <xs:sequence> - <xs:element name="Bereich" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKTargets" type="szr:FremdBPKRequestType" /> - <xs:element maxOccurs="unbounded" name="ZMRfremdbPK" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:complexType name="ZMRAnwendungsIntegrationReturnType"> - <xs:sequence> - <xs:element name="BPK" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKs" type="szr:FremdBPKType" /> - </xs:sequence> - </xs:complexType> - <xs:element name="ZMRAnwendungsIntegrationResponse"> - <xs:complexType> - <xs:sequence> - <xs:element maxOccurs="unbounded" name="ZMRAnwendungsIntegrationReturn" type="szr:ZMRAnwendungsIntegrationReturnType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetStammzahl"> - <xs:complexType> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetStammzahlResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="Stammzahl" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetStammzahlEncrypted"> - <xs:complexType> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetStammzahlEncryptedResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="Stammzahl" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetVersion" /> - <xs:element name="GetVersionResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="Version" type="xs:string" /> - <xs:element name="Revision" type="xs:string" /> - <xs:element name="Time" type="xs:string" /> - <xs:element name="IdentityLinkNotAfter" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - </xs:schema> - <xs:schema targetNamespace="http://egov.gv.at/pvp1.xsd"> - <xs:include schemaLocation="pvp1.xsd" /> - </xs:schema> - <xs:schema elementFormDefault="qualified" targetNamespace="http://schemas.xmlsoap.org/ws/2002/04/secext"> - <xs:element name="Security"> - <xs:complexType> - <xs:sequence> - <!-- add the pvpToken here. You can also uncomment the following line if you support XSD 1.1 --> - <!-- <xs:element ref="pvp:pvpToken" /> --> - <xs:any processContents="lax" minOccurs="0" maxOccurs="unbounded" /> - </xs:sequence> - <xs:anyAttribute processContents="lax" /> - </xs:complexType> - </xs:element> - </xs:schema> - </types> - <message name="Header"> - <part name="SecurityHeader" element="wsse:Security" /> - </message> - <message name="GetIdentityLinkRequest"> - <part element="szr:GetIdentityLink" name="parameters" /> - </message> - <message name="GetIdentityLinkResponse"> - <part element="szr:GetIdentityLinkResponse" name="parameters" /> - </message> - <message name="GetBPKRequest"> - <part element="szr:GetBPK" name="parameters" /> - </message> - <message name="GetBPKResponse"> - <part element="szr:GetBPKResponse" name="parameters" /> - </message> - <message name="GetBPKsRequest"> - <part element="szr:GetBPKs" name="parameters" /> - </message> - <message name="GetBPKsResponse"> - <part element="szr:GetBPKsResponse" name="parameters" /> - </message> - <message name="GetBPKKombiRequest"> - <part element="szr:GetBPKKombi" name="parameters" /> - </message> - <message name="GetBPKKombiResponse"> - <part element="szr:GetBPKKombiResponse" name="parameters" /> - </message> - <message name="GetBPKZPVRequest"> - <part element="szr:GetBPKZPV" name="parameters" /> - </message> - <message name="GetBPKZPVResponse"> - <part element="szr:GetBPKZPVResponse" name="parameters" /> - </message> - <message name="GetBPKFromStammzahlEncryptedRequest"> - <part element="szr:GetBPKFromStammzahlEncrypted" name="parameters" /> - </message> - <message name="GetBPKFromStammzahlEncryptedResponse"> - <part element="szr:GetBPKFromStammzahlEncryptedResponse" name="parameters" /> - </message> - <message name="BPKzuBasiszahlRequest"> - <part element="szr:BPKzuBasiszahl" name="parameters" /> - </message> - <message name="BPKzuBasiszahlResponse"> - <part element="szr:BPKzuBasiszahlResponse" name="parameters" /> - </message> - <message name="BasiszahlZuBPKRequest"> - <part element="szr:BasiszahlZuBPK" name="parameters" /> - </message> - <message name="BasiszahlZuBPKResponse"> - <part element="szr:BasiszahlZuBPKResponse" name="parameters" /> - </message> - <message name="ValidateIdentityLinkRequest"> - <part element="szr:ValidateIdentityLink" name="parameters" /> - </message> - <message name="ValidateIdentityLinkResponse"> - <part element="szr:ValidateIdentityLinkResponse" name="parameters" /> - </message> - <message name="TransformBPKRequest"> - <part element="szr:TransformBPK" name="parameters" /> - </message> - <message name="TransformBPKResponse"> - <part element="szr:TransformBPKResponse" name="parameters" /> - </message> - <message name="GetVKZPermissionRequest"> - <part element="szr:GetVKZPermission" name="parameters" /> - </message> - <message name="GetVKZPermissionResponse"> - <part element="szr:GetVKZPermissionResponse" name="parameters" /> - </message> - <message name="ZMRAnwendungsIntegrationRequest"> - <part element="szr:ZMRAnwendungsIntegration" name="parameters" /> - </message> - <message name="ZMRAnwendungsIntegrationResponse"> - <part element="szr:ZMRAnwendungsIntegrationResponse" name="parameters" /> - </message> - <message name="GetStammzahlRequest"> - <part element="szr:GetStammzahl" name="parameters" /> - </message> - <message name="GetStammzahlResponse"> - <part element="szr:GetStammzahlResponse" name="parameters" /> - </message> - <message name="GetStammzahlEncryptedRequest"> - <part element="szr:GetStammzahlEncrypted" name="parameters" /> - </message> - <message name="GetStammzahlEncryptedResponse"> - <part element="szr:GetStammzahlEncryptedResponse" name="parameters" /> - </message> - <message name="GetVersionRequest"> - <part element="szr:GetVersion" name="parameters" /> - </message> - <message name="GetVersionResponse"> - <part element="szr:GetVersionResponse" name="parameters" /> - </message> - <message name="SZRException"> - <part element="szr:SZRException" name="fault" /> - </message> - <portType name="SZR"> - <operation name="GetIdentityLink"> - <input message="szr:GetIdentityLinkRequest" name="GetIdentityLinkRequest" /> - <output message="szr:GetIdentityLinkResponse" name="GetIdentityLinkResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetBPK"> - <jaxws:bindings xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"> - <jaxws:enableWrapperStyle>false</jaxws:enableWrapperStyle> - </jaxws:bindings> - <input message="szr:GetBPKRequest" name="GetBPKRequest" /> - <output message="szr:GetBPKResponse" name="GetBPKResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetBPKs"> - <input message="szr:GetBPKsRequest" name="GetBPKsRequest" /> - <output message="szr:GetBPKsResponse" name="GetBPKsResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetBPKKombi"> - <input message="szr:GetBPKKombiRequest" name="GetBPKKombiRequest" /> - <output message="szr:GetBPKKombiResponse" name="GetBPKKombiResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetBPKZPV"> - <input message="szr:GetBPKZPVRequest" name="GetBPKZPVRequest" /> - <output message="szr:GetBPKZPVResponse" name="GetBPKZPVResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetBPKFromStammzahlEncrypted"> - <input message="szr:GetBPKFromStammzahlEncryptedRequest" name="GetBPKFromStammzahlEncryptedRequest" /> - <output message="szr:GetBPKFromStammzahlEncryptedResponse" name="GetBPKFromStammzahlEncryptedResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="ValidateIdentityLink"> - <input message="szr:ValidateIdentityLinkRequest" name="ValidateIdentityLinkRequest" /> - <output message="szr:ValidateIdentityLinkResponse" name="ValidateIdentityLinkResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="TransformBPK"> - <input message="szr:TransformBPKRequest" name="TransformBPKRequest" /> - <output message="szr:TransformBPKResponse" name="TransformBPKResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetVKZPermission"> - <input message="szr:GetVKZPermissionRequest" name="GetVKZPermissionRequest" /> - <output message="szr:GetVKZPermissionResponse" name="GetVKZPermissionResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="BPKzuBasiszahl"> - <input message="szr:BPKzuBasiszahlRequest" name="BPKzuBasiszahlRequest" /> - <output message="szr:BPKzuBasiszahlResponse" name="BPKzuBasiszahlResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="BasiszahlZuBPK"> - <input message="szr:BasiszahlZuBPKRequest" name="BasiszahlZuBPKRequest" /> - <output message="szr:BasiszahlZuBPKResponse" name="BasiszahlZuBPKResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="ZMRAnwendungsIntegration"> - <input message="szr:ZMRAnwendungsIntegrationRequest" name="ZMRAnwendungsIntegrationRequest" /> - <output message="szr:ZMRAnwendungsIntegrationResponse" name="ZMRAnwendungsIntegrationResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetStammzahl"> - <input message="szr:GetStammzahlRequest" name="GetStammzahlRequest" /> - <output message="szr:GetStammzahlResponse" name="GetStammzahlResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetStammzahlEncrypted"> - <input message="szr:GetStammzahlEncryptedRequest" name="GetStammzahlEncryptedRequest" /> - <output message="szr:GetStammzahlEncryptedResponse" name="GetStammzahlEncryptedResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetVersion"> - <input message="szr:GetVersionRequest" name="GetVersionRequest" /> - <output message="szr:GetVersionResponse" name="GetVersionResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - </portType> - <binding name="SZRSoapBinding" type="szr:SZR"> - <wsdlsoap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http" /> - <operation name="GetIdentityLink"> - <wsdlsoap:operation soapAction="" /> - <input name="GetIdentityLinkRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetIdentityLinkResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetBPK"> - <wsdlsoap:operation soapAction="" /> - <input name="GetBPKRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetBPKResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetBPKs"> - <wsdlsoap:operation soapAction="" /> - <input name="GetBPKsRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetBPKsResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetBPKKombi"> - <wsdlsoap:operation soapAction="" /> - <input name="GetBPKKombiRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetBPKKombiResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetBPKZPV"> - <wsdlsoap:operation soapAction="" /> - <input name="GetBPKZPVRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetBPKZPVResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetBPKFromStammzahlEncrypted"> - <wsdlsoap:operation soapAction="" /> - <input name="GetBPKFromStammzahlEncryptedRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetBPKFromStammzahlEncryptedResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetVKZPermission"> - <wsdlsoap:operation soapAction="" /> - <input name="GetVKZPermissionRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetVKZPermissionResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="ValidateIdentityLink"> - <wsdlsoap:operation soapAction="" /> - <input name="ValidateIdentityLinkRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="ValidateIdentityLinkResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="TransformBPK"> - <wsdlsoap:operation soapAction="" /> - <input name="TransformBPKRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="TransformBPKResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="BPKzuBasiszahl"> - <wsdlsoap:operation soapAction="" /> - <input name="BPKzuBasiszahlRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="BPKzuBasiszahlResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="BasiszahlZuBPK"> - <wsdlsoap:operation soapAction="" /> - <input name="BasiszahlZuBPKRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="BasiszahlZuBPKResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="ZMRAnwendungsIntegration"> - <wsdlsoap:operation soapAction="" /> - <input name="ZMRAnwendungsIntegrationRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="ZMRAnwendungsIntegrationResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetStammzahl"> - <wsdlsoap:operation soapAction="" /> - <input name="GetStammzahlRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetStammzahlResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetStammzahlEncrypted"> - <wsdlsoap:operation soapAction="" /> - <input name="GetStammzahlEncryptedRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetStammzahlEncryptedResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetVersion"> - <wsdlsoap:operation soapAction="" /> - <input name="GetVersionRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetVersionResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - </binding> - <service name="SZRService"> - <port binding="szr:SZRSoapBinding" name="SZRBusinesspartnerTestumgebung"> - <wsdlsoap:address location="https://pvawp.bmi.gv.at/at.gv.bmi.szrsrv-b/services/SZR" /> - </port> - <port binding="szr:SZRSoapBinding" name="SZRTestumgebung"> - <wsdlsoap:address location="https://pvawp.bmi.gv.at/bmi.gv.at/soap/SZ2Services-T/services/SZR" /> - </port> - <port binding="szr:SZRSoapBinding" name="SZRProduktionsumgebung"> - <wsdlsoap:address location="https://pvawp.bmi.gv.at/bmi.gv.at/soap/SZ2Services/services/SZR" /> - </port> - </service> -</definitions>
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/SZR_v4.0.wsdl b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/SZR_v4.0.wsdl deleted file mode 100644 index e7f296bd..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/SZR_v4.0.wsdl +++ /dev/null @@ -1,441 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<definitions targetNamespace="urn:SZRServices" xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pd="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:pvp="http://egov.gv.at/pvp1.xsd" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:szr="urn:SZRServices" xmlns:wsdlsoap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:xs="http://www.w3.org/2001/XMLSchema"> - <types> - <xs:schema> - <xs:import namespace="urn:SZRServices" schemaLocation="szr_v4.0.xsd"/> - </xs:schema> - </types> - <message name="Header"> - <part name="SecurityHeader" element="wsse:Security" /> - </message> - <message name="GetIdentityLinkRequest"> - <part element="szr:GetIdentityLink" name="parameters" /> - </message> - <message name="GetIdentityLinkResponse"> - <part element="szr:GetIdentityLinkResponse" name="parameters" /> - </message> - <message name="GetIdentityLinkEidasRequest"> - <part element="szr:GetIdentityLinkEidas" name="parameters" /> - </message> - <message name="GetIdentityLinkEidasResponse"> - <part element="szr:GetIdentityLinkEidasResponse" name="parameters" /> - </message> - <message name="GetBPKRequest"> - <part element="szr:GetBPK" name="parameters" /> - </message> - <message name="GetBPKResponse"> - <part element="szr:GetBPKResponse" name="parameters" /> - </message> - <message name="GetBPKsRequest"> - <part element="szr:GetBPKs" name="parameters" /> - </message> - <message name="GetBPKsResponse"> - <part element="szr:GetBPKsResponse" name="parameters" /> - </message> - <message name="GetBPKKombiRequest"> - <part element="szr:GetBPKKombi" name="parameters" /> - </message> - <message name="GetBPKKombiResponse"> - <part element="szr:GetBPKKombiResponse" name="parameters" /> - </message> - <message name="GetBPKZPVRequest"> - <part element="szr:GetBPKZPV" name="parameters" /> - </message> - <message name="GetBPKZPVResponse"> - <part element="szr:GetBPKZPVResponse" name="parameters" /> - </message> - <message name="GetBPKFromStammzahlEncryptedRequest"> - <part element="szr:GetBPKFromStammzahlEncrypted" name="parameters" /> - </message> - <message name="GetBPKFromStammzahlEncryptedResponse"> - <part element="szr:GetBPKFromStammzahlEncryptedResponse" name="parameters" /> - </message> - <message name="SignContentRequest"> - <part element="szr:SignContent" name="parameters" /> - </message> - <message name="SignContentResponse"> - <part element="szr:SignContentResponse" name="parameters" /> - </message> - <message name="BPKzuBasiszahlRequest"> - <part element="szr:BPKzuBasiszahl" name="parameters" /> - </message> - <message name="BPKzuBasiszahlResponse"> - <part element="szr:BPKzuBasiszahlResponse" name="parameters" /> - </message> - <message name="BasiszahlZuBPKRequest"> - <part element="szr:BasiszahlZuBPK" name="parameters" /> - </message> - <message name="BasiszahlZuBPKResponse"> - <part element="szr:BasiszahlZuBPKResponse" name="parameters" /> - </message> - <message name="ValidateIdentityLinkRequest"> - <part element="szr:ValidateIdentityLink" name="parameters" /> - </message> - <message name="ValidateIdentityLinkResponse"> - <part element="szr:ValidateIdentityLinkResponse" name="parameters" /> - </message> - <message name="TransformBPKRequest"> - <part element="szr:TransformBPK" name="parameters" /> - </message> - <message name="TransformBPKResponse"> - <part element="szr:TransformBPKResponse" name="parameters" /> - </message> - <message name="GetVKZPermissionRequest"> - <part element="szr:GetVKZPermission" name="parameters" /> - </message> - <message name="GetVKZPermissionResponse"> - <part element="szr:GetVKZPermissionResponse" name="parameters" /> - </message> - <message name="ZMRAnwendungsIntegrationRequest"> - <part element="szr:ZMRAnwendungsIntegration" name="parameters" /> - </message> - <message name="ZMRAnwendungsIntegrationResponse"> - <part element="szr:ZMRAnwendungsIntegrationResponse" name="parameters" /> - </message> - <message name="GetStammzahlRequest"> - <part element="szr:GetStammzahl" name="parameters" /> - </message> - <message name="GetStammzahlResponse"> - <part element="szr:GetStammzahlResponse" name="parameters" /> - </message> - <message name="GetStammzahlEncryptedRequest"> - <part element="szr:GetStammzahlEncrypted" name="parameters" /> - </message> - <message name="GetStammzahlEncryptedResponse"> - <part element="szr:GetStammzahlEncryptedResponse" name="parameters" /> - </message> - <message name="GetVersionRequest"> - <part element="szr:GetVersion" name="parameters" /> - </message> - <message name="GetVersionResponse"> - <part element="szr:GetVersionResponse" name="parameters" /> - </message> - <message name="SZRException"> - <part element="szr:SZRException" name="fault" /> - </message> - <portType name="SZR"> - <operation name="GetIdentityLink"> - <input message="szr:GetIdentityLinkRequest" name="GetIdentityLinkRequest" /> - <output message="szr:GetIdentityLinkResponse" name="GetIdentityLinkResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetIdentityLinkEidas"> - <input message="szr:GetIdentityLinkEidasRequest" name="GetIdentityLinkEidasRequest" /> - <output message="szr:GetIdentityLinkEidasResponse" name="GetIdentityLinkEidasResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetBPK"> - <jaxws:bindings xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"> - <jaxws:enableWrapperStyle>false</jaxws:enableWrapperStyle> - </jaxws:bindings> - <input message="szr:GetBPKRequest" name="GetBPKRequest" /> - <output message="szr:GetBPKResponse" name="GetBPKResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetBPKs"> - <input message="szr:GetBPKsRequest" name="GetBPKsRequest" /> - <output message="szr:GetBPKsResponse" name="GetBPKsResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetBPKKombi"> - <input message="szr:GetBPKKombiRequest" name="GetBPKKombiRequest" /> - <output message="szr:GetBPKKombiResponse" name="GetBPKKombiResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetBPKZPV"> - <input message="szr:GetBPKZPVRequest" name="GetBPKZPVRequest" /> - <output message="szr:GetBPKZPVResponse" name="GetBPKZPVResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetBPKFromStammzahlEncrypted"> - <input message="szr:GetBPKFromStammzahlEncryptedRequest" name="GetBPKFromStammzahlEncryptedRequest" /> - <output message="szr:GetBPKFromStammzahlEncryptedResponse" name="GetBPKFromStammzahlEncryptedResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="SignContent"> - <input message="szr:SignContentRequest" name="SignContentRequest" /> - <output message="szr:SignContentResponse" name="SignContentResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="ValidateIdentityLink"> - <input message="szr:ValidateIdentityLinkRequest" name="ValidateIdentityLinkRequest" /> - <output message="szr:ValidateIdentityLinkResponse" name="ValidateIdentityLinkResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="TransformBPK"> - <input message="szr:TransformBPKRequest" name="TransformBPKRequest" /> - <output message="szr:TransformBPKResponse" name="TransformBPKResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetVKZPermission"> - <input message="szr:GetVKZPermissionRequest" name="GetVKZPermissionRequest" /> - <output message="szr:GetVKZPermissionResponse" name="GetVKZPermissionResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="BPKzuBasiszahl"> - <input message="szr:BPKzuBasiszahlRequest" name="BPKzuBasiszahlRequest" /> - <output message="szr:BPKzuBasiszahlResponse" name="BPKzuBasiszahlResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="BasiszahlZuBPK"> - <input message="szr:BasiszahlZuBPKRequest" name="BasiszahlZuBPKRequest" /> - <output message="szr:BasiszahlZuBPKResponse" name="BasiszahlZuBPKResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="ZMRAnwendungsIntegration"> - <input message="szr:ZMRAnwendungsIntegrationRequest" name="ZMRAnwendungsIntegrationRequest" /> - <output message="szr:ZMRAnwendungsIntegrationResponse" name="ZMRAnwendungsIntegrationResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetStammzahl"> - <input message="szr:GetStammzahlRequest" name="GetStammzahlRequest" /> - <output message="szr:GetStammzahlResponse" name="GetStammzahlResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetStammzahlEncrypted"> - <input message="szr:GetStammzahlEncryptedRequest" name="GetStammzahlEncryptedRequest" /> - <output message="szr:GetStammzahlEncryptedResponse" name="GetStammzahlEncryptedResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - <operation name="GetVersion"> - <input message="szr:GetVersionRequest" name="GetVersionRequest" /> - <output message="szr:GetVersionResponse" name="GetVersionResponse" /> - <fault message="szr:SZRException" name="SZRException" /> - </operation> - </portType> - <binding name="SZRSoapBinding" type="szr:SZR"> - <wsdlsoap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http" /> - <operation name="GetIdentityLink"> - <wsdlsoap:operation soapAction="" /> - <input name="GetIdentityLinkRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetIdentityLinkResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetIdentityLinkEidas"> - <wsdlsoap:operation soapAction="" /> - <input name="GetIdentityLinkEidasRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetIdentityLinkEidasResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetBPK"> - <wsdlsoap:operation soapAction="" /> - <input name="GetBPKRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetBPKResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetBPKs"> - <wsdlsoap:operation soapAction="" /> - <input name="GetBPKsRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetBPKsResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetBPKKombi"> - <wsdlsoap:operation soapAction="" /> - <input name="GetBPKKombiRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetBPKKombiResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetBPKZPV"> - <wsdlsoap:operation soapAction="" /> - <input name="GetBPKZPVRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetBPKZPVResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetBPKFromStammzahlEncrypted"> - <wsdlsoap:operation soapAction="" /> - <input name="GetBPKFromStammzahlEncryptedRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetBPKFromStammzahlEncryptedResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="SignContent"> - <wsdlsoap:operation soapAction="" /> - <input name="SignContentRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="SignContentResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetVKZPermission"> - <wsdlsoap:operation soapAction="" /> - <input name="GetVKZPermissionRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetVKZPermissionResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="ValidateIdentityLink"> - <wsdlsoap:operation soapAction="" /> - <input name="ValidateIdentityLinkRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="ValidateIdentityLinkResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="TransformBPK"> - <wsdlsoap:operation soapAction="" /> - <input name="TransformBPKRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="TransformBPKResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="BPKzuBasiszahl"> - <wsdlsoap:operation soapAction="" /> - <input name="BPKzuBasiszahlRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="BPKzuBasiszahlResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="BasiszahlZuBPK"> - <wsdlsoap:operation soapAction="" /> - <input name="BasiszahlZuBPKRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="BasiszahlZuBPKResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="ZMRAnwendungsIntegration"> - <wsdlsoap:operation soapAction="" /> - <input name="ZMRAnwendungsIntegrationRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="ZMRAnwendungsIntegrationResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetStammzahl"> - <wsdlsoap:operation soapAction="" /> - <input name="GetStammzahlRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetStammzahlResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetStammzahlEncrypted"> - <wsdlsoap:operation soapAction="" /> - <input name="GetStammzahlEncryptedRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetStammzahlEncryptedResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - <operation name="GetVersion"> - <wsdlsoap:operation soapAction="" /> - <input name="GetVersionRequest"> - <wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" /> - <wsdlsoap:body use="literal" /> - </input> - <output name="GetVersionResponse"> - <wsdlsoap:body use="literal" /> - </output> - <fault name="SZRException"> - <wsdlsoap:fault name="SZRException" use="literal" /> - </fault> - </operation> - </binding> - <service name="SZRService"> - <port binding="szr:SZRSoapBinding" name="SZRBusinesspartnerTestumgebung"> - <wsdlsoap:address location="https://pvawp.bmi.gv.at/at.gv.bmi.szrsrv-b/services/SZR" /> - </port> - <port binding="szr:SZRSoapBinding" name="SZRTestumgebung"> - <wsdlsoap:address location="https://pvawp.bmi.gv.at/bmi.gv.at/soap/SZ2Services-T/services/SZR" /> - </port> - <port binding="szr:SZRSoapBinding" name="SZRProduktionsumgebung"> - <wsdlsoap:address location="https://pvawp.bmi.gv.at/bmi.gv.at/soap/SZ2Services/services/SZR" /> - </port> - </service> -</definitions>
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/pvp1.xsd b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/pvp1.xsd deleted file mode 100644 index 09c0b1e3..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/pvp1.xsd +++ /dev/null @@ -1,133 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- edited with XMLSPY v2004 rel. 2 U (http://www.xmlspy.com) by BM (Bundeskanzleramt) --> -<!-- PVP Schema 1.8.10 --> -<!-- pvpToken wird über das Element <Security> aus der Spezifikation WS-Security in den SOAP-Header eingebunden --> -<!--erstellt: rainer.hoerbe@bmi.gv.at 2004-04-30 --> -<!--geändert: rainer.hoerbe@beko.at 2007-04-04: Extensions Points definiert --> -<xs:schema targetNamespace="http://egov.gv.at/pvp1.xsd" xmlns="http://egov.gv.at/pvp1.xsd" xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified"> - <xs:element name="pvpToken"> - <xs:complexType> - <xs:complexContent> - <xs:extension base="pvpTokenType" /> - </xs:complexContent> - </xs:complexType> - </xs:element> - <xs:complexType name="pvpTokenType"> - <xs:sequence> - <xs:element name="authenticate"> - <xs:complexType> - <xs:sequence> - <xs:element name="participantId" type="xs:string" /> - <xs:element name="gvOuDomain" type="xs:string" minOccurs="0" maxOccurs="1" /> - <xs:choice> - <xs:element name="userPrincipal"> - <xs:complexType> - <xs:complexContent> - <xs:extension base="pvpPrincipalType"> - <xs:sequence> - <xs:element name="gvGid" type="xs:string" /> - <xs:element name="mail" type="xs:string" minOccurs="0" maxOccurs="1" /> - <xs:element name="tel" type="xs:string" minOccurs="0" maxOccurs="1" /> - <xs:element name="bpk" type="xs:string" minOccurs="0" maxOccurs="1" /> - <xs:element name="gvFunction" type="xs:string" minOccurs="0" maxOccurs="1" /> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - </xs:element> - <xs:element name="systemPrincipal" type="pvpPrincipalType" /> - </xs:choice> - <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation>additional authentication properties</xs:documentation> - </xs:annotation> - </xs:any> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="authorize" minOccurs="0" maxOccurs="1"> - <xs:complexType> - <xs:sequence> - <xs:sequence minOccurs="0"> - <xs:element name="gvOuId" type="xs:string" /> - <xs:element name="ou" type="xs:string" /> - </xs:sequence> - <xs:element name="role" maxOccurs="unbounded"> - <xs:complexType> - <xs:sequence> - <xs:any namespace="##any" processContents="skip" minOccurs="0" maxOccurs="unbounded" /> - </xs:sequence> - <xs:attribute name="value" type="xs:string" use="required" /> - </xs:complexType> - </xs:element> - <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation>additional authorization properties</xs:documentation> - </xs:annotation> - </xs:any> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="accounting" minOccurs="0"> - <xs:complexType> - <xs:sequence> - <xs:any processContents="skip" minOccurs="0" maxOccurs="unbounded" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="pvpChainedToken" type="pvpTokenType" minOccurs="0" /> - <xs:element name="pvpExtension" block="extension" minOccurs="0"> - <xs:complexType> - <xs:sequence> - <xs:any namespace="##any" processContents="skip" minOccurs="0" maxOccurs="unbounded" /> - </xs:sequence> - </xs:complexType> - </xs:element> - </xs:sequence> - <xs:attribute name="version" type="gvVersionType" use="required" /> - <xs:anyAttribute namespace="##any" processContents="lax" /> - </xs:complexType> - <xs:complexType name="pvpPrincipalType"> - <xs:sequence> - <xs:element name="userId" type="xs:string" /> - <xs:element name="cn" type="xs:string" /> - <xs:element name="gvOuId" type="xs:string" /> - <xs:element name="ou" type="xs:string" /> - <xs:element name="gvOuOKZ" type="xs:string" minOccurs="0" /> <!-- steht auch in der pvp doku, fehlt aber im normalen pvp1.xsd --> - <xs:element name="gvSecClass" type="gvSecClassType" minOccurs="0" /> - <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation>additional principal attributes</xs:documentation> - </xs:annotation> - </xs:any> - </xs:sequence> - <xs:anyAttribute namespace="##any" processContents="lax" /> - </xs:complexType> - <xs:simpleType name="gvSecClassType"> - <xs:restriction base="xs:integer"> - <xs:enumeration value="0" /> - <xs:enumeration value="1" /> - <xs:enumeration value="2" /> - <xs:enumeration value="3" /> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="gvVersionType"> - <xs:restriction base="xs:string"> - <xs:enumeration value="1.0" /> - <xs:enumeration value="1.1" /> - <xs:enumeration value="1.2" /> - <xs:enumeration value="1.8" /> - <xs:enumeration value="1.9" /> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="logLevelType"> - <xs:restriction base="xs:integer"> - <xs:enumeration value="0" /> - <xs:enumeration value="1" /> - <xs:enumeration value="2" /> - <xs:enumeration value="3" /> - <xs:enumeration value="4" /> - <xs:enumeration value="5" /> - </xs:restriction> - </xs:simpleType> -</xs:schema> diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/pvp19.xsd b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/pvp19.xsd deleted file mode 100644 index 596a2b99..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/pvp19.xsd +++ /dev/null @@ -1,133 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- edited with XMLSPY v2004 rel. 2 U (http://www.xmlspy.com) by BM (Bundeskanzleramt) --> -<!-- PVP Schema 1.8.10 --> -<!-- pvpToken wird über das Element <Security> aus der Spezifikation WS-Security in den SOAP-Header eingebunden --> -<!--erstellt: rainer.hoerbe@bmi.gv.at 2004-04-30 --> -<!--geändert: rainer.hoerbe@beko.at 2007-04-04: Extensions Points definiert --> -<xs:schema targetNamespace="http://egov.gv.at/pvp1.xsd" xmlns="http://egov.gv.at/pvp1.xsd" xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified"> - <xs:element name="pvpToken"> - <xs:complexType> - <xs:complexContent> - <xs:extension base="pvpTokenType" /> - </xs:complexContent> - </xs:complexType> - </xs:element> - <xs:complexType name="pvpTokenType"> - <xs:sequence> - <xs:element name="authenticate"> - <xs:complexType> - <xs:sequence> - <xs:element name="participantId" type="xs:string" /> - <xs:element name="gvOuDomain" type="xs:string" minOccurs="0" maxOccurs="1" /> - <xs:choice> - <xs:element name="userPrincipal"> - <xs:complexType> - <xs:complexContent> - <xs:extension base="pvpPrincipalType"> - <xs:sequence> - <xs:element name="gvGid" type="xs:string" /> - <xs:element name="mail" type="xs:string" minOccurs="0" maxOccurs="1" /> - <xs:element name="tel" type="xs:string" minOccurs="0" maxOccurs="1" /> - <xs:element name="bpk" type="xs:string" minOccurs="0" maxOccurs="1" /> - <xs:element name="gvFunction" type="xs:string" minOccurs="0" maxOccurs="1" /> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - </xs:element> - <xs:element name="systemPrincipal" type="pvpPrincipalType" /> - </xs:choice> - <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation>additional authentication properties</xs:documentation> - </xs:annotation> - </xs:any> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="authorize" minOccurs="0" maxOccurs="1"> - <xs:complexType> - <xs:sequence> - <xs:sequence minOccurs="0"> - <xs:element name="gvOuId" type="xs:string" /> - <xs:element name="ou" type="xs:string" /> - </xs:sequence> - <xs:element name="role" maxOccurs="unbounded"> - <xs:complexType> - <xs:sequence> - <xs:any namespace="##any" processContents="skip" minOccurs="0" maxOccurs="unbounded" /> - </xs:sequence> - <xs:attribute name="value" type="xs:string" use="required" /> - </xs:complexType> - </xs:element> - <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation>additional authorization properties</xs:documentation> - </xs:annotation> - </xs:any> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="accounting" minOccurs="0"> - <xs:complexType> - <xs:sequence> - <xs:any processContents="skip" minOccurs="0" maxOccurs="unbounded" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="pvpChainedToken" type="pvpTokenType" minOccurs="0" /> - <xs:element name="pvpExtension" block="extension" minOccurs="0"> - <xs:complexType> - <xs:sequence> - <xs:any namespace="##any" processContents="skip" minOccurs="0" maxOccurs="unbounded" /> - </xs:sequence> - </xs:complexType> - </xs:element> - </xs:sequence> - <xs:attribute name="version" type="gvVersionType" use="required" /> - <xs:anyAttribute namespace="##any" processContents="lax" /> - </xs:complexType> - <xs:complexType name="pvpPrincipalType"> - <xs:sequence> - <xs:element name="userId" type="xs:string" /> - <xs:element name="cn" type="xs:string" /> - <xs:element name="gvOuId" type="xs:string" /> - <xs:element name="ou" type="xs:string" /> - <xs:element name="gvOuOKZ" type="xs:string" minOccurs="0" /> - <xs:element name="gvSecClass" type="gvSecClassType" minOccurs="0" /> - <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation>additional principal attributes</xs:documentation> - </xs:annotation> - </xs:any> - </xs:sequence> - <xs:anyAttribute namespace="##any" processContents="lax" /> - </xs:complexType> - <xs:simpleType name="gvSecClassType"> - <xs:restriction base="xs:integer"> - <xs:enumeration value="0" /> - <xs:enumeration value="1" /> - <xs:enumeration value="2" /> - <xs:enumeration value="3" /> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="gvVersionType"> - <xs:restriction base="xs:string"> - <xs:enumeration value="1.0" /> - <xs:enumeration value="1.1" /> - <xs:enumeration value="1.2" /> - <xs:enumeration value="1.8" /> - <xs:enumeration value="1.9" /> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="logLevelType"> - <xs:restriction base="xs:integer"> - <xs:enumeration value="0" /> - <xs:enumeration value="1" /> - <xs:enumeration value="2" /> - <xs:enumeration value="3" /> - <xs:enumeration value="4" /> - <xs:enumeration value="5" /> - </xs:restriction> - </xs:simpleType> -</xs:schema> diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr.xsd b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr.xsd deleted file mode 100644 index 85acfb65..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr.xsd +++ /dev/null @@ -1,388 +0,0 @@ -<xs:schema elementFormDefault="qualified" targetNamespace="urn:SZRServices" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:pd="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:szr="urn:SZRServices" xmlns:xs="http://www.w3.org/2001/XMLSchema"> - <xs:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" /> - <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" /> - <xs:element name="SZRException" type="szr:SZRException" /> - <xs:complexType name="SZRException" /> - <xs:complexType name="PersonInfoType"> - <xs:sequence> - <xs:element name="Person" type="pd:PhysicalPersonType" /> - <xs:element minOccurs="0" name="RegularDomicile" type="pd:PostalAddressType" /> - <xs:element minOccurs="0" name="AddressCodes" type="szr:AddressCodesType" /> - <xs:element minOccurs="0" name="TravelDocument" type="szr:TravelDocumentType" /> - <xs:element minOccurs="0" name="DateOfBirthWildcard" type="xs:boolean" /> - <xs:element minOccurs="0" name="AuskunftssperreGesetzt" type="xs:boolean" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="TravelDocumentType"> - <xs:sequence> - <xs:element minOccurs="0" name="DocumentNumber" type="xs:string" /> - <xs:element minOccurs="0" name="DocumentType" type="xs:string" /> - <xs:element minOccurs="0" name="IssueDate" type="xs:string" /> - <xs:element minOccurs="0" name="IssuingAuthority" type="xs:string" /> - <xs:element minOccurs="0" name="IssuingCountry" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="AddressCodesType"> - <xs:sequence> - <xs:element minOccurs="0" name="GKZ" type="xs:string" /> - <xs:element minOccurs="0" name="OKZ" type="xs:string" /> - <xs:element minOccurs="0" name="SKZ" type="xs:string" /> - <xs:element minOccurs="0" name="ADRCD" type="xs:string" /> - <xs:element minOccurs="0" name="SUBCD" type="xs:string" /> - <xs:element minOccurs="0" name="OBJNR" type="xs:string" /> - <xs:element minOccurs="0" name="NTZLNR" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:element name="TransformBPK"> - <xs:complexType> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element name="InputBPK" type="xs:string" /> - <xs:element name="InputBereichsKennung" type="xs:string" /> - <xs:element name="Begruendung" type="xs:string" /> - <xs:element maxOccurs="unbounded" name="Target" type="szr:FremdBPKRequestType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="TransformBPKResponse"> - <xs:complexType> - <xs:sequence> - <xs:element maxOccurs="unbounded" name="TransformBPKReturn" type="szr:FremdBPKType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetVKZPermission"> - <xs:complexType> - <xs:sequence> - <xs:element name="VKZ" type="xs:string" /> - <xs:element name="BereichsKennung" type="xs:string" /> - <xs:element minOccurs="0" name="ParticipantId" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetVKZPermissionResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetVKZPermissionReturn" type="szr:GetVKZPermissionResponseType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:complexType name="IdentityLinkType"> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element name="Assertion" type="xs:anyType" /> - <xs:element minOccurs="0" name="AdditionalInfo" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="ResultRecord"> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element name="Register" type="xs:string" /> - <xs:element name="bPK" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GetBPKKombiRequestType"> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element minOccurs="0" name="InsertERnP"> - <xs:simpleType> - <xs:restriction base="xs:string"> - <xs:enumeration value="NoInsert" /> - <xs:enumeration value="InsertOnNoMatch" /> - <xs:enumeration value="ForceInsert" /> - </xs:restriction> - </xs:simpleType> - </xs:element> - <xs:element minOccurs="0" name="Suchwizard" type="xs:boolean" /> - <xs:element name="VKZ" type="xs:string" nillable="true" /> - <xs:element minOccurs="0" name="BehoerdenKennzeichen" type="xs:string" /> - <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" /> - <xs:element minOccurs="0" name="Sessionid" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GetBPKKombiResponseType"> - <xs:complexContent> - <xs:extension base="szr:GetBPKZPVResponseType"> - <xs:sequence> - <xs:element name="FoundWithSuchwizard" type="xs:boolean" /> - <xs:element name="Sessionid" type="xs:string" /> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="GetBPKZPVRequestType"> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" default="false" /> - <xs:element minOccurs="1" name="VKZ" type="xs:string" /> - <xs:element minOccurs="0" name="BehoerdenKennzeichen" type="xs:string" /> - <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GetBPKZPVResponseType"> - <xs:sequence> - <xs:element maxOccurs="unbounded" name="ResultRecord" type="szr:ResultRecord" /> - <xs:element name="InsertERnPResult" type="xs:boolean" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GetBPKFromStammzahlEncryptedRequestType"> - <xs:sequence> - <xs:element minOccurs="1" name="StammzahlEncrypted" type="xs:string" /> - <xs:element minOccurs="0" name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element minOccurs="1" name="VKZ" type="xs:string" /> - <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GetBPKFromStammzahlEncryptedResponseType"> - <xs:sequence> - <xs:element minOccurs="0" name="bPK" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" /> - </xs:sequence> - </xs:complexType> - <xs:element name="GetIdentityLink"> - <xs:complexType> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element maxOccurs="unbounded" name="KeyValue" type="dsig:KeyValueType" /> - <xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetIdentityLinkResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetIdentityLinkReturn" type="szr:IdentityLinkType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPK"> - <xs:complexType> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" /> - <xs:element minOccurs="0" name="VKZ" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" /> - <xs:element minOccurs="0" name="ListMultiplePersons" type="xs:boolean" /> - <xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKResponse"> - <xs:complexType> - <xs:sequence> - <xs:element minOccurs="0" name="GetBPKReturn" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" /> - <xs:element maxOccurs="5" minOccurs="0" name="PersonInfo" type="szr:PersonInfoType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKs"> - <xs:complexType> - <xs:sequence> - <xs:element maxOccurs="unbounded" name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" /> - <xs:element name="VKZ" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKsResponse"> - <xs:complexType> - <xs:sequence> - <xs:element maxOccurs="unbounded" name="ResultRecord" type="szr:GetBPKsResponseType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:complexType name="GetBPKsResponseType"> - <xs:sequence> - <xs:element minOccurs="0" name="BPK" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" /> - <xs:element minOccurs="0" name="Fault"> - <xs:complexType> - <xs:attribute name="Code" type="xs:string" /> - <xs:attribute name="String" type="xs:string" /> - </xs:complexType> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:element name="GetBPKKombi"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetBPKKombiRequest" type="szr:GetBPKKombiRequestType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKKombiResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetBPKKombiResponse" type="szr:GetBPKKombiResponseType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKZPV"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetBPKZPVRequest" type="szr:GetBPKZPVRequestType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKZPVResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetBPKZPVResponse" type="szr:GetBPKZPVResponseType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKFromStammzahlEncrypted"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetBPKFromStammzahlEncryptedRequest" type="szr:GetBPKFromStammzahlEncryptedRequestType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKFromStammzahlEncryptedResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetBPKFromStammzahlEncryptedResponse" type="szr:GetBPKFromStammzahlEncryptedResponseType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="ValidateIdentityLink"> - <xs:complexType> - <xs:sequence> - <xs:element name="IdentityLink" type="szr:IdentityLinkType" /> - <xs:element name="BereichsKennung" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="ValidateIdentityLinkResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="ValidateIdentityLinkReturn" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="BPKzuBasiszahl"> - <xs:complexType> - <xs:sequence> - <xs:element name="Bereich" type="xs:string" /> - <xs:element name="BPK" type="xs:string" /> - <xs:element maxOccurs="unbounded" name="BasisZahl" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="BPKzuBasiszahlResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="BPKzuBasiszahlReturn" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:complexType name="FremdBPKRequestType"> - <xs:sequence> - <xs:element name="BereichsKennung" type="xs:string" /> - <xs:element name="VKZ" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="FremdBPKType"> - <xs:sequence> - <xs:element name="BereichsKennung" type="xs:string" /> - <xs:element name="FremdBPK" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GetVKZPermissionResponseType"> - <xs:sequence> - <xs:element name="isAllowed" type="xs:boolean" /> - <xs:element minOccurs="0" name="behSchluessel" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:element name="BasiszahlZuBPK"> - <xs:complexType> - <xs:sequence> - <xs:element minOccurs="0" name="VKZ" type="xs:string" /> - <xs:element maxOccurs="unbounded" name="BasisZahl" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="Bereich" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKTargets" type="szr:FremdBPKRequestType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:complexType name="BasiszahlZuBPKReturnType"> - <xs:sequence> - <xs:element maxOccurs="unbounded" minOccurs="0" name="BPK" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKs" type="szr:FremdBPKType" /> - </xs:sequence> - </xs:complexType> - <xs:element name="BasiszahlZuBPKResponse"> - <xs:complexType> - <xs:sequence> - <xs:element maxOccurs="unbounded" name="BasiszahlZuBPKReturn" type="szr:BasiszahlZuBPKReturnType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="ZMRAnwendungsIntegration"> - <xs:complexType> - <xs:sequence> - <xs:element name="Bereich" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKTargets" type="szr:FremdBPKRequestType" /> - <xs:element maxOccurs="unbounded" name="ZMRfremdbPK" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:complexType name="ZMRAnwendungsIntegrationReturnType"> - <xs:sequence> - <xs:element name="BPK" type="xs:string" /> - <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKs" type="szr:FremdBPKType" /> - </xs:sequence> - </xs:complexType> - <xs:element name="ZMRAnwendungsIntegrationResponse"> - <xs:complexType> - <xs:sequence> - <xs:element maxOccurs="unbounded" name="ZMRAnwendungsIntegrationReturn" type="szr:ZMRAnwendungsIntegrationReturnType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetStammzahl"> - <xs:complexType> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetStammzahlResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="Stammzahl" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetStammzahlEncrypted"> - <xs:complexType> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" /> - <xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetStammzahlEncryptedResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="Stammzahl" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetVersion" /> - <xs:element name="GetVersionResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="Version" type="xs:string" /> - <xs:element name="Revision" type="xs:string" /> - <xs:element name="Time" type="xs:string" /> - <xs:element name="IdentityLinkNotAfter" type="xs:string" /> - </xs:sequence> - </xs:complexType> - </xs:element> -</xs:schema>
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_ecdsa.xsd b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_ecdsa.xsd deleted file mode 100644 index 87ee80be..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_ecdsa.xsd +++ /dev/null @@ -1,30 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<xs:schema elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema" - targetNamespace="http://www.w3.org/2001/04/xmldsig-more#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#"> - <xs:element name="ECDSAKeyValue" type="ecdsa:ECDSAKeyValueType" /> - <xs:complexType name="ECDSAKeyValueType"> - <xs:sequence> - <xs:element name="DomainParameters" type="ecdsa:DomainParamsType" - minOccurs="0" /> - <xs:element name="PublicKey" type="ecdsa:ECPointType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="DomainParamsType"> - <xs:sequence> - <xs:element name="NamedCurve" minOccurs="0" - type="ecdsa:NamedCurveType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="NamedCurveType"> - <xs:attribute name="URN" type="xs:string" use="required" /> - </xs:complexType> - <xs:complexType name="ECPointType"> - <xs:sequence minOccurs="0"> - <xs:element name="X" type="ecdsa:PrimeFieldElemType" /> - <xs:element name="Y" type="ecdsa:PrimeFieldElemType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="PrimeFieldElemType"> - <xs:attribute name="Value" type="xs:string" use="required" /> - </xs:complexType> -</xs:schema>
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_persondata.xsd b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_persondata.xsd deleted file mode 100644 index 3c9ac932..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_persondata.xsd +++ /dev/null @@ -1,54 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<xs:schema elementFormDefault="qualified" xmlns:pd="http://reference.e-government.gv.at/namespace/persondata/20020228#" - targetNamespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xs="http://www.w3.org/2001/XMLSchema"> - <xs:complexType name="PhysicalPersonType"> - <xs:sequence> - <xs:element minOccurs="0" name="Identification" type="pd:IdentificationType" /> - <xs:element minOccurs="1" name="Name" type="pd:PersonNameType" /> - <xs:element minOccurs="0" name="AlternativeName" type="pd:AlternativeNameType" /> - <xs:element minOccurs="0" name="Sex" type="xs:string" /> - <xs:element minOccurs="0" name="DateOfBirth" type="xs:string" /> - <xs:element minOccurs="0" name="PlaceOfBirth" type="xs:string" /> - <xs:element minOccurs="0" name="CountryOfBirth" type="xs:string" /> - <xs:element minOccurs="0" name="Nationality" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="IdentificationType"> - <xs:sequence> - <xs:element minOccurs="0" name="Value" type="xs:string" /> - <xs:element minOccurs="0" name="Type" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="PersonNameType"> - <xs:sequence> - <xs:element minOccurs="0" name="PrefixedDegree" type="xs:string" /> - <xs:element name="GivenName" type="xs:string" nillable="true" /> - <xs:element name="FamilyName" type="xs:string" nillable="true" /> - <xs:element minOccurs="0" name="SuffixedDegree" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="AlternativeNameType"> - <xs:sequence> - <xs:element name="FamilyName" type="xs:string" nillable="true" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="PostalAddressType"> - <xs:sequence> - <xs:element minOccurs="0" name="PostalCode" type="xs:string" /> - <xs:element minOccurs="0" name="Municipality" type="xs:string" /> - <xs:element minOccurs="0" name="Locality" type="xs:string" /> - <xs:element minOccurs="0" name="StateCode3" type="xs:string" /> - <xs:element minOccurs="0" name="DeliveryAddress" type="pd:DeliveryAddressType" /> - <xs:element minOccurs="0" name="HistoricRecord" type="xs:boolean" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="DeliveryAddressType"> - <xs:sequence> - <xs:element minOccurs="0" name="AddressLine" type="xs:string" /> - <xs:element minOccurs="0" name="StreetName" type="xs:string" /> - <xs:element minOccurs="0" name="BuildingNumber" type="xs:string" /> - <xs:element minOccurs="0" name="Unit" type="xs:string" /> - <xs:element minOccurs="0" name="DoorNumber" type="xs:string" /> - </xs:sequence> - </xs:complexType> -</xs:schema>
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_pvp_sec.xsd b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_pvp_sec.xsd deleted file mode 100644 index 5001c1b8..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_pvp_sec.xsd +++ /dev/null @@ -1,10 +0,0 @@ -<xs:schema xmlns:pvp="http://egov.gv.at/pvp1.xsd" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://schemas.xmlsoap.org/ws/2002/04/secext" elementFormDefault="qualified"> - <xs:import namespace="http://egov.gv.at/pvp1.xsd" schemaLocation="pvp19.xsd"/> - <xs:element name="Security"> - <xs:complexType> - <xs:sequence> - <xs:element ref="pvp:pvpToken"/> - </xs:sequence> - </xs:complexType> - </xs:element> -</xs:schema> diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_v4.0-schemas.xml b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_v4.0-schemas.xml deleted file mode 100644 index d40efa45..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_v4.0-schemas.xml +++ /dev/null @@ -1,54 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<bindings version="2.0" xmlns="http://java.sun.com/xml/ns/jaxb" - xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" - xmlns:xjc="http://java.sun.com/xml/ns/jaxb/xjc"> - - <bindings schemaLocation="../szr_v4/szr_v4.0.xsd"> - <bindings node="/xsd:schema"> - <schemaBindings> - <package name="at.gv.util.xsd.szr_v4" /> - </schemaBindings> - </bindings> - </bindings> - - <bindings schemaLocation="../szr/szr_ecdsa.xsd"> - <bindings node="/xsd:schema"> - <schemaBindings> - <package name="at.gv.util.xsd.szr.ecdsa" /> - </schemaBindings> - </bindings> - </bindings> - - <bindings schemaLocation="../szr_v4/szr_persondata.xsd"> - <bindings node="/xsd:schema"> - <schemaBindings> - <package name="at.gv.util.xsd.szr.persondata" /> - </schemaBindings> - </bindings> - </bindings> - - <bindings schemaLocation="../szr_v4/szr_pvp_sec.xsd"> - <bindings node="/xsd:schema"> - <schemaBindings> - <package name="at.gv.util.xsd.szr.pvp19.sec" /> - </schemaBindings> - </bindings> - </bindings> - - <bindings schemaLocation="../szr_v4/pvp19.xsd"> - <bindings node="/xsd:schema"> - <schemaBindings> - <package name="at.gv.util.xsd.szr.pvp19" /> - </schemaBindings> - </bindings> - </bindings> - - <bindings schemaLocation="../szr/szr_xmldsig.xsd"> - <bindings node="/xsd:schema"> - <schemaBindings> - <package name="at.gv.util.xsd.szr.xmldsig" /> - </schemaBindings> - </bindings> - </bindings> - -</bindings>
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_v4.0-wsdl.xml b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_v4.0-wsdl.xml deleted file mode 100644 index f95c35f0..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_v4.0-wsdl.xml +++ /dev/null @@ -1,10 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<bindings xmlns="http://java.sun.com/xml/ns/jaxws" - xmlns:jaxb="http://java.sun.com/xml/ns/jaxb" - xmlns:xsd="http://www.w3.org/2001/XMLSchema" - xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"> - - <enableWrapperStyle>false</enableWrapperStyle> - <package name="at.gv.util.wsdl.szr_v4"/> - -</bindings>
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_v4.0.xsd b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_v4.0.xsd deleted file mode 100644 index 2d25f2dc..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_v4.0.xsd +++ /dev/null @@ -1,443 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:szr="urn:SZRServices" xmlns:pd="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" targetNamespace="urn:SZRServices" elementFormDefault="qualified"> - <xs:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="szr_persondata.xsd"/> - <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="szr_xmldsig.xsd"/> - <xs:element name="SZRException" type="szr:SZRException"/> - <xs:complexType name="SZRException"/> - <xs:complexType name="PersonInfoType"> - <xs:sequence> - <xs:element name="Person" type="pd:PhysicalPersonType"/> - <xs:element name="RegularDomicile" type="pd:PostalAddressType" minOccurs="0"/> - <xs:element name="AddressCodes" type="szr:AddressCodesType" minOccurs="0"/> - <xs:element name="TravelDocument" type="szr:TravelDocumentType" minOccurs="0"/> - <xs:element name="DateOfBirthWildcard" type="xs:boolean" minOccurs="0"/> - <xs:element name="AuskunftssperreGesetzt" type="xs:boolean" minOccurs="0"/> - </xs:sequence> - </xs:complexType> - <xs:complexType name="TravelDocumentType"> - <xs:sequence> - <xs:element name="DocumentNumber" type="xs:string" minOccurs="0"/> - <xs:element name="DocumentType" type="xs:string" minOccurs="0"/> - <xs:element name="IssueDate" type="xs:string" minOccurs="0"/> - <xs:element name="IssuingAuthority" type="xs:string" minOccurs="0"/> - <xs:element name="IssuingCountry" type="xs:string" minOccurs="0"/> - </xs:sequence> - </xs:complexType> - <xs:complexType name="AddressCodesType"> - <xs:sequence> - <xs:element name="GKZ" type="xs:string" minOccurs="0"/> - <xs:element name="OKZ" type="xs:string" minOccurs="0"/> - <xs:element name="SKZ" type="xs:string" minOccurs="0"/> - <xs:element name="ADRCD" type="xs:string" minOccurs="0"/> - <xs:element name="SUBCD" type="xs:string" minOccurs="0"/> - <xs:element name="OBJNR" type="xs:string" minOccurs="0"/> - <xs:element name="NTZLNR" type="xs:string" minOccurs="0"/> - </xs:sequence> - </xs:complexType> - <xs:element name="TransformBPK"> - <xs:complexType> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType"/> - <xs:element name="InputBPK" type="xs:string"/> - <xs:element name="InputBereichsKennung" type="xs:string"/> - <xs:element name="Begruendung" type="xs:string"/> - <xs:element name="Target" type="szr:FremdBPKRequestType" maxOccurs="unbounded"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="TransformBPKResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="TransformBPKReturn" type="szr:FremdBPKType" maxOccurs="unbounded"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetVKZPermission"> - <xs:complexType> - <xs:sequence> - <xs:element name="VKZ" type="xs:string"/> - <xs:element name="BereichsKennung" type="xs:string"/> - <xs:element name="ParticipantId" type="xs:string" minOccurs="0"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetVKZPermissionResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetVKZPermissionReturn" type="szr:GetVKZPermissionResponseType"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:complexType name="IdentityLinkType"> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType"/> - <xs:element name="Assertion" type="xs:anyType"/> - <xs:element name="AdditionalInfo" type="xs:string" minOccurs="0"/> - </xs:sequence> - </xs:complexType> - <xs:complexType name="ResultRecord"> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType"/> - <xs:element name="Register" type="xs:string"/> - <xs:element name="bPK" type="xs:string"/> - <xs:element name="FremdBPK" type="szr:FremdBPKType" minOccurs="0" maxOccurs="unbounded"/> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GetBPKKombiRequestType"> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType"/> - <xs:element name="InsertERnP" minOccurs="0"> - <xs:simpleType> - <xs:restriction base="xs:string"> - <xs:enumeration value="NoInsert"/> - <xs:enumeration value="InsertOnNoMatch"/> - <xs:enumeration value="ForceInsert"/> - </xs:restriction> - </xs:simpleType> - </xs:element> - <xs:element name="Suchwizard" type="xs:boolean" minOccurs="0"/> - <xs:element name="VKZ" type="xs:string" nillable="true"/> - <xs:element name="BehoerdenKennzeichen" type="xs:string" minOccurs="0"/> - <xs:element name="BereichsKennung" type="xs:string" minOccurs="0"/> - <xs:element name="Target" type="szr:FremdBPKRequestType" minOccurs="0" maxOccurs="unbounded"/> - <xs:element name="Sessionid" type="xs:string" minOccurs="0"/> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GetBPKKombiResponseType"> - <xs:complexContent> - <xs:extension base="szr:GetBPKZPVResponseType"> - <xs:sequence> - <xs:element name="FoundWithSuchwizard" type="xs:boolean"/> - <xs:element name="Sessionid" type="xs:string"/> - </xs:sequence> - </xs:extension> - </xs:complexContent> - </xs:complexType> - <xs:complexType name="GetBPKZPVRequestType"> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType"/> - <xs:element name="InsertERnP" type="xs:boolean" default="false" minOccurs="0"/> - <xs:element name="VKZ" type="xs:string" minOccurs="1"/> - <xs:element name="BehoerdenKennzeichen" type="xs:string" minOccurs="0"/> - <xs:element name="BereichsKennung" type="xs:string" minOccurs="0"/> - <xs:element name="Target" type="szr:FremdBPKRequestType" minOccurs="0" maxOccurs="unbounded"/> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GetBPKZPVResponseType"> - <xs:sequence> - <xs:element name="ResultRecord" type="szr:ResultRecord" maxOccurs="unbounded"/> - <xs:element name="InsertERnPResult" type="xs:boolean"/> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GetBPKFromStammzahlEncryptedRequestType"> - <xs:sequence> - <xs:element name="StammzahlEncrypted" type="xs:string" minOccurs="1"/> - <xs:element name="PersonInfo" type="szr:PersonInfoType" minOccurs="0"/> - <xs:element name="VKZ" type="xs:string" minOccurs="1"/> - <xs:element name="BereichsKennung" type="xs:string" minOccurs="0" maxOccurs="unbounded"/> - <xs:element name="Target" type="szr:FremdBPKRequestType" minOccurs="0" maxOccurs="unbounded"/> - </xs:sequence> - <xs:attribute name="key"/> - </xs:complexType> - <xs:complexType name="GetBPKFromStammzahlEncryptedResponseType"> - <xs:sequence> - <xs:element name="bPK" type="xs:string" minOccurs="0" maxOccurs="unbounded"/> - <xs:element name="FremdBPK" type="szr:FremdBPKType" minOccurs="0" maxOccurs="unbounded"/> - <xs:element name="Fault" type="szr:Fault" minOccurs="0"/> - </xs:sequence> - <xs:attribute name="key"/> - </xs:complexType> - <xs:complexType name="Fault"> - <xs:attribute name="Code" type="xs:string"/> - <xs:attribute name="String" type="xs:string"/> - </xs:complexType> - <xs:complexType name="SignContentResponseType"> - <xs:sequence> - <xs:element name="JwsAlg" type="xs:string" minOccurs="0"/> - <xs:element name="Out" type="szr:SignContentEntry" minOccurs="0" maxOccurs="unbounded"/> - </xs:sequence> - </xs:complexType> - <xs:complexType name="SignContentEntry"> - <xs:simpleContent> - <xs:extension base="xs:string"> - <xs:attribute name="key"/> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - <xs:element name="GetIdentityLink"> - <xs:complexType> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType"/> - <xs:element name="KeyValue" type="dsig:KeyValueType" minOccurs="0" maxOccurs="unbounded"/> - <xs:element name="InsertERnP" type="xs:boolean" minOccurs="0"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetIdentityLinkResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetIdentityLinkReturn" type="szr:IdentityLinkType"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetIdentityLinkEidas"> - <xs:complexType> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetIdentityLinkEidasResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetIdentityLinkReturn" type="szr:IdentityLinkType"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPK"> - <xs:complexType> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType"/> - <xs:element name="BereichsKennung" type="xs:string" minOccurs="0" maxOccurs="unbounded"/> - <xs:element name="VKZ" type="xs:string" minOccurs="0"/> - <xs:element name="Target" type="szr:FremdBPKRequestType" minOccurs="0" maxOccurs="unbounded"/> - <xs:element name="ListMultiplePersons" type="xs:boolean" minOccurs="0"/> - <xs:element name="InsertERnP" type="xs:boolean" minOccurs="0"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetBPKReturn" type="xs:string" minOccurs="0" maxOccurs="unbounded"/> - <xs:element name="FremdBPK" type="szr:FremdBPKType" minOccurs="0" maxOccurs="unbounded"/> - <xs:element name="PersonInfo" type="szr:PersonInfoType" minOccurs="0" maxOccurs="5"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKs"> - <xs:complexType> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType" maxOccurs="unbounded"/> - <xs:element name="BereichsKennung" type="xs:string" minOccurs="0" maxOccurs="unbounded"/> - <xs:element name="VKZ" type="xs:string"/> - <xs:element name="Target" type="szr:FremdBPKRequestType" minOccurs="0" maxOccurs="unbounded"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKsResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="ResultRecord" type="szr:GetBPKsResponseType" maxOccurs="unbounded"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:complexType name="GetBPKsResponseType"> - <xs:sequence> - <xs:element name="BPK" type="xs:string" minOccurs="0" maxOccurs="unbounded"/> - <xs:element name="FremdBPK" type="szr:FremdBPKType" minOccurs="0" maxOccurs="unbounded"/> - <xs:element name="Fault" minOccurs="0"> - <xs:complexType> - <xs:attribute name="Code" type="xs:string"/> - <xs:attribute name="String" type="xs:string"/> - </xs:complexType> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:element name="GetBPKKombi"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetBPKKombiRequest" type="szr:GetBPKKombiRequestType"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKKombiResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetBPKKombiResponse" type="szr:GetBPKKombiResponseType"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKZPV"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetBPKZPVRequest" type="szr:GetBPKZPVRequestType"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKZPVResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="GetBPKZPVResponse" type="szr:GetBPKZPVResponseType"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKFromStammzahlEncrypted"> - <xs:complexType> - <xs:sequence> - <xs:element name="In" type="szr:GetBPKFromStammzahlEncryptedRequestType" maxOccurs="unbounded"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetBPKFromStammzahlEncryptedResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="Out" type="szr:GetBPKFromStammzahlEncryptedResponseType" maxOccurs="unbounded"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="SignContent"> - <xs:complexType> - <xs:sequence> - <xs:element name="AppendCert" type="xs:boolean" default="false" minOccurs="0"/> - <xs:element name="JWSHeaderParam" type="szr:JwsHeaderParam" minOccurs="0" maxOccurs="unbounded"/> - <xs:element name="In" type="szr:SignContentEntry" minOccurs="0" maxOccurs="unbounded"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:complexType name="JwsHeaderParam"> - <xs:attribute name="key" type="xs:string" use="required"/> - <xs:attribute name="value" type="xs:string" use="required"/> - </xs:complexType> - <xs:element name="SignContentResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="SignContentResponse" type="szr:SignContentResponseType"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="ValidateIdentityLink"> - <xs:complexType> - <xs:sequence> - <xs:element name="IdentityLink" type="szr:IdentityLinkType"/> - <xs:element name="BereichsKennung" type="xs:string"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="ValidateIdentityLinkResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="ValidateIdentityLinkReturn" type="xs:string"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="BPKzuBasiszahl"> - <xs:complexType> - <xs:sequence> - <xs:element name="Bereich" type="xs:string"/> - <xs:element name="BPK" type="xs:string"/> - <xs:element name="BasisZahl" type="xs:string" maxOccurs="unbounded"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="BPKzuBasiszahlResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="BPKzuBasiszahlReturn" type="xs:string"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:complexType name="FremdBPKRequestType"> - <xs:sequence> - <xs:element name="BereichsKennung" type="xs:string"/> - <xs:element name="VKZ" type="xs:string"/> - </xs:sequence> - </xs:complexType> - <xs:complexType name="FremdBPKType"> - <xs:sequence> - <xs:element name="BereichsKennung" type="xs:string"/> - <xs:element name="FremdBPK" type="xs:string"/> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GetVKZPermissionResponseType"> - <xs:sequence> - <xs:element name="isAllowed" type="xs:boolean"/> - <xs:element name="behSchluessel" type="xs:string" minOccurs="0"/> - </xs:sequence> - </xs:complexType> - <xs:element name="BasiszahlZuBPK"> - <xs:complexType> - <xs:sequence> - <xs:element name="VKZ" type="xs:string" minOccurs="0"/> - <xs:element name="BasisZahl" type="xs:string" maxOccurs="unbounded"/> - <xs:element name="Bereich" type="xs:string" minOccurs="0" maxOccurs="unbounded"/> - <xs:element name="FremdBPKTargets" type="szr:FremdBPKRequestType" minOccurs="0" maxOccurs="unbounded"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:complexType name="BasiszahlZuBPKReturnType"> - <xs:sequence> - <xs:element name="BPK" type="xs:string" minOccurs="0" maxOccurs="unbounded"/> - <xs:element name="FremdBPKs" type="szr:FremdBPKType" minOccurs="0" maxOccurs="unbounded"/> - </xs:sequence> - </xs:complexType> - <xs:element name="BasiszahlZuBPKResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="BasiszahlZuBPKReturn" type="szr:BasiszahlZuBPKReturnType" maxOccurs="unbounded"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="ZMRAnwendungsIntegration"> - <xs:complexType> - <xs:sequence> - <xs:element name="Bereich" type="xs:string"/> - <xs:element name="FremdBPKTargets" type="szr:FremdBPKRequestType" minOccurs="0" maxOccurs="unbounded"/> - <xs:element name="ZMRfremdbPK" type="xs:string" maxOccurs="unbounded"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:complexType name="ZMRAnwendungsIntegrationReturnType"> - <xs:sequence> - <xs:element name="BPK" type="xs:string"/> - <xs:element name="FremdBPKs" type="szr:FremdBPKType" minOccurs="0" maxOccurs="unbounded"/> - </xs:sequence> - </xs:complexType> - <xs:element name="ZMRAnwendungsIntegrationResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="ZMRAnwendungsIntegrationReturn" type="szr:ZMRAnwendungsIntegrationReturnType" maxOccurs="unbounded"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetStammzahl"> - <xs:complexType> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetStammzahlResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="Stammzahl" type="xs:string"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetStammzahlEncrypted"> - <xs:complexType> - <xs:sequence> - <xs:element name="PersonInfo" type="szr:PersonInfoType"/> - <xs:element name="InsertERnP" type="xs:boolean" minOccurs="0"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetStammzahlEncryptedResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="Stammzahl" type="xs:string"/> - </xs:sequence> - </xs:complexType> - </xs:element> - <xs:element name="GetVersion" nillable="true"/> - <xs:element name="GetVersionResponse"> - <xs:complexType> - <xs:sequence> - <xs:element name="Version" type="xs:string"/> - <xs:element name="Revision" type="xs:string"/> - <xs:element name="Time" type="xs:string"/> - <xs:element name="IdentityLinkNotAfter" type="xs:string"/> - </xs:sequence> - </xs:complexType> - </xs:element> -</xs:schema> diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_xmldsig.xsd b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_xmldsig.xsd deleted file mode 100644 index 96b50b40..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_xmldsig.xsd +++ /dev/null @@ -1,31 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<xs:schema elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" - targetNamespace="http://www.w3.org/2000/09/xmldsig#" xmlns="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> - <xs:import namespace="http://www.w3.org/2001/04/xmldsig-more#" schemaLocation="szr_ecdsa.xsd"/> - <xs:complexType name="KeyValueType"> - <xs:sequence> - <xs:element name="DSAKeyValue" minOccurs="0" - type="dsig:DSAKeyValueType" /> - <xs:element name="RSAKeyValue" minOccurs="0" - type="dsig:RSAKeyValueType" /> - <xs:element ref="ecdsa:ECDSAKeyValue" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="DSAKeyValueType"> - <xs:sequence> - <xs:element name="P" minOccurs="0" type="xs:string" /> - <xs:element name="Q" minOccurs="0" type="xs:string" /> - <xs:element name="J" minOccurs="0" type="xs:string" /> - <xs:element name="G" minOccurs="0" type="xs:string" /> - <xs:element name="Y" minOccurs="0" type="xs:string" /> - <xs:element name="PgenCounter" minOccurs="0" type="xs:string" /> - <xs:element name="Seed" minOccurs="0" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="RSAKeyValueType"> - <xs:sequence> - <xs:element name="Modulus" minOccurs="0" type="xs:string" /> - <xs:element name="Exponent" minOccurs="0" type="xs:string" /> - </xs:sequence> - </xs:complexType> -</xs:schema> diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/templates/eidas_node_forward.html b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/templates/eidas_node_forward.html deleted file mode 100644 index 186937d7..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/templates/eidas_node_forward.html +++ /dev/null @@ -1,36 +0,0 @@ -<!DOCTYPE html> -<html xmlns:th="http://www.thymeleaf.org" - xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout" - layout:decorator="fragments/base" - th:with="lang=${#locale.language}" th:lang="${lang}"> -<head> - <script src="$contextPath/autocommit.js" - th:attr="src=@{/autocommit.js}"></script> -</head> -<body> - <noscript> - <p> - <strong>Note:</strong> Since your browser does not support - JavaScript, you must press the Continue button once to proceed. - </p> - </noscript> - - <div id="alert">Your login is being processed. Thank you for - waiting.</div> - - <form action="${endPoint}" method="post" target="_parent" - th:attr="action=@{${endPoint}}"> - <div> - <input type="hidden" name="${tokenName}" value="${tokenValue}" - th:attr="value=${tokenValue},name=${tokenName}" /> - </div> - <noscript> - <div> - <p>Your browser does not support JavaScript. Click the button to continuing the process .</p> - <input type="submit" value="Continue" /> - </div> - </noscript> - </form> - -</body> -</html>
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthSpringResourceProviderTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthSpringResourceProviderTest.java deleted file mode 100644 index aef290f5..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthSpringResourceProviderTest.java +++ /dev/null @@ -1,56 +0,0 @@ -package at.asitplus.eidas.specific.modules.auth.eidas.v2.test; - -import java.io.IOException; -import java.io.InputStream; - -import org.apache.commons.io.IOUtils; -import org.junit.Assert; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.junit.runners.BlockJUnit4ClassRunner; -import org.springframework.core.io.Resource; - -import at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasAuthenticationSpringResourceProvider; -import at.gv.egiz.eaaf.core.test.TestConstants; - - - -@RunWith(BlockJUnit4ClassRunner.class) -public class EidasAuthSpringResourceProviderTest { - - @Test - public void testSpringConfig() { - final EidasAuthenticationSpringResourceProvider test = - new EidasAuthenticationSpringResourceProvider(); - for (final Resource el : test.getResourcesToLoad()) { - try { - IOUtils.toByteArray(el.getInputStream()); - - } catch (final IOException e) { - Assert.fail("Ressouce: " + el.getFilename() + " not found"); - } - - } - - Assert.assertNotNull("no Name", test.getName()); - Assert.assertNull("Find package definitions", test.getPackagesToScan()); - - } - - @Test - public void testSpILoaderConfig() { - final InputStream el = this.getClass().getResourceAsStream(TestConstants.TEST_SPI_LOADER_PATH); - try { - final String spiFile = IOUtils.toString(el, "UTF-8"); - - Assert.assertEquals("Wrong classpath in SPI file", - EidasAuthenticationSpringResourceProvider.class.getName(), spiFile); - - - } catch (final IOException e) { - Assert.fail("Ressouce: " + TestConstants.TEST_SPI_LOADER_PATH + " not found"); - - } - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java deleted file mode 100644 index 86af87ad..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java +++ /dev/null @@ -1,121 +0,0 @@ -package at.asitplus.eidas.specific.modules.auth.eidas.v2.test; - -import java.io.IOException; -import java.util.HashMap; -import java.util.Map; - -import org.apache.commons.lang3.RandomStringUtils; -import org.junit.Assert; -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.core.io.Resource; -import org.springframework.core.io.ResourceLoader; -import org.springframework.test.annotation.DirtiesContext; -import org.springframework.test.annotation.DirtiesContext.ClassMode; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; - -import at.asitplus.eidas.specific.core.MsEidasNodeConstants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasAuthenticationModulImpl; -import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.impl.idp.auth.modules.ModuleRegistration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyConfiguration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; - -@RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration(locations = { - "/SpringTest-context_tasks_test.xml", - "/SpringTest-context_basic_mapConfig.xml"}) -@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) -public class EidasAuthenticationModulImplTest { - - @Autowired ModuleRegistration moduleReg; - @Autowired ResourceLoader loader; - - private final ExecutionContext executionContext = new ExecutionContextImpl(); - private DummySpConfiguration oaParam; - private TestRequestImpl pendingReq; - private EidasAuthenticationModulImpl authProcess = new EidasAuthenticationModulImpl(); - - /** - * jUnit class initializer. - * - */ - @BeforeClass - public static void classInitializer() throws IOException { - final String current = new java.io.File(".").toURI().toString(); - System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties"); - - } - - /** - * jUnit test set-up. - * - */ - @Before - public void initialize() { - Map<String, String> configMap = new HashMap<String, String>(); - configMap.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "http://test.com/test"); - IConfiguration basicConfig = new DummyConfiguration(); - oaParam = new DummySpConfiguration(configMap, basicConfig); - pendingReq = new TestRequestImpl(); - pendingReq.setSpConfig(oaParam); - } - - @Test - public void checkProcessDefinition() { - Assert.assertNotNull("AuthModule is null", authProcess); - Assert.assertNotNull("AuthModule process is null", authProcess.getProcessDefinitions()); - - for (String el : authProcess.getProcessDefinitions()) { - Resource res = loader.getResource(el); - Assert.assertTrue("AuthProcess description not extist", res.exists()); - - } - } - - @Test - public void countrySelected() throws Exception { - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, RandomStringUtils.randomAlphanumeric(2)); - final String result = - moduleReg.selectProcess(executionContext, pendingReq); - Assert.assertNotNull("Process is null", result); - Assert.assertEquals("Process Id not match", "eIDASAuthentication_v2", result); - - } - - @Test - public void noCountryValid() throws Exception { - final String result = - moduleReg.selectProcess(executionContext, pendingReq); - - Assert.assertNull("Select wrong process", result); - - } - - @Test - public void selectCountryWrongType() throws Exception { - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, 1); - final String result = - moduleReg.selectProcess(executionContext, pendingReq); - Assert.assertNull("Select wrong process", result); - - } - - @Test - public void selectCountryEmpty() throws Exception { - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, ""); - final String result = - moduleReg.selectProcess(executionContext, pendingReq); - Assert.assertNull("Select wrong process", result); - - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasDataStoreTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasDataStoreTest.java deleted file mode 100644 index 1051bd9f..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasDataStoreTest.java +++ /dev/null @@ -1,118 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH AT-specific eIDAS Connector has been developed - * in a cooperation between EGIZ, A-SIT Plus GmbH, A-SIT, and Graz University of - * Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. You may - * obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. The "NOTICE" text file - * is part of the distribution. Any derivative works that you distribute must - * include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.test; - -//import java.security.MessageDigest; -// -//import org.apache.commons.lang3.StringUtils; -//import org.junit.Test; -//import org.junit.runner.RunWith; -//import org.springframework.beans.factory.annotation.Autowired; -//import org.springframework.test.context.ContextConfiguration; -//import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -//import org.springframework.util.Base64Utils; -// -//import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SQLiteServiceException; -//import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.eIDASAuthenticationException; -//import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.eIDASResponseUtils; -//import at.gv.egiz.eaaf.core.impl.data.Trible; -// -//@RunWith(SpringJUnit4ClassRunner.class) -//@ContextConfiguration("/SpringTest-context_basic_test.xml") -//public class EidasDataStoreTest { -// -// @Autowired -// private EidasDataStore dataStore; -// -// private static final String P1_TRANSID = "123456789"; -// private static final String P1_eIDASID = -// "DE/AT/121asdf1as5f1as6f1asd2f1asdf1asdf1asd23f1asdf1asdf4sd7fsdf1asdf1asd2f1asd56f7asdf4asdfasdf1"; -// -// private static final String P2_TRANSID = "987654321"; -// private static final String P2_eIDASID = -// "EE/AT/asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd"; -// -// @Test -// public void dummyTest() { -// -// } -// -// @Test -// public void insertTestOne() throws SQLiteServiceException, eIDASAuthenticationException { -// Trible<String, String, String> eidasId = eIDASResponseUtils.parseEidasPersonalIdentifier(P1_eIDASID); -// String ernbId = createHashFromUniqueId(eidasId.getThird()); -// dataStore.storeNationalId( -// P1_TRANSID, -// eidasId, -// ernbId); -// -// if (StringUtils.isEmpty(dataStore.getEidasRawNationalId(ernbId)) { -// && dataStore.getEidasRawNationalId(ernbId).equals(eidasId.getThird())) -// throw new SQLiteServiceException("No eIDAS RAW Id in SQLite DB", null); -// -// } -// -// if (StringUtils.isEmpty(dataStore.getErnbNationalId(eidasId)) { -// && dataStore.getErnbNationalId(eidasId).equals(ernbId)) -// throw new SQLiteServiceException("No ERnB Id in SQLite DB", null); -// } -// -// } -// -// @Test -// public void insertTestTwo() throws SQLiteServiceException, eIDASAuthenticationException { -// Trible<String, String, String> eidasId = eIDASResponseUtils.parseEidasPersonalIdentifier(P2_eIDASID); -// String ernbId = createHashFromUniqueId(eidasId.getThird()); -// dataStore.storeNationalId( -// P2_TRANSID, -// eidasId, -// ernbId); -// -// if (StringUtils.isEmpty(dataStore.getEidasRawNationalId(ernbId)) { -// && dataStore.getEidasRawNationalId(ernbId).equals(eidasId.getThird())) -// throw new SQLiteServiceException("No eIDAS RAW Id in SQLite DB", null); -// -// } -// -// if (StringUtils.isEmpty(dataStore.getErnbNationalId(eidasId)) { -// && dataStore.getErnbNationalId(eidasId).equals(ernbId)) -// throw new SQLiteServiceException("No ERnB Id in SQLite DB", null); -// -// } -// -// } -// -// private String createHashFromUniqueId(String uniqueId) throws eIDASAuthenticationException { -// try { -// MessageDigest md = MessageDigest.getInstance("SHA-256"); -// byte[] hash = md.digest(uniqueId.getBytes("UTF-8")); -// String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", ""); -// return hashBase64; -// -// } catch (Exception ex) { -// throw new eIDASAuthenticationException("internal.03", new Object[] {}, ex); -// -// } -// } -//} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java deleted file mode 100644 index 0d9d4fb8..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java +++ /dev/null @@ -1,244 +0,0 @@ -package at.asitplus.eidas.specific.modules.auth.eidas.v2.test; - -import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE; - -import java.io.IOException; -import java.net.URISyntaxException; -import java.util.Arrays; -import java.util.Base64; -import java.util.HashMap; -import java.util.Map; - -import org.apache.commons.lang3.RandomStringUtils; -import org.junit.Assert; -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.powermock.core.classloader.annotations.PrepareForTest; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.mock.web.MockHttpServletRequest; -import org.springframework.mock.web.MockHttpServletResponse; -import org.springframework.test.annotation.DirtiesContext; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import org.springframework.web.context.request.RequestContextHolder; -import org.springframework.web.context.request.ServletRequestAttributes; -import org.springframework.web.servlet.config.annotation.EnableWebMvc; - -import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap; -import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummySpConfiguration; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService; -import at.gv.egiz.eaaf.core.api.IRequestStorage; -import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; -import at.gv.egiz.eaaf.core.api.data.EaafConstants; -import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyProtocolAuthService; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import at.gv.egiz.eaaf.core.impl.utils.Random; -import eu.eidas.auth.commons.EidasParameterKeys; -import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse; -import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse.Builder; -import eu.eidas.auth.commons.tx.BinaryLightToken; -import eu.eidas.specificcommunication.exception.SpecificCommunicationException; - -@RunWith(SpringJUnit4ClassRunner.class) -@PrepareForTest(CreateIdentityLinkTask.class) -@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS) -@ContextConfiguration(locations = { - "/SpringTest-context_tasks_test.xml", - "/SpringTest-context_basic_mapConfig.xml"}) -@EnableWebMvc -public class EidasSignalServletTest { - - @Autowired private MsConnectorDummyConfigMap basicConfig; - @Autowired private EidasSignalServlet controller; - @Autowired private IRequestStorage storage; - @Autowired private ITransactionStorage transStore; - @Autowired private DummyProtocolAuthService protAuthService; - @Autowired private DummySpecificCommunicationService connector; - - - private MockHttpServletRequest httpReq; - private MockHttpServletResponse httpResp; - private TestRequestImpl pendingReq; - private MsConnectorDummySpConfiguration oaParam; - - - /** - * jUnit test set-up. - */ - @Before - public void setUp() throws EaafStorageException, URISyntaxException { - httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); - httpResp = new MockHttpServletResponse(); - RequestContextHolder.resetRequestAttributes(); - RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); - - final Map<String, String> spConfig = new HashMap<>(); - spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); - spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); - spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true"); - oaParam = new MsConnectorDummySpConfiguration(spConfig, basicConfig); - oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH)); - pendingReq = new TestRequestImpl(); - - pendingReq.setSpConfig(oaParam); - pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue()); - pendingReq.setAuthUrl("http://test.com/"); - pendingReq.setTransactionId("avaasbav"); - pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); - - connector.setiLightResponse(null); - - - } - - @Test - public void noResponsToken() throws IOException, EaafException { - //set-up - - //execute test - controller.restoreEidasAuthProcess(httpReq, httpResp); - - //validate state - Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); - Assert.assertNotNull("missing error", protAuthService.getException()); - Assert.assertEquals("Wrong errorId", "auth.26", - ((EaafException) protAuthService.getException()).getErrorId()); - - } - - @Test - public void unknownResponseToken() throws IOException, EaafException { - //set-up - httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), - RandomStringUtils.randomAlphanumeric(10)); - - //execute test - controller.restoreEidasAuthProcess(httpReq, httpResp); - - //validate state - Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); - Assert.assertNotNull("missing error", protAuthService.getException()); - Assert.assertEquals("Wrong errorId", "auth.26", - ((EaafException) protAuthService.getException()).getErrorId()); - - } - - @Test - public void withRelayState() throws IOException, EaafException, SpecificCommunicationException { - //set-up - String relayState = RandomStringUtils.randomAlphanumeric(10); - pendingReq.setPendingReqId(relayState); - storage.storePendingRequest(pendingReq); - - Builder iLightResponse = new AuthenticationResponse.Builder(); - iLightResponse.id("_".concat(Random.nextHexRandom16())) - .issuer(RandomStringUtils.randomAlphabetic(10)) - .subject(RandomStringUtils.randomAlphabetic(10)) - .statusCode(Constants.SUCCESS_URI) - .inResponseTo("_".concat(Random.nextHexRandom16())) - .subjectNameIdFormat("afaf") - .relayState(relayState); - - AuthenticationResponse eidasResp = iLightResponse.build(); - BinaryLightToken token = connector.putResponse(eidasResp); - httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), - Base64.getEncoder().encodeToString(token.getTokenBytes())); - - - //execute test - controller.restoreEidasAuthProcess(httpReq, httpResp); - - - //validate state - Assert.assertNotNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); - Assert.assertEquals("wrong eIDAS response", eidasResp, - httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); - - Assert.assertNotNull("missing error", protAuthService.getException()); - Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'", - ((EaafException) protAuthService.getException()).getErrorId()); - - } - - @Test - public void withOutRelayStateMissingPendingReq() throws IOException, EaafException, SpecificCommunicationException { - //set-up - String pendingReqId = RandomStringUtils.randomAlphanumeric(10); - pendingReq.setPendingReqId(pendingReqId); - storage.storePendingRequest(pendingReq); - - String inResponseTo = "_".concat(Random.nextHexRandom16()); - - Builder iLightResponse = new AuthenticationResponse.Builder(); - iLightResponse.id("_".concat(Random.nextHexRandom16())) - .issuer(RandomStringUtils.randomAlphabetic(10)) - .subject(RandomStringUtils.randomAlphabetic(10)) - .statusCode(Constants.SUCCESS_URI) - .inResponseTo(inResponseTo) - .subjectNameIdFormat("afaf"); - - AuthenticationResponse eidasResp = iLightResponse.build(); - BinaryLightToken token = connector.putResponse(eidasResp); - httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), - Base64.getEncoder().encodeToString(token.getTokenBytes())); - - - //execute test - controller.restoreEidasAuthProcess(httpReq, httpResp); - - - //validate state - Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); - Assert.assertNotNull("missing error", protAuthService.getException()); - Assert.assertEquals("Wrong errorId", "auth.26", - ((EaafException) protAuthService.getException()).getErrorId()); - - } - - @Test - public void withInResponseToElement() throws IOException, EaafException, SpecificCommunicationException { - //set-up - String pendingReqId = RandomStringUtils.randomAlphanumeric(10); - pendingReq.setPendingReqId(pendingReqId); - storage.storePendingRequest(pendingReq); - - String inResponseTo = "_".concat(Random.nextHexRandom16()); - transStore.put(inResponseTo, pendingReqId, -1); - - Builder iLightResponse = new AuthenticationResponse.Builder(); - iLightResponse.id("_".concat(Random.nextHexRandom16())) - .issuer(RandomStringUtils.randomAlphabetic(10)) - .subject(RandomStringUtils.randomAlphabetic(10)) - .statusCode(Constants.SUCCESS_URI) - .inResponseTo(inResponseTo) - .subjectNameIdFormat("afaf"); - - AuthenticationResponse eidasResp = iLightResponse.build(); - BinaryLightToken token = connector.putResponse(eidasResp); - httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), - Base64.getEncoder().encodeToString(token.getTokenBytes())); - - - //execute test - controller.restoreEidasAuthProcess(httpReq, httpResp); - - - //validate state - Assert.assertNotNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); - Assert.assertEquals("wrong eIDAS response", eidasResp, - httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); - - Assert.assertNotNull("missing error", protAuthService.getException()); - Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'", - ((EaafException) protAuthService.getException()).getErrorId()); - - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java deleted file mode 100644 index 4d9ae035..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java +++ /dev/null @@ -1,439 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.test; - -import static org.mockito.ArgumentMatchers.any; -import static org.mockito.ArgumentMatchers.anyList; -import static org.mockito.Mockito.when; - -import java.io.IOException; -import java.security.InvalidKeyException; -import java.security.MessageDigest; -import java.security.NoSuchProviderException; -import java.util.List; - -import javax.xml.bind.JAXBContext; -import javax.xml.bind.JAXBException; -import javax.xml.bind.Unmarshaller; -import javax.xml.parsers.ParserConfigurationException; -import javax.xml.ws.soap.SOAPFaultException; - -import org.apache.commons.io.IOUtils; -import org.apache.commons.lang3.RandomStringUtils; -import org.apache.commons.lang3.StringUtils; -import org.apache.cxf.binding.soap.SoapFault; -import org.joda.time.DateTime; -import org.jose4j.lang.JoseException; -import org.junit.Assert; -import org.junit.Before; -import org.junit.Ignore; -import org.junit.Rule; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.test.annotation.DirtiesContext; -import org.springframework.test.annotation.DirtiesContext.ClassMode; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import org.springframework.util.Base64Utils; -import org.w3c.dom.Element; -import org.xml.sax.SAXException; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.JsonMappingException; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.github.skjolber.mockito.soap.SoapServiceRule; - -import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils; -import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType; -import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType; -import at.gv.egiz.eaaf.core.api.data.EaafConstants; -import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; -import at.gv.egiz.eaaf.core.exceptions.EaafParserException; -import at.gv.egiz.eaaf.core.impl.data.Triple; -import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; -import at.gv.egiz.eaaf.core.impl.utils.DomUtils; -import szrservices.GetBPKFromStammzahlEncryptedResponse; -import szrservices.GetBPKFromStammzahlEncryptedResponseType; -import szrservices.GetIdentityLinkEidasResponse; -import szrservices.IdentityLinkType; -import szrservices.PersonInfoType; -import szrservices.SZR; -import szrservices.SZRException_Exception; -import szrservices.SignContentEntry; -import szrservices.SignContentResponse; -import szrservices.SignContentResponseType; -import szrservices.TravelDocumentType; - -@RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration(locations = { - "/SpringTest-context_tasks_test.xml", - "/SpringTest-context_basic_mapConfig.xml"}) -@DirtiesContext(classMode = ClassMode.AFTER_CLASS) -public class SzrClientTest { - private static final Logger log = LoggerFactory.getLogger(SzrClientTest.class); - - @Autowired SzrClient szrClient; - @Autowired MsConnectorDummyConfigMap basicConfig; - - private static ObjectMapper mapper = new ObjectMapper(); - - private static final String givenName = "Franz"; - private static final String familyName = "Mustermann"; - private static final String dateOfBirth = "1989-05-05"; - private static final String eIDASeID = "IS/AT/1234sdgsdfg56789ABCDEF"; - private static final String DUMMY_TARGET = EaafConstants.URN_PREFIX_CDID + "ZP"; - - private SZR szrMock = null; - ErnbEidData eidData = null; - - @Rule - public SoapServiceRule soap = SoapServiceRule.newInstance(); - - /** - * Initialize jUnit test. - */ - @Before - public void initializer() { - if (szrMock == null) { - szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr"); - - } - - eidData = new ErnbEidData(); - eidData.setFamilyName(familyName); - eidData.setGivenName(givenName); - eidData.setDateOfBirth(new DateTime()); - eidData.setCitizenCountryCode("IS"); - eidData.setPseudonym("1234sdgsdfg56789ABCDEF"); - - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject", "false"); - - } - - - - - @Test - public void getStammzahlenEcryptedTest() throws JAXBException, SZRException_Exception, SzrCommunicationException { - final GetBPKFromStammzahlEncryptedResponse szrResponse = new GetBPKFromStammzahlEncryptedResponse(); - final GetBPKFromStammzahlEncryptedResponseType result1 = new GetBPKFromStammzahlEncryptedResponseType(); - szrResponse.getOut().add(result1); - - result1.setKey(RandomStringUtils.randomAlphanumeric(20)); - - // when(szrMock.getBPKFromStammzahlEncrypted(anyList())) - // .thenReturn(Arrays.asList(result1)); - when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(result1.getKey()); - - String stammzahlEncrypted = szrClient.getEncryptedStammzahl(new PersonInfoType()); - - Assert.assertEquals("bcBind not match", result1.getKey(), stammzahlEncrypted); - - when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(null); - try { - stammzahlEncrypted = szrClient.getEncryptedStammzahl(new PersonInfoType()); - } catch (SzrCommunicationException e) { - Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01")); - } - } - - @Test - public void getEidasBindRealSzrResponse() throws SZRException_Exception, SzrCommunicationException, IOException { - final SignContentResponse szrResponse = new SignContentResponse(); - final SignContentEntry result1 = new SignContentEntry(); - final SignContentResponseType content = new SignContentResponseType(); - content.getOut().add(result1); - szrResponse.setSignContentResponse(content); - - result1.setKey("bcBindReq"); - result1.setValue(IOUtils.toString(SzrClient.class.getResourceAsStream("/data/szr/signed_eidasBind.jws"))); - - when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content); - - final String bcBind = szrClient - .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), - RandomStringUtils.randomAlphabetic(10), eidData); - - Assert.assertNotNull("bcBind is null", bcBind); - Assert.assertEquals("bcBind not match", result1.getValue(), bcBind); - - } - - @Test - public void eidasBindNull() throws SZRException_Exception { - when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(null); - - try { - szrClient - .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), - RandomStringUtils.randomAlphabetic(10), eidData); - } catch (SzrCommunicationException e) { - Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01")); - - } - } - - @Test - public void eidasBindInvalidResponse() throws SZRException_Exception { - final SignContentEntry result2 = new SignContentEntry(); - final SignContentResponseType content1 = new SignContentResponseType(); - content1.getOut().add(result2); - when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content1); - - try { - szrClient - .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), - RandomStringUtils.randomAlphabetic(10), eidData); - } catch (SzrCommunicationException e) { - Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01")); - - } - } - - public void eidasBindEmptyResponse() throws SZRException_Exception { - final SignContentEntry result2 = new SignContentEntry(); - final SignContentResponseType content1 = new SignContentResponseType(); - content1.getOut().add(result2); - result2.setKey("bcBindReq"); - result2.setValue(""); - when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content1); - - try { - szrClient - .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), - RandomStringUtils.randomAlphabetic(10), eidData); - } catch (SzrCommunicationException e) { - Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01")); - - } - } - - @Test - public void eidasBindValid() throws SZRException_Exception, SzrCommunicationException, JsonMappingException, - JsonProcessingException, JoseException { - final SignContentResponse szrResponse = new SignContentResponse(); - final SignContentEntry result1 = new SignContentEntry(); - final SignContentResponseType content = new SignContentResponseType(); - content.getOut().add(result1); - szrResponse.setSignContentResponse(content); - - result1.setKey("bcBindReq"); - result1.setValue(RandomStringUtils.randomAlphanumeric(100)); - - when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content); - - final String bcBind = szrClient - .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), - RandomStringUtils.randomAlphabetic(10), eidData); - - Assert.assertNotNull("bcBind is null", bcBind); - Assert.assertEquals("bcBind not match", result1.getValue(), bcBind); - - } - - @Test - public void eidasBindValidWithMds() throws SZRException_Exception, SzrCommunicationException, JoseException, - JsonMappingException, JsonProcessingException { - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject", "true"); - - final SignContentResponse szrResponse = new SignContentResponse(); - final SignContentEntry result1 = new SignContentEntry(); - final SignContentResponseType content = new SignContentResponseType(); - content.getOut().add(result1); - szrResponse.setSignContentResponse(content); - - result1.setKey("bcBindReq"); - result1.setValue(RandomStringUtils.randomAlphanumeric(100)); - - when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content); - - final String bcBind = szrClient - .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), - RandomStringUtils.randomAlphabetic(10), eidData); - - Assert.assertNotNull("bcBind is null", bcBind); - Assert.assertEquals("bcBind not match", result1.getValue(), bcBind); - - } - - @Test - public void getIdentityLinkRawModeValidResponse() - throws SZRException_Exception, EaafParserException, NoSuchProviderException, IOException, InvalidKeyException, - EidasSAuthenticationException, JAXBException { - setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml"); - - try { - log.debug("Starting connecting SZR Gateway"); - final IdentityLinkType result = szrClient.getIdentityLinkInRawMode(getPersonInfo()); - - Assert.assertNotNull(result); - Assert.assertNotNull(result.getAssertion()); - - final IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser((Element) result.getAssertion()) - .parseIdentityLink(); - Assert.assertNotNull(identityLink); - - System.out.println(identityLink.getSerializedSamlAssertion()); - - checkElement("Mustermann", identityLink.getFamilyName()); - checkElement("Hans", identityLink.getGivenName()); - checkElement("1989-05-05", identityLink.getDateOfBirth()); - checkElement("urn:publicid:gv.at:baseid", identityLink.getIdentificationType()); - checkElement("k+zDM1BVpN1WJO4x7ZQ3ng==", identityLink.getIdentificationValue()); - Assert.assertNotNull(identityLink.getSerializedSamlAssertion()); - Assert.assertNotNull(identityLink.getSamlAssertion()); - - } catch (final SzrCommunicationException e) { - Assert.fail(); - - } - - } - - @Test - public void getIdentityLinkRawModeErrorTravelerDocExists() - throws SZRException_Exception, EaafParserException, NoSuchProviderException, IOException, InvalidKeyException, - EidasSAuthenticationException, JAXBException, ParserConfigurationException, SAXException { - setSzrExceptionIdentityLink("/data/szr/szr_resp_error_travelerdocexists.xml"); - - try { - log.debug("Starting connecting SZR Gateway"); - szrClient.getIdentityLinkInRawMode(getPersonInfo()); - Assert.fail(); - - } catch (final SzrCommunicationException e) { - checkElement("ernb.02", e.getErrorId()); - Assert.assertNotNull(e.getCause()); - org.springframework.util.Assert.isInstanceOf(SOAPFaultException.class, e.getCause()); - Assert.assertNotNull(((SOAPFaultException) e.getCause()).getFault()); - checkElement("p344:F455", ((SOAPFaultException) e.getCause()).getFault().getFaultCode()); - checkElement( - "The travel document you sent to insert a person already exists for another person. " + "Either check the document or have the person altered accordingly", - ((SOAPFaultException) e.getCause()).getFault().getFaultString()); - - } - - } - - @Ignore - @Test - public void getBpkTest() throws SZRException_Exception, EidasSAuthenticationException { - final List<String> bPK = szrClient.getBpk(getPersonInfo(), DUMMY_TARGET, basicConfig - .getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ, "no VKZ defined")); - - if (bPK.isEmpty()) { - throw new SzrCommunicationException("ernb.01", new Object[]{"bPK list is empty"}); - } - for (final String b : bPK) { - if (StringUtils.isEmpty(b)) { - throw new SzrCommunicationException("ernb.01", new Object[]{"bPK is null or empty"}); - } - } - - } - - private void checkElement(String expected, String value) { - Assert.assertNotNull(value); - Assert.assertEquals(expected, value); - - } - - private void setSzrResponseIdentityLink(String responseXmlPath) throws JAXBException, SZRException_Exception { - final JAXBContext jaxbContext = JAXBContext - .newInstance(szrservices.ObjectFactory.class, org.w3._2001._04.xmldsig_more.ObjectFactory.class, - org.w3._2000._09.xmldsig.ObjectFactory.class, - at.gv.e_government.reference.namespace.persondata._20020228.ObjectFactory.class); - final Unmarshaller jaxbUnmarshaller = jaxbContext.createUnmarshaller(); - final GetIdentityLinkEidasResponse szrResponse = (GetIdentityLinkEidasResponse) jaxbUnmarshaller - .unmarshal(this.getClass().getResourceAsStream(responseXmlPath)); - when(szrMock.getIdentityLinkEidas(any(PersonInfoType.class))).thenReturn(szrResponse.getGetIdentityLinkReturn()); - - } - - private void setSzrExceptionIdentityLink(String responseXmlPath) - throws JAXBException, ParserConfigurationException, SAXException, IOException, SZRException_Exception { - final Element detailerror = DomUtils.parseXmlNonValidating(this.getClass().getResourceAsStream(responseXmlPath)); - final javax.xml.namespace.QName qName = new javax.xml.namespace.QName("urn:SZRServices", "F455", "p344"); - final SoapFault fault = new SoapFault( - "The travel document you sent to insert a person already exists for another person. " + "Either check the document or have the person altered accordingly", - qName); - fault.setRole("urn:SZRServices"); - fault.setDetail(detailerror); - when(szrMock.getIdentityLinkEidas(any(PersonInfoType.class))).thenThrow(fault); - - } - - private String createHashFromUniqueId(String uniqueId) throws EidasSAuthenticationException { - try { - final MessageDigest md = MessageDigest.getInstance("SHA-256"); - final byte[] hash = md.digest(uniqueId.getBytes("UTF-8")); - final String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", ""); - return hashBase64; - - } catch (final Exception ex) { - throw new EidasSAuthenticationException("internal.03", new Object[]{}, ex); - - } - } - - private PersonInfoType getPersonInfo() throws EidasSAuthenticationException { - final PersonInfoType personInfo = new PersonInfoType(); - final PersonNameType personName = new PersonNameType(); - final PhysicalPersonType naturalPerson = new PhysicalPersonType(); - final TravelDocumentType eDocument = new TravelDocumentType(); - - naturalPerson.setName(personName); - personInfo.setPerson(naturalPerson); - personInfo.setTravelDocument(eDocument); - - // parse some eID attributes - final Triple<String, String, String> eIdentifier = EidasResponseUtils.parseEidasPersonalIdentifier(eIDASeID); - final String uniqueId = createHashFromUniqueId(eIdentifier.getThird()); - final String citizenCountry = eIdentifier.getFirst(); - - // person information - personName.setFamilyName(familyName); - personName.setGivenName(givenName); - naturalPerson.setDateOfBirth(dateOfBirth); - eDocument.setIssuingCountry(citizenCountry); - eDocument.setDocumentNumber(uniqueId); - - // eID document information - eDocument.setDocumentType(basicConfig - .getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE, - Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE)); - - return personInfo; - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java deleted file mode 100644 index 1e7ff369..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java +++ /dev/null @@ -1,236 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.test; - -import java.io.IOException; -import java.security.InvalidKeyException; -import java.security.MessageDigest; -import java.security.NoSuchProviderException; -import java.util.List; - -import org.apache.commons.lang3.RandomStringUtils; -import org.apache.commons.lang3.StringUtils; -import org.bouncycastle.util.encoders.Base64; -import org.joda.time.DateTime; -import org.junit.Assert; -import org.junit.Ignore; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.test.annotation.IfProfileValue; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.TestPropertySource; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import org.springframework.util.Base64Utils; -import org.w3c.dom.Element; - -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils; -import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType; -import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType; -import at.gv.egiz.eaaf.core.api.data.EaafConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; -import at.gv.egiz.eaaf.core.exceptions.EaafParserException; -import at.gv.egiz.eaaf.core.impl.data.Triple; -import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; -import szrservices.IdentityLinkType; -import szrservices.PersonInfoType; -import szrservices.SZRException_Exception; -import szrservices.TravelDocumentType; - - -@IfProfileValue(name = "spring.profiles.active", value = "devEnvironment") -@RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration(locations = { - "/SpringTest-context_tasks_test.xml", - "/SpringTest-context_basic_realConfig.xml"}) -@TestPropertySource(locations = { - //"classpath:/application.properties", - "file:/home/tlenz/Projekte/config/ms_connector/default_config.properties", - }) -public class SzrClientTestProduction { - private static final Logger log = LoggerFactory.getLogger(SzrClientTestProduction.class); - - @Autowired - SzrClient szrClient; - @Autowired - IConfiguration basicConfig; - - private static final String givenName = "Franz"; - private static final String familyName = "Mustermann"; - // private static final String dateOfBirth = "1989-05-05"; - private static final String dateOfBirth = "1989-05-04"; - private static final String eIDASeID = "IS/AT/1234ffgsdfg56789ABCDEF"; - - private static final String DUMMY_TARGET = EaafConstants.URN_PREFIX_CDID + "ZP"; - - @Test - public void dummyTest() { - - } - - @Test - public void getVsz() throws SzrCommunicationException, EidasSAuthenticationException { - String vsz = szrClient.getEncryptedStammzahl(getPersonInfo()); - Assert.assertNotNull("vsz", vsz); - - } - - @Test - public void getEidasBind() throws SzrCommunicationException, EidasSAuthenticationException { - String vsz = RandomStringUtils.randomAlphanumeric(10); - String bindingPubKey = Base64.toBase64String(RandomStringUtils.random(20).getBytes()); - String eidStatus = "urn:eidgvat:eid.status.eidas"; - ErnbEidData eidData = new ErnbEidData(); - eidData.setFamilyName(familyName); - eidData.setGivenName(givenName); - eidData.setDateOfBirth(new DateTime()); - eidData.setCitizenCountryCode("IS"); - eidData.setPseudonym("1234sdgsdfg56789ABCDEF"); - - - String eidasBind = szrClient.getEidsaBind(vsz, bindingPubKey, eidStatus, eidData); - - Assert.assertNotNull("eidasBind", eidasBind); - - } - - - @Test - public void getIdentityLinkRawMode() throws SZRException_Exception, EaafParserException, - NoSuchProviderException, IOException, InvalidKeyException, EidasSAuthenticationException { - log.debug("Starting connecting SZR Gateway"); - final IdentityLinkType result = szrClient.getIdentityLinkInRawMode( - getPersonInfo()); - - final Element idlFromSzr = (Element) result.getAssertion(); - final IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSzr).parseIdentityLink(); - - if (identityLink == null) { - throw new SzrCommunicationException("ernb.00", new Object[] { "NO IDL object" }); - } - - System.out.println(identityLink.getSerializedSamlAssertion()); - - if (StringUtils.isEmpty(identityLink.getFamilyName())) { - throw new SzrCommunicationException("ernb.00", new Object[] { "NO FamilyName from IDL" }); - } - - if (StringUtils.isEmpty(identityLink.getGivenName())) { - throw new SzrCommunicationException("ernb.00", new Object[] { "NO GivenName from IDL" }); - } - - if (StringUtils.isEmpty(identityLink.getDateOfBirth())) { - throw new SzrCommunicationException("ernb.00", new Object[] { "NO DateOfBirthName from IDL" }); - } - - if (StringUtils.isEmpty(identityLink.getIdentificationType())) { - throw new SzrCommunicationException("ernb.00", new Object[] { "NO baseIdType from IDL" }); - } - - if (StringUtils.isEmpty(identityLink.getIdentificationValue())) { - throw new SzrCommunicationException("ernb.00", new Object[] { "NO baseId from IDL" }); - } - - if (StringUtils.isEmpty(identityLink.getSerializedSamlAssertion())) { - throw new SzrCommunicationException("ernb.00", new Object[] { "NO serialized IDL" }); - } - - if (identityLink.getSamlAssertion() == null) { - throw new SzrCommunicationException("ernb.00", new Object[] { "NO raw IDL" }); - } - - } - - - @Ignore - @Test - public void getBpkTest() throws SZRException_Exception, EidasSAuthenticationException { - final List<String> bPK = szrClient.getBpk(getPersonInfo(), DUMMY_TARGET, - basicConfig.getBasicConfiguration( - Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ, - "no VKZ defined")); - - if (bPK.isEmpty()) { - throw new SzrCommunicationException("ernb.01", new Object[]{"bPK list is empty"}); - } - for (String b : bPK) { - if (StringUtils.isEmpty(b)) { - throw new SzrCommunicationException("ernb.01", new Object[]{"bPK is null or empty"}); - } - } - - } - - private String createHashFromUniqueId(String uniqueId) throws EidasSAuthenticationException { - try { - final MessageDigest md = MessageDigest.getInstance("SHA-256"); - final byte[] hash = md.digest(uniqueId.getBytes("UTF-8")); - final String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", ""); - return hashBase64; - - } catch (final Exception ex) { - throw new EidasSAuthenticationException("internal.03", new Object[] {}, ex); - - } - } - - private PersonInfoType getPersonInfo() throws EidasSAuthenticationException { - final PersonInfoType personInfo = new PersonInfoType(); - final PersonNameType personName = new PersonNameType(); - final PhysicalPersonType naturalPerson = new PhysicalPersonType(); - final TravelDocumentType eDocument = new TravelDocumentType(); - - naturalPerson.setName(personName); - personInfo.setPerson(naturalPerson); - personInfo.setTravelDocument(eDocument); - - // parse some eID attributes - final Triple<String, String, String> eIdentifier = - EidasResponseUtils.parseEidasPersonalIdentifier(eIDASeID); - final String uniqueId = createHashFromUniqueId(eIdentifier.getThird()); - final String citizenCountry = eIdentifier.getFirst(); - - // person information - personName.setFamilyName(familyName); - personName.setGivenName(givenName); - naturalPerson.setDateOfBirth(dateOfBirth); - eDocument.setIssuingCountry(citizenCountry); - eDocument.setDocumentNumber(uniqueId); - - // eID document information - eDocument.setDocumentType(basicConfig.getBasicConfiguration( - Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE, - Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE)); - - return personInfo; - } -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummySpecificCommunicationService.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummySpecificCommunicationService.java deleted file mode 100644 index d2b0c1ae..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummySpecificCommunicationService.java +++ /dev/null @@ -1,58 +0,0 @@ -package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy; - -import java.util.Collection; - -import eu.eidas.auth.commons.attribute.AttributeDefinition; -import eu.eidas.auth.commons.light.ILightRequest; -import eu.eidas.auth.commons.light.ILightResponse; -import eu.eidas.auth.commons.tx.BinaryLightToken; -import eu.eidas.specificcommunication.BinaryLightTokenHelper; -import eu.eidas.specificcommunication.exception.SpecificCommunicationException; -import eu.eidas.specificcommunication.protocol.SpecificCommunicationService; - -public class DummySpecificCommunicationService implements SpecificCommunicationService { - - private ILightRequest lightRequest; - private ILightResponse lightResponse; - - @Override - public BinaryLightToken putRequest(ILightRequest lightRequest) throws SpecificCommunicationException { - this.lightRequest = lightRequest; - return BinaryLightTokenHelper.createBinaryLightToken("Test", "TestSecret", "SHA-256"); - } - - @Override - public ILightRequest getAndRemoveRequest(String tokenBase64, Collection<AttributeDefinition<?>> registry) - throws SpecificCommunicationException { - return lightRequest; - } - - @Override - public BinaryLightToken putResponse(ILightResponse lightResponse) throws SpecificCommunicationException { - this.lightResponse = lightResponse; - return BinaryLightTokenHelper.createBinaryLightToken("Test", "TestSecret", "SHA-256"); - } - - @Override - public ILightResponse getAndRemoveResponse(String tokenBase64, Collection<AttributeDefinition<?>> registry) - throws SpecificCommunicationException { - return lightResponse; - } - - public ILightRequest getiLightRequest() { - return lightRequest; - } - - public void setiLightRequest(ILightRequest lightReques) { - this.lightRequest = lightReques; - } - - public ILightResponse getiLightResponse() { - return lightResponse; - } - - public void setiLightResponse(ILightResponse lightResponse) { - this.lightResponse = lightResponse; - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java deleted file mode 100644 index e1a29137..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java +++ /dev/null @@ -1,491 +0,0 @@ -package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks; - -import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE; -import static org.mockito.ArgumentMatchers.any; -import static org.mockito.Mockito.times; -import static org.mockito.Mockito.verify; -import static org.powermock.api.mockito.PowerMockito.when; - -import java.net.URISyntaxException; -import java.security.KeyStore; -import java.security.Provider; -import java.security.cert.X509Certificate; -import java.util.Arrays; -import java.util.Collections; -import java.util.HashMap; -import java.util.Iterator; -import java.util.List; -import java.util.Map; - -import org.apache.commons.lang3.RandomStringUtils; -import org.jetbrains.annotations.NotNull; -import org.jose4j.jwa.AlgorithmConstraints; -import org.jose4j.jwa.AlgorithmConstraints.ConstraintType; -import org.jose4j.jws.AlgorithmIdentifiers; -import org.junit.Assert; -import org.junit.Before; -import org.junit.Rule; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.mockito.ArgumentCaptor; -import org.powermock.core.classloader.annotations.PrepareForTest; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.mock.web.MockHttpServletRequest; -import org.springframework.mock.web.MockHttpServletResponse; -import org.springframework.test.annotation.DirtiesContext; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import org.springframework.web.context.request.RequestContextHolder; -import org.springframework.web.context.request.ServletRequestAttributes; - -import com.fasterxml.jackson.databind.JsonNode; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.github.skjolber.mockito.soap.SoapServiceRule; - -import at.asitplus.eidas.specific.core.MsEidasNodeConstants; -import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils.JwsResult; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.IRequestStorage; -import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; -import at.gv.egiz.eaaf.core.api.data.EaafConstants; -import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; -import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; -import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory; -import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreUtils; -import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration; -import at.gv.egiz.eaaf.core.impl.data.Pair; -import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; -import at.gv.egiz.eaaf.core.impl.utils.Random; -import eu.eidas.auth.commons.attribute.AttributeDefinition; -import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; -import eu.eidas.auth.commons.attribute.ImmutableAttributeMap.Builder; -import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse; -import lombok.val; -import szrservices.JwsHeaderParam; -import szrservices.PersonInfoType; -import szrservices.SZR; -import szrservices.SignContentEntry; -import szrservices.SignContentResponseType; - -@RunWith(SpringJUnit4ClassRunner.class) -@PrepareForTest(CreateIdentityLinkTask.class) -@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS) -@ContextConfiguration(locations = { - "/SpringTest-context_tasks_test.xml", - "/SpringTest-context_basic_mapConfig.xml"}) -public class CreateIdentityLinkTaskEidNewTest { - - @Autowired(required = true) - private CreateIdentityLinkTask task; - - @Autowired(required = true) - private MsConnectorDummyConfigMap basicConfig; - @Autowired - protected EidasAttributeRegistry attrRegistry; - - @Autowired - EaafKeyStoreFactory keyStoreFactory; - - @Autowired - private IRequestStorage requestStorage; - - final ExecutionContext executionContext = new ExecutionContextImpl(); - private MockHttpServletRequest httpReq; - private MockHttpServletResponse httpResp; - private TestRequestImpl pendingReq; - private DummySpConfiguration oaParam; - private SZR szrMock; - - private static final String PW = "f/+saJBc3a}*/T^s"; - private static final String ALIAS = "connectorkeypair"; - - private static final List<String> BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING = Collections.unmodifiableList(Arrays - .asList(AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256, - AlgorithmIdentifiers.ECDSA_USING_P521_CURVE_AND_SHA512, AlgorithmIdentifiers.RSA_PSS_USING_SHA256, - AlgorithmIdentifiers.RSA_PSS_USING_SHA512)); - - private static ObjectMapper mapper = new ObjectMapper(); - - private AuthenticationResponse response; - - @Rule - public final SoapServiceRule soap = SoapServiceRule.newInstance(); - - /** - * jUnit test set-up. - */ - @Before - public void setUp() throws EaafStorageException, URISyntaxException { - - httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); - httpResp = new MockHttpServletResponse(); - RequestContextHolder.resetRequestAttributes(); - RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); - - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); - - final Map<String, String> spConfig = new HashMap<>(); - spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); - spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); - spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true"); - oaParam = new DummySpConfiguration(spConfig, basicConfig); - pendingReq = new TestRequestImpl(); - - response = buildDummyAuthResponse(false); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); - - - pendingReq.setSpConfig(oaParam); - pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue()); - pendingReq.setAuthUrl("http://test.com/"); - pendingReq.setTransactionId("avaasbav"); - pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); - - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "XX"); - executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true); - - szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr"); - } - - @Test - public void successfulProcessWithDeInfos() throws Exception { - //initialize test - response = buildDummyAuthResponse(true); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); - - String vsz = RandomStringUtils.randomNumeric(10); - when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz); - val signContentResp = new SignContentResponseType(); - final SignContentEntry signContentEntry = new SignContentEntry(); - signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10)); - signContentResp.getOut().add(signContentEntry); - when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp); - - String randomTestSp = RandomStringUtils.randomAlphabetic(10); - pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); - - //perform test - task.execute(pendingReq, executionContext); - - //validate state - // check if pendingRequest was stored - IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); - Assert.assertNotNull("pendingReq not stored", storedPendingReq); - - //check data in session - final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); - Assert.assertNotNull("AuthProcessData", authProcessData); - Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class)); - - String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class); - Assert.assertNotNull("AuthBlock", authBlock); - - Assert.assertTrue("EID process", authProcessData.isEidProcess()); - Assert.assertTrue("foreigner process", authProcessData.isForeigner()); - Assert.assertEquals("EID-ISSUING_NATION", "LU", - authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); - Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); - Assert.assertEquals("LoA", response.getLevelOfAssurance(), - authProcessData.getQaaLevel()); - - - // check authblock signature - final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT, - BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.toArray(new String[BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.size()])); - Pair<KeyStore, Provider> keyStore = getKeyStore(); - X509Certificate[] trustedCerts = EaafKeyStoreUtils - .getPrivateKeyAndCertificates(keyStore.getFirst(), ALIAS, PW.toCharArray(), true, "junit").getSecond(); - JwsResult result = JoseUtils.validateSignature(authBlock, Arrays.asList(trustedCerts), constraints); - Assert.assertTrue("AuthBlock not valid", result.isValid()); - JsonNode authBlockJson = mapper.readTree(result.getPayLoad()); - Assert.assertNotNull("deserialized AuthBlock", authBlockJson); - - Assert.assertNotNull("no piiTransactionId in pendingRequesdt", - storedPendingReq.getUniquePiiTransactionIdentifier()); - Assert.assertEquals("piiTransactionId", storedPendingReq.getUniquePiiTransactionIdentifier(), - authBlockJson.get("piiTransactionId").asText()); - Assert.assertEquals("appId", randomTestSp, authBlockJson.get("appId").asText()); - Assert.assertFalse("'challenge' is null", authBlockJson.get("challenge").asText().isEmpty()); - Assert.assertFalse("'timestamp' is null", authBlockJson.get("timestamp").asText().isEmpty()); - Assert.assertFalse("binding pubKey", authBlockJson.has("bindingPublicKey")); - - - // check vsz request - ArgumentCaptor<PersonInfoType> argument4 = ArgumentCaptor.forClass(PersonInfoType.class); - ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class); - verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture()); - - Boolean param5 = argument5.getValue(); - Assert.assertTrue("insertERnP flag", param5); - PersonInfoType person = argument4.getValue(); - Assert.assertEquals("FamilyName", - response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue( - response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()), - person.getPerson().getName().getFamilyName()); - Assert.assertEquals("GivenName", - response.getAttributes().getAttributeValuesByFriendlyName("FirstName").getFirstValue( - response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()), - person.getPerson().getName().getGivenName()); - Assert.assertEquals("DateOfBirth", - response.getAttributes().getAttributeValuesByFriendlyName("DateOfBirth").getFirstValue( - response.getAttributes().getDefinitionsByFriendlyName("DateOfBirth").iterator().next()) - .toString().split("T")[0], - person.getPerson().getDateOfBirth()); - - Assert.assertEquals("PlaceOfBirth", - response.getAttributes().getAttributeValuesByFriendlyName("PlaceOfBirth").getFirstValue( - response.getAttributes().getDefinitionsByFriendlyName("PlaceOfBirth").iterator().next()), - person.getPerson().getPlaceOfBirth()); - Assert.assertEquals("BirthName", - response.getAttributes().getAttributeValuesByFriendlyName("BirthName").getFirstValue( - response.getAttributes().getDefinitionsByFriendlyName("BirthName").iterator().next()), - person.getPerson().getAlternativeName().getFamilyName()); - - Assert.assertEquals("CitizenCountry", "LU", person.getTravelDocument().getIssuingCountry()); - Assert.assertEquals("DocumentType", "ELEKTR_DOKUMENT", person.getTravelDocument().getDocumentType()); - - Assert.assertEquals("Identifier", - response.getAttributes().getAttributeValuesByFriendlyName("PersonIdentifier").getFirstValue( - response.getAttributes().getDefinitionsByFriendlyName("PersonIdentifier").iterator().next()) - .toString().split("/")[2], - person.getTravelDocument().getDocumentNumber()); - - // check bcBind singing request - ArgumentCaptor<Boolean> argument1 = ArgumentCaptor.forClass(Boolean.class); - ArgumentCaptor<List<JwsHeaderParam>> argument2 = ArgumentCaptor.forClass(List.class); - ArgumentCaptor<List<SignContentEntry>> argument3 = ArgumentCaptor.forClass(List.class); - verify(szrMock, times(1)).signContent(argument1.capture(), argument2.capture(), argument3.capture()); - Boolean param1 = argument1.getValue(); - Assert.assertFalse("addCert flag", param1); - - List<JwsHeaderParam> param2 = argument2.getValue(); - Assert.assertNotNull("JWS Headers", param2); - Assert.assertFalse("JWS Headers empty", param2.isEmpty()); - Assert.assertEquals("Wrong JWS header size", 1, param2.size()); - Assert.assertEquals("Missing JWS header key", "urn:at.gv.eid:bindtype", param2.get(0).getKey()); - Assert.assertEquals("Missing JWS header value", "urn:at.gv.eid:eidasBind", param2.get(0).getValue()); - - List<SignContentEntry> param3 = argument3.getValue(); - Assert.assertNotNull("sign Payload", param3); - Assert.assertEquals("wrong sign-payload size", 1, param3.size()); - Assert.assertNotNull("payload", param3.get(0).getValue().getBytes()); - JsonNode bcBind = mapper.readTree(param3.get(0).getValue().getBytes()); - Assert.assertNotNull("bcbind req", bcBind); - - Assert.assertEquals("vsz", vsz, bcBind.get("urn:eidgvat:attributes.vsz.value").asText()); - Assert.assertEquals("eid status", "urn:eidgvat:eid.status.eidas", - bcBind.get("urn:eidgvat:attributes.eid.status").asText()); - Assert.assertTrue("pubKeys", bcBind.has("urn:eidgvat:attributes.user.pubkeys")); - Assert.assertTrue("pubKeys", bcBind.get("urn:eidgvat:attributes.user.pubkeys").isArray()); - Iterator<JsonNode> pubKeys = bcBind.get("urn:eidgvat:attributes.user.pubkeys").elements(); - Assert.assertTrue("No PubKey", pubKeys.hasNext()); - Assert.assertEquals("Wrong pubKey", - "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxcB5jnrAwGn7xjgVFv1UBUv1pluwDRFQx7x5O6rSn7pblYfwaWeKa8y" - + "jS5BDDaZ00mhhnSlm2XByNrkg5yBGetTgBGtQVAxV5apfuAWN8TS3uSXgdZol7Khd6kraUITtnulvLe8tNaboom5P0zN6UxbJN" - + "NVLishVp80HiRXiDbplCTUk8b5cYtmivdb0+5JBTa7L5N/anRVnHHoJCXgNPTouO8daUHZbG1mPk0HgqD8rhZ+OBzE+APKH9No" - + "agedSrGRDLdIgZxkrg0mxmfsZQIi2wdJSi3y0PAjEps/s4j0nmw9bPRgCMNLBqqjxtN5JKC8E1yyLm7YefXv/nPaMwIDAQAB", - pubKeys.next().asText()); - Assert.assertFalse("More than one PubKey", pubKeys.hasNext()); - - } - - @Test - public void successfulProcessWithStandardInfos() throws Exception { - //initialize test - String vsz = RandomStringUtils.randomNumeric(10); - when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz); - val signContentResp = new SignContentResponseType(); - final SignContentEntry signContentEntry = new SignContentEntry(); - signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10)); - signContentResp.getOut().add(signContentEntry); - when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp); - - String randomTestSp = RandomStringUtils.randomAlphabetic(10); - String bindingPubKey = RandomStringUtils.randomAlphabetic(10); - pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); - pendingReq.setRawDataToTransaction(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME, bindingPubKey); - - //perform test - task.execute(pendingReq, executionContext); - - //validate state - // check if pendingRequest was stored - IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); - Assert.assertNotNull("pendingReq not stored", storedPendingReq); - - //check data in session - final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); - Assert.assertNotNull("AuthProcessData", authProcessData); - Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class)); - - // check authblock signature - String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class); - Assert.assertNotNull("AuthBlock", authBlock); - final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT, - BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.toArray(new String[BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.size()])); - Pair<KeyStore, Provider> keyStore = getKeyStore(); - X509Certificate[] trustedCerts = EaafKeyStoreUtils - .getPrivateKeyAndCertificates(keyStore.getFirst(), ALIAS, PW.toCharArray(), true, "junit").getSecond(); - JwsResult result = JoseUtils.validateSignature(authBlock, Arrays.asList(trustedCerts), constraints); - Assert.assertTrue("AuthBlock not valid", result.isValid()); - JsonNode authBlockJson = mapper.readTree(result.getPayLoad()); - Assert.assertNotNull("deserialized AuthBlock", authBlockJson); - - Assert.assertNotNull("no piiTransactionId in pendingRequesdt", - storedPendingReq.getUniquePiiTransactionIdentifier()); - Assert.assertEquals("piiTransactionId", storedPendingReq.getUniquePiiTransactionIdentifier(), - authBlockJson.get("piiTransactionId").asText()); - Assert.assertEquals("appId", randomTestSp, authBlockJson.get("appId").asText()); - Assert.assertFalse("'challenge' is null", authBlockJson.get("challenge").asText().isEmpty()); - Assert.assertFalse("'timestamp' is null", authBlockJson.get("timestamp").asText().isEmpty()); - Assert.assertTrue("binding pubKey", authBlockJson.has("bindingPublicKey")); - Assert.assertEquals("binding PubKey", bindingPubKey, authBlockJson.get("bindingPublicKey").asText()); - - Assert.assertTrue("EID process", authProcessData.isEidProcess()); - Assert.assertTrue("foreigner process", authProcessData.isForeigner()); - Assert.assertEquals("EID-ISSUING_NATION", "LU", - authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); - Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); - Assert.assertEquals("LoA", response.getLevelOfAssurance(), - authProcessData.getQaaLevel()); - - // check vsz request - ArgumentCaptor<PersonInfoType> argument4 = ArgumentCaptor.forClass(PersonInfoType.class); - ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class); - verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture()); - - Boolean param5 = argument5.getValue(); - Assert.assertTrue("insertERnP flag", param5); - PersonInfoType person = argument4.getValue(); - Assert.assertEquals("FamilyName", - response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue( - response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()), - person.getPerson().getName().getFamilyName()); - Assert.assertEquals("GivenName", - response.getAttributes().getAttributeValuesByFriendlyName("FirstName").getFirstValue( - response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()), - person.getPerson().getName().getGivenName()); - Assert.assertEquals("DateOfBirth", - response.getAttributes().getAttributeValuesByFriendlyName("DateOfBirth").getFirstValue( - response.getAttributes().getDefinitionsByFriendlyName("DateOfBirth").iterator().next()) - .toString().split("T")[0], - person.getPerson().getDateOfBirth()); - - Assert.assertNull("PlaceOfBirth", person.getPerson().getPlaceOfBirth()); - Assert.assertNull("BirthName", person.getPerson().getAlternativeName()); - - Assert.assertEquals("CitizenCountry", "LU", person.getTravelDocument().getIssuingCountry()); - Assert.assertEquals("DocumentType", "ELEKTR_DOKUMENT", person.getTravelDocument().getDocumentType()); - - Assert.assertEquals("Identifier", - response.getAttributes().getAttributeValuesByFriendlyName("PersonIdentifier").getFirstValue( - response.getAttributes().getDefinitionsByFriendlyName("PersonIdentifier").iterator().next()) - .toString().split("/")[2], - person.getTravelDocument().getDocumentNumber()); - - - } - - @Test - public void getStammzahlEncryptedExceptionTest() throws Exception { - try { - when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(null); - task.execute(pendingReq, executionContext); - } catch (TaskExecutionException e) { - Assert.assertEquals("Incorrect exception thrown", e.getMessage(), - "IdentityLink generation for foreign person " + "FAILED."); - Assert.assertEquals("Incorrect exception thrown", ((SzrCommunicationException) e.getCause()).getErrorId(), - "ernb.01"); - Assert.assertTrue("Incorrect exception thrown", e.getCause().getMessage().contains("Stammzahl response empty")); - } - } - - @Test - public void signContentExceptionTest() throws Exception { - try { - when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(RandomStringUtils.randomNumeric(10)); - when(szrMock, "signContent", any(), any(), any()).thenReturn(null); - task.execute(pendingReq, executionContext); - } catch (TaskExecutionException e) { - Assert.assertEquals("Incorrect exception thrown", e.getMessage(), - "IdentityLink generation for foreign person " + "FAILED."); - Assert.assertEquals("Incorrect exception thrown", ((SzrCommunicationException) e.getCause()).getErrorId(), - "ernb.01"); - Assert.assertTrue("Incorrect exception thrown", e.getCause().getMessage().contains("BcBind response empty")); - } - } - - private Pair<KeyStore, Provider> getKeyStore() throws EaafException { - // read Connector wide config data TODO connector wide! - String keyStoreName = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_NAME); - String keyStorePw = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_PASSWORD); - String keyStorePath = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_PATH); - String keyStoreType = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_TYPE); - - - //build new KeyStore configuration - KeyStoreConfiguration keyStoreConfiguration = new KeyStoreConfiguration(); - keyStoreConfiguration.setFriendlyName("jUnit test"); - - keyStoreConfiguration.setSoftKeyStoreFilePath(keyStorePath); - keyStoreConfiguration.setSoftKeyStorePassword(keyStorePw); - keyStoreConfiguration.setKeyStoreType(KeyStoreConfiguration.KeyStoreType.fromString(keyStoreType)); - keyStoreConfiguration.setKeyStoreName(keyStoreName); - - //build new KeyStore based on configuration - return keyStoreFactory.buildNewKeyStore(keyStoreConfiguration); - - } - - @NotNull - private AuthenticationResponse buildDummyAuthResponse(boolean withAll) throws URISyntaxException { - final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first(); - final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first(); - final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - Constants.eIDAS_ATTR_CURRENTGIVENNAME).first(); - final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - Constants.eIDAS_ATTR_DATEOFBIRTH).first(); - final AttributeDefinition attributeDef5 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - Constants.eIDAS_ATTR_PLACEOFBIRTH).first(); - final AttributeDefinition attributeDef6 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - Constants.eIDAS_ATTR_BIRTHNAME).first(); - - final Builder attributeMap = ImmutableAttributeMap.builder(); - attributeMap.put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64)); - attributeMap.put(attributeDef2, RandomStringUtils.randomAlphabetic(10)); - attributeMap.put(attributeDef3, RandomStringUtils.randomAlphabetic(10)); - attributeMap.put(attributeDef4, "2001-01-01"); - if (withAll) { - attributeMap.put(attributeDef5, RandomStringUtils.randomAlphabetic(10)); - attributeMap.put(attributeDef6, RandomStringUtils.randomAlphabetic(10)); - - } - - val b = new AuthenticationResponse.Builder(); - return b.id("_".concat(Random.nextHexRandom16())) - .issuer(RandomStringUtils.randomAlphabetic(10)) - .subject(RandomStringUtils.randomAlphabetic(10)) - .statusCode(Constants.SUCCESS_URI) - .inResponseTo("_".concat(Random.nextHexRandom16())) - .subjectNameIdFormat("afaf") - .levelOfAssurance(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5)) - .attributes(attributeMap.build()) - .build(); - } -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java deleted file mode 100644 index d6485158..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java +++ /dev/null @@ -1,464 +0,0 @@ -package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks; - -import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE; -import static org.mockito.ArgumentMatchers.any; - -import java.net.URISyntaxException; -import java.util.HashMap; -import java.util.Map; - -import javax.xml.bind.JAXBContext; -import javax.xml.bind.JAXBException; -import javax.xml.bind.Unmarshaller; - -import org.apache.commons.lang3.RandomStringUtils; -import org.jetbrains.annotations.NotNull; -import org.junit.Assert; -import org.junit.Before; -import org.junit.Rule; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.powermock.core.classloader.annotations.PrepareForTest; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.mock.web.MockHttpServletRequest; -import org.springframework.mock.web.MockHttpServletResponse; -import org.springframework.test.annotation.DirtiesContext; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import org.springframework.web.context.request.RequestContextHolder; -import org.springframework.web.context.request.ServletRequestAttributes; - -import com.github.skjolber.mockito.soap.SoapServiceRule; - -import at.asitplus.eidas.specific.core.MsEidasNodeConstants; -import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.IRequestStorage; -import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; -import at.gv.egiz.eaaf.core.api.data.EaafConstants; -import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; -import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; -import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory; -import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; -import at.gv.egiz.eaaf.core.impl.utils.Random; -import eu.eidas.auth.commons.attribute.AttributeDefinition; -import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; -import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse; -import lombok.val; -import szrservices.GetBPK; -import szrservices.GetBPKResponse; -import szrservices.GetIdentityLinkEidasResponse; -import szrservices.PersonInfoType; -import szrservices.SZR; -import szrservices.SZRException_Exception; - -@RunWith(SpringJUnit4ClassRunner.class) -@PrepareForTest(CreateIdentityLinkTask.class) -@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS) -@ContextConfiguration(locations = { - "/SpringTest-context_tasks_test.xml", - "/SpringTest-context_basic_mapConfig.xml"}) -public class CreateIdentityLinkTaskTest { - - @Autowired(required = true) - private CreateIdentityLinkTask task; - - @Autowired(required = true) - private MsConnectorDummyConfigMap basicConfig; - @Autowired - protected EidasAttributeRegistry attrRegistry; - - @Autowired - EaafKeyStoreFactory keyStoreFactory; - - @Autowired - private IRequestStorage requestStorage; - - final ExecutionContext executionContext = new ExecutionContextImpl(); - private MockHttpServletRequest httpReq; - private MockHttpServletResponse httpResp; - private TestRequestImpl pendingReq; - private DummySpConfiguration oaParam; - private SZR szrMock; - - private AuthenticationResponse response; - private Map<String, String> spConfig; - - @Rule - public final SoapServiceRule soap = SoapServiceRule.newInstance(); - - /** - * jUnit test set-up. - */ - @Before - public void setUp() throws EaafStorageException, URISyntaxException { - - httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); - httpResp = new MockHttpServletResponse(); - RequestContextHolder.resetRequestAttributes(); - RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); - - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "false"); - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "false"); - - spConfig = new HashMap<>(); - spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); - spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); - spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "false"); - oaParam = new DummySpConfiguration(spConfig, basicConfig); - pendingReq = new TestRequestImpl(); - - response = buildDummyAuthResponse(); - - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); - pendingReq.setSpConfig(oaParam); - pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue()); - pendingReq.setAuthUrl("http://test.com/"); - pendingReq.setTransactionId("avaasbav"); - pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); - - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "XX"); - executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true); - - szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr"); - } - - - @Test - public void buildIdentityLink() throws Exception { - //initialize test - setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml"); - - String randomTestSp = RandomStringUtils.randomAlphabetic(10); - pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); - - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); - - - //perform test - task.execute(pendingReq, executionContext); - - - //validate state - // check if pendingRequest was stored - IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); - Assert.assertNotNull("pendingReq not stored", storedPendingReq); - - //check data in session - final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); - Assert.assertNotNull("AuthProcessData", authProcessData); - Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class)); - - String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class); - Assert.assertNull("AuthBlock", authBlock); - - Assert.assertFalse("EID process", authProcessData.isEidProcess()); - Assert.assertTrue("foreigner process", authProcessData.isForeigner()); - Assert.assertEquals("EID-ISSUING_NATION", "LU", - authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); - Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); - Assert.assertEquals("LoA", response.getLevelOfAssurance(), - authProcessData.getQaaLevel()); - - Assert.assertNotNull("IDL", authProcessData.getIdentityLink()); - checkElement("Mustermann", authProcessData.getIdentityLink().getFamilyName()); - checkElement("Hans", authProcessData.getIdentityLink().getGivenName()); - checkElement("1989-05-05", authProcessData.getIdentityLink().getDateOfBirth()); - checkElement("urn:publicid:gv.at:baseid", authProcessData.getIdentityLink().getIdentificationType()); - checkElement("k+zDM1BVpN1WJO4x7ZQ3ng==", authProcessData.getIdentityLink().getIdentificationValue()); - Assert.assertNotNull(authProcessData.getIdentityLink().getSerializedSamlAssertion()); - Assert.assertNotNull(authProcessData.getIdentityLink().getSamlAssertion()); - - Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); - Assert.assertEquals("wrong bPK", "XX:FkXtOaSSeR3elyL9KLLvijIYDMU=", - authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); - - } - - @Test - public void buildIdentityLinkWithWbpk() throws Exception { - //initialize test - setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml"); - spConfig.put("target", EaafConstants.URN_PREFIX_WBPK + "FN+123456i"); - - String randomTestSp = RandomStringUtils.randomAlphabetic(10); - pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); - - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true"); - - //perform test - task.execute(pendingReq, executionContext); - - - //validate state - // check if pendingRequest was stored - IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); - Assert.assertNotNull("pendingReq not stored", storedPendingReq); - - //check data in session - final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); - Assert.assertNotNull("AuthProcessData", authProcessData); - Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class)); - - String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class); - Assert.assertNull("AuthBlock", authBlock); - - Assert.assertFalse("EID process", authProcessData.isEidProcess()); - Assert.assertTrue("foreigner process", authProcessData.isForeigner()); - Assert.assertEquals("EID-ISSUING_NATION", "LU", - authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); - Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); - Assert.assertEquals("LoA", response.getLevelOfAssurance(), - authProcessData.getQaaLevel()); - - Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); - Assert.assertEquals("wrong bPK", "FN+123456i:D26vJncPS2W790RH/LP04V+vNOQ=", - authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); - - } - - @Test - public void buildIdentityLinkWithEidasBpk() throws Exception { - //initialize test - setSzrResponseIdentityLink("/data/szr/szr_resp_valid_2.xml"); - spConfig.put("target", EaafConstants.URN_PREFIX_EIDAS + "AT+EU"); - - String randomTestSp = RandomStringUtils.randomAlphabetic(10); - pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); - - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true"); - - //perform test - task.execute(pendingReq, executionContext); - - - //validate state - // check if pendingRequest was stored - IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); - Assert.assertNotNull("pendingReq not stored", storedPendingReq); - - //check data in session - final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); - Assert.assertNotNull("AuthProcessData", authProcessData); - Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class)); - - String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class); - Assert.assertNull("AuthBlock", authBlock); - - Assert.assertFalse("EID process", authProcessData.isEidProcess()); - Assert.assertTrue("foreigner process", authProcessData.isForeigner()); - Assert.assertEquals("EID-ISSUING_NATION", "LU", - authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); - Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); - Assert.assertEquals("LoA", response.getLevelOfAssurance(), - authProcessData.getQaaLevel()); - - Assert.assertNotNull("IDL", authProcessData.getIdentityLink()); - checkElement("Musterfrau", authProcessData.getIdentityLink().getFamilyName()); - checkElement("Martina", authProcessData.getIdentityLink().getGivenName()); - checkElement("1991-04-15", authProcessData.getIdentityLink().getDateOfBirth()); - checkElement("urn:publicid:gv.at:baseid", authProcessData.getIdentityLink().getIdentificationType()); - checkElement("k+zDM1BV1312312332x7ZQ3ng==", authProcessData.getIdentityLink().getIdentificationValue()); - - Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); - Assert.assertEquals("wrong bPK", "AT+EU:AT/EU/1+wqDl059/02Ptny0g+LyuLDJV0=", - authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); - - } - - @Test - public void buildIdentityLinkWithUnknownBpk() throws Exception { - //initialize test - setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml"); - spConfig.put("target", "urn:notextis:1234"); - - String randomTestSp = RandomStringUtils.randomAlphabetic(10); - pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); - - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true"); - - try { - task.execute(pendingReq, executionContext); - Assert.fail("unknown bPKType not detected"); - - } catch (TaskExecutionException e) { - Assert.assertEquals("ErrorId", "builder.33", - ((EaafException) e.getOriginalException()).getErrorId()); - Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException()) - .getParams().length); - - } - } - - @Test - public void noBpkResult() throws Exception { - //initialize test - setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml"); - GetBPKResponse getBpkResp = new GetBPKResponse(); - org.mockito.Mockito.when(szrMock.getBPK(any(GetBPK.class))).thenReturn(getBpkResp ); - - spConfig.put("target", "urn:notextis:1234"); - - String randomTestSp = RandomStringUtils.randomAlphabetic(10); - pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); - - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true"); - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "true"); - - try { - task.execute(pendingReq, executionContext); - Assert.fail("unknown bPKType not detected"); - - } catch (TaskExecutionException e) { - Assert.assertEquals("ErrorId", "ernb.01", - ((EaafException) e.getOriginalException()).getErrorId()); - - } - } - - @Test - public void bPKFromSzr() throws Exception { - //initialize test - setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml"); - String bpk = RandomStringUtils.randomAlphanumeric(10); - GetBPKResponse getBpkResp = new GetBPKResponse(); - getBpkResp.getGetBPKReturn().add(bpk); - org.mockito.Mockito.when(szrMock.getBPK(any(GetBPK.class))).thenReturn(getBpkResp ); - - spConfig.put("target", "urn:notextis:1234"); - - String randomTestSp = RandomStringUtils.randomAlphabetic(10); - pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); - - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true"); - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "true"); - - //execute test - task.execute(pendingReq, executionContext); - - - //validate state - // check if pendingRequest was stored - IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); - Assert.assertNotNull("pendingReq not stored", storedPendingReq); - - //check data in session - final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); - Assert.assertNotNull("AuthProcessData", authProcessData); - Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class)); - - String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class); - Assert.assertNull("AuthBlock", authBlock); - - Assert.assertFalse("EID process", authProcessData.isEidProcess()); - Assert.assertTrue("foreigner process", authProcessData.isForeigner()); - Assert.assertEquals("EID-ISSUING_NATION", "LU", - authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); - Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); - Assert.assertEquals("LoA", response.getLevelOfAssurance(), - authProcessData.getQaaLevel()); - - Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); - Assert.assertEquals("wrong bPK", bpk, - authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); - } - - @Test - public void buildDummyIdl() throws Exception { - //initialize test - String randomTestSp = RandomStringUtils.randomAlphabetic(10); - pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); - - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "true"); - - - //perform test - task.execute(pendingReq, executionContext); - - - //validate state - // check if pendingRequest was stored - IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); - Assert.assertNotNull("pendingReq not stored", storedPendingReq); - - //check data in session - final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); - Assert.assertNotNull("AuthProcessData", authProcessData); - Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class)); - - String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class); - Assert.assertNull("AuthBlock", authBlock); - - Assert.assertFalse("EID process", authProcessData.isEidProcess()); - Assert.assertTrue("foreigner process", authProcessData.isForeigner()); - Assert.assertEquals("EID-ISSUING_NATION", "LU", - authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); - Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); - Assert.assertEquals("LoA", response.getLevelOfAssurance(), - authProcessData.getQaaLevel()); - - Assert.assertNotNull("IDL", authProcessData.getIdentityLink()); - - } - - private void setSzrResponseIdentityLink(String responseXmlPath) throws JAXBException, SZRException_Exception { - final JAXBContext jaxbContext = JAXBContext - .newInstance(szrservices.ObjectFactory.class, org.w3._2001._04.xmldsig_more.ObjectFactory.class, - org.w3._2000._09.xmldsig.ObjectFactory.class, - at.gv.e_government.reference.namespace.persondata._20020228.ObjectFactory.class); - final Unmarshaller jaxbUnmarshaller = jaxbContext.createUnmarshaller(); - final GetIdentityLinkEidasResponse szrResponse = (GetIdentityLinkEidasResponse) jaxbUnmarshaller - .unmarshal(this.getClass().getResourceAsStream(responseXmlPath)); - org.mockito.Mockito.when(szrMock.getIdentityLinkEidas(any(PersonInfoType.class))).thenReturn(szrResponse.getGetIdentityLinkReturn()); - - } - private void checkElement(String expected, String value) { - Assert.assertNotNull(value); - Assert.assertEquals(expected, value); - - } - - @NotNull - private AuthenticationResponse buildDummyAuthResponse() throws URISyntaxException { - final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first(); - final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first(); - final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - Constants.eIDAS_ATTR_CURRENTGIVENNAME).first(); - final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - Constants.eIDAS_ATTR_DATEOFBIRTH).first(); - - final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder() - .put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64)) - .put(attributeDef2, RandomStringUtils.randomAlphabetic(10)) - .put(attributeDef3, RandomStringUtils.randomAlphabetic(10)).put(attributeDef4, "2001-01-01").build(); - - val b = new AuthenticationResponse.Builder(); - return b.id("_".concat(Random.nextHexRandom16())) - .issuer(RandomStringUtils.randomAlphabetic(10)) - .subject(RandomStringUtils.randomAlphabetic(10)) - .statusCode("200") - .inResponseTo("_".concat(Random.nextHexRandom16())) - .subjectNameIdFormat("afaf") - .levelOfAssurance(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5)) - .attributes(attributeMap) - .build(); - } -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java deleted file mode 100644 index 763d7d39..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java +++ /dev/null @@ -1,670 +0,0 @@ -package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks; - -import static org.junit.Assert.assertNull; - -import java.io.UnsupportedEncodingException; -import java.util.HashMap; -import java.util.Map; - -import org.apache.commons.lang3.RandomStringUtils; -import org.junit.Assert; -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.mock.web.MockHttpServletRequest; -import org.springframework.mock.web.MockHttpServletResponse; -import org.springframework.test.annotation.DirtiesContext; -import org.springframework.test.annotation.DirtiesContext.ClassMode; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import org.springframework.web.context.request.RequestContextHolder; -import org.springframework.web.context.request.ServletRequestAttributes; - -import at.asitplus.eidas.specific.core.MsEidasNodeConstants; -import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService; -import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; -import at.gv.egiz.eaaf.core.api.data.EaafConstants; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; -import at.gv.egiz.eaaf.core.exceptions.GuiBuildException; -import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; -import eu.eidas.auth.commons.light.ILightRequest; -import eu.eidas.specificcommunication.exception.SpecificCommunicationException; - -@RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration(locations = { - "/SpringTest-context_tasks_test.xml", - "/SpringTest-context_basic_mapConfig.xml"}) -@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) -public class GenerateAuthnRequestTaskTest { - - @Autowired(required = true) - private GenerateAuthnRequestTask task; - @Autowired(required = true) - private DummySpecificCommunicationService commService; - @Autowired(required = true) - private MsConnectorDummyConfigMap basicConfig; - - final ExecutionContext executionContext = new ExecutionContextImpl(); - private MockHttpServletRequest httpReq; - private MockHttpServletResponse httpResp; - private TestRequestImpl pendingReq; - private DummySpConfiguration oaParam; - private Map<String, String> spConfig; - - - /** - * jUnit test set-up. - * - */ - @Before - public void setUp() { - - httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); - httpResp = new MockHttpServletResponse(); - RequestContextHolder.resetRequestAttributes(); - RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); - - spConfig = new HashMap<>(); - spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); - spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); - oaParam = new DummySpConfiguration(spConfig, basicConfig); - - pendingReq = new TestRequestImpl(); - pendingReq.setSpConfig(oaParam); - pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue()); - pendingReq.setAuthUrl("http://test.com/"); - - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm", "true"); - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.entityId", - RandomStringUtils.randomAlphabetic(10)); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", - "http://test/" + RandomStringUtils.randomAlphabetic(5)); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET"); - basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.requested.nameIdFormat"); - basicConfig.removeConfigValue(Constants.CONIG_PROPS_EIDAS_WORKAROUND_STAGING_MS_CONNECTOR); - - } - - @Test - public void missingIssuer() { - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); - basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.entityId"); - - //execute test - try { - task.execute(pendingReq, executionContext); - Assert.fail("Missing Issuer not detected"); - - } catch (final TaskExecutionException e) { - // forward URL is not set in example config - org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(), - "Wrong exception"); - Assert.assertEquals("wrong errorCode", "config.27", ((EaafException) e.getOriginalException()) - .getErrorId()); - Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException()) - .getParams().length); - - } - } - - @Test - public void missingForwardUrl() { - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); - basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.forward.endpoint"); - - //execute test - try { - task.execute(pendingReq, executionContext); - Assert.fail("Missing Forward-URL not detected"); - - } catch (final TaskExecutionException e) { - // forward URL is not set in example config - org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(), - "Wrong exception"); - Assert.assertEquals("wrong errorCode", "config.08", ((EaafException) e.getOriginalException()) - .getErrorId()); - Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException()) - .getParams().length); - Assert.assertEquals("wrong errorMsg", Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL, ((EaafException) e - .getOriginalException()).getParams()[0]); - - } - } - - @Test - public void selectUnknownStage() { - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); - String stage = RandomStringUtils.randomAlphabetic(5); - executionContext.put("selectedEnvironment", stage); - - //execute test - try { - task.execute(pendingReq, executionContext); - Assert.fail("Missing Forward-URL not detected"); - - } catch (final TaskExecutionException e) { - // forward URL is not set in example config - org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(), - "Wrong exception"); - Assert.assertEquals("wrong errorCode", "config.08", ((EaafException) e.getOriginalException()) - .getErrorId()); - Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException()) - .getParams().length); - Assert.assertEquals("wrong errorMsg", Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL + "." + stage, ((EaafException) e - .getOriginalException()).getParams()[0]); - - } - } - - @Test - public void selectQsEndpoint() throws TaskExecutionException, - SpecificCommunicationException, EaafStorageException { - //set-up test - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); - executionContext.put("selectedEnvironment", "qs"); - - String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.forward.endpoint.qs", dynEndPoint); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET"); - - - //perform test - task.execute(pendingReq, executionContext); - - //validate state - Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus()); - Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location")); - Assert.assertTrue("Wrong redirect endpoint", - ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint)); - - } - - @Test - public void selectTestEndpoint() throws TaskExecutionException, - SpecificCommunicationException, EaafStorageException { - //set-up test - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); - executionContext.put("selectedEnvironment", "test"); - - String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.forward.endpoint.test", dynEndPoint); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET"); - - - //perform test - task.execute(pendingReq, executionContext); - - //validate state - Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus()); - Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location")); - Assert.assertTrue("Wrong redirect endpoint", - ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint)); - - } - - @Test - public void selectDevEndpoint() throws TaskExecutionException, - SpecificCommunicationException, EaafStorageException { - //set-up test - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); - executionContext.put("selectedEnvironment", "dev"); - - String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.forward.endpoint.dev", dynEndPoint); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET"); - - - //perform test - task.execute(pendingReq, executionContext); - - //validate state - Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus()); - Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location")); - Assert.assertTrue("Wrong redirect endpoint", - ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint)); - - } - - @Test - public void noCountryCode() { - try { - task.execute(pendingReq, executionContext); - Assert.fail("No countryCode not detected"); - - } catch (final TaskExecutionException e) { - Assert.assertEquals("wrong pendingReqId", pendingReq.getPendingRequestId(), e.getPendingRequestID()); - org.springframework.util.Assert.isInstanceOf(EidasSAuthenticationException.class, e - .getOriginalException(), "Wrong exception"); - Assert.assertEquals("wrong errorCode", "eidas.03", ((EaafException) e.getOriginalException()) - .getErrorId()); - - } - } - - @Test - public void withStaticProviderNameForPublicSPs() throws TaskExecutionException, - SpecificCommunicationException { - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); - - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.publicSectorTargets", ".*"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true"); - basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs"); - - - //execute test - task.execute(pendingReq, executionContext); - - //validate state - final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null); - - Assert.assertEquals("ProviderName is not Static", - Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, eidasReq.getProviderName()); - Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType()); - Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance()); - Assert.assertNull("msConnector Staging", - pendingReq.getRawData(MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING, String.class)); - - } - - @Test - public void withMsConnectorStaging() throws TaskExecutionException, - SpecificCommunicationException { - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); - - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.publicSectorTargets", ".*"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true"); - basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs"); - - String msConnectorStage = RandomStringUtils.randomAlphanumeric(10); - basicConfig.putConfigValue(Constants.CONIG_PROPS_EIDAS_WORKAROUND_STAGING_MS_CONNECTOR, msConnectorStage); - - - //execute test - task.execute(pendingReq, executionContext); - - //validate state - Assert.assertEquals("msConnector Staging", msConnectorStage, - pendingReq.getRawData(MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING, String.class)); - - - - } - - @Test - public void withCustomStaticProviderNameForPublicSPs() throws TaskExecutionException, - SpecificCommunicationException { - String cc = RandomStringUtils.randomAlphabetic(2); - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, cc); - - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.publicSectorTargets", ".*"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderNames", "true"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs", "myNode"); - - //execute test - task.execute(pendingReq, executionContext); - - //validate state - final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null); - - Assert.assertEquals("wrong issuer", - basicConfig.getBasicConfiguration("eidas.ms.auth.eIDAS.node_v2.entityId"), eidasReq.getIssuer()); - Assert.assertEquals("ProviderName is not Static", "myNode", eidasReq.getProviderName()); - Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType()); - Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance()); - Assert.assertEquals("wrong CC", cc, eidasReq.getCitizenCountryCode()); - assertNull("NameIdPolicy not null", eidasReq.getNameIdFormat()); - - } - - @Test - public void withDynamicProviderNameForPublicSPs() throws TaskExecutionException, - SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException { - //set-up test - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); - executionContext.put("selectedEnvironment", "prod"); - - String providerName = RandomStringUtils.randomAlphanumeric(10); - pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName); - - basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false"); - - String nameIdFormat = RandomStringUtils.randomAlphabetic(10); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.requested.nameIdFormat", nameIdFormat); - - String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET"); - - //execute test - task.execute(pendingReq, executionContext); - - //validate state - Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus()); - Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location")); - Assert.assertTrue("Wrong redirect endpoint", - ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint)); - - - final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null); - - Assert.assertNotNull("ProviderName found", eidasReq.getProviderName()); - Assert.assertEquals("PrividerName", providerName, eidasReq.getProviderName()); - Assert.assertNull("RequesterId found", eidasReq.getRequesterId()); - Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType()); - Assert.assertEquals("wrong LoA", EaafConstants.EIDAS_LOA_HIGH, - eidasReq.getLevelOfAssurance()); - - Assert.assertEquals("Wrong req. attr. size", 4, eidasReq.getRequestedAttributes().size()); - Assert.assertEquals("NameIdFormat", nameIdFormat, eidasReq.getNameIdFormat()); - - } - - @Test - public void publicSpWithCountryLu() throws TaskExecutionException, - SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException { - //set-up test - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU"); - executionContext.put("selectedEnvironment", "prod"); - - String providerName = RandomStringUtils.randomAlphanumeric(10); - pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName); - - basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true"); - - String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET"); - - //execute test - task.execute(pendingReq, executionContext); - - //validate state - Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus()); - Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location")); - Assert.assertTrue("Wrong redirect endpoint", - ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint)); - - - final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null); - - Assert.assertEquals("PrividerName", "myNode", eidasReq.getProviderName()); - Assert.assertEquals("RequesterId found", "myNode", eidasReq.getRequesterId()); - Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType()); - Assert.assertEquals("wrong LoA", EaafConstants.EIDAS_LOA_HIGH, - eidasReq.getLevelOfAssurance()); - - Assert.assertEquals("Wrong req. attr. size", 4, eidasReq.getRequestedAttributes().size()); - - } - - @Test - public void privateSpWithCountryLu() throws TaskExecutionException, - SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException { - //set-up test - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU"); - executionContext.put("selectedEnvironment", "prod"); - - String providerName = RandomStringUtils.randomAlphanumeric(10); - String requesterId = RandomStringUtils.randomAlphanumeric(10); - pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName); - pendingReq.setRawDataToTransaction(Constants.DATA_REQUESTERID, requesterId); - - spConfig.put("target", - EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+" + RandomStringUtils.randomNumeric(6)); - - basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true"); - - String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET"); - - //execute test - task.execute(pendingReq, executionContext); - - //validate state - Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus()); - Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location")); - Assert.assertTrue("Wrong redirect endpoint", - ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint)); - - - final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null); - - Assert.assertEquals("PrividerName", "Austria", eidasReq.getProviderName()); - Assert.assertEquals("RequesterId", "Austria", eidasReq.getRequesterId()); - Assert.assertEquals("no PublicSP", "private", eidasReq.getSpType()); - Assert.assertEquals("wrong LoA", EaafConstants.EIDAS_LOA_HIGH, - eidasReq.getLevelOfAssurance()); - - Assert.assertEquals("Wrong req. attr. size", 4, eidasReq.getRequestedAttributes().size()); - - } - - @Test - public void withEidasNodePostReqNotValidTemplate() throws TaskExecutionException, - SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException { - //set-up test - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); - String providerName = RandomStringUtils.randomAlphanumeric(10); - pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName); - - basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false"); - - - String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.forward.method", "POST"); - - //execute test - try { - task.execute(pendingReq, executionContext); - Assert.fail("Missing template not detected"); - - } catch (TaskExecutionException e) { - Assert.assertEquals("ErrorCode", "Could not resolve view with name 'eidas_node_forward.html' ", - ((GuiBuildException) e.getOriginalException()).getMessage()); - - } - } - - @Test - public void withDynamicProviderNameForPrivateSPs() throws TaskExecutionException, - SpecificCommunicationException, EaafStorageException { - //set-up test - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); - spConfig.put("target", - EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+" + RandomStringUtils.randomNumeric(6)); - String providerName = RandomStringUtils.randomAlphanumeric(10); - pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName); - pendingReq.setRawDataToTransaction(Constants.DATA_REQUESTERID, "http://junit.sp"); - - basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false"); - - String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET"); - - - //perform test - task.execute(pendingReq, executionContext); - - //validate state - Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus()); - Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location")); - Assert.assertTrue("Wrong redirect endpoint", - ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint)); - - - final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null); - - Assert.assertEquals("PrividerName", providerName, eidasReq.getProviderName()); - Assert.assertEquals("RequesterId", "Wr8LrrVf5SYneblOlZdZNaLQQCCgzklfKQvyeZjBx10=", eidasReq.getRequesterId()); - Assert.assertEquals("no PublicSP", "private", eidasReq.getSpType()); - Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance()); - - } - - @Test - public void privateSPWithoutRequestIdHashing() throws TaskExecutionException, - SpecificCommunicationException, EaafStorageException { - //set-up test - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); - spConfig.put("target", - EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+" + RandomStringUtils.randomNumeric(6)); - String providerName = RandomStringUtils.randomAlphanumeric(10); - String requesterId = RandomStringUtils.randomAlphanumeric(10); - pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName); - pendingReq.setRawDataToTransaction(Constants.DATA_REQUESTERID, requesterId); - - basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false"); - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm", "false"); - - String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET"); - - - //perform test - task.execute(pendingReq, executionContext); - - //validate state - Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus()); - Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location")); - Assert.assertTrue("Wrong redirect endpoint", - ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint)); - - - final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null); - - Assert.assertEquals("PrividerName", providerName, eidasReq.getProviderName()); - Assert.assertEquals("RequesterId", requesterId, eidasReq.getRequesterId()); - Assert.assertEquals("no PublicSP", "private", eidasReq.getSpType()); - Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance()); - - } - - @Test - public void withoutProviderNameForPublicSPs() throws TaskExecutionException, - SpecificCommunicationException, EaafStorageException { - //set-up test - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); - String providerName = RandomStringUtils.randomAlphanumeric(10); - pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName); - - basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "false"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "false"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false"); - - - String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET"); - - - //execute test - task.execute(pendingReq, executionContext); - - //validate state - Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus()); - - final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null); - - Assert.assertNull("ProviderName found", eidasReq.getProviderName()); - Assert.assertNull("RequesterId found", eidasReq.getRequesterId()); - Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType()); - Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance()); - - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java deleted file mode 100644 index 2c6ced77..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java +++ /dev/null @@ -1,252 +0,0 @@ -package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks; - -import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE; - -import java.net.URISyntaxException; -import java.util.Arrays; -import java.util.HashMap; -import java.util.Map; - -import org.apache.commons.lang3.RandomStringUtils; -import org.jetbrains.annotations.NotNull; -import org.junit.Assert; -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.powermock.core.classloader.annotations.PrepareForTest; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.mock.web.MockHttpServletRequest; -import org.springframework.mock.web.MockHttpServletResponse; -import org.springframework.test.annotation.DirtiesContext; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import org.springframework.web.context.request.RequestContextHolder; -import org.springframework.web.context.request.ServletRequestAttributes; - -import at.asitplus.eidas.specific.core.MsEidasNodeConstants; -import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap; -import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummySpConfiguration; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveAuthnResponseTask; -import at.gv.egiz.eaaf.core.api.IRequest; -import at.gv.egiz.eaaf.core.api.IRequestStorage; -import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; -import at.gv.egiz.eaaf.core.api.data.EaafConstants; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; -import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException; -import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; -import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; -import at.gv.egiz.eaaf.core.impl.utils.Random; -import eu.eidas.auth.commons.attribute.AttributeDefinition; -import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; -import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse; -import lombok.val; - -@RunWith(SpringJUnit4ClassRunner.class) -@PrepareForTest(CreateIdentityLinkTask.class) -@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS) -@ContextConfiguration(locations = { - "/SpringTest-context_tasks_test.xml", - "/SpringTest-context_basic_mapConfig.xml"}) -public class ReceiveEidasResponseTaskTest { - - @Autowired(required = true) - private ReceiveAuthnResponseTask task; - - @Autowired(required = true) - private MsConnectorDummyConfigMap basicConfig; - @Autowired - protected EidasAttributeRegistry attrRegistry; - - @Autowired private IRequestStorage storage; - - final ExecutionContext executionContext = new ExecutionContextImpl(); - private MockHttpServletRequest httpReq; - private MockHttpServletResponse httpResp; - private TestRequestImpl pendingReq; - private MsConnectorDummySpConfiguration oaParam; - - /** - * jUnit test set-up. - */ - @Before - public void setUp() throws EaafStorageException, URISyntaxException { - - httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); - httpResp = new MockHttpServletResponse(); - RequestContextHolder.resetRequestAttributes(); - RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); - - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.eid.testidentity.default", "false"); - - final Map<String, String> spConfig = new HashMap<>(); - spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); - spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); - spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true"); - oaParam = new MsConnectorDummySpConfiguration(spConfig, basicConfig); - oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH)); - pendingReq = new TestRequestImpl(); - - pendingReq.setSpConfig(oaParam); - pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue()); - pendingReq.setAuthUrl("http://test.com/"); - pendingReq.setTransactionId("avaasbav"); - pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); - - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU"); - executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true); - - } - - @Test - public void missingEidasResponse() { - try { - task.execute(pendingReq, executionContext); - Assert.fail("No eIDAS response not detected"); - - } catch (TaskExecutionException e) { - Assert.assertEquals("ErrorId", "eidas.01", - ((EaafException) e.getOriginalException()).getErrorId()); - - } - } - - @Test - public void notSuccessEidasResponse() throws URISyntaxException { - String statusCode = RandomStringUtils.randomAlphabetic(10); - httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, - buildDummyAuthResponse(statusCode)); - - - try { - task.execute(pendingReq, executionContext); - Assert.fail("No eIDAS response not detected"); - - } catch (TaskExecutionException e) { - Assert.assertEquals("ErrorId", "eidas.02", - ((EaafException) e.getOriginalException()).getErrorId()); - Assert.assertEquals("wrong parameter size", 2, ((EaafException) e.getOriginalException()) - .getParams().length); - Assert.assertEquals("wrong errorMsg", statusCode, ((EaafException) e - .getOriginalException()).getParams()[0]); - - } - } - - @Test - public void successAndForward() throws URISyntaxException, TaskExecutionException, - PendingReqIdValidationException, EaafStorageException { - - AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI); - httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse); - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU"); - - String alternativReturnEndpoint = "http://ms-connector.alternative/" + RandomStringUtils.randomAlphabetic(10); - pendingReq.setRawDataToTransaction( - MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING, alternativReturnEndpoint); - - //execute test - task.execute(pendingReq, executionContext); - - //validate state - Assert.assertEquals("msConnectorStage", true, - (Boolean) executionContext.get(MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING)); - - //validate state - Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus()); - Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location")); - Assert.assertTrue("Wrong redirect endpoint", - ((String) httpResp.getHeaderValue("Location")).startsWith(alternativReturnEndpoint)); - - - } - - @Test - public void success() throws URISyntaxException, TaskExecutionException, PendingReqIdValidationException { - @NotNull - AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI); - httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse); - - //execute test - task.execute(pendingReq, executionContext); - - //validate state - IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId()); - Assert.assertNotNull("pendingReq not stored", storedReq); - - final EidAuthProcessDataWrapper authProcessData = storedReq.getSessionData(EidAuthProcessDataWrapper.class); - Assert.assertEquals("LoA", eidasResponse.getLevelOfAssurance(), authProcessData.getQaaLevel()); - Assert.assertNotNull("eIDAS response", - authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE)); - Assert.assertEquals("eIDAS response", eidasResponse, - authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE)); - Assert.assertFalse("testIdentity flag", authProcessData.isTestIdentity()); - - Assert.assertEquals("msConnectorStage", false, - (Boolean) executionContext.get(MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING)); - } - - @Test - public void successWithTestIdentity() throws URISyntaxException, TaskExecutionException, PendingReqIdValidationException { - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.eid.testidentity.default", "true"); - - @NotNull - AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI); - httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse); - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU"); - - //execute test - task.execute(pendingReq, executionContext); - - //validate state - IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId()); - Assert.assertNotNull("pendingReq not stored", storedReq); - - final EidAuthProcessDataWrapper authProcessData = storedReq.getSessionData(EidAuthProcessDataWrapper.class); - Assert.assertEquals("LoA", eidasResponse.getLevelOfAssurance(), authProcessData.getQaaLevel()); - Assert.assertNotNull("eIDAS response", - authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE)); - Assert.assertEquals("eIDAS response", eidasResponse, - authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE)); - Assert.assertTrue("testIdentity flag", authProcessData.isTestIdentity()); - - } - - - - @NotNull - private AuthenticationResponse buildDummyAuthResponse(String statusCode) throws URISyntaxException { - final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first(); - final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first(); - final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - Constants.eIDAS_ATTR_CURRENTGIVENNAME).first(); - final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - Constants.eIDAS_ATTR_DATEOFBIRTH).first(); - - final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder() - .put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64)) - .put(attributeDef2, RandomStringUtils.randomAlphabetic(10)) - .put(attributeDef3, RandomStringUtils.randomAlphabetic(10)).put(attributeDef4, "2001-01-01").build(); - - val b = new AuthenticationResponse.Builder(); - return b.id("_".concat(Random.nextHexRandom16())) - .issuer(RandomStringUtils.randomAlphabetic(10)) - .subject(RandomStringUtils.randomAlphabetic(10)) - .statusCode(statusCode) - .inResponseTo("_".concat(Random.nextHexRandom16())) - .subjectNameIdFormat("afaf") - .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) - .attributes(attributeMap) - .build(); - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java deleted file mode 100644 index ad38e371..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java +++ /dev/null @@ -1,139 +0,0 @@ -package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.utils; - -import java.io.IOException; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.Provider; -import java.security.cert.X509Certificate; -import java.util.Arrays; -import java.util.Collections; -import java.util.List; - -import org.apache.commons.lang3.RandomStringUtils; -import org.jose4j.jwa.AlgorithmConstraints; -import org.jose4j.jwa.AlgorithmConstraints.ConstraintType; -import org.jose4j.jws.AlgorithmIdentifiers; -import org.jose4j.lang.JoseException; -import org.junit.Assert; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.powermock.core.classloader.annotations.PrepareForTest; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.test.annotation.DirtiesContext; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; - -import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils.JwsResult; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory; -import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreUtils; -import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration; -import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType; -import at.gv.egiz.eaaf.core.impl.data.Pair; - -@RunWith(SpringJUnit4ClassRunner.class) -@PrepareForTest(CreateIdentityLinkTask.class) -@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS) -@ContextConfiguration(locations = { - "/SpringTest-context_tasks_test.xml", - "/SpringTest-context_basic_mapConfig.xml"}) -public class JoseUtilsTest { - - @Autowired private EaafKeyStoreFactory keyStoreFactory; - - private static final List<String> AUTH_ALGORITHM_WHITELIST_SIGNING = Collections.unmodifiableList( - Arrays.asList( - AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256, - AlgorithmIdentifiers.ECDSA_USING_P521_CURVE_AND_SHA512, - AlgorithmIdentifiers.RSA_PSS_USING_SHA256, - AlgorithmIdentifiers.RSA_PSS_USING_SHA512)); - - - @Test - public void missingKey() throws EaafException, JoseException, KeyStoreException, IOException { - - KeyStoreConfiguration config = new KeyStoreConfiguration(); - config.setFriendlyName("jUnittest"); - config.setKeyStoreType(KeyStoreType.JKS); - config.setSoftKeyStoreFilePath("../data/junit.jks"); - config.setSoftKeyStorePassword("password"); - - Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config); - String payLoad = RandomStringUtils.randomAlphanumeric(100); - - //check signing - try { - JoseUtils.createSignature(keyStore, "notExist", "password".toCharArray(), payLoad , true, "jUnitTest"); - Assert.fail("missing Key not detected"); - - } catch (EaafException e) { - Assert.assertEquals("ErrorId", "internal.keystore.09", e.getErrorId()); - - } - } - - @Test - public void createRsaSignature() throws EaafException, JoseException, KeyStoreException, IOException { - - KeyStoreConfiguration config = new KeyStoreConfiguration(); - config.setFriendlyName("jUnittest"); - config.setKeyStoreType(KeyStoreType.JKS); - config.setSoftKeyStoreFilePath("../data/junit.jks"); - config.setSoftKeyStorePassword("password"); - - Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config); - String payLoad = RandomStringUtils.randomAlphanumeric(100); - - //check signing - String result = JoseUtils.createSignature(keyStore, "meta", "password".toCharArray(), payLoad , true, "jUnitTest"); - - Assert.assertNotNull("signed message", result); - Assert.assertFalse("signed msg empty", result.isEmpty()); - - - //validate - List<X509Certificate> trustedCerts = EaafKeyStoreUtils.readCertsFromKeyStore(keyStore.getFirst()); - final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT, - AUTH_ALGORITHM_WHITELIST_SIGNING - .toArray(new String[AUTH_ALGORITHM_WHITELIST_SIGNING.size()])); - JwsResult verify = JoseUtils.validateSignature(result, trustedCerts, constraints); - - Assert.assertTrue("sig. verify", verify.isValid()); - Assert.assertEquals("payload", payLoad, verify.getPayLoad()); - - } - - @Test - public void createEccSignature() throws EaafException, JoseException, KeyStoreException, IOException { - - KeyStoreConfiguration config = new KeyStoreConfiguration(); - config.setFriendlyName("jUnittest"); - config.setKeyStoreType(KeyStoreType.JKS); - config.setSoftKeyStoreFilePath("../data/junit.jks"); - config.setSoftKeyStorePassword("password"); - - Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config); - String payLoad = RandomStringUtils.randomAlphanumeric(100); - - //check signing - String result = JoseUtils.createSignature(keyStore, "sig", "password".toCharArray(), payLoad , true, "jUnitTest"); - - Assert.assertNotNull("signed message", result); - Assert.assertFalse("signed msg empty", result.isEmpty()); - - - //validate - List<X509Certificate> trustedCerts = EaafKeyStoreUtils.readCertsFromKeyStore(keyStore.getFirst()); - final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT, - AUTH_ALGORITHM_WHITELIST_SIGNING - .toArray(new String[AUTH_ALGORITHM_WHITELIST_SIGNING.size()])); - JwsResult verify = JoseUtils.validateSignature(result, trustedCerts, constraints); - - Assert.assertTrue("sig. verify", verify.isValid()); - Assert.assertEquals("payload", payLoad, verify.getPayLoad()); - - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java deleted file mode 100644 index 9bb51cd9..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java +++ /dev/null @@ -1,460 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation; - -import static org.junit.Assert.fail; - -import java.io.IOException; -import java.text.SimpleDateFormat; -import java.util.HashMap; -import java.util.Map; - -import org.joda.time.DateTime; -import org.junit.BeforeClass; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.test.annotation.DirtiesContext; -import org.springframework.test.annotation.DirtiesContext.ClassMode; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; - -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService; - -@RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration(locations = { - "/SpringTest-context_tasks_test.xml", - "/SpringTest-context_basic_mapConfig.xml"}) -@DirtiesContext(classMode = ClassMode.AFTER_CLASS) -public class EidasAttributePostProcessingTest { - - @Autowired - private CcSpecificEidProcessingService postProcessor; - - // lower case - private static final String P1_eIDASID = - "DE/AT/532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25"; - private static final String P1_GIVENNAME = "Max"; - private static final String P1_FAMILYNAME = "Mustermann"; - private static final DateTime P1_DATEOFBIRTH = DateTime.now(); - private static final String P1_PLACEOFBIRTH = "Nirgendwo"; - private static final String P1_BIRTHNAME = "Musterkind"; - - // mixed - private static final String P3_eIDASID = - "DE/AT/532eaabd9574880dbf76b9b8cc00832c20A6ec113d682299550d7a6e0f345e25"; - private static final String P3_GIVENNAME = "Max"; - private static final String P3_FAMILYNAME = "Mustermann"; - private static final DateTime P3_DATEOFBIRTH = DateTime.now(); - private static final String P3_PLACEOFBIRTH = "Nirgendwo"; - private static final String P3_BIRTHNAME = "Musterkind"; - - // upper case - private static final String P4_eIDASID = - "DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F345E25"; - private static final String P4_GIVENNAME = "Max"; - private static final String P4_FAMILYNAME = "Mustermann"; - private static final DateTime P4_DATEOFBIRTH = DateTime.now(); - private static final String P4_PLACEOFBIRTH = "Nirgendwo"; - private static final String P4_BIRTHNAME = "Musterkind"; - - // To long identifier - private static final String P5_eIDASID = - "DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F345E251"; - private static final String P5_GIVENNAME = "Max"; - private static final String P5_FAMILYNAME = "Mustermann"; - private static final DateTime P5_DATEOFBIRTH = DateTime.now(); - private static final String P5_PLACEOFBIRTH = "Nirgendwo"; - private static final String P5_BIRTHNAME = "Musterkind"; - - // to short identifier - private static final String P6_eIDASID = "DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F"; - private static final String P6_GIVENNAME = "Max"; - private static final String P6_FAMILYNAME = "Mustermann"; - private static final DateTime P6_DATEOFBIRTH = DateTime.now(); - private static final String P6_PLACEOFBIRTH = "Nirgendwo"; - private static final String P6_BIRTHNAME = "Musterkind"; - - // no hex encoded identifier - private static final String P7_eIDASID = "DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F"; - private static final String P7_GIVENNAME = "Max"; - private static final String P7_FAMILYNAME = "Mustermann"; - private static final DateTime P7_DATEOFBIRTH = DateTime.now(); - private static final String P7_PLACEOFBIRTH = "Nirgendwo"; - private static final String P7_BIRTHNAME = "Musterkind"; - - private static final String P2_eIDASID = - "EE/AT/asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd"; - private static final String P2_GIVENNAME = "Max"; - private static final String P2_FAMILYNAME = "Mustermann"; - private static final DateTime P2_DATEOFBIRTH = DateTime.now(); - private static final String P2_PLACEOFBIRTH = "Nirgendwo"; - private static final String P2_BIRTHNAME = "Musterkind"; - - /** - * jUnit class initializer. - * - * @throws IOException In case of an error - */ - @BeforeClass - public static void classInitializer() throws IOException { - final String current = new java.io.File(".").toURI().toString(); - System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties"); - - } - - @Test - public void deWithHexLowerCase() throws Exception { - try { - final ErnbEidData result = postProcessor.postProcess( - generateInputData( - P1_eIDASID, - P1_FAMILYNAME, - P1_GIVENNAME, - P1_DATEOFBIRTH, - P1_PLACEOFBIRTH, - P1_BIRTHNAME)); - - validate(result, - "Uy6qvZV0iA2/drm4zACDLCCm7BE9aCKZVQ16bg80XiU=", - P1_FAMILYNAME, - P1_GIVENNAME, - P1_DATEOFBIRTH, - P1_PLACEOFBIRTH, - P1_BIRTHNAME); - - } catch (final Exception e) { - e.printStackTrace(); - fail(e.getMessage()); - - } - } - - @Test - public void deWithHexMixedCase() throws Exception { - try { - final ErnbEidData result = postProcessor.postProcess( - generateInputData( - P3_eIDASID, - P3_FAMILYNAME, - P3_GIVENNAME, - P3_DATEOFBIRTH, - P3_PLACEOFBIRTH, - P3_BIRTHNAME)); - - validate(result, - "Uy6qvZV0iA2/drm4zACDLCCm7BE9aCKZVQ16bg80XiU=", - P3_FAMILYNAME, - P3_GIVENNAME, - P3_DATEOFBIRTH, - P3_PLACEOFBIRTH, - P3_BIRTHNAME); - - } catch (final Exception e) { - e.printStackTrace(); - fail(e.getMessage()); - - } - } - - @Test - public void deWithHexUpperCase() throws Exception { - try { - final ErnbEidData result = postProcessor.postProcess( - generateInputData( - P4_eIDASID, - P4_FAMILYNAME, - P4_GIVENNAME, - P4_DATEOFBIRTH, - P4_PLACEOFBIRTH, - P4_BIRTHNAME)); - - validate(result, - "Uy6qvZV0iA2/drm4zACDLCCm7BE9aCKZVQ16bg80XiU=", - P4_FAMILYNAME, - P4_GIVENNAME, - P4_DATEOFBIRTH, - P4_PLACEOFBIRTH, - P4_BIRTHNAME); - - } catch (final Exception e) { - e.printStackTrace(); - fail(e.getMessage()); - - } - } - - @Test - public void deWithHexTooLongCase() throws Exception { - try { - postProcessor.postProcess( - generateInputData( - P5_eIDASID, - P5_FAMILYNAME, - P5_GIVENNAME, - P5_DATEOFBIRTH, - P5_PLACEOFBIRTH, - P5_BIRTHNAME)); - - } catch (final Exception e) { - return; - - } - - fail("Too long input accepted"); - } - - @Test - public void deWithHexTooShortCase() throws Exception { - try { - postProcessor.postProcess( - generateInputData( - P6_eIDASID, - P6_FAMILYNAME, - P6_GIVENNAME, - P6_DATEOFBIRTH, - P6_PLACEOFBIRTH, - P6_BIRTHNAME)); - - } catch (final Exception e) { - return; - - } - - fail("Too short input accepted"); - } - - @Test - public void deWithNoHexCase() throws Exception { - try { - postProcessor.postProcess( - generateInputData( - P7_eIDASID, - P7_FAMILYNAME, - P7_GIVENNAME, - P7_DATEOFBIRTH, - P7_PLACEOFBIRTH, - P7_BIRTHNAME)); - - } catch (final Exception e) { - return; - - } - - fail("Not hex encoded input accepted"); - } - - @Test - public void eeTestCase() throws Exception { - try { - final ErnbEidData result = postProcessor.postProcess( - generateInputData( - P2_eIDASID, - P2_FAMILYNAME, - P2_GIVENNAME, - P2_DATEOFBIRTH, - P2_PLACEOFBIRTH, - P2_BIRTHNAME)); - - validate(result, - "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd", - P2_FAMILYNAME, - P2_GIVENNAME, - P2_DATEOFBIRTH, - P2_PLACEOFBIRTH, - P2_BIRTHNAME); - - } catch (final Exception e) { - e.printStackTrace(); - fail(e.getMessage()); - - } - } - - @Test - public void eeTestFamilyNameMissingCase() throws Exception { - try { - final ErnbEidData result = postProcessor.postProcess( - generateInputData( - P2_eIDASID, - null, - P2_GIVENNAME, - P2_DATEOFBIRTH, - P2_PLACEOFBIRTH, - P2_BIRTHNAME)); - - validate(result, - "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd", - P2_FAMILYNAME, - P2_GIVENNAME, - P2_DATEOFBIRTH, - P2_PLACEOFBIRTH, - P2_BIRTHNAME); - - } catch (final Exception e) { - return; - - } - - fail("FamilyName missing input accepted"); - - } - - @Test - public void eeTestGivenNameMissingCase() throws Exception { - try { - final ErnbEidData result = postProcessor.postProcess( - generateInputData( - P2_eIDASID, - P2_FAMILYNAME, - null, - P2_DATEOFBIRTH, - P2_PLACEOFBIRTH, - P2_BIRTHNAME)); - - validate(result, - "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd", - P2_FAMILYNAME, - P2_GIVENNAME, - P2_DATEOFBIRTH, - P2_PLACEOFBIRTH, - P2_BIRTHNAME); - - } catch (final Exception e) { - return; - - } - - fail("GivenName missing input accepted"); - - } - - @Test - public void eeTestDateOfBirthMissingCase() throws Exception { - try { - final ErnbEidData result = postProcessor.postProcess( - generateInputData( - P2_eIDASID, - P2_FAMILYNAME, - P2_GIVENNAME, - null, - P2_PLACEOFBIRTH, - P2_BIRTHNAME)); - - validate(result, - "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd", - P2_FAMILYNAME, - P2_GIVENNAME, - P2_DATEOFBIRTH, - P2_PLACEOFBIRTH, - P2_BIRTHNAME); - - } catch (final Exception e) { - return; - - } - - fail("DateOfBirth missing input accepted"); - - } - - @Test - public void eeTestIdMissingCase() throws Exception { - try { - final ErnbEidData result = postProcessor.postProcess( - generateInputData( - null, - P2_FAMILYNAME, - P2_GIVENNAME, - P2_DATEOFBIRTH, - P2_PLACEOFBIRTH, - P2_BIRTHNAME)); - - validate(result, - "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd", - P2_FAMILYNAME, - P2_GIVENNAME, - P2_DATEOFBIRTH, - P2_PLACEOFBIRTH, - P2_BIRTHNAME); - - } catch (final Exception e) { - return; - - } - - fail("eIDAS-Id missing input accepted"); - - } - - private Map<String, Object> generateInputData(String id, String familyName, String givenName, - DateTime dateOfBirth, String placeOfBirth, String birthName) { - final Map<String, Object> result = new HashMap<>(); - result.put(Constants.eIDAS_ATTR_PERSONALIDENTIFIER, id); - result.put(Constants.eIDAS_ATTR_CURRENTGIVENNAME, givenName); - result.put(Constants.eIDAS_ATTR_CURRENTFAMILYNAME, familyName); - result.put(Constants.eIDAS_ATTR_DATEOFBIRTH, dateOfBirth); - result.put(Constants.eIDAS_ATTR_PLACEOFBIRTH, placeOfBirth); - result.put(Constants.eIDAS_ATTR_BIRTHNAME, birthName); - return result; - - } - - private void validate(ErnbEidData result, String id, String familyName, String givenName, - DateTime dateOfBirth, String placeOfBirth, String birthName) { - if (!result.getPseudonym().equals(id)) { - fail(result.getPseudonym() + "is not equal to " + id); - } - - if (!result.getFamilyName().equals(familyName)) { - fail(result.getFamilyName() + "is not equal to " + familyName); - } - - if (!result.getGivenName().equals(givenName)) { - fail(result.getGivenName() + "is not equal to " + givenName); - } - - if (!result.getDateOfBirth().equals(dateOfBirth)) { - fail(result.getDateOfBirth() + "is not equal to " + dateOfBirth); - } - - if (!result.getFormatedDateOfBirth().equals(new SimpleDateFormat("yyyy-MM-dd").format(dateOfBirth - .toDate()))) { - fail(result.getDateOfBirth() + "is not equal to " + new SimpleDateFormat("yyyy-MM-dd").format( - dateOfBirth.toDate())); - } - - if (!result.getPlaceOfBirth().equals(placeOfBirth)) { - fail(result.getPlaceOfBirth() + "is not equal to " + placeOfBirth); - } - - if (!result.getBirthName().equals(birthName)) { - fail(result.getBirthName() + "is not equal to " + birthName); - } - - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java deleted file mode 100644 index 7ac41500..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java +++ /dev/null @@ -1,155 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation; - -import java.io.IOException; -import java.util.HashMap; -import java.util.Map; -import java.util.UUID; - -import org.junit.Assert; -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.test.annotation.DirtiesContext; -import org.springframework.test.annotation.DirtiesContext.ClassMode; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.TestPropertySource; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; - -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService; -import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; -import at.gv.egiz.eaaf.core.api.data.EaafConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import eu.eidas.auth.commons.light.impl.LightRequest; -import eu.eidas.auth.commons.light.impl.LightRequest.Builder; - -@RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration(locations = { - "/SpringTest-context_tasks_test.xml", - "/SpringTest-context_basic_realConfig.xml"}) -@TestPropertySource(locations = {"classpath:/config/junit_config_de_attributes.properties"}) -@DirtiesContext(classMode = ClassMode.AFTER_CLASS) -public class EidasRequestPreProcessingFirstTest { - - @Autowired - private IConfigurationWithSP basicConfig; - @Autowired - private CcSpecificEidProcessingService preProcessor; - - private TestRequestImpl pendingReq; - private DummySpConfiguration oaParam; - private Builder authnRequestBuilder; - - /** - * jUnit class initializer. - * - * @throws IOException In case of an error - */ - @BeforeClass - public static void classInitializer() throws IOException { -// final String current = new java.io.File(".").toURI().toString(); -// System.setProperty("eidas.ms.configuration", -// current + "src/test/resources/config/junit_config_de_attributes.properties"); - - } - - /** - * jUnit test set-up. - * - */ - @Before - public void setUp() { - - final Map<String, String> spConfig = new HashMap<>(); - spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); - spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); - oaParam = new DummySpConfiguration(spConfig, basicConfig); - - pendingReq = new TestRequestImpl(); - pendingReq.setSpConfig(oaParam); - pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue()); - pendingReq.setAuthUrl("http://test.com/"); - - authnRequestBuilder = LightRequest.builder(); - authnRequestBuilder.id(UUID.randomUUID().toString()); - authnRequestBuilder.issuer("Test"); - authnRequestBuilder.levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH); - - } - - @Test - public void prePreProcessGeneric() throws EidPostProcessingException { - final String testCountry = "XX"; - authnRequestBuilder.citizenCountryCode(testCountry); - preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder); - - final LightRequest lightReq = authnRequestBuilder.build(); - - Assert.assertEquals("ProviderName is not Static", - Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, lightReq.getProviderName()); - Assert.assertEquals("no PublicSP", "public", lightReq.getSpType()); - Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size()); - - } - - @Test - public void prePreProcessGenericNoCountryCode() throws EidPostProcessingException { - final String testCountry = "XX"; - authnRequestBuilder.citizenCountryCode(testCountry); - preProcessor.preProcess(null, pendingReq, authnRequestBuilder); - - final LightRequest lightReq = authnRequestBuilder.build(); - - Assert.assertEquals("ProviderName is not Static", - Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, lightReq.getProviderName()); - Assert.assertEquals("no PublicSP", "public", lightReq.getSpType()); - Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size()); - - } - - @Test - public void prePreProcessDE() throws EidPostProcessingException { - - final String testCountry = "DE"; - authnRequestBuilder.citizenCountryCode(testCountry); - preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder); - - final LightRequest lightReq = authnRequestBuilder.build(); - - Assert.assertEquals("ProviderName is not Static", - Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, lightReq.getProviderName()); - Assert.assertNotSame("RequesterId was set", lightReq.getRequesterId()); - Assert.assertEquals("no PublicSP", "public", lightReq.getSpType()); - Assert.assertEquals("Requested attribute size not match", 8, lightReq.getRequestedAttributes().size()); - - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java deleted file mode 100644 index 9ee38296..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java +++ /dev/null @@ -1,157 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation; - -import java.util.HashMap; -import java.util.Map; -import java.util.UUID; - -import org.junit.Assert; -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.test.annotation.DirtiesContext; -import org.springframework.test.annotation.DirtiesContext.ClassMode; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; - -import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService; -import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; -import at.gv.egiz.eaaf.core.api.data.EaafConstants; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import eu.eidas.auth.commons.light.impl.LightRequest; -import eu.eidas.auth.commons.light.impl.LightRequest.Builder; - -@RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration(locations = { - "/SpringTest-context_tasks_test.xml", - "/SpringTest-context_basic_mapConfig.xml"}) -@DirtiesContext(classMode = ClassMode.AFTER_CLASS) -public class EidasRequestPreProcessingSecondTest { - - @Autowired - private MsConnectorDummyConfigMap basicConfig; - @Autowired - private CcSpecificEidProcessingService preProcessor; - - private TestRequestImpl pendingReq; - private DummySpConfiguration oaParam; - private Builder authnRequestBuilder; - - - /** - * jUnit test set-up. - * - */ - @Before - public void setUp() { - - final Map<String, String> spConfig = new HashMap<>(); - spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); - spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); - oaParam = new DummySpConfiguration(spConfig, basicConfig); - - pendingReq = new TestRequestImpl(); - pendingReq.setSpConfig(oaParam); - pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue()); - pendingReq.setAuthUrl("http://test.com/"); - - authnRequestBuilder = LightRequest.builder(); - authnRequestBuilder.id(UUID.randomUUID().toString()); - authnRequestBuilder.issuer("Test"); - authnRequestBuilder.levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH); - - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll", "true"); - - } - - @Test - public void prePreProcessDeUnknownAttribute() throws EidPostProcessingException { - basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs", "myNode"); - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true"); - - final String testCountry = "DE"; - authnRequestBuilder.citizenCountryCode(testCountry); - preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder); - - final LightRequest lightReq = authnRequestBuilder.build(); - - Assert.assertEquals("ProviderName is not Static", "myNode", lightReq.getProviderName()); - Assert.assertEquals("no PublicSP", "public", lightReq.getSpType()); - Assert.assertEquals("Requested attribute size not match", 8, lightReq.getRequestedAttributes().size()); - - } - - - /* - * Set ProviderName according to general configuration - */ - @Test - public void prePreProcessLuPublicSpWithoutRequestId() throws EidPostProcessingException { - - basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll", "false"); - - final String testCountry = "LU"; - authnRequestBuilder.citizenCountryCode(testCountry); - preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder); - - final LightRequest lightReq = authnRequestBuilder.build(); - - Assert.assertEquals("ProviderName is not Static", "myNode", lightReq.getProviderName()); - Assert.assertNull("RequesterId", lightReq.getRequesterId()); - Assert.assertEquals("no PublicSP", "public", lightReq.getSpType()); - Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size()); - - } - - /* - * Always set requesterId and providername in case of country LU - */ - @Test - public void prePreProcessLuPublicSpWithStaticRequesterId() throws EidPostProcessingException { - - - final String testCountry = "LU"; - authnRequestBuilder.citizenCountryCode(testCountry); - preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder); - - final LightRequest lightReq = authnRequestBuilder.build(); - - Assert.assertEquals("ProviderName is not Static", - "myNode", lightReq.getProviderName()); - Assert.assertEquals("RequesterId is not Static", - "myNode", lightReq.getRequesterId()); - Assert.assertEquals("no PublicSP", "public", lightReq.getSpType()); - Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size()); - - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java deleted file mode 100644 index b1f1b164..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java +++ /dev/null @@ -1,333 +0,0 @@ -package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation; - -import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE; - -import java.net.URISyntaxException; -import java.util.Arrays; -import java.util.HashMap; -import java.util.Map; - -import org.apache.commons.lang3.RandomStringUtils; -import org.junit.Assert; -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.powermock.core.classloader.annotations.PrepareForTest; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.test.annotation.DirtiesContext; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; - -import com.google.common.collect.ImmutableSet; - -import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap; -import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummySpConfiguration; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasValidationException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.validator.EidasResponseValidator; -import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; -import at.gv.egiz.eaaf.core.api.data.EaafConstants; -import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import at.gv.egiz.eaaf.core.impl.utils.Random; -import eu.eidas.auth.commons.attribute.AttributeDefinition; -import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; -import eu.eidas.auth.commons.attribute.ImmutableAttributeMap.Builder; -import eu.eidas.auth.commons.attribute.impl.StringAttributeValue; -import eu.eidas.auth.commons.light.ILightResponse; -import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse; -import lombok.val; - -@RunWith(SpringJUnit4ClassRunner.class) -@PrepareForTest(CreateIdentityLinkTask.class) -@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS) -@ContextConfiguration(locations = { - "/SpringTest-context_tasks_test.xml", - "/SpringTest-context_basic_mapConfig.xml"}) -public class EidasResponseValidatorTest { - - @Autowired private MsConnectorDummyConfigMap basicConfig; - @Autowired protected EidasAttributeRegistry attrRegistry; - - private TestRequestImpl pendingReq; - private MsConnectorDummySpConfiguration oaParam; - - - /** - * jUnit test set-up. - */ - @Before - public void setUp() throws EaafStorageException, URISyntaxException { - - final Map<String, String> spConfig = new HashMap<>(); - spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); - spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); - spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true"); - oaParam = new MsConnectorDummySpConfiguration(spConfig, basicConfig); - oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH)); - pendingReq = new TestRequestImpl(); - - pendingReq.setSpConfig(oaParam); - pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue()); - pendingReq.setAuthUrl("http://test.com/"); - pendingReq.setTransactionId("avaasbav"); - pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); - - } - - - @Test - public void loaFromResponseToLow() throws URISyntaxException { - //set-up - ILightResponse eidasResponse = buildDummyAuthResponse( - "LU/AT/" + RandomStringUtils.randomNumeric(10), - EaafConstants.EIDAS_LOA_LOW, - false); - String spCountry = "AT"; - String citizenCountryCode = "XX"; - - //execute test - try { - EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry); - Assert.fail("Wrong eIDAS response not detected"); - - } catch (EidasValidationException e) { - Assert.assertEquals("ErrorId", "eidas.06", e.getErrorId()); - Assert.assertEquals("wrong parameter size", 1, e.getParams().length); - Assert.assertEquals("wrong errorMsg", "http://eidas.europa.eu/LoA/low", - e.getParams()[0]); - - } - } - - @Test - public void noEidasSpCountry() throws URISyntaxException { - //set-up - ILightResponse eidasResponse = buildDummyAuthResponse( - "LU/AT/" + RandomStringUtils.randomNumeric(10), - EaafConstants.EIDAS_LOA_SUBSTANTIAL, - false); - String spCountry = null; - String citizenCountryCode = "LU"; - - oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); - - - //execute test - try { - EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry); - Assert.fail("Wrong eIDAS response not detected"); - - } catch (EidasValidationException e) { - Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId()); - Assert.assertEquals("wrong parameter size", 2, e.getParams().length); - Assert.assertEquals("wrong errorMsg", "PersonIdentifier", - e.getParams()[0]); - Assert.assertEquals("wrong errorMsg", - "Destination country does not match to SP country", - e.getParams()[1]); - - } - } - - @Test - public void noEidasResponseCountry() throws URISyntaxException { - //set-up - ILightResponse eidasResponse = buildDummyAuthResponse( - "LU/AT/" + RandomStringUtils.randomNumeric(10), - EaafConstants.EIDAS_LOA_SUBSTANTIAL, - false); - String spCountry = "AT"; - String citizenCountryCode = null; - - oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); - - - //execute test - try { - EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry); - Assert.fail("Wrong eIDAS response not detected"); - - } catch (EidasValidationException e) { - Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId()); - Assert.assertEquals("wrong parameter size", 2, e.getParams().length); - Assert.assertEquals("wrong errorMsg", "PersonIdentifier", - e.getParams()[0]); - Assert.assertEquals("wrong errorMsg", - "Citizen country does not match to eIDAS-node country that generates the response", - e.getParams()[1]); - - } - } - - @Test - public void wrongEidasResponseCountry() throws URISyntaxException { - //set-up - ILightResponse eidasResponse = buildDummyAuthResponse( - "LU/AT/" + RandomStringUtils.randomNumeric(10), - EaafConstants.EIDAS_LOA_SUBSTANTIAL, - false); - String spCountry = "AT"; - String citizenCountryCode = "XX"; - - oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); - - - //execute test - try { - EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry); - Assert.fail("Wrong eIDAS response not detected"); - - } catch (EidasValidationException e) { - Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId()); - Assert.assertEquals("wrong parameter size", 2, e.getParams().length); - Assert.assertEquals("wrong errorMsg", "PersonIdentifier", - e.getParams()[0]); - Assert.assertEquals("wrong errorMsg", - "Citizen country does not match to eIDAS-node country that generates the response", - e.getParams()[1]); - - } - } - - @Test - public void missingPersonalIdentifier() throws URISyntaxException { - //set-up - ILightResponse eidasResponse = buildDummyAuthResponse( - null, - EaafConstants.EIDAS_LOA_SUBSTANTIAL, - false); - String spCountry = "AT"; - String citizenCountryCode = "LU"; - - oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); - - - //execute test - try { - EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry); - Assert.fail("Wrong eIDAS response not detected"); - - } catch (EidasValidationException e) { - Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId()); - Assert.assertEquals("wrong parameter size", 1, e.getParams().length); - Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte", - e.getParams()[0]); - - } - } - - @Test - public void moreThanOnePersonalIdentifier() throws URISyntaxException { - //set-up - ILightResponse eidasResponse = buildDummyAuthResponse( - null, - EaafConstants.EIDAS_LOA_SUBSTANTIAL, - true); - String spCountry = "AT"; - String citizenCountryCode = "LU"; - - oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); - - - //execute test - try { - EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry); - Assert.fail("Wrong eIDAS response not detected"); - - } catch (EidasValidationException e) { - Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId()); - Assert.assertEquals("wrong parameter size", 1, e.getParams().length); - Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte", - e.getParams()[0]); - - } - } - - @Test - public void emptyPersonalIdentifier() throws URISyntaxException { - //set-up - ILightResponse eidasResponse = buildDummyAuthResponse( - "", - EaafConstants.EIDAS_LOA_SUBSTANTIAL, - false); - String spCountry = "AT"; - String citizenCountryCode = "LU"; - - oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); - - - //execute test - try { - EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry); - Assert.fail("Wrong eIDAS response not detected"); - - } catch (EidasValidationException e) { - Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId()); - Assert.assertEquals("wrong parameter size", 2, e.getParams().length); - Assert.assertEquals("wrong errorMsg", "PersonIdentifier", - e.getParams()[0]); - Assert.assertEquals("wrong errorMsg", - "Wrong identifier format", - e.getParams()[1]); - - } - } - - @Test - public void validResponse() throws URISyntaxException, EidasValidationException { - //set-up - - String spCountry = RandomStringUtils.randomAlphabetic(2).toUpperCase(); - String cCountry = RandomStringUtils.randomAlphabetic(2).toUpperCase(); - - ILightResponse eidasResponse = buildDummyAuthResponse( - cCountry + "/" + spCountry + "/" + RandomStringUtils.randomAlphanumeric(20), - EaafConstants.EIDAS_LOA_SUBSTANTIAL, - false); - - oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); - - - //execute test - - EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, cCountry, attrRegistry); - - } - - - private AuthenticationResponse buildDummyAuthResponse(String personalId, String loa, boolean moreThanOnePersonalId) - throws URISyntaxException { - - - final AttributeDefinition personIdattributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( - Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first(); - - final Builder attributeMap = ImmutableAttributeMap.builder(); - if (personalId != null) { - if (moreThanOnePersonalId) { - ImmutableSet values = ImmutableSet.of(new StringAttributeValue(personalId), - new StringAttributeValue("XX/YY/" + RandomStringUtils.randomAlphanumeric(10))); - attributeMap.put(personIdattributeDef, values); - - } else { - attributeMap.put(personIdattributeDef, personalId); - - } - } - - val b = new AuthenticationResponse.Builder(); - return b.id("_".concat(Random.nextHexRandom16())) - .issuer(RandomStringUtils.randomAlphabetic(10)) - .subject(RandomStringUtils.randomAlphabetic(10)) - .statusCode(Constants.SUCCESS_URI) - .inResponseTo("_".concat(Random.nextHexRandom16())) - .subjectNameIdFormat("afaf") - .levelOfAssurance(loa) - .attributes(attributeMap.build()) - .build(); - } -} - diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_mapConfig.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_mapConfig.xml deleted file mode 100644 index fe9ff441..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_mapConfig.xml +++ /dev/null @@ -1,20 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<beans xmlns="http://www.springframework.org/schema/beans" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xmlns:context="http://www.springframework.org/schema/context" - xmlns:tx="http://www.springframework.org/schema/tx" - xmlns:aop="http://www.springframework.org/schema/aop" - xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd - http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd - http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd - http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> - - <context:annotation-config /> - - <bean id="dummyMapBasedConfiguration" - class="at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap"> - <constructor-arg value="/config/junit_config_1.properties" /> - <property name="configRootDirSufix" value="src/test/resources/config" /> - </bean> - -</beans>
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_realConfig.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_realConfig.xml deleted file mode 100644 index 79695f69..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_realConfig.xml +++ /dev/null @@ -1,25 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<beans xmlns="http://www.springframework.org/schema/beans" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xmlns:context="http://www.springframework.org/schema/context" - xmlns:tx="http://www.springframework.org/schema/tx" - xmlns:aop="http://www.springframework.org/schema/aop" - xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd - http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd - http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd - http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> - - <context:annotation-config /> - - <!-- - <bean id="BasicMSSpecificNodeConfig" - class="at.asitplus.eidas.specific.connector.config.BasicConfigurationProvider"> - <constructor-arg - value="#{systemProperties['eidas.ms.configuration']}" /> - </bean> - --> - - <bean id="springBootBasicConfingProvider" - class="at.asitplus.eidas.specific.core.config.SpringBootBasicConfigurationProvider" /> - -</beans>
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml deleted file mode 100644 index cd2888c1..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml +++ /dev/null @@ -1,68 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<beans xmlns="http://www.springframework.org/schema/beans" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xmlns:context="http://www.springframework.org/schema/context" - xmlns:tx="http://www.springframework.org/schema/tx" - xmlns:aop="http://www.springframework.org/schema/aop" - xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd - http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd - http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd - http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> - - <context:annotation-config /> - - - - <bean id="SZRClientForeIDAS" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient" /> - - <!-- <bean id="eIDASDataStore" class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.eIDASDataStore" - /> --> - - <bean id="springManagedSpecificConnectorCommunicationService" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService" /> - - <bean id="specificConnectorAttributesFileWithPath" - class="java.lang.String"> - <constructor-arg - value="src/test/resources/config/eidas-attributes.xml" /> - </bean> - - <bean id="specificConnectorAdditionalAttributesFileWithPath" - class="java.lang.String"> - <constructor-arg - value="src/test/resources/config/additional-attributes.xml" /> - </bean> - - <bean id="attributeRegistry" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry"> - <property name="eidasAttributesFile" - ref="specificConnectorAttributesFileWithPath" /> - <property name="additionalAttributesFile" - ref="specificConnectorAdditionalAttributesFileWithPath" /> - </bean> - - <bean id="EIDPostProcessingService" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService" /> - - <bean id="DE-PostProcessor" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.DeEidProcessor"> - <property name="priority" value="1" /> - </bean> - - <bean id="LU-PostProcessor" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.LuEidProcessor"> - <property name="priority" value="1" /> - </bean> - - <bean id="eIDASAuthModule" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasAuthenticationModulImpl"> - <property name="priority" value="2" /> - </bean> - - <bean id="Default-PostProcessor" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.GenericEidProcessor"> - <property name="priority" value="0" /> - </bean> - -</beans>
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml deleted file mode 100644 index 6d6bb51e..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml +++ /dev/null @@ -1,67 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<beans xmlns="http://www.springframework.org/schema/beans" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xmlns:context="http://www.springframework.org/schema/context" - xmlns:tx="http://www.springframework.org/schema/tx" - xmlns:aop="http://www.springframework.org/schema/aop" - xmlns:mvc="http://www.springframework.org/schema/mvc" - xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd - http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd - http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd - http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd - http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd"> - - <context:annotation-config /> - <mvc:annotation-driven /> - <mvc:default-servlet-handler /> - - - <import resource="SpringTest-context_authManager.xml" /> - <import resource="SpringTest-context_basic_test.xml" /> - - <bean id="mvcGUIBuilderImpl" - class="at.gv.egiz.eaaf.core.impl.gui.builder.SpringMvcGuiFormBuilderImpl" /> - - <bean id="springManagedSpecificConnectorCommunicationService" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService" /> - - <bean id="specificConnectorAttributesFileWithPath" - class="java.lang.String"> - <constructor-arg - value="src/test/resources/config/eidas-attributes.xml" /> - </bean> - - <bean id="specificConnectorAdditionalAttributesFileWithPath" - class="java.lang.String"> - <constructor-arg - value="src/test/resources/config/additional-attributes.xml" /> - </bean> - - <bean id="attributeRegistry" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry"> - <property name="eidasAttributesFile" - ref="specificConnectorAttributesFileWithPath" /> - <property name="additionalAttributesFile" - ref="specificConnectorAdditionalAttributesFileWithPath" /> - </bean> - - <bean id="authBlockSigningService" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.AuthBlockSigningService" /> - - <bean id="EidasSignalServlet" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet" /> - - <!-- Authentication Process Tasks --> - <bean id="ConnecteIDASNodeTask" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask" - scope="prototype" /> - - <bean id="ReceiveResponseFromeIDASNodeTask" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveAuthnResponseTask" - scope="prototype" /> - - <bean id="CreateIdentityLinkTask" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask" - scope="prototype" /> - -</beans>
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/additional-attributes.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/additional-attributes.xml deleted file mode 100644 index 6510546e..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/additional-attributes.xml +++ /dev/null @@ -1,39 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- -# Copyright (c) 2017 European Commission -# Licensed under the EUPL, Version 1.2 or – as soon they will be -# approved by the European Commission - subsequent versions of the -# EUPL (the "Licence"); -# You may not use this work except in compliance with the Licence. -# You may obtain a copy of the Licence at: -# * https://joinup.ec.europa.eu/page/eupl-text-11-12 -# * -# Unless required by applicable law or agreed to in writing, software -# distributed under the Licence is distributed on an "AS IS" basis, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the Licence for the specific language governing permissions and limitations under the Licence. - --> - -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> -<properties> - <comment>Dynamic attributes</comment> - - <entry key="1.NameUri">http://eidas.europa.eu/attributes/naturalperson/AdditionalAttribute</entry> - <entry key="1.FriendlyName">AdditionalAttribute</entry> - <entry key="1.PersonType">NaturalPerson</entry> - <entry key="1.Required">false</entry> - <entry key="1.XmlType.NamespaceUri">http://www.w3.org/2001/XMLSchema</entry> - <entry key="1.XmlType.LocalPart">string</entry> - <entry key="1.XmlType.NamespacePrefix">xs</entry> - <entry key="1.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="2.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalAdditionalAttribute</entry> - <entry key="2.FriendlyName">LegalAdditionalAttribute</entry> - <entry key="2.PersonType">LegalPerson</entry> - <entry key="2.Required">false</entry> - <entry key="2.XmlType.NamespaceUri">http://www.w3.org/2001/XMLSchema</entry> - <entry key="2.XmlType.LocalPart">string</entry> - <entry key="2.XmlType.NamespacePrefix">xs</entry> - <entry key="2.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - -</properties> diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/eidas-attributes.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/eidas-attributes.xml deleted file mode 100644 index cbae35db..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/eidas-attributes.xml +++ /dev/null @@ -1,376 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- -# Copyright (c) 2017 European Commission -# Licensed under the EUPL, Version 1.2 or – as soon they will be -# approved by the European Commission - subsequent versions of the -# EUPL (the "Licence"); -# You may not use this work except in compliance with the Licence. -# You may obtain a copy of the Licence at: -# * https://joinup.ec.europa.eu/page/eupl-text-11-12 -# * -# Unless required by applicable law or agreed to in writing, software -# distributed under the Licence is distributed on an "AS IS" basis, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the Licence for the specific language governing permissions and limitations under the Licence. - --> - -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> -<properties> - <comment>eIDAS attributes</comment> - - <entry key="1.NameUri">http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</entry> - <entry key="1.FriendlyName">PersonIdentifier</entry> - <entry key="1.PersonType">NaturalPerson</entry> - <entry key="1.Required">true</entry> - <entry key="1.UniqueIdentifier">true</entry> - <entry key="1.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> - <entry key="1.XmlType.LocalPart">PersonIdentifierType</entry> - <entry key="1.XmlType.NamespacePrefix">eidas-natural</entry> - <entry key="1.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="2.NameUri">http://eidas.europa.eu/attributes/naturalperson/CurrentFamilyName</entry> - <entry key="2.FriendlyName">FamilyName</entry> - <entry key="2.PersonType">NaturalPerson</entry> - <entry key="2.Required">true</entry> - <entry key="2.TransliterationMandatory">true</entry> - <entry key="2.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> - <entry key="2.XmlType.LocalPart">CurrentFamilyNameType</entry> - <entry key="2.XmlType.NamespacePrefix">eidas-natural</entry> - <entry key="2.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="3.NameUri">http://eidas.europa.eu/attributes/naturalperson/CurrentGivenName</entry> - <entry key="3.FriendlyName">FirstName</entry> - <entry key="3.PersonType">NaturalPerson</entry> - <entry key="3.Required">true</entry> - <entry key="3.TransliterationMandatory">true</entry> - <entry key="3.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> - <entry key="3.XmlType.LocalPart">CurrentGivenNameType</entry> - <entry key="3.XmlType.NamespacePrefix">eidas-natural</entry> - <entry key="3.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="4.NameUri">http://eidas.europa.eu/attributes/naturalperson/DateOfBirth</entry> - <entry key="4.FriendlyName">DateOfBirth</entry> - <entry key="4.PersonType">NaturalPerson</entry> - <entry key="4.Required">true</entry> - <entry key="4.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> - <entry key="4.XmlType.LocalPart">DateOfBirthType</entry> - <entry key="4.XmlType.NamespacePrefix">eidas-natural</entry> - <entry key="4.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.DateTimeAttributeValueMarshaller</entry> - - <entry key="5.NameUri">http://eidas.europa.eu/attributes/naturalperson/BirthName</entry> - <entry key="5.FriendlyName">BirthName</entry> - <entry key="5.PersonType">NaturalPerson</entry> - <entry key="5.Required">false</entry> - <entry key="5.TransliterationMandatory">true</entry> - <entry key="5.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> - <entry key="5.XmlType.LocalPart">BirthNameType</entry> - <entry key="5.XmlType.NamespacePrefix">eidas-natural</entry> - <entry key="5.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="6.NameUri">http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth</entry> - <entry key="6.FriendlyName">PlaceOfBirth</entry> - <entry key="6.PersonType">NaturalPerson</entry> - <entry key="6.Required">false</entry> - <entry key="6.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> - <entry key="6.XmlType.LocalPart">PlaceOfBirthType</entry> - <entry key="6.XmlType.NamespacePrefix">eidas-natural</entry> - <entry key="6.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="7.NameUri">http://eidas.europa.eu/attributes/naturalperson/CurrentAddress</entry> - <entry key="7.FriendlyName">CurrentAddress</entry> - <entry key="7.PersonType">NaturalPerson</entry> - <entry key="7.Required">false</entry> - <entry key="7.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> - <entry key="7.XmlType.LocalPart">CurrentAddressType</entry> - <entry key="7.XmlType.NamespacePrefix">eidas-natural</entry> - <entry key="7.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.CurrentAddressAttributeValueMarshaller</entry> - - <entry key="8.NameUri">http://eidas.europa.eu/attributes/naturalperson/Gender</entry> - <entry key="8.FriendlyName">Gender</entry> - <entry key="8.PersonType">NaturalPerson</entry> - <entry key="8.Required">false</entry> - <entry key="8.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> - <entry key="8.XmlType.LocalPart">GenderType</entry> - <entry key="8.XmlType.NamespacePrefix">eidas-natural</entry> - <entry key="8.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.GenderAttributeValueMarshaller</entry> - - <entry key="9.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalPersonIdentifier</entry> - <entry key="9.FriendlyName">LegalPersonIdentifier</entry> - <entry key="9.PersonType">LegalPerson</entry> - <entry key="9.Required">true</entry> - <entry key="9.UniqueIdentifier">true</entry> - <entry key="9.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> - <entry key="9.XmlType.LocalPart">LegalPersonIdentifierType</entry> - <entry key="9.XmlType.NamespacePrefix">eidas-legal</entry> - <entry key="9.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="10.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalName</entry> - <entry key="10.FriendlyName">LegalName</entry> - <entry key="10.PersonType">LegalPerson</entry> - <entry key="10.Required">true</entry> - <entry key="10.TransliterationMandatory">true</entry> - <entry key="10.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> - <entry key="10.XmlType.LocalPart">LegalNameType</entry> - <entry key="10.XmlType.NamespacePrefix">eidas-legal</entry> - <entry key="10.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="11.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalPersonAddress</entry> - <entry key="11.FriendlyName">LegalAddress</entry> - <entry key="11.PersonType">LegalPerson</entry> - <entry key="11.Required">false</entry> - <entry key="11.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> - <entry key="11.XmlType.LocalPart">LegalPersonAddressType</entry> - <entry key="11.XmlType.NamespacePrefix">eidas-legal</entry> - <entry key="11.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.LegalAddressAttributeValueMarshaller</entry> - - <entry key="12.NameUri">http://eidas.europa.eu/attributes/legalperson/VATRegistrationNumber</entry> - <entry key="12.FriendlyName">VATRegistration</entry> - <entry key="12.PersonType">LegalPerson</entry> - <entry key="12.Required">false</entry> - <entry key="12.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> - <entry key="12.XmlType.LocalPart">VATRegistrationNumberType</entry> - <entry key="12.XmlType.NamespacePrefix">eidas-legal</entry> - <entry key="12.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="13.NameUri">http://eidas.europa.eu/attributes/legalperson/TaxReference</entry> - <entry key="13.FriendlyName">TaxReference</entry> - <entry key="13.PersonType">LegalPerson</entry> - <entry key="13.Required">false</entry> - <entry key="13.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> - <entry key="13.XmlType.LocalPart">TaxReferenceType</entry> - <entry key="13.XmlType.NamespacePrefix">eidas-legal</entry> - <entry key="13.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="14.NameUri">http://eidas.europa.eu/attributes/legalperson/D-2012-17-EUIdentifier</entry> - <entry key="14.FriendlyName">D-2012-17-EUIdentifier</entry> - <entry key="14.PersonType">LegalPerson</entry> - <entry key="14.Required">false</entry> - <entry key="14.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> - <entry key="14.XmlType.LocalPart">D-2012-17-EUIdentifierType</entry> - <entry key="14.XmlType.NamespacePrefix">eidas-legal</entry> - <entry key="14.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="15.NameUri">http://eidas.europa.eu/attributes/legalperson/LEI</entry> - <entry key="15.FriendlyName">LEI</entry> - <entry key="15.PersonType">LegalPerson</entry> - <entry key="15.Required">false</entry> - <entry key="15.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> - <entry key="15.XmlType.LocalPart">LEIType</entry> - <entry key="15.XmlType.NamespacePrefix">eidas-legal</entry> - <entry key="15.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="16.NameUri">http://eidas.europa.eu/attributes/legalperson/EORI</entry> - <entry key="16.FriendlyName">EORI</entry> - <entry key="16.PersonType">LegalPerson</entry> - <entry key="16.Required">false</entry> - <entry key="16.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> - <entry key="16.XmlType.LocalPart">EORIType</entry> - <entry key="16.XmlType.NamespacePrefix">eidas-legal</entry> - <entry key="16.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="17.NameUri">http://eidas.europa.eu/attributes/legalperson/SEED</entry> - <entry key="17.FriendlyName">SEED</entry> - <entry key="17.PersonType">LegalPerson</entry> - <entry key="17.Required">false</entry> - <entry key="17.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> - <entry key="17.XmlType.LocalPart">SEEDType</entry> - <entry key="17.XmlType.NamespacePrefix">eidas-legal</entry> - <entry key="17.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="18.NameUri">http://eidas.europa.eu/attributes/legalperson/SIC</entry> - <entry key="18.FriendlyName">SIC</entry> - <entry key="18.PersonType">LegalPerson</entry> - <entry key="18.Required">false</entry> - <entry key="18.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> - <entry key="18.XmlType.LocalPart">SICType</entry> - <entry key="18.XmlType.NamespacePrefix">eidas-legal</entry> - <entry key="18.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="19.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/PersonIdentifier</entry> - <entry key="19.FriendlyName">RepresentativePersonIdentifier</entry> - <entry key="19.PersonType">RepresentativeNaturalPerson</entry> - <entry key="19.Required">false</entry> - <entry key="19.UniqueIdentifier">true</entry> - <entry key="19.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> - <entry key="19.XmlType.LocalPart">PersonIdentifierType</entry> - <entry key="19.XmlType.NamespacePrefix">eidas-natural</entry> - <entry key="19.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="20.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/CurrentFamilyName</entry> - <entry key="20.FriendlyName">RepresentativeFamilyName</entry> - <entry key="20.PersonType">RepresentativeNaturalPerson</entry> - <entry key="20.Required">false</entry> - <entry key="20.TransliterationMandatory">true</entry> - <entry key="20.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> - <entry key="20.XmlType.LocalPart">CurrentFamilyNameType</entry> - <entry key="20.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> - <entry key="20.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="21.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/CurrentGivenName</entry> - <entry key="21.FriendlyName">RepresentativeFirstName</entry> - <entry key="21.PersonType">RepresentativeNaturalPerson</entry> - <entry key="21.Required">false</entry> - <entry key="21.TransliterationMandatory">true</entry> - <entry key="21.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> - <entry key="21.XmlType.LocalPart">CurrentGivenNameType</entry> - <entry key="21.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> - <entry key="21.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="22.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/DateOfBirth</entry> - <entry key="22.FriendlyName">RepresentativeDateOfBirth</entry> - <entry key="22.PersonType">RepresentativeNaturalPerson</entry> - <entry key="22.Required">false</entry> - <entry key="22.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> - <entry key="22.XmlType.LocalPart">DateOfBirthType</entry> - <entry key="22.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> - <entry key="22.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.DateTimeAttributeValueMarshaller</entry> - - <entry key="23.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/BirthName</entry> - <entry key="23.FriendlyName">RepresentativeBirthName</entry> - <entry key="23.PersonType">RepresentativeNaturalPerson</entry> - <entry key="23.Required">false</entry> - <entry key="23.TransliterationMandatory">true</entry> - <entry key="23.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> - <entry key="23.XmlType.LocalPart">BirthNameType</entry> - <entry key="23.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> - <entry key="23.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="24.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/PlaceOfBirth</entry> - <entry key="24.FriendlyName">RepresentativePlaceOfBirth</entry> - <entry key="24.PersonType">RepresentativeNaturalPerson</entry> - <entry key="24.Required">false</entry> - <entry key="24.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> - <entry key="24.XmlType.LocalPart">PlaceOfBirthType</entry> - <entry key="24.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> - <entry key="24.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="25.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/CurrentAddress</entry> - <entry key="25.FriendlyName">RepresentativeCurrentAddress</entry> - <entry key="25.PersonType">RepresentativeNaturalPerson</entry> - <entry key="25.Required">false</entry> - <entry key="25.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> - <entry key="25.XmlType.LocalPart">CurrentAddressType</entry> - <entry key="25.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> - <entry key="25.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.RepvCurrentAddressAttributeValueMarshaller</entry> - - <entry key="26.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/Gender</entry> - <entry key="26.FriendlyName">RepresentativeGender</entry> - <entry key="26.PersonType">RepresentativeNaturalPerson</entry> - <entry key="26.Required">false</entry> - <entry key="26.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> - <entry key="26.XmlType.LocalPart">GenderType</entry> - <entry key="26.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> - <entry key="26.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.GenderAttributeValueMarshaller</entry> - - <entry key="27.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalPersonIdentifier</entry> - <entry key="27.FriendlyName">RepresentativeLegalPersonIdentifier</entry> - <entry key="27.PersonType">RepresentativeLegalPerson</entry> - <entry key="27.Required">false</entry> - <entry key="27.UniqueIdentifier">true</entry> - <entry key="27.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="27.XmlType.LocalPart">LegalPersonIdentifierType</entry> - <entry key="27.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="27.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="28.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalName</entry> - <entry key="28.FriendlyName">RepresentativeLegalName</entry> - <entry key="28.PersonType">RepresentativeLegalPerson</entry> - <entry key="28.Required">false</entry> - <entry key="28.TransliterationMandatory">true</entry> - <entry key="28.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="28.XmlType.LocalPart">LegalNameType</entry> - <entry key="28.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="28.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="29.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalPersonAddress</entry> - <entry key="29.FriendlyName">RepresentativeLegalAddress</entry> - <entry key="29.PersonType">RepresentativeLegalPerson</entry> - <entry key="29.Required">false</entry> - <entry key="29.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="29.XmlType.LocalPart">LegalPersonAddressType</entry> - <entry key="29.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="29.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.RepvLegalAddressAttributeValueMarshaller</entry> - - <entry key="30.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/VATRegistrationNumber</entry> - <entry key="30.FriendlyName">RepresentativeVATRegistration</entry> - <entry key="30.PersonType">RepresentativeLegalPerson</entry> - <entry key="30.Required">false</entry> - <entry key="30.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="30.XmlType.LocalPart">VATRegistrationNumberType</entry> - <entry key="30.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="30.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="31.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/TaxReference</entry> - <entry key="31.FriendlyName">RepresentativeTaxReference</entry> - <entry key="31.PersonType">RepresentativeLegalPerson</entry> - <entry key="31.Required">false</entry> - <entry key="31.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="31.XmlType.LocalPart">TaxReferenceType</entry> - <entry key="31.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="31.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="32.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/D-2012-17-EUIdentifier</entry> - <entry key="32.FriendlyName">RepresentativeD-2012-17-EUIdentifier</entry> - <entry key="32.PersonType">RepresentativeLegalPerson</entry> - <entry key="32.Required">false</entry> - <entry key="32.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="32.XmlType.LocalPart">D-2012-17-EUIdentifierType</entry> - <entry key="32.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="32.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="33.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LEI</entry> - <entry key="33.FriendlyName">RepresentativeLEI</entry> - <entry key="33.PersonType">RepresentativeLegalPerson</entry> - <entry key="33.Required">false</entry> - <entry key="33.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="33.XmlType.LocalPart">LEIType</entry> - <entry key="33.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="33.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="34.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/EORI</entry> - <entry key="34.FriendlyName">RepresentativeEORI</entry> - <entry key="34.PersonType">RepresentativeLegalPerson</entry> - <entry key="34.Required">false</entry> - <entry key="34.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="34.XmlType.LocalPart">EORIType</entry> - <entry key="34.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="34.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="35.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/SEED</entry> - <entry key="35.FriendlyName">RepresentativeSEED</entry> - <entry key="35.PersonType">RepresentativeLegalPerson</entry> - <entry key="35.Required">false</entry> - <entry key="35.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="35.XmlType.LocalPart">SEEDType</entry> - <entry key="35.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="35.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="36.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/SIC</entry> - <entry key="36.FriendlyName">RepresentativeSIC</entry> - <entry key="36.PersonType">RepresentativeLegalPerson</entry> - <entry key="36.Required">false</entry> - <entry key="36.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="36.XmlType.LocalPart">SICType</entry> - <entry key="36.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="36.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - <entry key="39.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalPersonAddress</entry> - <entry key="39.FriendlyName">RepresentativeLegalAddress</entry> - <entry key="39.PersonType">RepresentativeLegalPerson</entry> - <entry key="39.Required">false</entry> - <entry key="39.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="39.XmlType.LocalPart">LegalPersonAddressType</entry> - <entry key="39.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="39.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.RepvLegalAddressAttributeValueMarshaller</entry> - - <entry key="40.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/VATRegistrationNumber</entry> - <entry key="40.FriendlyName">RepresentativeVATRegistration</entry> - <entry key="40.PersonType">RepresentativeLegalPerson</entry> - <entry key="40.Required">false</entry> - <entry key="40.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> - <entry key="40.XmlType.LocalPart">VATRegistrationNumberType</entry> - <entry key="40.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> - <entry key="40.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> - - -</properties> diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties deleted file mode 100644 index a662379c..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties +++ /dev/null @@ -1,117 +0,0 @@ -## Basic service configuration -eidas.ms.context.url.prefix= -eidas.ms.context.url.request.validation=false - -eidas.ms.context.use.clustermode=true - -##Monitoring -eidas.ms.monitoring.eIDASNode.metadata.url= - - -##Specific logger configuration -eidas.ms.technicallog.write.MDS.into.techlog=true -eidas.ms.revisionlog.write.MDS.into.revisionlog=true -eidas.ms.revisionlog.logIPAddressOfUser=true - -##Directory for static Web content -eidas.ms.webcontent.static.directory=webcontent/ -eidas.ms.webcontent.templates=templates/ -eidas.ms.webcontent.properties=properties/messages - -## extended validation of pending-request Id's -eidas.ms.core.pendingrequestid.maxlifetime=300 -eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256 -eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret - -## eIDAS Ref. Implementation connector ### -eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector -eidas.ms.auth.eIDAS.node_v2.forward.endpoint= -eidas.ms.auth.eIDAS.node_v2.forward.method=POST -eidas.ms.auth.eIDAS.node_v2.countrycode=AT -eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.* -eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true -eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true -eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true -eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs=myNode - -eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high - -eidas.ms.auth.eIDAS.szrclient.useTestService=true -eidas.ms.auth.eIDAS.szrclient.endpoint.prod= -eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr -eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/..... -eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password= -eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path= -eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password= -eidas.ms.auth.eIDAS.szrclient.timeout.connection=15 -eidas.ms.auth.eIDAS.szrclient.timeout.response=30 -eidas.ms.auth.eIDAS.szrclient.params.vkz= - -eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation=false - - -eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s -eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair -eidas.ms.auth.eIDAS.authblock.keystore.path=./../keystore/teststore.jks -eidas.ms.auth.eIDAS.authblock.keystore.type=jks -eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair -eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s - - -#Raw eIDAS Id data storage -eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true - -eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true -eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true - -eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true -eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=true - -##without mandates -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true - -eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.4=PlaceOfBirth,false -eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.5=BirthName,false -eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.6=Gender,false -eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.7=CurrentAddress,false -eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.8=testtest,false - -##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT ----- -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.1=FamilyName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.2=FirstName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.3=DateOfBirth,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true - - -## PVP2 S-Profile end-point configuration -eidas.ms.pvp2.keystore.path=keys/..... -eidas.ms.pvp2.keystore.password= -eidas.ms.pvp2.key.metadata.alias= -eidas.ms.pvp2.key.metadata.password= -eidas.ms.pvp2.key.signing.alias= -eidas.ms.pvp2.key.signing.password= -eidas.ms.pvp2.metadata.validity=24 - -## Service Provider configuration -eidas.ms.sp.0.uniqueID= -eidas.ms.sp.0.pvp2.metadata.truststore= -eidas.ms.sp.0.pvp2.metadata.truststore.password= -eidas.ms.sp.0.newEidMode=true - -#eidas.ms.sp.0.friendlyName= -#eidas.ms.sp.0.pvp2.metadata.url= -#eidas.ms.sp.0.policy.allowed.requested.targets=.* -#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false - - -##only for advanced config -eidas.ms.configuration.sp.disableRegistrationRequirement= -eidas.ms.configuration.restrictions.baseID.spTransmission= -eidas.ms.configuration.auth.default.countrycode= -eidas.ms.configuration.pvp.scheme.validation= -eidas.ms.configuration.pvp.enable.entitycategories=
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_2.properties b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_2.properties deleted file mode 100644 index 7c5e5a40..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_2.properties +++ /dev/null @@ -1,114 +0,0 @@ -## Basic service configuration -eidas.ms.context.url.prefix= -eidas.ms.context.url.request.validation=false - -eidas.ms.context.use.clustermode=true - -##Monitoring -eidas.ms.monitoring.eIDASNode.metadata.url= - - -##Specific logger configuration -eidas.ms.technicallog.write.MDS.into.techlog=true -eidas.ms.revisionlog.write.MDS.into.revisionlog=true -eidas.ms.revisionlog.logIPAddressOfUser=true - -##Directory for static Web content -eidas.ms.webcontent.static.directory=webcontent/ -eidas.ms.webcontent.templates=templates/ -eidas.ms.webcontent.properties=properties/messages - -## extended validation of pending-request Id's -eidas.ms.core.pendingrequestid.maxlifetime=300 -eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256 -eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret - -## eIDAS Ref. Implementation connector ### -eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector -eidas.ms.auth.eIDAS.node_v2.forward.endpoint=http://test -eidas.ms.auth.eIDAS.node_v2.forward.method=GET -eidas.ms.auth.eIDAS.node_v2.countrycode=AT -#eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.* -eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true -eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true -eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=false - -eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high - -eidas.ms.auth.eIDAS.szrclient.useTestService=true -eidas.ms.auth.eIDAS.szrclient.endpoint.prod= -eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr -eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/..... -eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password= -eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path= -eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password= -eidas.ms.auth.eIDAS.szrclient.timeout.connection=15 -eidas.ms.auth.eIDAS.szrclient.timeout.response=30 -eidas.ms.auth.eIDAS.szrclient.params.vkz= - -eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation=false - - -eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s -eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair -eidas.ms.auth.eIDAS.authblock.keystore.path=./../keystore/teststore.jks -eidas.ms.auth.eIDAS.authblock.keystore.type=jks -eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair -eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s - - -#Raw eIDAS Id data storage -eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true - -eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true -eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true - -eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true -eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=true - -##without mandates -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true - -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.4=PlaceOfBirth,false -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.5=BirthName,false -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.6=Gender,false -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.7=CurrentAddress,false - -##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT ----- -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.1=FamilyName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.2=FirstName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.3=DateOfBirth,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true - - -## PVP2 S-Profile end-point configuration -eidas.ms.pvp2.keystore.path=keys/..... -eidas.ms.pvp2.keystore.password= -eidas.ms.pvp2.key.metadata.alias= -eidas.ms.pvp2.key.metadata.password= -eidas.ms.pvp2.key.signing.alias= -eidas.ms.pvp2.key.signing.password= -eidas.ms.pvp2.metadata.validity=24 - -## Service Provider configuration -eidas.ms.sp.0.uniqueID= -eidas.ms.sp.0.pvp2.metadata.truststore= -eidas.ms.sp.0.pvp2.metadata.truststore.password= - -#eidas.ms.sp.0.friendlyName= -#eidas.ms.sp.0.pvp2.metadata.url= -#eidas.ms.sp.0.policy.allowed.requested.targets=.* -#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false - - -##only for advanced config -eidas.ms.configuration.sp.disableRegistrationRequirement= -eidas.ms.configuration.restrictions.baseID.spTransmission= -eidas.ms.configuration.auth.default.countrycode= -eidas.ms.configuration.pvp.scheme.validation= -eidas.ms.configuration.pvp.enable.entitycategories=
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_3.properties b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_3.properties deleted file mode 100644 index c830d447..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_3.properties +++ /dev/null @@ -1,118 +0,0 @@ -## Basic service configuration -eidas.ms.context.url.prefix= -eidas.ms.context.url.request.validation=false - -eidas.ms.context.use.clustermode=true - -##Monitoring -eidas.ms.monitoring.eIDASNode.metadata.url= - - -##Specific logger configuration -eidas.ms.technicallog.write.MDS.into.techlog=true -eidas.ms.revisionlog.write.MDS.into.revisionlog=true -eidas.ms.revisionlog.logIPAddressOfUser=true - -##Directory for static Web content -eidas.ms.webcontent.static.directory=webcontent/ -eidas.ms.webcontent.templates=templates/ -eidas.ms.webcontent.properties=properties/messages - -## extended validation of pending-request Id's -eidas.ms.core.pendingrequestid.maxlifetime=300 -eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256 -eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret - -## eIDAS Ref. Implementation connector ### -eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector -eidas.ms.auth.eIDAS.node_v2.forward.endpoint=http://test.com/ -eidas.ms.auth.eIDAS.node_v2.forward.method=POST -eidas.ms.auth.eIDAS.node_v2.countrycode=AT -eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.* -eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true -eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true -eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true -eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs=myNode - -eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high - -eidas.ms.auth.eIDAS.szrclient.useTestService=true -eidas.ms.auth.eIDAS.szrclient.endpoint.prod= -eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr -eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/..... -eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password= -eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path= -eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password= -eidas.ms.auth.eIDAS.szrclient.timeout.connection=15 -eidas.ms.auth.eIDAS.szrclient.timeout.response=30 -eidas.ms.auth.eIDAS.szrclient.params.vkz= - -eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s -eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair -eidas.ms.auth.eIDAS.authblock.keystore.path=./../keystore/teststore.jks -eidas.ms.auth.eIDAS.authblock.keystore.type=jks -eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair -eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s - - -eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation=false - - -#Raw eIDAS Id data storage -eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true - -eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true -eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true - -eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true -eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=false - -##without mandates -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true - -eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.4=PlaceOfBirth,false -eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.5=BirthName,false -eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.6=Gender,false -eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.7=CurrentAddress,false -eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.8=testtest,false - -##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT ----- -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.1=FamilyName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.2=FirstName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.3=DateOfBirth,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true - - -## PVP2 S-Profile end-point configuration -eidas.ms.pvp2.keystore.path=keys/..... -eidas.ms.pvp2.keystore.password= -eidas.ms.pvp2.key.metadata.alias= -eidas.ms.pvp2.key.metadata.password= -eidas.ms.pvp2.key.signing.alias= -eidas.ms.pvp2.key.signing.password= -eidas.ms.pvp2.metadata.validity=24 - -## Service Provider configuration -eidas.ms.sp.0.uniqueID= -eidas.ms.sp.0.pvp2.metadata.truststore= -eidas.ms.sp.0.pvp2.metadata.truststore.password= -eidas.ms.sp.0.newEidMode=true - - -#eidas.ms.sp.0.friendlyName= -#eidas.ms.sp.0.pvp2.metadata.url= -#eidas.ms.sp.0.policy.allowed.requested.targets=.* -#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false - - -##only for advanced config -eidas.ms.configuration.sp.disableRegistrationRequirement= -eidas.ms.configuration.restrictions.baseID.spTransmission= -eidas.ms.configuration.auth.default.countrycode= -eidas.ms.configuration.pvp.scheme.validation= -eidas.ms.configuration.pvp.enable.entitycategories=
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_4.properties b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_4.properties deleted file mode 100644 index 01e72069..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_4.properties +++ /dev/null @@ -1,114 +0,0 @@ -## Basic service configuration -eidas.ms.context.url.prefix= -eidas.ms.context.url.request.validation=false - -eidas.ms.context.use.clustermode=true - -##Monitoring -eidas.ms.monitoring.eIDASNode.metadata.url= - - -##Specific logger configuration -eidas.ms.technicallog.write.MDS.into.techlog=true -eidas.ms.revisionlog.write.MDS.into.revisionlog=true -eidas.ms.revisionlog.logIPAddressOfUser=true - -##Directory for static Web content -eidas.ms.webcontent.static.directory=webcontent/ -eidas.ms.webcontent.templates=templates/ -eidas.ms.webcontent.properties=properties/messages - -## extended validation of pending-request Id's -eidas.ms.core.pendingrequestid.maxlifetime=300 -eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256 -eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret - -## eIDAS Ref. Implementation connector ### -eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector -eidas.ms.auth.eIDAS.node_v2.forward.endpoint=http://test -eidas.ms.auth.eIDAS.node_v2.forward.method=GET -eidas.ms.auth.eIDAS.node_v2.countrycode=AT -#eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.* -eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=false -eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true -eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=false - -eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high - -eidas.ms.auth.eIDAS.szrclient.useTestService=true -eidas.ms.auth.eIDAS.szrclient.endpoint.prod= -eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr -eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/..... -eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password= -eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path= -eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password= -eidas.ms.auth.eIDAS.szrclient.timeout.connection=15 -eidas.ms.auth.eIDAS.szrclient.timeout.response=30 -eidas.ms.auth.eIDAS.szrclient.params.vkz= - -eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation=false - - -eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s -eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair -eidas.ms.auth.eIDAS.authblock.keystore.path=./../keystore/teststore.jks -eidas.ms.auth.eIDAS.authblock.keystore.type=jks -eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair -eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s - - -#Raw eIDAS Id data storage -eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true - -eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true -eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true - -eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true -eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=true - -##without mandates -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true - -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.4=PlaceOfBirth,false -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.5=BirthName,false -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.6=Gender,false -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.7=CurrentAddress,false - -##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT ----- -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.1=FamilyName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.2=FirstName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.3=DateOfBirth,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true - - -## PVP2 S-Profile end-point configuration -eidas.ms.pvp2.keystore.path=keys/..... -eidas.ms.pvp2.keystore.password= -eidas.ms.pvp2.key.metadata.alias= -eidas.ms.pvp2.key.metadata.password= -eidas.ms.pvp2.key.signing.alias= -eidas.ms.pvp2.key.signing.password= -eidas.ms.pvp2.metadata.validity=24 - -## Service Provider configuration -eidas.ms.sp.0.uniqueID= -eidas.ms.sp.0.pvp2.metadata.truststore= -eidas.ms.sp.0.pvp2.metadata.truststore.password= - -#eidas.ms.sp.0.friendlyName= -#eidas.ms.sp.0.pvp2.metadata.url= -#eidas.ms.sp.0.policy.allowed.requested.targets=.* -#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false - - -##only for advanced config -eidas.ms.configuration.sp.disableRegistrationRequirement= -eidas.ms.configuration.restrictions.baseID.spTransmission= -eidas.ms.configuration.auth.default.countrycode= -eidas.ms.configuration.pvp.scheme.validation= -eidas.ms.configuration.pvp.enable.entitycategories=
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_de_attributes.properties b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_de_attributes.properties deleted file mode 100644 index 6b235667..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_de_attributes.properties +++ /dev/null @@ -1,116 +0,0 @@ -## Basic service configuration -eidas.ms.context.url.prefix= -eidas.ms.context.url.request.validation=false -eidas.ms.core.configRootDir=file:./src/test/resources/config/ - - -eidas.ms.context.use.clustermode=true - -##Monitoring -eidas.ms.monitoring.eIDASNode.metadata.url= - - -##Specific logger configuration -eidas.ms.technicallog.write.MDS.into.techlog=true -eidas.ms.revisionlog.write.MDS.into.revisionlog=true -eidas.ms.revisionlog.logIPAddressOfUser=true - -##Directory for static Web content -eidas.ms.webcontent.static.directory=webcontent/ -eidas.ms.webcontent.templates=templates/ -eidas.ms.webcontent.properties=properties/messages - -## extended validation of pending-request Id's -eidas.ms.core.pendingrequestid.maxlifetime=300 -eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256 -eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret - -## eIDAS Ref. Implementation connector ### -eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector -eidas.ms.auth.eIDAS.node_v2.forward.endpoint=http://test -eidas.ms.auth.eIDAS.node_v2.forward.method=GET -eidas.ms.auth.eIDAS.node_v2.countrycode=AT -#eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.* -eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true -eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true -eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true - -eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high - -eidas.ms.auth.eIDAS.szrclient.useTestService=true -eidas.ms.auth.eIDAS.szrclient.endpoint.prod= -eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr -eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/..... -eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password= -eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path= -eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password= -eidas.ms.auth.eIDAS.szrclient.timeout.connection=15 -eidas.ms.auth.eIDAS.szrclient.timeout.response=30 -eidas.ms.auth.eIDAS.szrclient.params.vkz= - -eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation=false - - -eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s -eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair -eidas.ms.auth.eIDAS.authblock.keystore.path=./../keystore/teststore.jks -eidas.ms.auth.eIDAS.authblock.keystore.type=jks -eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair -eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s - - -#Raw eIDAS Id data storage -eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true - -eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true -eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true - -eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true -eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=true - -##without mandates -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true - -eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.4=PlaceOfBirth,false -eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.5=BirthName,false -eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.6=Gender,false -eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.7=CurrentAddress,false - -##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT ----- -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.1=FamilyName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.2=FirstName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.3=DateOfBirth,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true - - -## PVP2 S-Profile end-point configuration -eidas.ms.pvp2.keystore.path=keys/..... -eidas.ms.pvp2.keystore.password= -eidas.ms.pvp2.key.metadata.alias= -eidas.ms.pvp2.key.metadata.password= -eidas.ms.pvp2.key.signing.alias= -eidas.ms.pvp2.key.signing.password= -eidas.ms.pvp2.metadata.validity=24 - -## Service Provider configuration -eidas.ms.sp.0.uniqueID= -eidas.ms.sp.0.pvp2.metadata.truststore= -eidas.ms.sp.0.pvp2.metadata.truststore.password= - -#eidas.ms.sp.0.friendlyName= -#eidas.ms.sp.0.pvp2.metadata.url= -#eidas.ms.sp.0.policy.allowed.requested.targets=.* -#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false - - -##only for advanced config -eidas.ms.configuration.sp.disableRegistrationRequirement= -eidas.ms.configuration.restrictions.baseID.spTransmission= -eidas.ms.configuration.auth.default.countrycode= -eidas.ms.configuration.pvp.scheme.validation= -eidas.ms.configuration.pvp.enable.entitycategories=
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/junit.jks b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/junit.jks Binary files differdeleted file mode 100644 index a18df332..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/junit.jks +++ /dev/null diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/signed_eidasBind.jws b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/signed_eidasBind.jws deleted file mode 100644 index f7c9a1c7..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/signed_eidasBind.jws +++ /dev/null @@ -1 +0,0 @@ -eyJ1cm46YXQuZ3YuZWlkOmJpbmR0eXBlIjoidXJuOmF0Lmd2LmVpZDplaWRhc0JpbmQiLCJhbGciOiJSUzUxMiIsIng1dCNTMjU2IjoiY3FtcXBHdWlnS0NRelVWX1doWURHU1EyNEx6Zkxtd0ZtUlNYQlNYR3o3byJ9.eyJ1cm46ZWlkZ3ZhdDphdHRyaWJ1dGVzLnZzei52YWx1ZSI6IjhEYWNBTUxVSFEiLCJ1cm46ZWlkZ3ZhdDphdHRyaWJ1dGVzLnVzZXIucHVia2V5cyI6WyI1NDZ5OEtXZ3R1V3F1dXVNdC9DUWhKem1pWXZ3bzR1QzhLZWxxdUtMc2VLbG1mQ2dtcnpscGFQd3A1K3Q2NjI4Il0sInVybjplaWRndmF0OmF0dHJpYnV0ZXMuZWlkLnN0YXR1cyI6InVybjplaWRndmF0OmVpZC5zdGF0dXMuZWlkYXMifQ.WiECS-E5RB-zQV3JW6-3B7op093QErqq3yS2S4YVFQq9XmYzTD8UKo63yaHa-2U2WFUbiwNI3OOkwNZIAedMZHHblZ0jzjGTb58zL4Yvm6sPSlq3TP5u0emiQdjIJNQmILE5ZYVOgSA-4MWLXAgRQEl2A1w8lHxptE6ya83GdhA0gP51-rY_536qvVuaZHrQ2Lpahl-lTIY1Zi6Knqj1yFdH-auqkLxB44l-XvMv9QryBZMAkkmiu8J598rzIJ2ifGyw4UqHDJZ53GKUpBbU_X23ZjsZ8B5ZapRTO9JGoEEW3rMDEO5_9cjWYOCn87-CA3bMNVbo1KN146UZGuZbyXuevLPznRkbCtXS--IE0SuuLBaowcktX2ggeeSzaq6UZW7hSmQnErVgxxfP16ijBu8yylo-PFbqgYFNT-Ca2rS8i1Cs0KdPTahYIRm4xLARahYLQbqA15medm7JSoz4tA468c_hcNzyG9aGoXYuw1F5kUrJkHl0IWdHkvSR8RWw
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_error_travelerdocexists.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_error_travelerdocexists.xml deleted file mode 100644 index d627ded2..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_error_travelerdocexists.xml +++ /dev/null @@ -1,6 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<SOAP-ENV:Fault xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"> - <faultcode xmlns:p344="urn:SZRServices" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">p344:F455</faultcode> - <faultstring>The travel document you sent to insert a person already exists for another person. Either check the document or have the person altered accordingly</faultstring> - <faultactor>urn:SZRServices</faultactor> -</SOAP-ENV:Fault> diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_valid_1.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_valid_1.xml deleted file mode 100644 index c376caef..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_valid_1.xml +++ /dev/null @@ -1,50 +0,0 @@ -<ns6:GetIdentityLinkEidasResponse xmlns="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:ns2="http://egov.gv.at/pvp1.xsd" xmlns:ns3="http://www.w3.org/2000/09/xmldsig#" xmlns:ns4="http://www.w3.org/2001/04/xmldsig-more#" xmlns:ns5="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:ns6="urn:SZRServices"><ns6:GetIdentityLinkReturn><ns6:PersonInfo><ns6:Person><Identification><Value>k+zDM1BVpN1WJO4x7ZQ3ng==</Value><Type>urn:publicid:gv.at:baseid</Type></Identification><Name><GivenName>Franz</GivenName><FamilyName>Mustermann</FamilyName></Name><Sex>unknown</Sex><DateOfBirth>1989-05-05</DateOfBirth></ns6:Person></ns6:PersonInfo><ns6:Assertion><saml:Assertion xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:si="http://www.w3.org/2001/XMLSchema-instance" AssertionID="szr.bmi.gv.at-AssertionID15650069652921" IssueInstant="2019-08-05T14:09:25+01:00" Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" MinorVersion="0"> - <saml:AttributeStatement> - <saml:Subject> - <saml:SubjectConfirmation> - <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod> - <saml:SubjectConfirmationData> - <pr:Person si:type="pr:PhysicalPersonType"><pr:Identification><pr:Value>k+zDM1BVpN1WJO4x7ZQ3ng==</pr:Value><pr:Type>urn:publicid:gv.at:baseid</pr:Type></pr:Identification><pr:Name><pr:GivenName>Hans</pr:GivenName><pr:FamilyName primary="undefined">Mustermann</pr:FamilyName></pr:Name><pr:DateOfBirth>1989-05-05</pr:DateOfBirth></pr:Person> - </saml:SubjectConfirmationData> - </saml:SubjectConfirmation> - </saml:Subject> - </saml:AttributeStatement> - <dsig:Signature> - <dsig:SignedInfo> - <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> - <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> - <dsig:Reference URI=""> - <dsig:Transforms> - <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> - <dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath> - </dsig:Transform> - <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> - </dsig:Transforms> - <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <dsig:DigestValue>GZjlsEXIhUPBSbOR1R8P4dzRJHE=</dsig:DigestValue> - </dsig:Reference> - <dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest"> - <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <dsig:DigestValue>lCnWsFICFg0ogj0Ha7++Y9gyOQg=</dsig:DigestValue> - </dsig:Reference> - </dsig:SignedInfo> - <dsig:SignatureValue> - a6tPfkdriEzAyQh2jU3/4j48baaPnY/i510OHx0vwHRvXLz80UyZzffdmtaRuk3iHVxgUMd9 - Ld0DLsRt6tFJiPLyBCo0QCuqaOwgTcuUI3Ku/oySpqMjqug3AMdrhxW2j41yQlzvkjiZTT4j - zQ9GHFnZnnob0+bBflqIjZOl4xc= - </dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIICTzCCAbigAwIBAgIBADANBgkqhkiG9w0BAQUFADATMREwDwYDVQQDEwhTWlJQRVJTQjAeFw0wNTA3MDEwMDAwMDBaFw00MDEyMzEyMzU5NTlaMBMxETAPBgNVBAMTCFNaUlBFUlNCMIIBHzANBgkqhkiG9w0BAQEFAAOCAQwAMIIBBwKBgQDGNmo9LOohefioGreKU6j6R05jUwHuddziSOQPolmMSXQG6NnnlLQaITv7BEmFj+EBqaOc+891wgZCRvNA2h+fHdJ69QXi/xjCovJI5SHh9jA+ssqhZ68iXOZHPq4WeegtYiYyJaRxWF+iPLqSm+bknS/KuBUcZol9SM3r6CMf0wKBgHytGrIelzc9ZN97VYXLkOJxi4TNSSj3Q/1TIC0s+HSzjbD694Y6ufINpR+IQm5epLTdXx9Dxv19bYnsLEIt0niMd2Cnm1DxXe8iNaDzpWec7fbRT6vDBwtTnyQkGfu2GGF3nSvVZ5AUDbLdAfZLOlbwsZmPnWU1zktSkLgKnT2XozIwMDAuBglghkgBhvhCAQ0EIRMfQ3JlYXRlZCBieSB6L09TIElDU0YgLSBIQ1I3NzgwIDANBgkqhkiG9w0BAQUFAAOBgQBwPc3l/Qf4myH8rsAAM5HqdCR68bMegWgNVxlPNl5DNJEE2hbPhIJ/K6TF6cjROYKDVuQ/+drtsZcrEOaqhqD3qw7MXAiT9GurV99YM/qTBsMy13yjU3LqeFX25Om8JlccGF5G+iHrVjfNQEUocGnGxCAPMlBvGwia4JjJcIPx7Q==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo> - <dsig:Object> - <dsig:Manifest Id="manifest"> - <dsig:Reference URI=""> - <dsig:Transforms> - <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> - <dsig:XPath>not(ancestor-or-self::dsig:Signature)</dsig:XPath> - </dsig:Transform> - </dsig:Transforms> - <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <dsig:DigestValue>SbpaaSlLolEX5D9P7HyTPnImvns=</dsig:DigestValue> - </dsig:Reference> - </dsig:Manifest> - </dsig:Object> - </dsig:Signature> -</saml:Assertion></ns6:Assertion><ns6:AdditionalInfo>ERN</ns6:AdditionalInfo></ns6:GetIdentityLinkReturn></ns6:GetIdentityLinkEidasResponse>
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_valid_2.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_valid_2.xml deleted file mode 100644 index f07c67d6..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_valid_2.xml +++ /dev/null @@ -1,50 +0,0 @@ -<ns6:GetIdentityLinkEidasResponse xmlns="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:ns2="http://egov.gv.at/pvp1.xsd" xmlns:ns3="http://www.w3.org/2000/09/xmldsig#" xmlns:ns4="http://www.w3.org/2001/04/xmldsig-more#" xmlns:ns5="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:ns6="urn:SZRServices"><ns6:GetIdentityLinkReturn><ns6:PersonInfo><ns6:Person><Identification><Value>k+zDM1BVpN1WJO4x7ZQ3ng==</Value><Type>urn:publicid:gv.at:baseid</Type></Identification><Name><GivenName>Franz</GivenName><FamilyName>Mustermann</FamilyName></Name><Sex>unknown</Sex><DateOfBirth>1989-05-05</DateOfBirth></ns6:Person></ns6:PersonInfo><ns6:Assertion><saml:Assertion xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:si="http://www.w3.org/2001/XMLSchema-instance" AssertionID="szr.bmi.gv.at-AssertionID15650069652921" IssueInstant="2019-08-05T14:09:25+01:00" Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" MinorVersion="0"> - <saml:AttributeStatement> - <saml:Subject> - <saml:SubjectConfirmation> - <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod> - <saml:SubjectConfirmationData> - <pr:Person si:type="pr:PhysicalPersonType"><pr:Identification><pr:Value>k+zDM1BV1312312332x7ZQ3ng==</pr:Value><pr:Type>urn:publicid:gv.at:baseid</pr:Type></pr:Identification><pr:Name><pr:GivenName>Martina</pr:GivenName><pr:FamilyName primary="undefined">Musterfrau</pr:FamilyName></pr:Name><pr:DateOfBirth>1991-04-15</pr:DateOfBirth></pr:Person> - </saml:SubjectConfirmationData> - </saml:SubjectConfirmation> - </saml:Subject> - </saml:AttributeStatement> - <dsig:Signature> - <dsig:SignedInfo> - <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> - <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> - <dsig:Reference URI=""> - <dsig:Transforms> - <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> - <dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath> - </dsig:Transform> - <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> - </dsig:Transforms> - <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <dsig:DigestValue>GZjlsEXIhUPBSbOR1R8P4dzRJHE=</dsig:DigestValue> - </dsig:Reference> - <dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest"> - <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <dsig:DigestValue>lCnWsFICFg0ogj0Ha7++Y9gyOQg=</dsig:DigestValue> - </dsig:Reference> - </dsig:SignedInfo> - <dsig:SignatureValue> - a6tPfkdriEzAyQh2jU3/4j48baaPnY/i510OHx0vwHRvXLz80UyZzffdmtaRuk3iHVxgUMd9 - Ld0DLsRt6tFJiPLyBCo0QCuqaOwgTcuUI3Ku/oySpqMjqug3AMdrhxW2j41yQlzvkjiZTT4j - zQ9GHFnZnnob0+bBflqIjZOl4xc= - </dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIICTzCCAbigAwIBAgIBADANBgkqhkiG9w0BAQUFADATMREwDwYDVQQDEwhTWlJQRVJTQjAeFw0wNTA3MDEwMDAwMDBaFw00MDEyMzEyMzU5NTlaMBMxETAPBgNVBAMTCFNaUlBFUlNCMIIBHzANBgkqhkiG9w0BAQEFAAOCAQwAMIIBBwKBgQDGNmo9LOohefioGreKU6j6R05jUwHuddziSOQPolmMSXQG6NnnlLQaITv7BEmFj+EBqaOc+891wgZCRvNA2h+fHdJ69QXi/xjCovJI5SHh9jA+ssqhZ68iXOZHPq4WeegtYiYyJaRxWF+iPLqSm+bknS/KuBUcZol9SM3r6CMf0wKBgHytGrIelzc9ZN97VYXLkOJxi4TNSSj3Q/1TIC0s+HSzjbD694Y6ufINpR+IQm5epLTdXx9Dxv19bYnsLEIt0niMd2Cnm1DxXe8iNaDzpWec7fbRT6vDBwtTnyQkGfu2GGF3nSvVZ5AUDbLdAfZLOlbwsZmPnWU1zktSkLgKnT2XozIwMDAuBglghkgBhvhCAQ0EIRMfQ3JlYXRlZCBieSB6L09TIElDU0YgLSBIQ1I3NzgwIDANBgkqhkiG9w0BAQUFAAOBgQBwPc3l/Qf4myH8rsAAM5HqdCR68bMegWgNVxlPNl5DNJEE2hbPhIJ/K6TF6cjROYKDVuQ/+drtsZcrEOaqhqD3qw7MXAiT9GurV99YM/qTBsMy13yjU3LqeFX25Om8JlccGF5G+iHrVjfNQEUocGnGxCAPMlBvGwia4JjJcIPx7Q==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo> - <dsig:Object> - <dsig:Manifest Id="manifest"> - <dsig:Reference URI=""> - <dsig:Transforms> - <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> - <dsig:XPath>not(ancestor-or-self::dsig:Signature)</dsig:XPath> - </dsig:Transform> - </dsig:Transforms> - <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <dsig:DigestValue>SbpaaSlLolEX5D9P7HyTPnImvns=</dsig:DigestValue> - </dsig:Reference> - </dsig:Manifest> - </dsig:Object> - </dsig:Signature> -</saml:Assertion></ns6:Assertion><ns6:AdditionalInfo>ERN</ns6:AdditionalInfo></ns6:GetIdentityLinkReturn></ns6:GetIdentityLinkEidasResponse>
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/keystore/teststore.jks b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/keystore/teststore.jks Binary files differdeleted file mode 100644 index fcc6400c..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/keystore/teststore.jks +++ /dev/null |