diff options
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2/src')
6 files changed, 412 insertions, 427 deletions
| diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java index f1987e33..f23d61db 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java @@ -14,7 +14,6 @@ import org.junit.Assert;  import org.junit.Before;  import org.junit.Test;  import org.junit.runner.RunWith; -import org.powermock.core.classloader.annotations.PrepareForTest;  import org.springframework.beans.factory.annotation.Autowired;  import org.springframework.mock.web.MockHttpServletRequest;  import org.springframework.mock.web.MockHttpServletResponse; @@ -47,7 +46,6 @@ import eu.eidas.auth.commons.tx.BinaryLightToken;  import eu.eidas.specificcommunication.exception.SpecificCommunicationException;  @RunWith(SpringJUnit4ClassRunner.class) -@PrepareForTest(CreateIdentityLinkTask.class)  @DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)  @ContextConfiguration(locations = {      "/SpringTest-context_tasks_test.xml", @@ -60,14 +58,14 @@ public class EidasSignalServletTest {    @Autowired private ITransactionStorage transStore;    @Autowired private DummyProtocolAuthService protAuthService;    @Autowired private DummySpecificCommunicationService connector; -   -   + +    private MockHttpServletRequest httpReq;    private MockHttpServletResponse httpResp;    private TestRequestImpl pendingReq;    private MsConnectorDummySpConfiguration oaParam; -   -    + +    /**     * jUnit test set-up.     */ @@ -77,7 +75,7 @@ public class EidasSignalServletTest {      httpResp = new MockHttpServletResponse();      RequestContextHolder.resetRequestAttributes();      RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); -     +      final Map<String, String> spConfig = new HashMap<>();      spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");      spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); @@ -91,51 +89,51 @@ public class EidasSignalServletTest {      pendingReq.setAuthUrl("http://test.com/");      pendingReq.setTransactionId("avaasbav");      pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); -    +      connector.setiLightResponse(null); -     -     + +    } -   +    @Test    public void noResponsToken() throws IOException, EaafException {      //set-up -          +      //execute test      controller.restoreEidasAuthProcess(httpReq, httpResp); -        +      //validate state      Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));      Assert.assertNotNull("missing error", protAuthService.getException()); -    Assert.assertEquals("Wrong errorId", "auth.26",  +    Assert.assertEquals("Wrong errorId", "auth.26",          ((EaafException) protAuthService.getException()).getErrorId()); -     +    } -   +    @Test    public void unknownResponseToken() throws IOException, EaafException {      //set-up -    httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),  +    httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),          RandomStringUtils.randomAlphanumeric(10)); -          +      //execute test      controller.restoreEidasAuthProcess(httpReq, httpResp); -        +      //validate state      Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));      Assert.assertNotNull("missing error", protAuthService.getException()); -    Assert.assertEquals("Wrong errorId", "auth.26",  +    Assert.assertEquals("Wrong errorId", "auth.26",          ((EaafException) protAuthService.getException()).getErrorId()); -     +    } -   +    @Test    public void withRelayState() throws IOException, EaafException, SpecificCommunicationException { -    //set-up                  -    String relayState = RandomStringUtils.randomAlphanumeric(10);     +    //set-up +    String relayState = RandomStringUtils.randomAlphanumeric(10);      pendingReq.setPendingReqId(relayState);      storage.storePendingRequest(pendingReq); -     +      Builder iLightResponse = new AuthenticationResponse.Builder();      iLightResponse.id("_".concat(Random.nextHexRandom16()))          .issuer(RandomStringUtils.randomAlphabetic(10)) @@ -144,37 +142,37 @@ public class EidasSignalServletTest {          .inResponseTo("_".concat(Random.nextHexRandom16()))          .subjectNameIdFormat("afaf")          .relayState(relayState); -      +      AuthenticationResponse eidasResp = iLightResponse.build(); -    BinaryLightToken token = connector.putResponse(eidasResp);     -    httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),  +    BinaryLightToken token = connector.putResponse(eidasResp); +    httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),          Base64.getEncoder().encodeToString(token.getTokenBytes())); -     +      //execute test      controller.restoreEidasAuthProcess(httpReq, httpResp); -        -     + +      //validate state      Assert.assertNotNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); -    Assert.assertEquals("wrong eIDAS response", eidasResp,  +    Assert.assertEquals("wrong eIDAS response", eidasResp,          httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); -     -    Assert.assertNotNull("missing error", protAuthService.getException());     -    Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'",  + +    Assert.assertNotNull("missing error", protAuthService.getException()); +    Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'",          ((EaafException) protAuthService.getException()).getErrorId()); -     +    } -   +    @Test    public void withOutRelayStateMissingPendingReq() throws IOException, EaafException, SpecificCommunicationException { -    //set-up                  -    String pendingReqId = RandomStringUtils.randomAlphanumeric(10);     +    //set-up +    String pendingReqId = RandomStringUtils.randomAlphanumeric(10);      pendingReq.setPendingReqId(pendingReqId);      storage.storePendingRequest(pendingReq); -     +      String inResponseTo = "_".concat(Random.nextHexRandom16()); -     +      Builder iLightResponse = new AuthenticationResponse.Builder();      iLightResponse.id("_".concat(Random.nextHexRandom16()))          .issuer(RandomStringUtils.randomAlphabetic(10)) @@ -182,35 +180,35 @@ public class EidasSignalServletTest {          .statusCode(Constants.SUCCESS_URI)          .inResponseTo(inResponseTo)          .subjectNameIdFormat("afaf"); -      +      AuthenticationResponse eidasResp = iLightResponse.build(); -    BinaryLightToken token = connector.putResponse(eidasResp);     -    httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),  +    BinaryLightToken token = connector.putResponse(eidasResp); +    httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),          Base64.getEncoder().encodeToString(token.getTokenBytes())); -     +      //execute test      controller.restoreEidasAuthProcess(httpReq, httpResp); -        -     + +      //validate state      Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));      Assert.assertNotNull("missing error", protAuthService.getException()); -    Assert.assertEquals("Wrong errorId", "auth.26",  +    Assert.assertEquals("Wrong errorId", "auth.26",          ((EaafException) protAuthService.getException()).getErrorId()); -     +    } -   +    @Test    public void withInResponseToElement() throws IOException, EaafException, SpecificCommunicationException { -    //set-up                  -    String pendingReqId = RandomStringUtils.randomAlphanumeric(10);     +    //set-up +    String pendingReqId = RandomStringUtils.randomAlphanumeric(10);      pendingReq.setPendingReqId(pendingReqId);      storage.storePendingRequest(pendingReq); -             +      String inResponseTo = "_".concat(Random.nextHexRandom16());      transStore.put(inResponseTo, pendingReqId, -1); -     +      Builder iLightResponse = new AuthenticationResponse.Builder();      iLightResponse.id("_".concat(Random.nextHexRandom16()))          .issuer(RandomStringUtils.randomAlphabetic(10)) @@ -218,26 +216,26 @@ public class EidasSignalServletTest {          .statusCode(Constants.SUCCESS_URI)          .inResponseTo(inResponseTo)          .subjectNameIdFormat("afaf"); -      +      AuthenticationResponse eidasResp = iLightResponse.build(); -    BinaryLightToken token = connector.putResponse(eidasResp);     -    httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),  +    BinaryLightToken token = connector.putResponse(eidasResp); +    httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),          Base64.getEncoder().encodeToString(token.getTokenBytes())); -     +      //execute test      controller.restoreEidasAuthProcess(httpReq, httpResp); -        -     + +      //validate state      Assert.assertNotNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); -    Assert.assertEquals("wrong eIDAS response", eidasResp,  +    Assert.assertEquals("wrong eIDAS response", eidasResp,          httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); -     -    Assert.assertNotNull("missing error", protAuthService.getException());     -    Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'",  + +    Assert.assertNotNull("missing error", protAuthService.getException()); +    Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'",          ((EaafException) protAuthService.getException()).getErrorId()); -     +    } -   +  } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java index 2e6790c5..c29c82c7 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java @@ -4,7 +4,7 @@ import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CON  import static org.mockito.ArgumentMatchers.any;  import static org.mockito.Mockito.times;  import static org.mockito.Mockito.verify; -import static org.powermock.api.mockito.PowerMockito.when; +import static org.mockito.Mockito.when;  import java.net.URISyntaxException;  import java.security.KeyStore; @@ -28,7 +28,6 @@ import org.junit.Rule;  import org.junit.Test;  import org.junit.runner.RunWith;  import org.mockito.ArgumentCaptor; -import org.powermock.core.classloader.annotations.PrepareForTest;  import org.springframework.beans.factory.annotation.Autowired;  import org.springframework.mock.web.MockHttpServletRequest;  import org.springframework.mock.web.MockHttpServletResponse; @@ -80,7 +79,6 @@ import szrservices.SignContentEntry;  import szrservices.SignContentResponseType;  @RunWith(SpringJUnit4ClassRunner.class) -@PrepareForTest(CreateIdentityLinkTask.class)  @DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)  @ContextConfiguration(locations = {      "/SpringTest-context_tasks_test.xml", @@ -117,9 +115,9 @@ public class CreateIdentityLinkTaskEidNewTest {            AlgorithmIdentifiers.RSA_PSS_USING_SHA512));    private static ObjectMapper mapper = new ObjectMapper(); -   +    private AuthenticationResponse response; -   +    @Rule    public final SoapServiceRule soap = SoapServiceRule.newInstance(); @@ -133,9 +131,9 @@ public class CreateIdentityLinkTaskEidNewTest {      httpResp = new MockHttpServletResponse();      RequestContextHolder.resetRequestAttributes();      RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); -        +      basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); -     +      final Map<String, String> spConfig = new HashMap<>();      spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");      spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); @@ -147,13 +145,13 @@ public class CreateIdentityLinkTaskEidNewTest {      pendingReq.getSessionData(AuthProcessDataWrapper.class)          .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); -     +      pendingReq.setSpConfig(oaParam);      pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());      pendingReq.setAuthUrl("http://test.com/");      pendingReq.setTransactionId("avaasbav");      pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); -         +      executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "XX");      executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true); @@ -166,26 +164,26 @@ public class CreateIdentityLinkTaskEidNewTest {      response = buildDummyAuthResponse(true);      pendingReq.getSessionData(AuthProcessDataWrapper.class)          .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); -     +      String vsz = RandomStringUtils.randomNumeric(10); -    when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz); +    when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(vsz);      val signContentResp = new SignContentResponseType();      final SignContentEntry signContentEntry = new SignContentEntry();      signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10));      signContentResp.getOut().add(signContentEntry); -    when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp); +    when(szrMock.signContent(any(), any(), any())).thenReturn(signContentResp);      String randomTestSp = RandomStringUtils.randomAlphabetic(10);      pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); -     +      //perform test      task.execute(pendingReq, executionContext); -    //validate state     +    //validate state      // check if pendingRequest was stored      IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());      Assert.assertNotNull("pendingReq not stored", storedPendingReq); -     +      //check data in session      final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);      Assert.assertNotNull("AuthProcessData", authProcessData); @@ -193,16 +191,16 @@ public class CreateIdentityLinkTaskEidNewTest {      String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);      Assert.assertNotNull("AuthBlock", authBlock); -     +      Assert.assertTrue("EID process", authProcessData.isEidProcess());      Assert.assertTrue("foreigner process", authProcessData.isForeigner()); -    Assert.assertEquals("EID-ISSUING_NATION", "LU",  +    Assert.assertEquals("EID-ISSUING_NATION", "LU",          authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));      Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); -    Assert.assertEquals("LoA", response.getLevelOfAssurance(),  +    Assert.assertEquals("LoA", response.getLevelOfAssurance(),          authProcessData.getQaaLevel()); -         -     + +      // check authblock signature      final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT,          BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.toArray(new String[BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.size()])); @@ -210,59 +208,59 @@ public class CreateIdentityLinkTaskEidNewTest {      X509Certificate[] trustedCerts = EaafKeyStoreUtils          .getPrivateKeyAndCertificates(keyStore.getFirst(), ALIAS, PW.toCharArray(), true, "junit").getSecond();      JwsResult result = JoseUtils.validateSignature(authBlock, Arrays.asList(trustedCerts), constraints); -    Assert.assertTrue("AuthBlock not valid", result.isValid());         -    JsonNode authBlockJson = mapper.readTree(result.getPayLoad());     +    Assert.assertTrue("AuthBlock not valid", result.isValid()); +    JsonNode authBlockJson = mapper.readTree(result.getPayLoad());      Assert.assertNotNull("deserialized AuthBlock", authBlockJson); -     -    Assert.assertNotNull("no piiTransactionId in pendingRequesdt",  + +    Assert.assertNotNull("no piiTransactionId in pendingRequesdt",          storedPendingReq.getUniquePiiTransactionIdentifier()); -    Assert.assertEquals("piiTransactionId", storedPendingReq.getUniquePiiTransactionIdentifier(),  +    Assert.assertEquals("piiTransactionId", storedPendingReq.getUniquePiiTransactionIdentifier(),          authBlockJson.get("piiTransactionId").asText()); -    Assert.assertEquals("appId", randomTestSp, authBlockJson.get("appId").asText());     +    Assert.assertEquals("appId", randomTestSp, authBlockJson.get("appId").asText());      Assert.assertFalse("'challenge' is null", authBlockJson.get("challenge").asText().isEmpty());      Assert.assertFalse("'timestamp' is null", authBlockJson.get("timestamp").asText().isEmpty()); -     -     + +      // check vsz request      ArgumentCaptor<PersonInfoType> argument4 = ArgumentCaptor.forClass(PersonInfoType.class); -    ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class);         +    ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class);      verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture()); -     +      Boolean param5 = argument5.getValue(); -    Assert.assertTrue("insertERnP flag", param5);     +    Assert.assertTrue("insertERnP flag", param5);      PersonInfoType person = argument4.getValue(); -    Assert.assertEquals("FamilyName",  +    Assert.assertEquals("FamilyName",          response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue( -            response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()),  +            response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()),          person.getPerson().getName().getFamilyName()); -    Assert.assertEquals("GivenName",  +    Assert.assertEquals("GivenName",          response.getAttributes().getAttributeValuesByFriendlyName("FirstName").getFirstValue( -            response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()),  +            response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()),          person.getPerson().getName().getGivenName()); -    Assert.assertEquals("DateOfBirth",  +    Assert.assertEquals("DateOfBirth",          response.getAttributes().getAttributeValuesByFriendlyName("DateOfBirth").getFirstValue(              response.getAttributes().getDefinitionsByFriendlyName("DateOfBirth").iterator().next()) -            .toString().split("T")[0],  +            .toString().split("T")[0],          person.getPerson().getDateOfBirth()); -     -    Assert.assertEquals("PlaceOfBirth",  + +    Assert.assertEquals("PlaceOfBirth",          response.getAttributes().getAttributeValuesByFriendlyName("PlaceOfBirth").getFirstValue( -            response.getAttributes().getDefinitionsByFriendlyName("PlaceOfBirth").iterator().next()),  -        person.getPerson().getPlaceOfBirth());     -    Assert.assertEquals("BirthName",  +            response.getAttributes().getDefinitionsByFriendlyName("PlaceOfBirth").iterator().next()), +        person.getPerson().getPlaceOfBirth()); +    Assert.assertEquals("BirthName",          response.getAttributes().getAttributeValuesByFriendlyName("BirthName").getFirstValue( -            response.getAttributes().getDefinitionsByFriendlyName("BirthName").iterator().next()),  +            response.getAttributes().getDefinitionsByFriendlyName("BirthName").iterator().next()),          person.getPerson().getAlternativeName().getFamilyName()); -     +      Assert.assertEquals("CitizenCountry", "LU", person.getTravelDocument().getIssuingCountry());      Assert.assertEquals("DocumentType", "ELEKTR_DOKUMENT", person.getTravelDocument().getDocumentType()); -     -    Assert.assertEquals("Identifier",  + +    Assert.assertEquals("Identifier",          response.getAttributes().getAttributeValuesByFriendlyName("PersonIdentifier").getFirstValue(              response.getAttributes().getDefinitionsByFriendlyName("PersonIdentifier").iterator().next()) -            .toString().split("/")[2],  +            .toString().split("/")[2],          person.getTravelDocument().getDocumentNumber()); -            +      // check bcBind singing request      ArgumentCaptor<Boolean> argument1 = ArgumentCaptor.forClass(Boolean.class);      ArgumentCaptor<List<JwsHeaderParam>> argument2 = ArgumentCaptor.forClass(List.class); @@ -270,60 +268,60 @@ public class CreateIdentityLinkTaskEidNewTest {      verify(szrMock, times(1)).signContent(argument1.capture(), argument2.capture(), argument3.capture());      Boolean param1 = argument1.getValue();      Assert.assertFalse("addCert flag", param1); -     +      List<JwsHeaderParam> param2 = argument2.getValue(); -    Assert.assertNotNull("JWS Headers", param2);  +    Assert.assertNotNull("JWS Headers", param2);      Assert.assertFalse("JWS Headers empty", param2.isEmpty());      Assert.assertEquals("Wrong JWS header size", 1, param2.size());      Assert.assertEquals("Missing JWS header key", "urn:at.gv.eid:bindtype", param2.get(0).getKey());      Assert.assertEquals("Missing JWS header value", "urn:at.gv.eid:eidasBind", param2.get(0).getValue()); -     +      List<SignContentEntry> param3 = argument3.getValue();      Assert.assertNotNull("sign Payload", param3); -    Assert.assertEquals("wrong sign-payload size", 1, param3.size());     -    Assert.assertNotNull("payload", param3.get(0).getValue().getBytes());     +    Assert.assertEquals("wrong sign-payload size", 1, param3.size()); +    Assert.assertNotNull("payload", param3.get(0).getValue().getBytes());      JsonNode bcBind = mapper.readTree(param3.get(0).getValue().getBytes());      Assert.assertNotNull("bcbind req", bcBind); -     +      Assert.assertEquals("vsz", vsz, bcBind.get("urn:eidgvat:attributes.vsz.value").asText()); -    Assert.assertEquals("eid status", "urn:eidgvat:eid.status.eidas",  +    Assert.assertEquals("eid status", "urn:eidgvat:eid.status.eidas",          bcBind.get("urn:eidgvat:attributes.eid.status").asText());      Assert.assertTrue("pubKeys", bcBind.has("urn:eidgvat:attributes.user.pubkeys")); -    Assert.assertTrue("pubKeys", bcBind.get("urn:eidgvat:attributes.user.pubkeys").isArray());     +    Assert.assertTrue("pubKeys", bcBind.get("urn:eidgvat:attributes.user.pubkeys").isArray());      Iterator<JsonNode> pubKeys = bcBind.get("urn:eidgvat:attributes.user.pubkeys").elements();      Assert.assertTrue("No PubKey", pubKeys.hasNext()); -    Assert.assertEquals("Wrong pubKey",  +    Assert.assertEquals("Wrong pubKey",          "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxcB5jnrAwGn7xjgVFv1UBUv1pluwDRFQx7x5O6rSn7pblYfwaWeKa8y"          + "jS5BDDaZ00mhhnSlm2XByNrkg5yBGetTgBGtQVAxV5apfuAWN8TS3uSXgdZol7Khd6kraUITtnulvLe8tNaboom5P0zN6UxbJN"          + "NVLishVp80HiRXiDbplCTUk8b5cYtmivdb0+5JBTa7L5N/anRVnHHoJCXgNPTouO8daUHZbG1mPk0HgqD8rhZ+OBzE+APKH9No" -        + "agedSrGRDLdIgZxkrg0mxmfsZQIi2wdJSi3y0PAjEps/s4j0nmw9bPRgCMNLBqqjxtN5JKC8E1yyLm7YefXv/nPaMwIDAQAB",  +        + "agedSrGRDLdIgZxkrg0mxmfsZQIi2wdJSi3y0PAjEps/s4j0nmw9bPRgCMNLBqqjxtN5JKC8E1yyLm7YefXv/nPaMwIDAQAB",          pubKeys.next().asText());      Assert.assertFalse("More than one PubKey", pubKeys.hasNext()); -     +    }    @Test    public void successfulProcessWithStandardInfos() throws Exception { -    //initialize test     +    //initialize test      String vsz = RandomStringUtils.randomNumeric(10); -    when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz); +    when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(vsz);      val signContentResp = new SignContentResponseType();      final SignContentEntry signContentEntry = new SignContentEntry();      signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10));      signContentResp.getOut().add(signContentEntry); -    when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp); +    when(szrMock.signContent(any(), any(), any())).thenReturn(signContentResp);      String randomTestSp = RandomStringUtils.randomAlphabetic(10);      pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); -     +      //perform test      task.execute(pendingReq, executionContext); -    //validate state     +    //validate state      // check if pendingRequest was stored      IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());      Assert.assertNotNull("pendingReq not stored", storedPendingReq); -     +      //check data in session      final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);      Assert.assertNotNull("AuthProcessData", authProcessData); @@ -331,56 +329,56 @@ public class CreateIdentityLinkTaskEidNewTest {      String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);      Assert.assertNotNull("AuthBlock", authBlock); -     +      Assert.assertTrue("EID process", authProcessData.isEidProcess());      Assert.assertTrue("foreigner process", authProcessData.isForeigner()); -    Assert.assertEquals("EID-ISSUING_NATION", "LU",  +    Assert.assertEquals("EID-ISSUING_NATION", "LU",          authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));      Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); -    Assert.assertEquals("LoA", response.getLevelOfAssurance(),  +    Assert.assertEquals("LoA", response.getLevelOfAssurance(),          authProcessData.getQaaLevel()); -       +      // check vsz request      ArgumentCaptor<PersonInfoType> argument4 = ArgumentCaptor.forClass(PersonInfoType.class); -    ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class);         +    ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class);      verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture()); -     +      Boolean param5 = argument5.getValue(); -    Assert.assertTrue("insertERnP flag", param5);     +    Assert.assertTrue("insertERnP flag", param5);      PersonInfoType person = argument4.getValue(); -    Assert.assertEquals("FamilyName",  +    Assert.assertEquals("FamilyName",          response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue( -            response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()),  +            response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()),          person.getPerson().getName().getFamilyName()); -    Assert.assertEquals("GivenName",  +    Assert.assertEquals("GivenName",          response.getAttributes().getAttributeValuesByFriendlyName("FirstName").getFirstValue( -            response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()),  +            response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()),          person.getPerson().getName().getGivenName()); -    Assert.assertEquals("DateOfBirth",  +    Assert.assertEquals("DateOfBirth",          response.getAttributes().getAttributeValuesByFriendlyName("DateOfBirth").getFirstValue(              response.getAttributes().getDefinitionsByFriendlyName("DateOfBirth").iterator().next()) -            .toString().split("T")[0],  +            .toString().split("T")[0],          person.getPerson().getDateOfBirth()); -     -    Assert.assertNull("PlaceOfBirth", person.getPerson().getPlaceOfBirth());      + +    Assert.assertNull("PlaceOfBirth", person.getPerson().getPlaceOfBirth());      Assert.assertNull("BirthName", person.getPerson().getAlternativeName()); -     +      Assert.assertEquals("CitizenCountry", "LU", person.getTravelDocument().getIssuingCountry());      Assert.assertEquals("DocumentType", "ELEKTR_DOKUMENT", person.getTravelDocument().getDocumentType()); -     -    Assert.assertEquals("Identifier",  + +    Assert.assertEquals("Identifier",          response.getAttributes().getAttributeValuesByFriendlyName("PersonIdentifier").getFirstValue(              response.getAttributes().getDefinitionsByFriendlyName("PersonIdentifier").iterator().next()) -            .toString().split("/")[2],  +            .toString().split("/")[2],          person.getTravelDocument().getDocumentNumber()); -            -    + +    } -   +    @Test    public void getStammzahlEncryptedExceptionTest() throws Exception {      try { -      when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(null); +      when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(null);        task.execute(pendingReq, executionContext);      } catch (TaskExecutionException e) {        Assert.assertEquals("Incorrect exception thrown", e.getMessage(), @@ -394,8 +392,8 @@ public class CreateIdentityLinkTaskEidNewTest {    @Test    public void signContentExceptionTest() throws Exception {      try { -      when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(RandomStringUtils.randomNumeric(10)); -      when(szrMock, "signContent", any(), any(), any()).thenReturn(null); +      when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(RandomStringUtils.randomNumeric(10)); +      when(szrMock.signContent(any(), any(), any())).thenReturn(null);        task.execute(pendingReq, executionContext);      } catch (TaskExecutionException e) {        Assert.assertEquals("Incorrect exception thrown", e.getMessage(), @@ -442,7 +440,7 @@ public class CreateIdentityLinkTaskEidNewTest {          Constants.eIDAS_ATTR_PLACEOFBIRTH).first();      final AttributeDefinition attributeDef6 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(          Constants.eIDAS_ATTR_BIRTHNAME).first(); -    +      final Builder attributeMap = ImmutableAttributeMap.builder();      attributeMap.put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64));      attributeMap.put(attributeDef2, RandomStringUtils.randomAlphabetic(10)); @@ -451,7 +449,7 @@ public class CreateIdentityLinkTaskEidNewTest {      if (withAll) {        attributeMap.put(attributeDef5, RandomStringUtils.randomAlphabetic(10));        attributeMap.put(attributeDef6, RandomStringUtils.randomAlphabetic(10)); -       +      }      val b = new AuthenticationResponse.Builder(); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java index 8c7558dd..4d52566d 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java @@ -18,7 +18,6 @@ import org.junit.Before;  import org.junit.Rule;  import org.junit.Test;  import org.junit.runner.RunWith; -import org.powermock.core.classloader.annotations.PrepareForTest;  import org.springframework.beans.factory.annotation.Autowired;  import org.springframework.mock.web.MockHttpServletRequest;  import org.springframework.mock.web.MockHttpServletResponse; @@ -62,7 +61,6 @@ import szrservices.SZR;  import szrservices.SZRException_Exception;  @RunWith(SpringJUnit4ClassRunner.class) -@PrepareForTest(CreateIdentityLinkTask.class)  @DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)  @ContextConfiguration(locations = {      "/SpringTest-context_tasks_test.xml", @@ -89,10 +87,10 @@ public class CreateIdentityLinkTaskTest {    private TestRequestImpl pendingReq;    private DummySpConfiguration oaParam;    private SZR szrMock; -   +    private AuthenticationResponse response;    private Map<String, String> spConfig; -   +    @Rule    public final SoapServiceRule soap = SoapServiceRule.newInstance(); @@ -110,7 +108,7 @@ public class CreateIdentityLinkTaskTest {      basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");      basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "false");      basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "false"); -     +      spConfig = new HashMap<>();      spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");      spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); @@ -127,34 +125,34 @@ public class CreateIdentityLinkTaskTest {      pendingReq.setAuthUrl("http://test.com/");      pendingReq.setTransactionId("avaasbav");      pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); -         +      executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "XX");      executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true);      szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr");    } -     +    @Test    public void buildIdentityLink() throws Exception { -    //initialize test    +    //initialize test      setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml"); -      +      String randomTestSp = RandomStringUtils.randomAlphabetic(10);      pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); -        +      basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); -     -     + +      //perform test      task.execute(pendingReq, executionContext); -     -    //validate state     + +    //validate state      // check if pendingRequest was stored      IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());      Assert.assertNotNull("pendingReq not stored", storedPendingReq); -     +      //check data in session      final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);      Assert.assertNotNull("AuthProcessData", authProcessData); @@ -162,15 +160,15 @@ public class CreateIdentityLinkTaskTest {      String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);      Assert.assertNull("AuthBlock", authBlock); -     +      Assert.assertFalse("EID process", authProcessData.isEidProcess());      Assert.assertTrue("foreigner process", authProcessData.isForeigner()); -    Assert.assertEquals("EID-ISSUING_NATION", "LU",  +    Assert.assertEquals("EID-ISSUING_NATION", "LU",          authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));      Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); -    Assert.assertEquals("LoA", response.getLevelOfAssurance(),  +    Assert.assertEquals("LoA", response.getLevelOfAssurance(),          authProcessData.getQaaLevel()); -         +      Assert.assertNotNull("IDL", authProcessData.getIdentityLink());      checkElement("Mustermann", authProcessData.getIdentityLink().getFamilyName());      checkElement("Hans", authProcessData.getIdentityLink().getGivenName()); @@ -178,35 +176,35 @@ public class CreateIdentityLinkTaskTest {      checkElement("urn:publicid:gv.at:baseid", authProcessData.getIdentityLink().getIdentificationType());      checkElement("k+zDM1BVpN1WJO4x7ZQ3ng==", authProcessData.getIdentityLink().getIdentificationValue());      Assert.assertNotNull(authProcessData.getIdentityLink().getSerializedSamlAssertion()); -    Assert.assertNotNull(authProcessData.getIdentityLink().getSamlAssertion());     -    +    Assert.assertNotNull(authProcessData.getIdentityLink().getSamlAssertion()); +      Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); -    Assert.assertEquals("wrong bPK", "XX:FkXtOaSSeR3elyL9KLLvijIYDMU=",  +    Assert.assertEquals("wrong bPK", "XX:FkXtOaSSeR3elyL9KLLvijIYDMU=",          authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); -     +    } -   +    @Test    public void buildIdentityLinkWithWbpk() throws Exception {      //initialize test      setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");      spConfig.put("target", EaafConstants.URN_PREFIX_WBPK + "FN+123456i"); -     +      String randomTestSp = RandomStringUtils.randomAlphabetic(10);      pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); -        +      basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");      basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true"); -     +      //perform test      task.execute(pendingReq, executionContext); -     -    //validate state     + +    //validate state      // check if pendingRequest was stored      IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());      Assert.assertNotNull("pendingReq not stored", storedPendingReq); -     +      //check data in session      final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);      Assert.assertNotNull("AuthProcessData", authProcessData); @@ -214,42 +212,42 @@ public class CreateIdentityLinkTaskTest {      String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);      Assert.assertNull("AuthBlock", authBlock); -     +      Assert.assertFalse("EID process", authProcessData.isEidProcess());      Assert.assertTrue("foreigner process", authProcessData.isForeigner()); -    Assert.assertEquals("EID-ISSUING_NATION", "LU",  +    Assert.assertEquals("EID-ISSUING_NATION", "LU",          authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));      Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); -    Assert.assertEquals("LoA", response.getLevelOfAssurance(),  +    Assert.assertEquals("LoA", response.getLevelOfAssurance(),          authProcessData.getQaaLevel()); -    +      Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); -    Assert.assertEquals("wrong bPK", "FN+123456i:D26vJncPS2W790RH/LP04V+vNOQ=",  +    Assert.assertEquals("wrong bPK", "FN+123456i:D26vJncPS2W790RH/LP04V+vNOQ=",          authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); -     +    } -   +    @Test    public void buildIdentityLinkWithEidasBpk() throws Exception {      //initialize test      setSzrResponseIdentityLink("/data/szr/szr_resp_valid_2.xml");      spConfig.put("target", EaafConstants.URN_PREFIX_EIDAS + "AT+EU"); -     +      String randomTestSp = RandomStringUtils.randomAlphabetic(10);      pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); -        +      basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");      basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true"); -     +      //perform test      task.execute(pendingReq, executionContext); -     -    //validate state     + +    //validate state      // check if pendingRequest was stored      IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());      Assert.assertNotNull("pendingReq not stored", storedPendingReq); -     +      //check data in session      final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);      Assert.assertNotNull("AuthProcessData", authProcessData); @@ -257,80 +255,80 @@ public class CreateIdentityLinkTaskTest {      String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);      Assert.assertNull("AuthBlock", authBlock); -     +      Assert.assertFalse("EID process", authProcessData.isEidProcess());      Assert.assertTrue("foreigner process", authProcessData.isForeigner()); -    Assert.assertEquals("EID-ISSUING_NATION", "LU",  +    Assert.assertEquals("EID-ISSUING_NATION", "LU",          authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));      Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); -    Assert.assertEquals("LoA", response.getLevelOfAssurance(),  +    Assert.assertEquals("LoA", response.getLevelOfAssurance(),          authProcessData.getQaaLevel()); -    +      Assert.assertNotNull("IDL", authProcessData.getIdentityLink());      checkElement("Musterfrau", authProcessData.getIdentityLink().getFamilyName());      checkElement("Martina", authProcessData.getIdentityLink().getGivenName());      checkElement("1991-04-15", authProcessData.getIdentityLink().getDateOfBirth());      checkElement("urn:publicid:gv.at:baseid", authProcessData.getIdentityLink().getIdentificationType());      checkElement("k+zDM1BV1312312332x7ZQ3ng==", authProcessData.getIdentityLink().getIdentificationValue()); -     +      Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); -    Assert.assertEquals("wrong bPK", "AT+EU:AT/EU/1+wqDl059/02Ptny0g+LyuLDJV0=",  +    Assert.assertEquals("wrong bPK", "AT+EU:AT/EU/1+wqDl059/02Ptny0g+LyuLDJV0=",          authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); -     +    } -   +    @Test    public void buildIdentityLinkWithUnknownBpk() throws Exception {      //initialize test      setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");      spConfig.put("target", "urn:notextis:1234"); -     +      String randomTestSp = RandomStringUtils.randomAlphabetic(10);      pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); -        +      basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");      basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true"); -     +      try {        task.execute(pendingReq, executionContext);        Assert.fail("unknown bPKType not detected"); -       +      } catch (TaskExecutionException e) { -      Assert.assertEquals("ErrorId", "builder.33",  +      Assert.assertEquals("ErrorId", "builder.33",            ((EaafException) e.getOriginalException()).getErrorId());        Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())            .getParams().length); -    }       +    }    } -   +    @Test    public void noBpkResult() throws Exception {      //initialize test      setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");      GetBPKResponse getBpkResp = new GetBPKResponse();      org.mockito.Mockito.when(szrMock.getBPK(any(GetBPK.class))).thenReturn(getBpkResp ); -     +      spConfig.put("target", "urn:notextis:1234"); -     +      String randomTestSp = RandomStringUtils.randomAlphabetic(10);      pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); -        +      basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");      basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");      basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "true"); -     +      try {        task.execute(pendingReq, executionContext);        Assert.fail("unknown bPKType not detected"); -       +      } catch (TaskExecutionException e) { -      Assert.assertEquals("ErrorId", "ernb.01",  +      Assert.assertEquals("ErrorId", "ernb.01",            ((EaafException) e.getOriginalException()).getErrorId()); -       -    }       + +    }    } -   +    @Test    public void bPKFromSzr() throws Exception {      //initialize test @@ -339,25 +337,25 @@ public class CreateIdentityLinkTaskTest {      GetBPKResponse getBpkResp = new GetBPKResponse();      getBpkResp.getGetBPKReturn().add(bpk);      org.mockito.Mockito.when(szrMock.getBPK(any(GetBPK.class))).thenReturn(getBpkResp ); -     +      spConfig.put("target", "urn:notextis:1234"); -     +      String randomTestSp = RandomStringUtils.randomAlphabetic(10);      pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); -        +      basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");      basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");      basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "true"); -     +      //execute test        task.execute(pendingReq, executionContext); -      -       -      //validate state     + + +      //validate state        // check if pendingRequest was stored        IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());        Assert.assertNotNull("pendingReq not stored", storedPendingReq); -       +        //check data in session        final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);        Assert.assertNotNull("AuthProcessData", authProcessData); @@ -365,38 +363,38 @@ public class CreateIdentityLinkTaskTest {        String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);        Assert.assertNull("AuthBlock", authBlock); -       +        Assert.assertFalse("EID process", authProcessData.isEidProcess());        Assert.assertTrue("foreigner process", authProcessData.isForeigner()); -      Assert.assertEquals("EID-ISSUING_NATION", "LU",  +      Assert.assertEquals("EID-ISSUING_NATION", "LU",            authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));        Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); -      Assert.assertEquals("LoA", response.getLevelOfAssurance(),  +      Assert.assertEquals("LoA", response.getLevelOfAssurance(),            authProcessData.getQaaLevel()); -       +        Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); -      Assert.assertEquals("wrong bPK", bpk,  +      Assert.assertEquals("wrong bPK", bpk,            authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));    } -   +    @Test    public void buildDummyIdl() throws Exception {      //initialize test      String randomTestSp = RandomStringUtils.randomAlphabetic(10);      pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); -        +      basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "true"); -     -     + +      //perform test      task.execute(pendingReq, executionContext); -     -    //validate state     + +    //validate state      // check if pendingRequest was stored      IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());      Assert.assertNotNull("pendingReq not stored", storedPendingReq); -     +      //check data in session      final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);      Assert.assertNotNull("AuthProcessData", authProcessData); @@ -404,17 +402,17 @@ public class CreateIdentityLinkTaskTest {      String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);      Assert.assertNull("AuthBlock", authBlock); -     +      Assert.assertFalse("EID process", authProcessData.isEidProcess());      Assert.assertTrue("foreigner process", authProcessData.isForeigner()); -    Assert.assertEquals("EID-ISSUING_NATION", "LU",  +    Assert.assertEquals("EID-ISSUING_NATION", "LU",          authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));      Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); -    Assert.assertEquals("LoA", response.getLevelOfAssurance(),  +    Assert.assertEquals("LoA", response.getLevelOfAssurance(),          authProcessData.getQaaLevel()); -         +      Assert.assertNotNull("IDL", authProcessData.getIdentityLink()); -         +    }    private void setSzrResponseIdentityLink(String responseXmlPath) throws JAXBException, SZRException_Exception { @@ -433,7 +431,7 @@ public class CreateIdentityLinkTaskTest {      Assert.assertEquals(expected, value);    } -   +    @NotNull    private AuthenticationResponse buildDummyAuthResponse() throws URISyntaxException {      final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( @@ -444,7 +442,7 @@ public class CreateIdentityLinkTaskTest {          Constants.eIDAS_ATTR_CURRENTGIVENNAME).first();      final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(          Constants.eIDAS_ATTR_DATEOFBIRTH).first(); -    +      final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder()          .put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64))          .put(attributeDef2, RandomStringUtils.randomAlphabetic(10)) diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java index de9b2d3b..ae3a79b8 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java @@ -13,7 +13,6 @@ import org.junit.Assert;  import org.junit.Before;  import org.junit.Test;  import org.junit.runner.RunWith; -import org.powermock.core.classloader.annotations.PrepareForTest;  import org.springframework.beans.factory.annotation.Autowired;  import org.springframework.mock.web.MockHttpServletRequest;  import org.springframework.mock.web.MockHttpServletResponse; @@ -28,7 +27,6 @@ import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyCo  import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummySpConfiguration;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveAuthnResponseTask;  import at.gv.egiz.eaaf.core.api.IRequest;  import at.gv.egiz.eaaf.core.api.IRequestStorage; @@ -49,7 +47,6 @@ import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;  import lombok.val;  @RunWith(SpringJUnit4ClassRunner.class) -@PrepareForTest(CreateIdentityLinkTask.class)  @DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)  @ContextConfiguration(locations = {      "/SpringTest-context_tasks_test.xml", @@ -63,15 +60,15 @@ public class ReceiveEidasResponseTaskTest {    private MsConnectorDummyConfigMap basicConfig;    @Autowired    protected EidasAttributeRegistry attrRegistry; -   +    @Autowired private IRequestStorage storage; -   +    final ExecutionContext executionContext = new ExecutionContextImpl();    private MockHttpServletRequest httpReq;    private MockHttpServletResponse httpResp;    private TestRequestImpl pendingReq;    private MsConnectorDummySpConfiguration oaParam; -   +    /**     * jUnit test set-up.     */ @@ -84,7 +81,7 @@ public class ReceiveEidasResponseTaskTest {      RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));      basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); -     +      final Map<String, String> spConfig = new HashMap<>();      spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");      spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); @@ -98,70 +95,70 @@ public class ReceiveEidasResponseTaskTest {      pendingReq.setAuthUrl("http://test.com/");      pendingReq.setTransactionId("avaasbav");      pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); -         +      executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");      executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true);    } -   +    @Test -  public void missingEidasResponse() {     +  public void missingEidasResponse() {      try {        task.execute(pendingReq, executionContext);        Assert.fail("No eIDAS response not detected"); -       +      } catch (TaskExecutionException e) { -      Assert.assertEquals("ErrorId", "eidas.01",  +      Assert.assertEquals("ErrorId", "eidas.01",            ((EaafException) e.getOriginalException()).getErrorId()); -       -    }         + +    }    } -   +    @Test -  public void notSuccessEidasResponse() throws URISyntaxException {     +  public void notSuccessEidasResponse() throws URISyntaxException {      String statusCode = RandomStringUtils.randomAlphabetic(10); -    httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE,  +    httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE,          buildDummyAuthResponse(statusCode)); -     -     + +      try {        task.execute(pendingReq, executionContext);        Assert.fail("No eIDAS response not detected"); -       +      } catch (TaskExecutionException e) { -      Assert.assertEquals("ErrorId", "eidas.02",  +      Assert.assertEquals("ErrorId", "eidas.02",            ((EaafException) e.getOriginalException()).getErrorId());        Assert.assertEquals("wrong parameter size", 2, ((EaafException) e.getOriginalException())            .getParams().length);        Assert.assertEquals("wrong errorMsg", statusCode, ((EaafException) e            .getOriginalException()).getParams()[0]); -    }         +    }    } -     +    @Test -  public void success() throws URISyntaxException, TaskExecutionException, PendingReqIdValidationException {     +  public void success() throws URISyntaxException, TaskExecutionException, PendingReqIdValidationException {      @NotNull      AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI);      httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse); -    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");     -       +    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU"); +      //execute test      task.execute(pendingReq, executionContext); -     +      //validate state      IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());      Assert.assertNotNull("pendingReq not stored", storedReq); -     +      final AuthProcessDataWrapper authProcessData = storedReq.getSessionData(AuthProcessDataWrapper.class);      Assert.assertEquals("LoA", eidasResponse.getLevelOfAssurance(), authProcessData.getQaaLevel()); -    Assert.assertNotNull("eIDAS response",  +    Assert.assertNotNull("eIDAS response",          authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE)); -    Assert.assertEquals("eIDAS response", eidasResponse,  +    Assert.assertEquals("eIDAS response", eidasResponse,          authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE)); -         +    } -   +    @NotNull    private AuthenticationResponse buildDummyAuthResponse(String statusCode) throws URISyntaxException {      final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( @@ -172,7 +169,7 @@ public class ReceiveEidasResponseTaskTest {          Constants.eIDAS_ATTR_CURRENTGIVENNAME).first();      final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(          Constants.eIDAS_ATTR_DATEOFBIRTH).first(); -    +      final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder()          .put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64))          .put(attributeDef2, RandomStringUtils.randomAlphabetic(10)) @@ -189,5 +186,5 @@ public class ReceiveEidasResponseTaskTest {          .attributes(attributeMap)          .build();    } -   +  } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java index ad38e371..4da03622 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java @@ -17,13 +17,11 @@ import org.jose4j.lang.JoseException;  import org.junit.Assert;  import org.junit.Test;  import org.junit.runner.RunWith; -import org.powermock.core.classloader.annotations.PrepareForTest;  import org.springframework.beans.factory.annotation.Autowired;  import org.springframework.test.annotation.DirtiesContext;  import org.springframework.test.context.ContextConfiguration;  import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils.JwsResult;  import at.gv.egiz.eaaf.core.exceptions.EaafException; @@ -34,15 +32,14 @@ import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType;  import at.gv.egiz.eaaf.core.impl.data.Pair;  @RunWith(SpringJUnit4ClassRunner.class) -@PrepareForTest(CreateIdentityLinkTask.class)  @DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)  @ContextConfiguration(locations = {      "/SpringTest-context_tasks_test.xml",      "/SpringTest-context_basic_mapConfig.xml"})  public class JoseUtilsTest { -   +    @Autowired private EaafKeyStoreFactory keyStoreFactory; -   +    private static final List<String> AUTH_ALGORITHM_WHITELIST_SIGNING = Collections.unmodifiableList(        Arrays.asList(            AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256, @@ -50,48 +47,48 @@ public class JoseUtilsTest {            AlgorithmIdentifiers.RSA_PSS_USING_SHA256,            AlgorithmIdentifiers.RSA_PSS_USING_SHA512)); -   +    @Test    public void missingKey() throws EaafException, JoseException, KeyStoreException, IOException { -     +      KeyStoreConfiguration config = new KeyStoreConfiguration();      config.setFriendlyName("jUnittest");      config.setKeyStoreType(KeyStoreType.JKS);      config.setSoftKeyStoreFilePath("../data/junit.jks");      config.setSoftKeyStorePassword("password"); -     +      Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config);      String payLoad = RandomStringUtils.randomAlphanumeric(100); -     +      //check signing      try {        JoseUtils.createSignature(keyStore, "notExist", "password".toCharArray(), payLoad , true, "jUnitTest");        Assert.fail("missing Key not detected"); -       -    } catch (EaafException e) {       + +    } catch (EaafException e) {        Assert.assertEquals("ErrorId", "internal.keystore.09", e.getErrorId()); -       +      }    } -   +    @Test    public void createRsaSignature() throws EaafException, JoseException, KeyStoreException, IOException { -     +      KeyStoreConfiguration config = new KeyStoreConfiguration();      config.setFriendlyName("jUnittest");      config.setKeyStoreType(KeyStoreType.JKS);      config.setSoftKeyStoreFilePath("../data/junit.jks");      config.setSoftKeyStorePassword("password"); -     +      Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config);      String payLoad = RandomStringUtils.randomAlphanumeric(100); -     +      //check signing      String result = JoseUtils.createSignature(keyStore, "meta", "password".toCharArray(), payLoad , true, "jUnitTest"); -    +      Assert.assertNotNull("signed message", result);      Assert.assertFalse("signed msg empty", result.isEmpty()); -     +      //validate      List<X509Certificate> trustedCerts = EaafKeyStoreUtils.readCertsFromKeyStore(keyStore.getFirst()); @@ -99,30 +96,30 @@ public class JoseUtilsTest {          AUTH_ALGORITHM_WHITELIST_SIGNING              .toArray(new String[AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));      JwsResult verify = JoseUtils.validateSignature(result, trustedCerts, constraints); -     +      Assert.assertTrue("sig. verify", verify.isValid());      Assert.assertEquals("payload", payLoad, verify.getPayLoad()); -         +    } -   +    @Test    public void createEccSignature() throws EaafException, JoseException, KeyStoreException, IOException { -     +      KeyStoreConfiguration config = new KeyStoreConfiguration();      config.setFriendlyName("jUnittest");      config.setKeyStoreType(KeyStoreType.JKS);      config.setSoftKeyStoreFilePath("../data/junit.jks");      config.setSoftKeyStorePassword("password"); -     +      Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config);      String payLoad = RandomStringUtils.randomAlphanumeric(100); -     +      //check signing      String result = JoseUtils.createSignature(keyStore, "sig", "password".toCharArray(), payLoad , true, "jUnitTest"); -    +      Assert.assertNotNull("signed message", result);      Assert.assertFalse("signed msg empty", result.isEmpty()); -     +      //validate      List<X509Certificate> trustedCerts = EaafKeyStoreUtils.readCertsFromKeyStore(keyStore.getFirst()); @@ -130,10 +127,10 @@ public class JoseUtilsTest {          AUTH_ALGORITHM_WHITELIST_SIGNING              .toArray(new String[AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));      JwsResult verify = JoseUtils.validateSignature(result, trustedCerts, constraints); -     +      Assert.assertTrue("sig. verify", verify.isValid());      Assert.assertEquals("payload", payLoad, verify.getPayLoad()); -         +    } -   +  } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java index e0f15c8c..0b18815b 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java @@ -12,7 +12,6 @@ import org.junit.Assert;  import org.junit.Before;  import org.junit.Test;  import org.junit.runner.RunWith; -import org.powermock.core.classloader.annotations.PrepareForTest;  import org.springframework.beans.factory.annotation.Autowired;  import org.springframework.test.annotation.DirtiesContext;  import org.springframework.test.context.ContextConfiguration; @@ -25,7 +24,6 @@ import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummySp  import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasValidationException;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.validator.EidasResponseValidator;  import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;  import at.gv.egiz.eaaf.core.api.data.EaafConstants; @@ -41,7 +39,6 @@ import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;  import lombok.val;  @RunWith(SpringJUnit4ClassRunner.class) -@PrepareForTest(CreateIdentityLinkTask.class)  @DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)  @ContextConfiguration(locations = {      "/SpringTest-context_tasks_test.xml", @@ -50,17 +47,17 @@ public class EidasResponseValidatorTest {    @Autowired private MsConnectorDummyConfigMap basicConfig;    @Autowired protected EidasAttributeRegistry attrRegistry; -   +    private TestRequestImpl pendingReq;    private MsConnectorDummySpConfiguration oaParam; -   -   + +    /**     * jUnit test set-up.     */    @Before    public void setUp() throws EaafStorageException, URISyntaxException { -     +      final Map<String, String> spConfig = new HashMap<>();      spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");      spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); @@ -74,250 +71,250 @@ public class EidasResponseValidatorTest {      pendingReq.setAuthUrl("http://test.com/");      pendingReq.setTransactionId("avaasbav");      pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); -         +    } -   -   + +    @Test    public void loaFromResponseToLow() throws URISyntaxException {      //set-up -    ILightResponse eidasResponse = buildDummyAuthResponse(  -        "LU/AT/" + RandomStringUtils.randomNumeric(10),  +    ILightResponse eidasResponse = buildDummyAuthResponse( +        "LU/AT/" + RandomStringUtils.randomNumeric(10),          EaafConstants.EIDAS_LOA_LOW,          false);      String spCountry = "AT";      String citizenCountryCode = "XX"; -                     +      //execute test      try {        EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);        Assert.fail("Wrong eIDAS response not detected"); -       +      } catch (EidasValidationException e) { -      Assert.assertEquals("ErrorId", "eidas.06", e.getErrorId());     +      Assert.assertEquals("ErrorId", "eidas.06", e.getErrorId());        Assert.assertEquals("wrong parameter size", 1, e.getParams().length); -      Assert.assertEquals("wrong errorMsg", "http://eidas.europa.eu/LoA/low",  +      Assert.assertEquals("wrong errorMsg", "http://eidas.europa.eu/LoA/low",            e.getParams()[0]); -   -    }     + +    }    } -   +    @Test    public void noEidasSpCountry() throws URISyntaxException {      //set-up -    ILightResponse eidasResponse = buildDummyAuthResponse(  -        "LU/AT/" + RandomStringUtils.randomNumeric(10),  +    ILightResponse eidasResponse = buildDummyAuthResponse( +        "LU/AT/" + RandomStringUtils.randomNumeric(10),          EaafConstants.EIDAS_LOA_SUBSTANTIAL,          false);      String spCountry = null;      String citizenCountryCode = "LU"; -     +      oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); -     -                     + +      //execute test      try {        EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);        Assert.fail("Wrong eIDAS response not detected"); -       +      } catch (EidasValidationException e) { -      Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());     +      Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());        Assert.assertEquals("wrong parameter size", 2, e.getParams().length); -      Assert.assertEquals("wrong errorMsg", "PersonIdentifier",  +      Assert.assertEquals("wrong errorMsg", "PersonIdentifier",            e.getParams()[0]); -      Assert.assertEquals("wrong errorMsg",  -          "Destination country does not match to SP country",  +      Assert.assertEquals("wrong errorMsg", +          "Destination country does not match to SP country",            e.getParams()[1]); -   -    }     + +    }    } -   +    @Test    public void noEidasResponseCountry() throws URISyntaxException {      //set-up -    ILightResponse eidasResponse = buildDummyAuthResponse(  -        "LU/AT/" + RandomStringUtils.randomNumeric(10),  +    ILightResponse eidasResponse = buildDummyAuthResponse( +        "LU/AT/" + RandomStringUtils.randomNumeric(10),          EaafConstants.EIDAS_LOA_SUBSTANTIAL,          false);      String spCountry = "AT";      String citizenCountryCode = null; -     +      oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); -     -                     + +      //execute test      try {        EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);        Assert.fail("Wrong eIDAS response not detected"); -       +      } catch (EidasValidationException e) { -      Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());     +      Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());        Assert.assertEquals("wrong parameter size", 2, e.getParams().length); -      Assert.assertEquals("wrong errorMsg", "PersonIdentifier",  +      Assert.assertEquals("wrong errorMsg", "PersonIdentifier",            e.getParams()[0]); -      Assert.assertEquals("wrong errorMsg",  -          "Citizen country does not match to eIDAS-node country that generates the response",  +      Assert.assertEquals("wrong errorMsg", +          "Citizen country does not match to eIDAS-node country that generates the response",            e.getParams()[1]); -   -    }     + +    }    } -   +    @Test    public void wrongEidasResponseCountry() throws URISyntaxException {      //set-up -    ILightResponse eidasResponse = buildDummyAuthResponse(  -        "LU/AT/" + RandomStringUtils.randomNumeric(10),  +    ILightResponse eidasResponse = buildDummyAuthResponse( +        "LU/AT/" + RandomStringUtils.randomNumeric(10),          EaafConstants.EIDAS_LOA_SUBSTANTIAL,          false);      String spCountry = "AT";      String citizenCountryCode = "XX"; -     +      oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); -     -                     + +      //execute test      try {        EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);        Assert.fail("Wrong eIDAS response not detected"); -       +      } catch (EidasValidationException e) { -      Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());     +      Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());        Assert.assertEquals("wrong parameter size", 2, e.getParams().length); -      Assert.assertEquals("wrong errorMsg", "PersonIdentifier",  +      Assert.assertEquals("wrong errorMsg", "PersonIdentifier",            e.getParams()[0]); -      Assert.assertEquals("wrong errorMsg",  -          "Citizen country does not match to eIDAS-node country that generates the response",  +      Assert.assertEquals("wrong errorMsg", +          "Citizen country does not match to eIDAS-node country that generates the response",            e.getParams()[1]); -   -    }     + +    }    } -   +    @Test    public void missingPersonalIdentifier() throws URISyntaxException {      //set-up -    ILightResponse eidasResponse = buildDummyAuthResponse(  -        null,  +    ILightResponse eidasResponse = buildDummyAuthResponse( +        null,          EaafConstants.EIDAS_LOA_SUBSTANTIAL,          false);      String spCountry = "AT";      String citizenCountryCode = "LU"; -     +      oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); -     -                     + +      //execute test      try {        EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);        Assert.fail("Wrong eIDAS response not detected"); -       +      } catch (EidasValidationException e) { -      Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId());     +      Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId());        Assert.assertEquals("wrong parameter size", 1, e.getParams().length); -      Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte",  +      Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte",            e.getParams()[0]); -   -    }     + +    }    } -   +    @Test    public void moreThanOnePersonalIdentifier() throws URISyntaxException {      //set-up -    ILightResponse eidasResponse = buildDummyAuthResponse(  -        null,  +    ILightResponse eidasResponse = buildDummyAuthResponse( +        null,          EaafConstants.EIDAS_LOA_SUBSTANTIAL,          true);      String spCountry = "AT";      String citizenCountryCode = "LU"; -     +      oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); -     -                     + +      //execute test      try {        EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);        Assert.fail("Wrong eIDAS response not detected"); -       +      } catch (EidasValidationException e) { -      Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId());     +      Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId());        Assert.assertEquals("wrong parameter size", 1, e.getParams().length); -      Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte",  +      Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte",            e.getParams()[0]); -   -    }     + +    }    } -   +    @Test    public void emptyPersonalIdentifier() throws URISyntaxException {      //set-up -    ILightResponse eidasResponse = buildDummyAuthResponse(  -        "",  +    ILightResponse eidasResponse = buildDummyAuthResponse( +        "",          EaafConstants.EIDAS_LOA_SUBSTANTIAL,          false);      String spCountry = "AT";      String citizenCountryCode = "LU"; -     +      oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); -     -                     + +      //execute test      try {        EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);        Assert.fail("Wrong eIDAS response not detected"); -       +      } catch (EidasValidationException e) { -      Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());     +      Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());        Assert.assertEquals("wrong parameter size", 2, e.getParams().length); -      Assert.assertEquals("wrong errorMsg", "PersonIdentifier",  +      Assert.assertEquals("wrong errorMsg", "PersonIdentifier",            e.getParams()[0]); -      Assert.assertEquals("wrong errorMsg",  -          "Wrong identifier format",  +      Assert.assertEquals("wrong errorMsg", +          "Wrong identifier format",            e.getParams()[1]); -   -    }     + +    }    } -   +    @Test    public void validResponse() throws URISyntaxException, EidasValidationException {      //set-up -     +      String spCountry = RandomStringUtils.randomAlphabetic(2).toUpperCase();      String cCountry = RandomStringUtils.randomAlphabetic(2).toUpperCase(); -     -    ILightResponse eidasResponse = buildDummyAuthResponse(  -        cCountry + "/" + spCountry + "/" + RandomStringUtils.randomAlphanumeric(20),  + +    ILightResponse eidasResponse = buildDummyAuthResponse( +        cCountry + "/" + spCountry + "/" + RandomStringUtils.randomAlphanumeric(20),          EaafConstants.EIDAS_LOA_SUBSTANTIAL,          false); -     +      oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); -     -                     + +      //execute test      EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, cCountry, attrRegistry); -     +    } -   -   -  private AuthenticationResponse buildDummyAuthResponse(String personalId, String loa, boolean moreThanOnePersonalId)  + + +  private AuthenticationResponse buildDummyAuthResponse(String personalId, String loa, boolean moreThanOnePersonalId)        throws URISyntaxException { -     -         + +      final AttributeDefinition personIdattributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(          Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();      final Builder attributeMap = ImmutableAttributeMap.builder();      if (personalId != null) {        if (moreThanOnePersonalId) { -        ImmutableSet values = ImmutableSet.of(new StringAttributeValue(personalId),  +        ImmutableSet values = ImmutableSet.of(new StringAttributeValue(personalId),              new StringAttributeValue("XX/YY/" + RandomStringUtils.randomAlphanumeric(10))); -        attributeMap.put(personIdattributeDef, values);  -         +        attributeMap.put(personIdattributeDef, values); +        } else {          attributeMap.put(personIdattributeDef, personalId); -         -      }       + +      }      } -     +      val b = new AuthenticationResponse.Builder();      return b.id("_".concat(Random.nextHexRandom16()))          .issuer(RandomStringUtils.randomAlphabetic(10)) | 
