diff options
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2/src')
7 files changed, 161 insertions, 13 deletions
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java index ba57b28e..b603774b 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java @@ -188,4 +188,6 @@ public class Constants { public static final String TRANSITION_TO_GENERATE_MOBILE_PHONE_SIGNATURE_REQUEST_TASK = "TASK_GenerateMobilePhoneSignatureRequestTask"; public static final String TRANSITION_TO_GENERATE_EIDAS_LOGIN = "TASK_TODO"; + + public static final String REQ_SELECTED_LOGIN_METHOD_PARAMETER = "loginSelection"; } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IdAustriaClientAuthMetadataController.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IdAustriaClientAuthMetadataController.java index a2966c7e..0f3c1281 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IdAustriaClientAuthMetadataController.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/idaustriaclient/IdAustriaClientAuthMetadataController.java @@ -79,7 +79,7 @@ public class IdAustriaClientAuthMetadataController extends AbstractController { // initialize metadata builder configuration final IdAustriaClientAuthMetadataConfiguration metadataConfig = new IdAustriaClientAuthMetadataConfiguration(authUrl, credentialProvider, pvpConfiguration); - metadataConfig.setAdditionalRequiredAttributes(getAdditonalRequiredAttributes()); + metadataConfig.setAdditionalRequiredAttributes(getAdditionalRequiredAttributes()); // build metadata final String xmlMetadata = metadatabuilder.buildPvpMetadata(metadataConfig); @@ -111,7 +111,7 @@ public class IdAustriaClientAuthMetadataController extends AbstractController { throw new EaafAuthenticationException(ERROR_CODE_INTERNAL_00, new Object[] { authUrlString }, e); } - + //TODO remove final String idpAuthUrl = authConfig.validateIdpUrl(authReqUrl); if (idpAuthUrl == null) { log.warn("Requested URL: {} is NOT found in configuration.", authReqUrl); @@ -122,7 +122,7 @@ public class IdAustriaClientAuthMetadataController extends AbstractController { return idpAuthUrl; } - private List<Pair<String, Boolean>> getAdditonalRequiredAttributes() { + private List<Pair<String, Boolean>> getAdditionalRequiredAttributes() { final List<Pair<String, Boolean>> result = new ArrayList<>(); // load attributes from configuration diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateGuiTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateLoginMethodGuiTask.java index 3d77f994..9c94b036 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateGuiTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateLoginMethodGuiTask.java @@ -45,7 +45,7 @@ import javax.servlet.http.HttpServletResponse; */ @Slf4j @Component("GenerateGuiTask") -public class GenerateGuiTask extends AbstractAuthServletTask { +public class GenerateLoginMethodGuiTask extends AbstractAuthServletTask { @Autowired ISpringMvcGuiFormBuilder guiBuilder; diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveGuiResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveLoginMethodGuiResponseTask.java index f8f22ce2..266198e5 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveGuiResponseTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveLoginMethodGuiResponseTask.java @@ -46,13 +46,12 @@ import java.util.Enumeration; */ @Slf4j @Component("ReceiveGuiResponseTask") -public class ReceiveGuiResponseTask extends AbstractAuthServletTask { - - final String loginMethod = "loginSelection"; +public class ReceiveLoginMethodGuiResponseTask extends AbstractAuthServletTask { @Override public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) throws TaskExecutionException { + int found = 0; try { // set parameter execution context final Enumeration<String> reqParamNames = request.getParameterNames(); @@ -60,19 +59,22 @@ public class ReceiveGuiResponseTask extends AbstractAuthServletTask { final String paramName = reqParamNames.nextElement(); if (StringUtils.isNotEmpty(paramName) && !EaafConstants.PROCESS_ENGINE_PENDINGREQUESTID.equalsIgnoreCase(paramName) - && loginMethod.equalsIgnoreCase(paramName)) { + && Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER.equalsIgnoreCase(paramName)) { String value = StringEscapeUtils.escapeHtml(request.getParameter(paramName)); SelectedLoginMethod selection = SelectedLoginMethod.valueOf(value); - executionContext.put(loginMethod, selection); + executionContext.put(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER, selection); switch (selection) { case EIDAS_LOGIN: executionContext.put(Constants.TRANSITION_TO_GENERATE_EIDAS_LOGIN, true); + found++; break; case MOBILE_PHONE_SIGNATURE_LOGIN: executionContext.put(Constants.TRANSITION_TO_GENERATE_MOBILE_PHONE_SIGNATURE_REQUEST_TASK, true); + found++; break; case NO_OTHER_LOGIN: executionContext.put(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK, true); + found++; break; default: throw new InvalidUserInputException(); @@ -83,6 +85,11 @@ public class ReceiveGuiResponseTask extends AbstractAuthServletTask { log.error("Parsing selected login method FAILED.", e); throw new TaskExecutionException(pendingReq, "Parsing selected login method FAILED.", e); } + if (found != 1) { + log.error("Parsing selected login method FAILED."); + throw new TaskExecutionException(pendingReq, "Parsing selected login method FAILED.", + new InvalidUserInputException()); + } } } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml index 5897fc78..b5001d77 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml @@ -111,7 +111,7 @@ scope="prototype" /> <bean id="GenerateGuiTask" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateGuiTask" + class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateLoginMethodGuiTask" scope="prototype" /> <bean id="GenerateMobilePhoneSignatureRequestTask" @@ -119,7 +119,7 @@ scope="prototype" /> <bean id="ReceiveGuiResponseTask" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveGuiResponseTask" + class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveLoginMethodGuiResponseTask" scope="prototype" /> <bean id="ReceiveMobilePhoneSignatureResponseTask" diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveLoginMethodGuiResponseTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveLoginMethodGuiResponseTaskTest.java new file mode 100644 index 00000000..c6729a03 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveLoginMethodGuiResponseTaskTest.java @@ -0,0 +1,139 @@ +package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks; + +import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SelectedLoginMethod; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.InvalidUserInputException; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveLoginMethodGuiResponseTask; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; +import at.gv.egiz.eaaf.core.impl.idp.controller.tasks.AbstractLocaleAuthServletTask; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Assert; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.i18n.LocaleContextHolder; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.context.ActiveProfiles; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.test.context.web.WebAppConfiguration; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; + +import java.io.UnsupportedEncodingException; + +@RunWith(SpringJUnit4ClassRunner.class) +//@ContextConfiguration({ +// "/applicationContext.xml", +// "/specific_eIDAS_connector.beans.xml", +// "/eaaf_core.beans.xml", +// "/eaaf_pvp.beans.xml", +// "/eaaf_pvp_idp.beans.xml", +// "/spring/SpringTest-context_simple_storage.xml" }) +@ContextConfiguration(locations = { + "/SpringTest-context_tasks_test.xml", + "/SpringTest-context_basic_mapConfig.xml" +}) +@ActiveProfiles(profiles = {"deprecatedConfig"}) +@WebAppConfiguration +public class ReceiveLoginMethodGuiResponseTaskTest { + + @Autowired private ReceiveLoginMethodGuiResponseTask task; + + private ExecutionContextImpl executionContext = new ExecutionContextImpl(); + private TestRequestImpl pendingReq; + private MockHttpServletRequest httpReq; + private MockHttpServletResponse httpResp; + + /** + * jUnit class initializer. + * + */ + @BeforeClass + public static void classInitializer() { + final String current = new java.io.File(".").toURI().toString(); + System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1.properties"); + + } + + /** + * jUnit test set-up. + * + */ + @Before + public void initialize() { + httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + pendingReq = new TestRequestImpl(); + pendingReq.setAuthUrl("https://localhost/ms_connector"); + pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); + + LocaleContextHolder.resetLocaleContext(); + } + + @Test + public void withMobileSignatureSelection() throws TaskExecutionException { + test(SelectedLoginMethod.MOBILE_PHONE_SIGNATURE_LOGIN); + } + + @Test + public void withEidasSelection() throws TaskExecutionException { + test(SelectedLoginMethod.MOBILE_PHONE_SIGNATURE_LOGIN); + } + + @Test + public void withNoOtherLoginSelection() throws TaskExecutionException { + test(SelectedLoginMethod.NO_OTHER_LOGIN); + } + + public void test(SelectedLoginMethod loginMethod) throws TaskExecutionException { + String parameterValue = loginMethod.name(); + httpReq.setParameter(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER, parameterValue); + + task.execute(pendingReq, executionContext); + + //result validation + Assert.assertFalse("wrong pendingReq auth flag", pendingReq.isAuthenticated()); + Assert.assertFalse("wrong process-cancelled flag", executionContext.isProcessCancelled()); + + Assert.assertNotNull("no login-selection found", + executionContext.get(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER)); + Assert.assertEquals("Wrong login-selection found", loginMethod, + executionContext.get(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER)); + } + + + @Test(expected = TaskExecutionException.class) + public void withInvalidSelection() throws TaskExecutionException { + String parameterValue = RandomStringUtils.randomAlphabetic(2); + httpReq.setParameter(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER, parameterValue); + task.execute(pendingReq, executionContext); + } + + @Test(expected = TaskExecutionException.class) + public void withNullSelection() throws TaskExecutionException { + httpReq.setParameter(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER, "null"); + task.execute(pendingReq, executionContext); + } + + @Test(expected = TaskExecutionException.class) + public void withEmptySelection() throws TaskExecutionException { + httpReq.setParameter(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER, ""); + task.execute(pendingReq, executionContext); + } + + @Test(expected = TaskExecutionException.class) + public void withoutLoginMethodSelection() throws TaskExecutionException, UnsupportedEncodingException { + task.execute(pendingReq, executionContext); + } +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml index ed636eed..df7ce85f 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml @@ -87,7 +87,7 @@ scope="prototype" /> <bean id="GenerateGuiTask" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateGuiTask" + class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateLoginMethodGuiTask" scope="prototype" /> <bean id="GenerateMobilePhoneSignatureRequestTask" @@ -95,7 +95,7 @@ scope="prototype" /> <bean id="ReceiveGuiResponseTask" - class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveGuiResponseTask" + class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveLoginMethodGuiResponseTask" scope="prototype" /> <bean id="ReceiveMobilePhoneSignatureResponseTask" |