diff options
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2')
67 files changed, 5177 insertions, 853 deletions
diff --git a/eidas_modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml b/eidas_modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml new file mode 100644 index 00000000..375f73f4 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml @@ -0,0 +1,31 @@ +<?xml version="1.0" encoding="UTF-8"?> +<FindBugsFilter> + <Match> + <!-- Do not check code generated by Apache CXF framework --> + <Class name="~szrservices.SZRException"/> + </Match> + <Match> + <!-- Logging of SAML2 responses in case of errors or for debugging is allowed --> + <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet" /> + <Method name="getPendingRequestId" /> + <Bug pattern="CRLF_INJECTION_LOGS" /> + </Match> + <Match> + <!-- CSFR protection is implemented by pendingRequestId that is an one-time token --> + <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet" /> + <Method name="restoreEidasAuthProcess" /> + <Bug pattern="SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING" /> + </Match> + <Match> + <!-- File path is only loaded from configuration --> + <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry" /> + <Method name="initialize" /> + <Bug pattern="PATH_TRAVERSAL_IN" /> + </Match> + <Match> + <!-- Redirect URL is only loaded from configuration --> + <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask" /> + <Method name="execute" /> + <Bug pattern="UNVALIDATED_REDIRECT" /> + </Match> +</FindBugsFilter> diff --git a/eidas_modules/authmodule-eIDAS-v2/pom.xml b/eidas_modules/authmodule-eIDAS-v2/pom.xml index b2e841fb..4f3133f8 100644 --- a/eidas_modules/authmodule-eIDAS-v2/pom.xml +++ b/eidas_modules/authmodule-eIDAS-v2/pom.xml @@ -13,14 +13,6 @@ <name>eIDAS v2 authentication module</name> <description>eIDAS module based on eIDAS node reference implementation v2.x</description> - <properties> - <eidas-commons.version>2.4.0</eidas-commons.version> - <eidas-light-commons.version>2.4.0</eidas-light-commons.version> - <eidas-specific-communication-definition.version>2.4.0</eidas-specific-communication-definition.version> - <eidas-jcache-ignite-specific-communication.version>2.4.0</eidas-jcache-ignite-specific-communication.version> - <org.xerial.sqlite-jdbc.version>3.23.1</org.xerial.sqlite-jdbc.version> - </properties> - <profiles> <profile> <id>default</id> @@ -62,8 +54,6 @@ <dependency> <groupId>eu.eidas</groupId> <artifactId>eidas-commons</artifactId> - <version>${eidas-commons.version}</version> - <!--scope>provided</scope --> <exclusions> <exclusion> <groupId>log4j</groupId> @@ -79,19 +69,16 @@ <dependency> <groupId>eu.eidas</groupId> <artifactId>eidas-light-commons</artifactId> - <version>${eidas-light-commons.version}</version> </dependency> <dependency> <groupId>eu.eidas</groupId> <artifactId>eidas-specific-communication-definition</artifactId> - <version>${eidas-specific-communication-definition.version}</version> </dependency> <dependency> <groupId>eu.eidas</groupId> <artifactId>eidas-jcache-ignite-specific-communication</artifactId> - <version>${eidas-jcache-ignite-specific-communication.version}</version> </dependency> <!-- other third party libs --> @@ -162,6 +149,14 @@ <version>2.0.7</version> <scope>test</scope> </dependency> + + <dependency> + <groupId>at.asitplus.eidas.ms_specific</groupId> + <artifactId>connector_lib</artifactId> + <scope>test</scope> + <type>test-jar</type> + </dependency> + <dependency> <groupId>at.gv.egiz.eaaf</groupId> <artifactId>eaaf_core_utils</artifactId> @@ -251,22 +246,37 @@ <plugin> <groupId>com.github.spotbugs</groupId> <artifactId>spotbugs-maven-plugin</artifactId> + <version>${spotbugs-maven-plugin.version}</version> + <configuration> + <excludeFilterFile>checks/spotbugs-exclude.xml</excludeFilterFile> + </configuration> + </plugin> + + <plugin> + <groupId>org.jacoco</groupId> + <artifactId>jacoco-maven-plugin</artifactId> <executions> <execution> - <id>spotbugs_validate</id> + <id>post-unit-check</id> <phase>test</phase> <goals> <goal>check</goal> + <goal>report</goal> </goals> + <configuration> + <haltOnFailure>false</haltOnFailure> + <excludes> + <exclude>**/at/gv/e_government/reference/namespace/persondata/_20020228/*</exclude> + <exclude>**/org/w3/_2000/_09/*</exclude> + <exclude>**/org/w3/_2001/_04/*</exclude> + <exclude>**/szrservices/*</exclude> + <exclude>**/generated/cxf/*</exclude> + </excludes> + </configuration> </execution> </executions> - <configuration> - <failOnError>true</failOnError> - <excludeFilterFile>spotbugs_exclude.xml</excludeFilterFile> - </configuration> </plugin> - <!-- enable co-existence of testng and junit --> <plugin> <artifactId>maven-surefire-plugin</artifactId> diff --git a/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/2.5.0/eidas-parent-2.5.0.pom b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/2.5.0/eidas-parent-2.5.0.pom new file mode 100644 index 00000000..38321046 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/2.5.0/eidas-parent-2.5.0.pom @@ -0,0 +1,898 @@ +<!-- + ~ Copyright (c) 2020 by European Commission + ~ + ~ Licensed under the EUPL, Version 1.2 or - as soon they will be + ~ approved by the European Commission - subsequent versions of the + ~ EUPL (the "Licence"); + ~ You may not use this work except in compliance with the Licence. + ~ You may obtain a copy of the Licence at: + ~ https://joinup.ec.europa.eu/page/eupl-text-11-12 + ~ + ~ Unless required by applicable law or agreed to in writing, software + ~ distributed under the Licence is distributed on an "AS IS" basis, + ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + ~ implied. + ~ See the Licence for the specific language governing permissions and + ~ limitations under the Licence. + --> +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 + http://maven.apache.org/maven-v4_0_0.xsd"> + <modelVersion>4.0.0</modelVersion> + <groupId>eu.eidas</groupId> + <artifactId>eidas-parent</artifactId> + <packaging>pom</packaging> + <name>eIDAS Node Parent</name> + <version>2.5.0</version> + <description> + The EIDAS-Parent provides artifacts versions for Eidas Node components. + </description> + <properties> + <!-- 1) Project properties --> + <proj.name>EIDASParent</proj.name> + <proj.name.eidas>EidasNode</proj.name.eidas> + <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> + <app.packaging.type>war</app.packaging.type> + <mod.packaging.type>jar</mod.packaging.type> + <timestamp>${maven.build.timestamp}</timestamp> + <!-- java version targeted in the compile phase --> + <java.version>1.8</java.version> + + <samlspec.version>0.5.2</samlspec.version> + <samlspecacept.version>0.5.1</samlspecacept.version> + + <!-- 2) Library dependency versions --> + <spring.version>4.3.18.RELEASE</spring.version> + <opensaml.not-yet-commons-ssl.version>0.3.9</opensaml.not-yet-commons-ssl.version> + <opensaml.openws.version>1.5.5</opensaml.openws.version> + <opensaml.version>3.4.3</opensaml.version> + <opensaml.api.version>3.4.3</opensaml.api.version> + <opensaml-security-ext.version>1.0.7</opensaml-security-ext.version> + <xmlsec.version>2.1.4</xmlsec.version> + <!--shibboleth.xmlsupport.version>8.0-SNAPSHOT</shibboleth.xmlsupport.version--> + <shibboleth.xmlsupport.version>7.5.0</shibboleth.xmlsupport.version> + <servlet.version>3.0.1</servlet.version> + <jsp.api>2.0</jsp.api> + <jstl.version>1.2.6</jstl.version> + <jasper.version>6.0.53</jasper.version> + <slf4j.version>1.7.10</slf4j.version> + <logback.version>1.2.0</logback.version> + <mockito.version>2.13.0</mockito.version> + <junit.version>4.12</junit.version> + <hamcrest.version>1.3</hamcrest.version> + <commons.codec>1.9</commons.codec> + <commons.collections>3.2.2</commons.collections> + <commons.io>2.4</commons.io> + <commons.lang>2.6</commons.lang> + <commons.logging>1.1.3</commons.logging> + <commons.httpclient>4.5.13</commons.httpclient> + <commons.httpcore>4.4.9</commons.httpcore> + <commons.lang3>3.1</commons.lang3> + <bouncycastle.version>1.64</bouncycastle.version> + <owasp.version>1.1.1</owasp.version> + <owasp.dependency-check.version>1.4.0</owasp.dependency-check.version> + <joda.time.version>2.6</joda.time.version> + <log4j.version>1.2.17</log4j.version> + <log4j.api>2.3</log4j.api> + <xmlunit.version>1.5</xmlunit.version> + <bdr.econnector.version>1.2.2</bdr.econnector.version> + <struts.version>2.3.34</struts.version> + <!--<icu4j.version>55.1</icu4j.version>--> + <vaadin.version>7.4.2</vaadin.version> + <vaadin.plugin.version>${vaadin.version}</vaadin.plugin.version> + <vaadin-spring.version>1.0.0.beta1</vaadin-spring.version> + <vaadin4spring.version>0.0.5.RELEASE</vaadin4spring.version> + <jetty.plugin.version>9.2.3.v20140905</jetty.plugin.version> + <guava.version>28.1-jre</guava.version> + <jsr305.version>3.0.1</jsr305.version> + <icu4j.version>57.1</icu4j.version> + + <!-- 3) maven plugin versions --> + <javadoc.plugin.version>2.8.1</javadoc.plugin.version> + <compile.plugin.version>2.3.2</compile.plugin.version> + <surefire.plugin.version>2.19.1</surefire.plugin.version> + <war.plugin.version>3.2.0</war.plugin.version> + <ear.plugin.version>2.7</ear.plugin.version> + <resources.plugin.version>2.4</resources.plugin.version> + <cobertura.plugin.version>2.7</cobertura.plugin.version> + <remote.resources.plugin.version>1.5</remote.resources.plugin.version> + <source.plugin.version>2.1.2</source.plugin.version> + <install.plugin.version>2.5.2</install.plugin.version> + <clean.plugin.version>2.6.1</clean.plugin.version> + <maven.jar.plugin.version>3.1.2</maven.jar.plugin.version> + <jaxb.plugin.version>2.3.1</jaxb.plugin.version> + </properties> + + <dependencyManagement> + <dependencies> + <!-- eIDAS modules --> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>SimpleProtocol</artifactId> + <version>0.0.3</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-commons</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-light-commons</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-configmodule</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-encryption</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-saml-engine</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-updater</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-saml-metadata</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-specific-connector</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-specific-proxyservice</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-specific-communication-definition</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-jcache-dev</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-jcache-dev-node</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-jcache-dev-specific-communication</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-jcache-ignite</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-jcache-ignite-node</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-jcache-ignite-specific-communication</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-jcache-hazelcast</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-jcache-hazelcast-node</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-jcache-hazelcast-specific-communication</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-node</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-sp</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-idp</artifactId> + <version>${project.version}</version> + </dependency> + <!-- Joda --> + <dependency> + <groupId>joda-time</groupId> + <artifactId>joda-time</artifactId> + <version>${joda.time.version}</version> + </dependency> + <!-- SLF4J logging --> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + <version>${slf4j.version}</version> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>jcl-over-slf4j</artifactId> + <version>${slf4j.version}</version> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>log4j-over-slf4j</artifactId> + <version>${slf4j.version}</version> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>jul-to-slf4j</artifactId> + <version>${slf4j.version}</version> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-simple</artifactId> + <version>${slf4j.version}</version> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-log4j12</artifactId> + <version>${slf4j.version}</version> + </dependency> + <!-- commons-logging --> + <dependency> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + <version>${commons.logging}</version> + </dependency> + <!-- Log4J --> + <dependency> + <groupId>log4j</groupId> + <artifactId>log4j</artifactId> + <version>${log4j.version}</version> + <exclusions> + <exclusion> + <groupId>javax.jms</groupId> + <artifactId>jms</artifactId> + </exclusion> + <exclusion> + <groupId>com.sun.jdmk</groupId> + <artifactId>jmxtools</artifactId> + </exclusion> + <exclusion> + <groupId>com.sun.jmx</groupId> + <artifactId>jmxri</artifactId> + </exclusion> + <exclusion> + <artifactId>mail</artifactId> + <groupId>javax.mail</groupId> + </exclusion> + </exclusions> + </dependency> + <!-- LogBack --> + <dependency> + <groupId>ch.qos.logback</groupId> + <artifactId>logback-classic</artifactId> + <version>${logback.version}</version> + <exclusions> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + </exclusion> + </exclusions> + </dependency> + <!-- Bouncy Castle --> + <dependency> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + <version>${bouncycastle.version}</version> + <!-- Wildfly issue: please keep provided as the default scope for all the components of the project and override it if needed --> + <scope>provided</scope> + </dependency> + <!-- Apache Commons --> + <dependency> + <groupId>commons-codec</groupId> + <artifactId>commons-codec</artifactId> + <version>${commons.codec}</version> + </dependency> + <dependency> + <groupId>commons-collections</groupId> + <artifactId>commons-collections</artifactId> + <version>${commons.collections}</version> + </dependency> + <dependency> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpclient</artifactId> + <version>${commons.httpclient}</version> + <exclusions> + <exclusion> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + </exclusion> + <exclusion> + <groupId>commons-codec</groupId> + <artifactId>commons-codec</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + <version>${commons.httpcore}</version> + <exclusions> + <exclusion> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>commons-io</groupId> + <artifactId>commons-io</artifactId> + <version>${commons.io}</version> + </dependency> + <dependency> + <groupId>commons-lang</groupId> + <artifactId>commons-lang</artifactId> + <version>${commons.lang}</version> + </dependency> + <dependency> + <groupId>org.owasp.encoder</groupId> + <artifactId>encoder</artifactId> + <version>${owasp.version}</version> + </dependency> + <dependency> + <groupId>org.owasp.encoder</groupId> + <artifactId>encoder-jsp</artifactId> + <version>${owasp.version}</version> + </dependency> + <dependency> + <groupId>com.google.guava</groupId> + <artifactId>guava</artifactId> + <version>${guava.version}</version> + </dependency> + <dependency> + <groupId>com.google.code.findbugs</groupId> + <artifactId>jsr305</artifactId> + <version>${jsr305.version}</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.opensaml</groupId> + <artifactId>opensaml-core</artifactId> + <version>${opensaml.version}</version> + <exclusions> + <exclusion> + <groupId>commons-codec</groupId> + <artifactId>commons-codec</artifactId> + </exclusion> + <exclusion> + <groupId>commons-collections</groupId> + <artifactId>commons-collections</artifactId> + </exclusion> + <exclusion> + <groupId>commons-lang</groupId> + <artifactId>commons-lang</artifactId> + </exclusion> + <exclusion> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + </exclusion> + <exclusion> + <groupId>javax.servlet</groupId> + <artifactId>servlet-api</artifactId> + </exclusion> + <exclusion> + <groupId>joda-time</groupId> + <artifactId>joda-time</artifactId> + </exclusion> + <exclusion> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + </exclusion> + <exclusion> + <groupId>log4j</groupId> + <artifactId>log4j</artifactId> + </exclusion> + <exclusion> + <groupId>org.apache.velocity</groupId> + <artifactId>velocity</artifactId> + </exclusion> + <exclusion> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>jcl-over-slf4j</artifactId> + </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>log4j-over-slf4j</artifactId> + </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>jul-to-slf4j</artifactId> + </exclusion> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>spring-test</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.opensaml</groupId> + <artifactId>opensaml-saml-api</artifactId> + <version>${opensaml.version}</version> + </dependency> + <dependency> + <groupId>org.opensaml</groupId> + <artifactId>opensaml-saml-impl</artifactId> + <version>${opensaml.version}</version> + </dependency> + <dependency> + <groupId>se.swedenconnect.opensaml</groupId> + <artifactId>opensaml-security-ext</artifactId> + <exclusions> + <exclusion> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + </exclusion> + </exclusions> + <version>${opensaml-security-ext.version}</version> + </dependency> + <dependency> + <groupId>net.shibboleth.utilities</groupId> + <artifactId>java-support</artifactId> + <version>${shibboleth.xmlsupport.version}</version> + </dependency> + <dependency> + <groupId>org.opensaml</groupId> + <artifactId>opensaml-xmlsec-api</artifactId> + <exclusions> + <exclusion> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + </exclusion> + </exclusions> + <version>${opensaml.version}</version> + </dependency> + <dependency> + <groupId>javax.servlet</groupId> + <artifactId>javax.servlet-api</artifactId> + <version>${servlet.version}</version> + <scope>provided</scope> + </dependency> + <!-- JSP --> + <dependency> + <groupId>javax.servlet</groupId> + <artifactId>jsp-api</artifactId> + <version>${jsp.api}</version> + <scope>provided</scope> + </dependency> + + <dependency> + <groupId>org.glassfish.web</groupId> + <artifactId>jakarta.servlet.jsp.jstl</artifactId> + <version>${jstl.version}</version> + <scope>runtime</scope> + </dependency> + <!-- Spring --> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-core</artifactId> + <version>${spring.version}</version> + <exclusions> + <exclusion> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-beans</artifactId> + <version>${spring.version}</version> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-context</artifactId> + <version>${spring.version}</version> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-context-support</artifactId> + <version>${spring.version}</version> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-web</artifactId> + <version>${spring.version}</version> + </dependency> + <dependency> + <groupId>xalan</groupId> + <artifactId>xalan</artifactId> + <version>${xalan.version}</version> + </dependency> + <dependency> + <groupId>org.opensaml</groupId> + <artifactId>opensaml-xmlsec-impl</artifactId> + <exclusions> + <exclusion> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + </exclusion> + </exclusions> + <version>${opensaml.version}</version> + </dependency> + <!-- EIDINT-4171: Override of opensaml-xmlsec-impl sub dependency --> + <dependency> + <groupId>org.apache.santuario</groupId> + <artifactId>xmlsec</artifactId> + <version>${xmlsec.version}</version> + </dependency> + <!-- https://mvnrepository.com/artifact/org.apache.tomcat/jasper-el --> + <dependency> + <groupId>org.apache.tomcat</groupId> + <artifactId>jasper-el</artifactId> + <version>${jasper.version}</version> + </dependency> + <!-- Struts2 --> + <dependency> + <groupId>org.apache.struts</groupId> + <artifactId>struts2-core</artifactId> + <version>${struts.version}</version> + </dependency> + <!-- ICU --> + <dependency> + <groupId>com.ibm.icu</groupId> + <artifactId>icu4j</artifactId> + <version>${icu4j.version}</version> + </dependency> + + <!-- UNIT TEST Dependencies --> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <version>${junit.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.hamcrest</groupId> + <artifactId>hamcrest-all</artifactId> + <version>${hamcrest.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.mockito</groupId> + <artifactId>mockito-core</artifactId> + <version>${mockito.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>xmlunit</groupId> + <artifactId>xmlunit</artifactId> + <version>${xmlunit.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-test</artifactId> + <version>${spring.version}</version> + <scope>test</scope> + </dependency> + </dependencies> + </dependencyManagement> + + <dependencies> + <!-- Dependencies in common for all modules --> + <dependency> + <groupId>commons-collections</groupId> + <artifactId>commons-collections</artifactId> + </dependency> + <dependency> + <groupId>commons-io</groupId> + <artifactId>commons-io</artifactId> + </dependency> + <dependency> + <groupId>commons-lang</groupId> + <artifactId>commons-lang</artifactId> + </dependency> + <dependency> + <groupId>com.google.guava</groupId> + <artifactId>guava</artifactId> + </dependency> + <dependency> + <groupId>com.google.code.findbugs</groupId> + <artifactId>jsr305</artifactId> + </dependency> + + <!-- UNIT TEST Dependencies in common for all modules --> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <exclusions> + <exclusion> + <artifactId>hamcrest-core</artifactId> + <groupId>org.hamcrest</groupId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.hamcrest</groupId> + <artifactId>hamcrest-all</artifactId> + </dependency> + <dependency> + <groupId>org.mockito</groupId> + <artifactId>mockito-core</artifactId> + <exclusions> + <exclusion> + <artifactId>hamcrest-core</artifactId> + <groupId>org.hamcrest</groupId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>xmlunit</groupId> + <artifactId>xmlunit</artifactId> + </dependency> + </dependencies> + + <build> + <pluginManagement> + <plugins> + + <plugin> + <groupId>com.orctom.mojo</groupId> + <artifactId>was-maven-plugin</artifactId> + <version>1.0.8</version> + <configuration> + <wasHome>c:/pgm/wlp</wasHome> + <applicationName>${proj.name}</applicationName> + <host>localhost</host> + <server>server01</server> + <node>node01</node> + <virtualHost>default_host</virtualHost> + <verbose>true</verbose> + </configuration> + </plugin> + + <plugin> + <groupId>org.apache.tomcat.maven</groupId> + <artifactId>tomcat7-maven-plugin</artifactId> + <version>2.2</version> + <configuration> + <url>http://localhost:8080/manager/text</url> + <server>tomcat</server> + <path>/${proj.name}</path> + <username>admin</username> + <password>admin</password> + </configuration> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>${war.plugin.version}</version> + <configuration> + <webResources> + <resource> + <directory>${project.basedir}/src/main/webapp/WEB-INF</directory> + <filtering>true</filtering> + <targetPath>WEB-INF</targetPath> + <includes> + <include>**/web.xml</include> + </includes> + </resource> + </webResources> + </configuration> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-source-plugin</artifactId> + <version>${source.plugin.version}</version> + <executions> + <execution> + <id>attach-sources</id> + <phase>verify</phase> + <goals> + <goal>jar-no-fork</goal> + </goals> + </execution> + </executions> + </plugin> + <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>cobertura-maven-plugin</artifactId> + <version>${cobertura.plugin.version}</version> + <configuration> + <formats> + <format>html</format> + <format>xml</format> + </formats> + </configuration> + </plugin> + <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>jaxb2-maven-plugin</artifactId> + <version>${jaxb.plugin.version}</version> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-resources-plugin</artifactId> + <version>${resources.plugin.version}</version> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-jar-plugin</artifactId> + <version>${maven.jar.plugin.version}</version> + </plugin> + <!--plugin> + <groupId>org.owasp</groupId> + <artifactId>dependency-check-maven</artifactId> + <version>${owasp.dependency-check.version}</version> + <configuration> + <failBuildOnCVSS>8</failBuildOnCVSS> + </configuration> + <executions> + <execution> + <goals> + <goal>check</goal> + </goals> + </execution> + </executions> + </plugin--> + </plugins> + </pluginManagement> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-compiler-plugin</artifactId> + <version>${compile.plugin.version}</version> + <configuration> + <source>${java.version}</source> + <target>${java.version}</target> + </configuration> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-surefire-plugin</artifactId> + <version>${surefire.plugin.version}</version> + <configuration> + <skip>false</skip> + </configuration> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-javadoc-plugin</artifactId> + <version>${javadoc.plugin.version}</version> + <configuration> + <detectLinks>true</detectLinks> + </configuration> + </plugin> + </plugins> + </build> + <modules> + <module>../EIDAS-Light-Commons</module> + <module>../EIDAS-Commons</module> + <module>../EIDAS-ConfigModule</module> + <module>../EIDAS-Encryption</module> + <module>../EIDAS-Metadata</module> + <module>../EIDAS-SpecificCommunicationDefinition</module> + <!--start of TODO remove when/if EIDAS-Node pom does not depend on eidas-jcache-dev-node artifact to test--> + <module>../EIDAS-JCache-Dev</module> + <module>../EIDAS-JCache-Dev-Node</module> + <!--TODOEND--> + </modules> + <profiles> + <profile> + <id>NodeOnly</id> + <activation> + <activeByDefault>true</activeByDefault> + </activation> + <modules> + <module>../EIDAS-SAMLEngine</module> + <module>../EIDAS-UPDATER</module> + <module>../EIDAS-Node</module> + </modules> + </profile> + <profile> + <id>DemoToolsOnly</id> + <activation> + <activeByDefault>false</activeByDefault> + </activation> + <modules> + <module>../EIDAS-SimpleProtocol</module> + <module>../EIDAS-SpecificProxyService</module> + <module>../EIDAS-SpecificConnector</module> + <module>../EIDAS-SP</module> + <module>../EIDAS-IdP-1.0</module> + </modules> + </profile> + <profile> + <id>nodeJcacheIgnite</id> + <activation> + <activeByDefault>true</activeByDefault> + </activation> + <modules> + <module>../EIDAS-JCache-Ignite</module> + <module>../EIDAS-JCache-Ignite-Node</module> + </modules> + </profile> + <profile> + <id>nodeJcacheHazelcast</id> + <activation> + <activeByDefault>true</activeByDefault> + </activation> + <modules> + <module>../EIDAS-JCache-Hazelcast</module> + <module>../EIDAS-JCache-Hazelcast-Node</module> + </modules> + </profile> + <profile> + <id>nodeJcacheDev</id> + <activation> + <activeByDefault>true</activeByDefault> + </activation> + <modules> + <module>../EIDAS-JCache-Dev</module> + <module>../EIDAS-JCache-Dev-Node</module> + </modules> + </profile> + <profile> + <id>specificCommunicationJcacheIgnite</id> + <activation> + <activeByDefault>true</activeByDefault> + </activation> + <modules> + <module>../EIDAS-JCache-Ignite</module> + <module>../EIDAS-JCache-Ignite-Specific-Communication</module> + </modules> + </profile> + <profile> + <id>specificCommunicationJcacheHazelcast</id> + <activation> + <activeByDefault>false</activeByDefault> + </activation> + <modules> + <module>../EIDAS-JCache-Hazelcast</module> + <module>../EIDAS-JCache-Hazelcast-Specific-Communication</module> + </modules> + </profile> + <profile> + <id>specificCommunicationJcacheDev</id> + <activation> + <activeByDefault>false</activeByDefault> + <property> + <name>specificJar</name> + </property> + </activation> + <modules> + <module>../EIDAS-JCache-Dev</module> + <module>../EIDAS-JCache-Dev-Specific-Communication</module> + </modules> + </profile> + </profiles> +</project> diff --git a/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.5.0/eidas-commons-2.5.0-javadoc.jar b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.5.0/eidas-commons-2.5.0-javadoc.jar Binary files differnew file mode 100644 index 00000000..dd667cd9 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.5.0/eidas-commons-2.5.0-javadoc.jar diff --git a/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.5.0/eidas-commons-2.5.0-sources.jar b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.5.0/eidas-commons-2.5.0-sources.jar Binary files differnew file mode 100644 index 00000000..8b6d3da3 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.5.0/eidas-commons-2.5.0-sources.jar diff --git a/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.5.0/eidas-commons-2.5.0.jar b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.5.0/eidas-commons-2.5.0.jar Binary files differnew file mode 100644 index 00000000..8439b264 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.5.0/eidas-commons-2.5.0.jar diff --git a/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.5.0/eidas-commons-2.5.0.pom b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.5.0/eidas-commons-2.5.0.pom new file mode 100644 index 00000000..ac302325 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.5.0/eidas-commons-2.5.0.pom @@ -0,0 +1,101 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <modelVersion>4.0.0</modelVersion> + <artifactId>eidas-commons</artifactId> + <packaging>${mod.packaging.type}</packaging> + <name>eIDAS Commons</name> + <description> + The EIDASCommons library provides beans, Java Interfaces and utility classes to integrate EidasNode and SAML + Engine. + </description> + <parent> + <groupId>eu.eidas</groupId> + <artifactId>eidas-parent</artifactId> + <version>2.5.0</version> + <relativePath>../EIDAS-Parent/pom.xml</relativePath> + </parent> + <dependencies> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-light-commons</artifactId> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + </dependency> + <dependency> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + </dependency> + <!-- Bouncy Castle --> + <dependency> + <groupId>javax.servlet</groupId> + <artifactId>javax.servlet-api</artifactId> + </dependency> + <dependency> + <groupId>org.owasp.encoder</groupId> + <artifactId>encoder</artifactId> + </dependency> + <dependency> + <groupId>javax.cache</groupId> + <artifactId>cache-api</artifactId> + <version>1.1.0</version> + </dependency> + <!-- TEST --> + <dependency> + <groupId>ch.qos.logback</groupId> + <artifactId>logback-classic</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>aopalliance</groupId> + <artifactId>aopalliance</artifactId> + <version>1.0</version> + <scope>test</scope> + </dependency> + </dependencies> + + <build> + <resources> + <resource> + <directory>${project.basedir}/src/main/resources</directory> + </resource> + </resources> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-source-plugin</artifactId> + </plugin> + </plugins> + <testResources> + <testResource> + <directory>src/test/resources</directory> + <includes> + <include>log4j.xml</include> + <include>*.properties</include> + </includes> + </testResource> + </testResources> + </build> + <profiles> + <profile> + <id>metrics</id> + <build> + <plugins> + <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>cobertura-maven-plugin</artifactId> + </plugin> + </plugins> + </build> + </profile> + </profiles> + <reporting> + <plugins> + <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>cobertura-maven-plugin</artifactId> + </plugin> + </plugins> + </reporting> +</project> diff --git a/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.5.0/eidas-jcache-ignite-specific-communication-2.5.0-javadoc.jar b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.5.0/eidas-jcache-ignite-specific-communication-2.5.0-javadoc.jar Binary files differnew file mode 100644 index 00000000..68bd2496 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.5.0/eidas-jcache-ignite-specific-communication-2.5.0-javadoc.jar diff --git a/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.5.0/eidas-jcache-ignite-specific-communication-2.5.0-sources.jar b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.5.0/eidas-jcache-ignite-specific-communication-2.5.0-sources.jar Binary files differnew file mode 100644 index 00000000..cb518da2 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.5.0/eidas-jcache-ignite-specific-communication-2.5.0-sources.jar diff --git a/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.5.0/eidas-jcache-ignite-specific-communication-2.5.0.jar b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.5.0/eidas-jcache-ignite-specific-communication-2.5.0.jar Binary files differnew file mode 100644 index 00000000..5e190e0b --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.5.0/eidas-jcache-ignite-specific-communication-2.5.0.jar diff --git a/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.5.0/eidas-jcache-ignite-specific-communication-2.5.0.pom b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.5.0/eidas-jcache-ignite-specific-communication-2.5.0.pom new file mode 100644 index 00000000..809d00e4 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.5.0/eidas-jcache-ignite-specific-communication-2.5.0.pom @@ -0,0 +1,61 @@ +<!--
+ ~ Copyright (c) 2020 by European Commission
+ ~
+ ~ Licensed under the EUPL, Version 1.2 or - as soon they will be
+ ~ approved by the European Commission - subsequent versions of the
+ ~ EUPL (the "Licence");
+ ~ You may not use this work except in compliance with the Licence.
+ ~ You may obtain a copy of the Licence at:
+ ~ https://joinup.ec.europa.eu/page/eupl-text-11-12
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the Licence is distributed on an "AS IS" basis,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ ~ implied.
+ ~ See the Licence for the specific language governing permissions and
+ ~ limitations under the Licence
+ -->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
+ http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>eidas-jcache-ignite-specific-communication</artifactId>
+ <packaging>jar</packaging>
+ <name>eIDAS JCache Ignite Specific Communication</name>
+ <description>Implements JCache using Ignite with Specific Communication Definition's beans configurations.</description>
+
+ <parent>
+ <groupId>eu.eidas</groupId>
+ <artifactId>eidas-parent</artifactId>
+ <version>2.5.0</version>
+ <relativePath>../EIDAS-Parent/pom.xml</relativePath>
+ </parent>
+
+ <properties>
+ <ignite.version>2.8.1</ignite.version>
+ </properties>
+
+ <dependencies>
+ <dependency>
+ <groupId>eu.eidas</groupId>
+ <artifactId>eidas-jcache-ignite</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-context</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-simple</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.ignite</groupId>
+ <artifactId>ignite-slf4j</artifactId>
+ <version>${ignite.version}</version>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+
+</project>
diff --git a/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.5.0/eidas-jcache-ignite-2.5.0-javadoc.jar b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.5.0/eidas-jcache-ignite-2.5.0-javadoc.jar Binary files differnew file mode 100644 index 00000000..34d86914 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.5.0/eidas-jcache-ignite-2.5.0-javadoc.jar diff --git a/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.5.0/eidas-jcache-ignite-2.5.0-sources.jar b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.5.0/eidas-jcache-ignite-2.5.0-sources.jar Binary files differnew file mode 100644 index 00000000..44b56b3b --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.5.0/eidas-jcache-ignite-2.5.0-sources.jar diff --git a/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.5.0/eidas-jcache-ignite-2.5.0.jar b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.5.0/eidas-jcache-ignite-2.5.0.jar Binary files differnew file mode 100644 index 00000000..f055b5e8 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.5.0/eidas-jcache-ignite-2.5.0.jar diff --git a/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.5.0/eidas-jcache-ignite-2.5.0.pom b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.5.0/eidas-jcache-ignite-2.5.0.pom new file mode 100644 index 00000000..5e4d6b05 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.5.0/eidas-jcache-ignite-2.5.0.pom @@ -0,0 +1,94 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
+ http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>eidas-jcache-ignite</artifactId>
+ <packaging>jar</packaging>
+ <name>eIDAS JCache Ignite</name>
+ <description>Implements JCache using Ignite.</description>
+
+ <parent>
+ <groupId>eu.eidas</groupId>
+ <artifactId>eidas-parent</artifactId>
+ <version>2.5.0</version>
+ <relativePath>../EIDAS-Parent/pom.xml</relativePath>
+ </parent>
+
+ <properties>
+ <ignite.version>2.8.1</ignite.version>
+ </properties>
+
+ <dependencies>
+ <dependency>
+ <groupId>eu.eidas</groupId>
+ <artifactId>eidas-commons</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>commons-logging</groupId>
+ <artifactId>commons-logging</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.ignite</groupId>
+ <artifactId>ignite-core</artifactId>
+ <version>${ignite.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.gridgain</groupId>
+ <artifactId>ignite-shmem</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.ignite</groupId>
+ <artifactId>ignite-spring</artifactId>
+ <version>${ignite.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.apache.ignite</groupId>
+ <artifactId>ignite-indexing</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-core</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-aop</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-beans</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-context</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-expression</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-tx</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-jdbc</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>commons-logging</groupId>
+ <artifactId>commons-logging</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>javax.servlet-api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.ignite</groupId>
+ <artifactId>ignite-slf4j</artifactId>
+ <version>${ignite.version}</version>
+ </dependency>
+ </dependencies>
+</project>
diff --git a/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.5.0/eidas-light-commons-2.5.0-javadoc.jar b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.5.0/eidas-light-commons-2.5.0-javadoc.jar Binary files differnew file mode 100644 index 00000000..6f521268 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.5.0/eidas-light-commons-2.5.0-javadoc.jar diff --git a/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.5.0/eidas-light-commons-2.5.0-sources.jar b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.5.0/eidas-light-commons-2.5.0-sources.jar Binary files differnew file mode 100644 index 00000000..3e90e3af --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.5.0/eidas-light-commons-2.5.0-sources.jar diff --git a/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.5.0/eidas-light-commons-2.5.0.jar b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.5.0/eidas-light-commons-2.5.0.jar Binary files differnew file mode 100644 index 00000000..de5a51b1 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.5.0/eidas-light-commons-2.5.0.jar diff --git a/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.5.0/eidas-light-commons-2.5.0.pom b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.5.0/eidas-light-commons-2.5.0.pom new file mode 100644 index 00000000..ad62ebda --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.5.0/eidas-light-commons-2.5.0.pom @@ -0,0 +1,55 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <modelVersion>4.0.0</modelVersion> + <artifactId>eidas-light-commons</artifactId> + <packaging>${mod.packaging.type}</packaging> + <name>eIDAS Light Commons</name> + <description> + The EIDASLightCommons library provides Java Interfaces and utility classes to integrate EIDASCommons and eIDAS Specific Communication Definition. + </description> + <parent> + <groupId>eu.eidas</groupId> + <artifactId>eidas-parent</artifactId> + <version>2.5.0</version> + <relativePath>../EIDAS-Parent/pom.xml</relativePath> + </parent> + <dependencies> + <dependency> + <groupId>joda-time</groupId> + <artifactId>joda-time</artifactId> + </dependency> + <dependency> + <groupId>com.ibm.icu</groupId> + <artifactId>icu4j</artifactId> + </dependency> + </dependencies> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-source-plugin</artifactId> + </plugin> + </plugins> + </build> + <profiles> + <profile> + <id>metrics</id> + <build> + <plugins> + <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>cobertura-maven-plugin</artifactId> + </plugin> + </plugins> + </build> + </profile> + </profiles> + <reporting> + <plugins> + <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>cobertura-maven-plugin</artifactId> + </plugin> + </plugins> + </reporting> +</project> diff --git a/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-parent/2.5.0/eidas-parent-2.5.0.pom b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-parent/2.5.0/eidas-parent-2.5.0.pom new file mode 100644 index 00000000..38321046 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-parent/2.5.0/eidas-parent-2.5.0.pom @@ -0,0 +1,898 @@ +<!-- + ~ Copyright (c) 2020 by European Commission + ~ + ~ Licensed under the EUPL, Version 1.2 or - as soon they will be + ~ approved by the European Commission - subsequent versions of the + ~ EUPL (the "Licence"); + ~ You may not use this work except in compliance with the Licence. + ~ You may obtain a copy of the Licence at: + ~ https://joinup.ec.europa.eu/page/eupl-text-11-12 + ~ + ~ Unless required by applicable law or agreed to in writing, software + ~ distributed under the Licence is distributed on an "AS IS" basis, + ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + ~ implied. + ~ See the Licence for the specific language governing permissions and + ~ limitations under the Licence. + --> +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 + http://maven.apache.org/maven-v4_0_0.xsd"> + <modelVersion>4.0.0</modelVersion> + <groupId>eu.eidas</groupId> + <artifactId>eidas-parent</artifactId> + <packaging>pom</packaging> + <name>eIDAS Node Parent</name> + <version>2.5.0</version> + <description> + The EIDAS-Parent provides artifacts versions for Eidas Node components. + </description> + <properties> + <!-- 1) Project properties --> + <proj.name>EIDASParent</proj.name> + <proj.name.eidas>EidasNode</proj.name.eidas> + <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> + <app.packaging.type>war</app.packaging.type> + <mod.packaging.type>jar</mod.packaging.type> + <timestamp>${maven.build.timestamp}</timestamp> + <!-- java version targeted in the compile phase --> + <java.version>1.8</java.version> + + <samlspec.version>0.5.2</samlspec.version> + <samlspecacept.version>0.5.1</samlspecacept.version> + + <!-- 2) Library dependency versions --> + <spring.version>4.3.18.RELEASE</spring.version> + <opensaml.not-yet-commons-ssl.version>0.3.9</opensaml.not-yet-commons-ssl.version> + <opensaml.openws.version>1.5.5</opensaml.openws.version> + <opensaml.version>3.4.3</opensaml.version> + <opensaml.api.version>3.4.3</opensaml.api.version> + <opensaml-security-ext.version>1.0.7</opensaml-security-ext.version> + <xmlsec.version>2.1.4</xmlsec.version> + <!--shibboleth.xmlsupport.version>8.0-SNAPSHOT</shibboleth.xmlsupport.version--> + <shibboleth.xmlsupport.version>7.5.0</shibboleth.xmlsupport.version> + <servlet.version>3.0.1</servlet.version> + <jsp.api>2.0</jsp.api> + <jstl.version>1.2.6</jstl.version> + <jasper.version>6.0.53</jasper.version> + <slf4j.version>1.7.10</slf4j.version> + <logback.version>1.2.0</logback.version> + <mockito.version>2.13.0</mockito.version> + <junit.version>4.12</junit.version> + <hamcrest.version>1.3</hamcrest.version> + <commons.codec>1.9</commons.codec> + <commons.collections>3.2.2</commons.collections> + <commons.io>2.4</commons.io> + <commons.lang>2.6</commons.lang> + <commons.logging>1.1.3</commons.logging> + <commons.httpclient>4.5.13</commons.httpclient> + <commons.httpcore>4.4.9</commons.httpcore> + <commons.lang3>3.1</commons.lang3> + <bouncycastle.version>1.64</bouncycastle.version> + <owasp.version>1.1.1</owasp.version> + <owasp.dependency-check.version>1.4.0</owasp.dependency-check.version> + <joda.time.version>2.6</joda.time.version> + <log4j.version>1.2.17</log4j.version> + <log4j.api>2.3</log4j.api> + <xmlunit.version>1.5</xmlunit.version> + <bdr.econnector.version>1.2.2</bdr.econnector.version> + <struts.version>2.3.34</struts.version> + <!--<icu4j.version>55.1</icu4j.version>--> + <vaadin.version>7.4.2</vaadin.version> + <vaadin.plugin.version>${vaadin.version}</vaadin.plugin.version> + <vaadin-spring.version>1.0.0.beta1</vaadin-spring.version> + <vaadin4spring.version>0.0.5.RELEASE</vaadin4spring.version> + <jetty.plugin.version>9.2.3.v20140905</jetty.plugin.version> + <guava.version>28.1-jre</guava.version> + <jsr305.version>3.0.1</jsr305.version> + <icu4j.version>57.1</icu4j.version> + + <!-- 3) maven plugin versions --> + <javadoc.plugin.version>2.8.1</javadoc.plugin.version> + <compile.plugin.version>2.3.2</compile.plugin.version> + <surefire.plugin.version>2.19.1</surefire.plugin.version> + <war.plugin.version>3.2.0</war.plugin.version> + <ear.plugin.version>2.7</ear.plugin.version> + <resources.plugin.version>2.4</resources.plugin.version> + <cobertura.plugin.version>2.7</cobertura.plugin.version> + <remote.resources.plugin.version>1.5</remote.resources.plugin.version> + <source.plugin.version>2.1.2</source.plugin.version> + <install.plugin.version>2.5.2</install.plugin.version> + <clean.plugin.version>2.6.1</clean.plugin.version> + <maven.jar.plugin.version>3.1.2</maven.jar.plugin.version> + <jaxb.plugin.version>2.3.1</jaxb.plugin.version> + </properties> + + <dependencyManagement> + <dependencies> + <!-- eIDAS modules --> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>SimpleProtocol</artifactId> + <version>0.0.3</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-commons</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-light-commons</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-configmodule</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-encryption</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-saml-engine</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-updater</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-saml-metadata</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-specific-connector</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-specific-proxyservice</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-specific-communication-definition</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-jcache-dev</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-jcache-dev-node</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-jcache-dev-specific-communication</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-jcache-ignite</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-jcache-ignite-node</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-jcache-ignite-specific-communication</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-jcache-hazelcast</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-jcache-hazelcast-node</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-jcache-hazelcast-specific-communication</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-node</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-sp</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-idp</artifactId> + <version>${project.version}</version> + </dependency> + <!-- Joda --> + <dependency> + <groupId>joda-time</groupId> + <artifactId>joda-time</artifactId> + <version>${joda.time.version}</version> + </dependency> + <!-- SLF4J logging --> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + <version>${slf4j.version}</version> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>jcl-over-slf4j</artifactId> + <version>${slf4j.version}</version> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>log4j-over-slf4j</artifactId> + <version>${slf4j.version}</version> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>jul-to-slf4j</artifactId> + <version>${slf4j.version}</version> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-simple</artifactId> + <version>${slf4j.version}</version> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-log4j12</artifactId> + <version>${slf4j.version}</version> + </dependency> + <!-- commons-logging --> + <dependency> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + <version>${commons.logging}</version> + </dependency> + <!-- Log4J --> + <dependency> + <groupId>log4j</groupId> + <artifactId>log4j</artifactId> + <version>${log4j.version}</version> + <exclusions> + <exclusion> + <groupId>javax.jms</groupId> + <artifactId>jms</artifactId> + </exclusion> + <exclusion> + <groupId>com.sun.jdmk</groupId> + <artifactId>jmxtools</artifactId> + </exclusion> + <exclusion> + <groupId>com.sun.jmx</groupId> + <artifactId>jmxri</artifactId> + </exclusion> + <exclusion> + <artifactId>mail</artifactId> + <groupId>javax.mail</groupId> + </exclusion> + </exclusions> + </dependency> + <!-- LogBack --> + <dependency> + <groupId>ch.qos.logback</groupId> + <artifactId>logback-classic</artifactId> + <version>${logback.version}</version> + <exclusions> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + </exclusion> + </exclusions> + </dependency> + <!-- Bouncy Castle --> + <dependency> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + <version>${bouncycastle.version}</version> + <!-- Wildfly issue: please keep provided as the default scope for all the components of the project and override it if needed --> + <scope>provided</scope> + </dependency> + <!-- Apache Commons --> + <dependency> + <groupId>commons-codec</groupId> + <artifactId>commons-codec</artifactId> + <version>${commons.codec}</version> + </dependency> + <dependency> + <groupId>commons-collections</groupId> + <artifactId>commons-collections</artifactId> + <version>${commons.collections}</version> + </dependency> + <dependency> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpclient</artifactId> + <version>${commons.httpclient}</version> + <exclusions> + <exclusion> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + </exclusion> + <exclusion> + <groupId>commons-codec</groupId> + <artifactId>commons-codec</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + <version>${commons.httpcore}</version> + <exclusions> + <exclusion> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>commons-io</groupId> + <artifactId>commons-io</artifactId> + <version>${commons.io}</version> + </dependency> + <dependency> + <groupId>commons-lang</groupId> + <artifactId>commons-lang</artifactId> + <version>${commons.lang}</version> + </dependency> + <dependency> + <groupId>org.owasp.encoder</groupId> + <artifactId>encoder</artifactId> + <version>${owasp.version}</version> + </dependency> + <dependency> + <groupId>org.owasp.encoder</groupId> + <artifactId>encoder-jsp</artifactId> + <version>${owasp.version}</version> + </dependency> + <dependency> + <groupId>com.google.guava</groupId> + <artifactId>guava</artifactId> + <version>${guava.version}</version> + </dependency> + <dependency> + <groupId>com.google.code.findbugs</groupId> + <artifactId>jsr305</artifactId> + <version>${jsr305.version}</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.opensaml</groupId> + <artifactId>opensaml-core</artifactId> + <version>${opensaml.version}</version> + <exclusions> + <exclusion> + <groupId>commons-codec</groupId> + <artifactId>commons-codec</artifactId> + </exclusion> + <exclusion> + <groupId>commons-collections</groupId> + <artifactId>commons-collections</artifactId> + </exclusion> + <exclusion> + <groupId>commons-lang</groupId> + <artifactId>commons-lang</artifactId> + </exclusion> + <exclusion> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + </exclusion> + <exclusion> + <groupId>javax.servlet</groupId> + <artifactId>servlet-api</artifactId> + </exclusion> + <exclusion> + <groupId>joda-time</groupId> + <artifactId>joda-time</artifactId> + </exclusion> + <exclusion> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + </exclusion> + <exclusion> + <groupId>log4j</groupId> + <artifactId>log4j</artifactId> + </exclusion> + <exclusion> + <groupId>org.apache.velocity</groupId> + <artifactId>velocity</artifactId> + </exclusion> + <exclusion> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>jcl-over-slf4j</artifactId> + </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>log4j-over-slf4j</artifactId> + </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>jul-to-slf4j</artifactId> + </exclusion> + <exclusion> + <groupId>org.springframework</groupId> + <artifactId>spring-test</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.opensaml</groupId> + <artifactId>opensaml-saml-api</artifactId> + <version>${opensaml.version}</version> + </dependency> + <dependency> + <groupId>org.opensaml</groupId> + <artifactId>opensaml-saml-impl</artifactId> + <version>${opensaml.version}</version> + </dependency> + <dependency> + <groupId>se.swedenconnect.opensaml</groupId> + <artifactId>opensaml-security-ext</artifactId> + <exclusions> + <exclusion> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + </exclusion> + </exclusions> + <version>${opensaml-security-ext.version}</version> + </dependency> + <dependency> + <groupId>net.shibboleth.utilities</groupId> + <artifactId>java-support</artifactId> + <version>${shibboleth.xmlsupport.version}</version> + </dependency> + <dependency> + <groupId>org.opensaml</groupId> + <artifactId>opensaml-xmlsec-api</artifactId> + <exclusions> + <exclusion> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + </exclusion> + </exclusions> + <version>${opensaml.version}</version> + </dependency> + <dependency> + <groupId>javax.servlet</groupId> + <artifactId>javax.servlet-api</artifactId> + <version>${servlet.version}</version> + <scope>provided</scope> + </dependency> + <!-- JSP --> + <dependency> + <groupId>javax.servlet</groupId> + <artifactId>jsp-api</artifactId> + <version>${jsp.api}</version> + <scope>provided</scope> + </dependency> + + <dependency> + <groupId>org.glassfish.web</groupId> + <artifactId>jakarta.servlet.jsp.jstl</artifactId> + <version>${jstl.version}</version> + <scope>runtime</scope> + </dependency> + <!-- Spring --> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-core</artifactId> + <version>${spring.version}</version> + <exclusions> + <exclusion> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-beans</artifactId> + <version>${spring.version}</version> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-context</artifactId> + <version>${spring.version}</version> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-context-support</artifactId> + <version>${spring.version}</version> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-web</artifactId> + <version>${spring.version}</version> + </dependency> + <dependency> + <groupId>xalan</groupId> + <artifactId>xalan</artifactId> + <version>${xalan.version}</version> + </dependency> + <dependency> + <groupId>org.opensaml</groupId> + <artifactId>opensaml-xmlsec-impl</artifactId> + <exclusions> + <exclusion> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + </exclusion> + </exclusions> + <version>${opensaml.version}</version> + </dependency> + <!-- EIDINT-4171: Override of opensaml-xmlsec-impl sub dependency --> + <dependency> + <groupId>org.apache.santuario</groupId> + <artifactId>xmlsec</artifactId> + <version>${xmlsec.version}</version> + </dependency> + <!-- https://mvnrepository.com/artifact/org.apache.tomcat/jasper-el --> + <dependency> + <groupId>org.apache.tomcat</groupId> + <artifactId>jasper-el</artifactId> + <version>${jasper.version}</version> + </dependency> + <!-- Struts2 --> + <dependency> + <groupId>org.apache.struts</groupId> + <artifactId>struts2-core</artifactId> + <version>${struts.version}</version> + </dependency> + <!-- ICU --> + <dependency> + <groupId>com.ibm.icu</groupId> + <artifactId>icu4j</artifactId> + <version>${icu4j.version}</version> + </dependency> + + <!-- UNIT TEST Dependencies --> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <version>${junit.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.hamcrest</groupId> + <artifactId>hamcrest-all</artifactId> + <version>${hamcrest.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.mockito</groupId> + <artifactId>mockito-core</artifactId> + <version>${mockito.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>xmlunit</groupId> + <artifactId>xmlunit</artifactId> + <version>${xmlunit.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-test</artifactId> + <version>${spring.version}</version> + <scope>test</scope> + </dependency> + </dependencies> + </dependencyManagement> + + <dependencies> + <!-- Dependencies in common for all modules --> + <dependency> + <groupId>commons-collections</groupId> + <artifactId>commons-collections</artifactId> + </dependency> + <dependency> + <groupId>commons-io</groupId> + <artifactId>commons-io</artifactId> + </dependency> + <dependency> + <groupId>commons-lang</groupId> + <artifactId>commons-lang</artifactId> + </dependency> + <dependency> + <groupId>com.google.guava</groupId> + <artifactId>guava</artifactId> + </dependency> + <dependency> + <groupId>com.google.code.findbugs</groupId> + <artifactId>jsr305</artifactId> + </dependency> + + <!-- UNIT TEST Dependencies in common for all modules --> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <exclusions> + <exclusion> + <artifactId>hamcrest-core</artifactId> + <groupId>org.hamcrest</groupId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.hamcrest</groupId> + <artifactId>hamcrest-all</artifactId> + </dependency> + <dependency> + <groupId>org.mockito</groupId> + <artifactId>mockito-core</artifactId> + <exclusions> + <exclusion> + <artifactId>hamcrest-core</artifactId> + <groupId>org.hamcrest</groupId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>xmlunit</groupId> + <artifactId>xmlunit</artifactId> + </dependency> + </dependencies> + + <build> + <pluginManagement> + <plugins> + + <plugin> + <groupId>com.orctom.mojo</groupId> + <artifactId>was-maven-plugin</artifactId> + <version>1.0.8</version> + <configuration> + <wasHome>c:/pgm/wlp</wasHome> + <applicationName>${proj.name}</applicationName> + <host>localhost</host> + <server>server01</server> + <node>node01</node> + <virtualHost>default_host</virtualHost> + <verbose>true</verbose> + </configuration> + </plugin> + + <plugin> + <groupId>org.apache.tomcat.maven</groupId> + <artifactId>tomcat7-maven-plugin</artifactId> + <version>2.2</version> + <configuration> + <url>http://localhost:8080/manager/text</url> + <server>tomcat</server> + <path>/${proj.name}</path> + <username>admin</username> + <password>admin</password> + </configuration> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>${war.plugin.version}</version> + <configuration> + <webResources> + <resource> + <directory>${project.basedir}/src/main/webapp/WEB-INF</directory> + <filtering>true</filtering> + <targetPath>WEB-INF</targetPath> + <includes> + <include>**/web.xml</include> + </includes> + </resource> + </webResources> + </configuration> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-source-plugin</artifactId> + <version>${source.plugin.version}</version> + <executions> + <execution> + <id>attach-sources</id> + <phase>verify</phase> + <goals> + <goal>jar-no-fork</goal> + </goals> + </execution> + </executions> + </plugin> + <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>cobertura-maven-plugin</artifactId> + <version>${cobertura.plugin.version}</version> + <configuration> + <formats> + <format>html</format> + <format>xml</format> + </formats> + </configuration> + </plugin> + <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>jaxb2-maven-plugin</artifactId> + <version>${jaxb.plugin.version}</version> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-resources-plugin</artifactId> + <version>${resources.plugin.version}</version> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-jar-plugin</artifactId> + <version>${maven.jar.plugin.version}</version> + </plugin> + <!--plugin> + <groupId>org.owasp</groupId> + <artifactId>dependency-check-maven</artifactId> + <version>${owasp.dependency-check.version}</version> + <configuration> + <failBuildOnCVSS>8</failBuildOnCVSS> + </configuration> + <executions> + <execution> + <goals> + <goal>check</goal> + </goals> + </execution> + </executions> + </plugin--> + </plugins> + </pluginManagement> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-compiler-plugin</artifactId> + <version>${compile.plugin.version}</version> + <configuration> + <source>${java.version}</source> + <target>${java.version}</target> + </configuration> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-surefire-plugin</artifactId> + <version>${surefire.plugin.version}</version> + <configuration> + <skip>false</skip> + </configuration> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-javadoc-plugin</artifactId> + <version>${javadoc.plugin.version}</version> + <configuration> + <detectLinks>true</detectLinks> + </configuration> + </plugin> + </plugins> + </build> + <modules> + <module>../EIDAS-Light-Commons</module> + <module>../EIDAS-Commons</module> + <module>../EIDAS-ConfigModule</module> + <module>../EIDAS-Encryption</module> + <module>../EIDAS-Metadata</module> + <module>../EIDAS-SpecificCommunicationDefinition</module> + <!--start of TODO remove when/if EIDAS-Node pom does not depend on eidas-jcache-dev-node artifact to test--> + <module>../EIDAS-JCache-Dev</module> + <module>../EIDAS-JCache-Dev-Node</module> + <!--TODOEND--> + </modules> + <profiles> + <profile> + <id>NodeOnly</id> + <activation> + <activeByDefault>true</activeByDefault> + </activation> + <modules> + <module>../EIDAS-SAMLEngine</module> + <module>../EIDAS-UPDATER</module> + <module>../EIDAS-Node</module> + </modules> + </profile> + <profile> + <id>DemoToolsOnly</id> + <activation> + <activeByDefault>false</activeByDefault> + </activation> + <modules> + <module>../EIDAS-SimpleProtocol</module> + <module>../EIDAS-SpecificProxyService</module> + <module>../EIDAS-SpecificConnector</module> + <module>../EIDAS-SP</module> + <module>../EIDAS-IdP-1.0</module> + </modules> + </profile> + <profile> + <id>nodeJcacheIgnite</id> + <activation> + <activeByDefault>true</activeByDefault> + </activation> + <modules> + <module>../EIDAS-JCache-Ignite</module> + <module>../EIDAS-JCache-Ignite-Node</module> + </modules> + </profile> + <profile> + <id>nodeJcacheHazelcast</id> + <activation> + <activeByDefault>true</activeByDefault> + </activation> + <modules> + <module>../EIDAS-JCache-Hazelcast</module> + <module>../EIDAS-JCache-Hazelcast-Node</module> + </modules> + </profile> + <profile> + <id>nodeJcacheDev</id> + <activation> + <activeByDefault>true</activeByDefault> + </activation> + <modules> + <module>../EIDAS-JCache-Dev</module> + <module>../EIDAS-JCache-Dev-Node</module> + </modules> + </profile> + <profile> + <id>specificCommunicationJcacheIgnite</id> + <activation> + <activeByDefault>true</activeByDefault> + </activation> + <modules> + <module>../EIDAS-JCache-Ignite</module> + <module>../EIDAS-JCache-Ignite-Specific-Communication</module> + </modules> + </profile> + <profile> + <id>specificCommunicationJcacheHazelcast</id> + <activation> + <activeByDefault>false</activeByDefault> + </activation> + <modules> + <module>../EIDAS-JCache-Hazelcast</module> + <module>../EIDAS-JCache-Hazelcast-Specific-Communication</module> + </modules> + </profile> + <profile> + <id>specificCommunicationJcacheDev</id> + <activation> + <activeByDefault>false</activeByDefault> + <property> + <name>specificJar</name> + </property> + </activation> + <modules> + <module>../EIDAS-JCache-Dev</module> + <module>../EIDAS-JCache-Dev-Specific-Communication</module> + </modules> + </profile> + </profiles> +</project> diff --git a/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.5.0/eidas-specific-communication-definition-2.5.0-javadoc.jar b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.5.0/eidas-specific-communication-definition-2.5.0-javadoc.jar Binary files differnew file mode 100644 index 00000000..fad96d8a --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.5.0/eidas-specific-communication-definition-2.5.0-javadoc.jar diff --git a/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.5.0/eidas-specific-communication-definition-2.5.0-sources.jar b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.5.0/eidas-specific-communication-definition-2.5.0-sources.jar Binary files differnew file mode 100644 index 00000000..9a2589d6 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.5.0/eidas-specific-communication-definition-2.5.0-sources.jar diff --git a/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.5.0/eidas-specific-communication-definition-2.5.0.jar b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.5.0/eidas-specific-communication-definition-2.5.0.jar Binary files differnew file mode 100644 index 00000000..8b8c387d --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.5.0/eidas-specific-communication-definition-2.5.0.jar diff --git a/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.5.0/eidas-specific-communication-definition-2.5.0.pom b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.5.0/eidas-specific-communication-definition-2.5.0.pom new file mode 100644 index 00000000..4fd93c22 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.5.0/eidas-specific-communication-definition-2.5.0.pom @@ -0,0 +1,136 @@ +<!--
+ ~ Copyright (c) 2020 by European Commission
+ ~
+ ~ Licensed under the EUPL, Version 1.2 or - as soon they will be
+ ~ approved by the European Commission - subsequent versions of the
+ ~ EUPL (the "Licence");
+ ~ You may not use this work except in compliance with the Licence.
+ ~ You may obtain a copy of the Licence at:
+ ~ https://joinup.ec.europa.eu/page/eupl-text-11-12
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the Licence is distributed on an "AS IS" basis,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ ~ implied.
+ ~ See the Licence for the specific language governing permissions and
+ ~ limitations under the Licence.
+ -->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
+ http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>eidas-specific-communication-definition</artifactId>
+ <packaging>jar</packaging>
+ <name>eIDAS Specific Communication Definition</name>
+ <description>Defines and implements the communication protocol to be used between specific and node modules.
+ </description>
+ <parent>
+ <groupId>eu.eidas</groupId>
+ <artifactId>eidas-parent</artifactId>
+ <version>2.5.0</version>
+ <relativePath>../EIDAS-Parent/pom.xml</relativePath>
+ </parent>
+ <properties>
+ <lightRequest.xsd>lightRequest.xsd</lightRequest.xsd>
+ </properties>
+ <dependencies>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-context</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>eu.eidas</groupId>
+ <artifactId>eidas-commons</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>javax.servlet-api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-test</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>commons-logging</groupId>
+ <artifactId>commons-logging</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>eu.eidas</groupId>
+ <artifactId>eidas-jcache-dev</artifactId>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-source-plugin</artifactId>
+ </plugin>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>jaxb2-maven-plugin</artifactId>
+ <executions>
+ <execution>
+ <id>xjc</id>
+ <goals>
+ <goal>xjc</goal>
+ </goals>
+ </execution>
+ </executions>
+ <configuration>
+ <sources>
+ <source>src/main/resources/xsds/${lightRequest.xsd}</source>
+ <source>src/main/resources/xsds/lightResponse.xsd</source>
+ </sources>
+ <packageName>eu.eidas.specificcommunication</packageName>
+ <noPackageLevelAnnotations>true</noPackageLevelAnnotations>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+ <profiles>
+ <profile>
+ <id>specificCommunicationJcacheIgnite</id>
+ <activation>
+ <activeByDefault>true</activeByDefault>
+ </activation>
+ <dependencies>
+ <dependency>
+ <groupId>eu.eidas</groupId>
+ <artifactId>eidas-jcache-ignite-specific-communication</artifactId>
+ </dependency>
+ </dependencies>
+ </profile>
+ <profile>
+ <id>specificCommunicationJcacheHazelcast</id>
+ <dependencies>
+ <dependency>
+ <groupId>eu.eidas</groupId>
+ <artifactId>eidas-jcache-hazelcast-specific-communication</artifactId>
+ </dependency>
+ </dependencies>
+ </profile>
+ <profile>
+ <id>specificCommunicationJcacheProvidedImpl</id>
+ <activation>
+ <activeByDefault>false</activeByDefault>
+ </activation>
+ </profile>
+ <profile>
+ <id>specificCommunicationJcacheDev</id>
+ <!-- <activation> -->
+ <!-- <property> -->
+ <!-- <name>specificJar</name> -->
+ <!-- </property> -->
+ <!-- </activation> -->
+ <dependencies>
+ <dependency>
+ <groupId>eu.eidas</groupId>
+ <artifactId>eidas-jcache-dev-specific-communication</artifactId>
+ </dependency>
+ </dependencies>
+ </profile>
+ </profiles>
+</project>
diff --git a/eidas_modules/authmodule-eIDAS-v2/spotbugs_exclude.xml b/eidas_modules/authmodule-eIDAS-v2/spotbugs_exclude.xml deleted file mode 100644 index 90d418ff..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/spotbugs_exclude.xml +++ /dev/null @@ -1,6 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<FindBugsFilter> - <Match> - <Class name="~szrservices.SZRException"/> - </Match> -</FindBugsFilter>
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java index 15057600..8a1a63f5 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java @@ -35,6 +35,7 @@ public class Constants { public static final String DATA_RESULT_MATCHING_BPK = "matching-result-bpk"; public static final String DATA_SIMPLE_EIDAS = "simple_eidas_data"; + // templates for post-binding forwarding public static final String TEMPLATE_POST_FORWARD_NAME = "eidas_node_forward.html"; public static final String TEMPLATE_POST_FORWARD_ENDPOINT = "endPoint"; @@ -53,11 +54,11 @@ public class Constants { public static final String CONIG_PROPS_EIDAS_NODE_FORWARD_METHOD = CONIG_PROPS_EIDAS_NODE + ".forward.method"; public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_DEFAULT_ONLYNATURAL = - CONIG_PROPS_EIDAS_NODE + ".attributes.requested.onlynatural."; + CONIG_PROPS_EIDAS_NODE + ".attributes.requested.onlynatural"; public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_CC_SPECIFIC_ONLYNATURAL = - CONIG_PROPS_EIDAS_NODE + ".attributes.requested.{0}.onlynatural."; + CONIG_PROPS_EIDAS_NODE + ".attributes.requested.{0}.onlynatural"; public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_REPRESENTATION = - CONIG_PROPS_EIDAS_NODE + ".attributes.requested.representation."; + CONIG_PROPS_EIDAS_NODE + ".attributes.requested.representation"; public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_ADD_ALWAYS_PROVIDERNAME = CONIG_PROPS_EIDAS_NODE + ".workarounds.addAlwaysProviderName"; public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USEREQUESTIDASTRANSACTIONIDENTIFIER = @@ -78,6 +79,8 @@ public class Constants { + ".debug.logfullmessages"; public static final String CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USEDUMMY = CONIG_PROPS_EIDAS_SZRCLIENT + ".debug.useDummySolution"; + public static final String CONIG_PROPS_EIDAS_SZRCLIENT_SET_MDS_TO_EIDASBIND = CONIG_PROPS_EIDAS_SZRCLIENT + + ".eidasbind.mds.inject"; public static final String CONIG_PROPS_EIDAS_SZRCLIENT_TIMEOUT_CONNECTION = CONIG_PROPS_EIDAS_SZRCLIENT + ".timeout.connection"; public static final String CONIG_PROPS_EIDAS_SZRCLIENT_TIMEOUT_RESPONSE = CONIG_PROPS_EIDAS_SZRCLIENT @@ -144,6 +147,9 @@ public class Constants { public static final String eIDAS_ATTR_LEGALPERSONIDENTIFIER = "LegalPersonIdentifier"; public static final String eIDAS_ATTR_LEGALNAME = "LegalName"; + public static final String eIDAS_REQ_PARAM_SECTOR_PUBLIC = "public"; + public static final String eIDAS_REQ_PARAM_SECTOR_PRIVATE = "private"; + public static final String POLICY_DEFAULT_ALLOWED_TARGETS = EaafConstants.URN_PREFIX_CDID.replaceAll("\\.", "\\\\.").replaceAll("\\+", "\\\\+") + ".*"; diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasSignalServlet.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasSignalServlet.java index e9302f6d..d3cac80c 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasSignalServlet.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasSignalServlet.java @@ -47,7 +47,7 @@ import eu.eidas.auth.commons.EidasParameterKeys; import eu.eidas.auth.commons.light.ILightResponse; import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames; import eu.eidas.specificcommunication.exception.SpecificCommunicationException; -import eu.eidas.specificcommunication.protocol.impl.SpecificConnectorCommunicationServiceImpl; +import eu.eidas.specificcommunication.protocol.SpecificCommunicationService; /** * Controler implementation for eIDAS Node communication. @@ -108,8 +108,8 @@ public class EidasSignalServlet extends AbstractProcessEngineSignalController { } log.trace("Receive eIDAS-node token: " + tokenBase64 + " Starting transaction-restore process ... "); - final SpecificConnectorCommunicationServiceImpl specificConnectorCommunicationService = - (SpecificConnectorCommunicationServiceImpl) context.getBean( + final SpecificCommunicationService specificConnectorCommunicationService = + (SpecificCommunicationService) context.getBean( SpecificCommunicationDefinitionBeanNames.SPECIFIC_CONNECTOR_COMMUNICATION_SERVICE.toString()); final ILightResponse eidasResponse = specificConnectorCommunicationService.getAndRemoveResponse( tokenBase64, diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/EidasPersonalIdStoreDao.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/EidasPersonalIdStoreDao.java deleted file mode 100644 index c7acdb15..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/EidasPersonalIdStoreDao.java +++ /dev/null @@ -1,158 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.dao; - -import java.util.ArrayList; -import java.util.Collections; -import java.util.Iterator; -import java.util.List; - -import at.gv.egiz.eaaf.core.impl.data.Pair; - -@Deprecated -public class EidasPersonalIdStoreDao { - public static final String NAME = "foreigneIDMap"; - - // Enum with all cols of this table - public enum Cols { - timestamp, transactionId, eidasId, eidasSourceCountry, eidasDestinationCountry, ernbId - } - - public enum T { - ID("INTEGER"), - BIGINT("VARCHAR(265)"), - URI("VARCHAR(256)"), - DATE("Long"), - TEXT("TEXT"), - Long("BIGINT"), - Int("INTEGER"), - BLOB("BLOB"), - CC("CHAR(2)"), - BOOL("INTEGER"); - - private final String type; - - T(String el) { - type = el; - } - - @Override - public String toString() { - return type; - } - } - - // define Cols of the table - public static final List<Pair<String, T>> TABLE_COLS; - - static { - final List<Pair<String, T>> cols = new ArrayList<>(); - cols.add(Pair.newInstance(Cols.timestamp.name(), T.DATE)); - cols.add(Pair.newInstance(Cols.transactionId.name(), T.TEXT)); - cols.add(Pair.newInstance(Cols.eidasId.name(), T.TEXT)); - cols.add(Pair.newInstance(Cols.eidasSourceCountry.name(), T.CC)); - cols.add(Pair.newInstance(Cols.eidasDestinationCountry.name(), T.CC)); - cols.add(Pair.newInstance(Cols.ernbId.name(), T.TEXT)); - - TABLE_COLS = Collections.unmodifiableList(cols); - - } - - public static final String CREATE = "CREATE TABLE " + NAME - + " (" + "id" + " " + T.ID.toString() - + " PRIMARY KEY AUTOINCREMENT, " + buildCreateTableQuery(TABLE_COLS) + ")"; - - public static final String INSERT = "INSERT INTO " + NAME - + "(" + buildInsertQueryKeys(TABLE_COLS) + ")" - + " VALUES (" + buildInsertQueryValues(TABLE_COLS) + ");"; - - public static final String SELECT_BY_ERNB_ID = "SELECT * FROM " + NAME - + " WHERE " + Cols.ernbId.name() + "=?;"; - - public static final String SELECT_BY_EIDAS_RAW_ID = "SELECT * FROM " + NAME - + " WHERE " + Cols.eidasId.name() + "=?" - + " and " + Cols.eidasSourceCountry.name() + "=?" + ";"; - - /** - * Build a part of a SQL query, which contains the cols of a table that should - * be created. - * - * @param cols List of DB col definitions {@link Pair} - * @return Part of a SQL query, which contains cols that should be created - */ - private static String buildCreateTableQuery(List<Pair<String, T>> cols) { - StringBuffer buf = new StringBuffer(); - for (final Pair<String, T> el : cols) { - buf.append(el.getFirst()); - buf.append(" "); - buf.append(el.getSecond()); - buf.append(","); - - } - String sql = buf.toString(); - return sql.substring(0, sql.length() - 1); - - } - - /** - * Build a part of a SQL query, which contains the cols keys of a table for - * insert operation. - * - * @param cols List of DB col definitions {@link Pair} - * @return Part of a SQL query, which contains cols that should be created - */ - protected static String buildInsertQueryKeys(List<Pair<String, T>> cols) { - - StringBuffer buf = new StringBuffer(); - for (final Pair<String, T> el : cols) { - buf.append(el.getFirst()); - buf.append(","); - - } - String sql = buf.toString(); - return sql.substring(0, sql.length() - 1); - } - - /** - * Build a part of a SQL query, which contains the cols values of a table for - * insert operation. - * - * @param cols List of DB col definitions {@link Pair} - * @return Part of a SQL query, which contains cols that should be created - */ - protected static String buildInsertQueryValues(List<Pair<String, T>> cols) { - - StringBuffer buf = new StringBuffer(); - Iterator<Pair<String, T>> it = cols.iterator(); - while (it.hasNext()) { - buf.append("?,"); - it.next(); - - } - - String sql = buf.toString(); - return sql.substring(0, sql.length() - 1); - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernp/IErnpClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernp/IErnpClient.java index cb499ca5..2f82387f 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernp/IErnpClient.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernp/IErnpClient.java @@ -42,4 +42,5 @@ public interface IErnpClient { void update(RegisterResult registerResult, SimpleEidasData eidData); boolean createNewEntry(SimpleEidasData simpleEidasData); + } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java index e3c1e00f..734cf873 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java @@ -23,6 +23,19 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler; + +import java.util.Map; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +import org.apache.commons.lang3.StringUtils; +import org.joda.time.DateTime; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.lang.NonNull; + +import com.google.common.collect.ImmutableSortedSet; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException; @@ -31,24 +44,15 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRe import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils; import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType; import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.impl.data.Triple; -import com.google.common.collect.ImmutableSortedSet; -import edu.umd.cs.findbugs.annotations.NonNull; + import eu.eidas.auth.commons.attribute.AttributeDefinition; import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; import eu.eidas.auth.commons.light.impl.LightRequest.Builder; import eu.eidas.auth.commons.protocol.eidas.SpType; -import org.apache.commons.lang3.StringUtils; -import org.joda.time.DateTime; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; - -import java.util.Map; -import java.util.regex.Matcher; -import java.util.regex.Pattern; public abstract class AbstractEidProcessor implements INationalEidProcessor { private static final Logger log = LoggerFactory.getLogger(AbstractEidProcessor.class); @@ -61,10 +65,12 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor { @Override public final void preProcess(IRequest pendingReq, Builder authnRequestBuilder) { + buildLevelOfAssurance(pendingReq.getServiceProviderConfiguration(), authnRequestBuilder); buildProviderNameAttribute(pendingReq, authnRequestBuilder); buildRequestedAttributes(authnRequestBuilder); } + @Override public final ErnbEidData postProcess(Map<String, Object> eidasAttrMap) throws EidPostProcessingException, EidasAttributeException { @@ -268,10 +274,36 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor { final String providerName = pendingReq.getRawData(Constants.DATA_PROVIDERNAME, String.class); if (StringUtils.isNotEmpty(providerName)) { authnRequestBuilder.providerName(providerName); + authnRequestBuilder.requesterId(providerName); + } } + } + + private void buildLevelOfAssurance(ISpConfiguration spConfig, Builder authnRequestBuilder) { + // TODO: set matching mode if eIDAS ref. impl. support this method + + // TODO: update if eIDAS ref. impl. supports exact matching for non-notified LoA + // schemes + String loa = EaafConstants.EIDAS_LOA_HIGH; + if (spConfig.getRequiredLoA() != null) { + if (spConfig.getRequiredLoA().isEmpty()) { + log.info("No eIDAS LoA requested. Use LoA HIGH as default"); + } else { + if (spConfig.getRequiredLoA().size() > 1) { + log.info( + "Currently only ONE requested LoA is supported for service provider. Use first one ... "); + } + + loa = spConfig.getRequiredLoA().get(0); + + } + } + log.debug("Request eIdAS node with LoA: " + loa); + authnRequestBuilder.levelOfAssurance(loa); + } } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/AuthBlockSigningService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/AuthBlockSigningService.java index cfaecfbb..234d52dd 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/AuthBlockSigningService.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/AuthBlockSigningService.java @@ -79,7 +79,8 @@ public class AuthBlockSigningService { EidasAuchBlock authBlock = new EidasAuchBlock(); authBlock.setChallenge(UUID.randomUUID().toString()); authBlock.setTimestamp(LocalDateTime.now().truncatedTo(ChronoUnit.SECONDS)); - authBlock.setUniqueId(pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID, String.class)); + authBlock.setUniqueId(pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID, String.class)); + authBlock.setPiiTransactionId(pendingReq.getUniquePiiTransactionIdentifier()); String jwsPayload = mapper.writeValueAsString(authBlock); log.debug("Building and sign authBlock with data: {}", jwsPayload); @@ -185,6 +186,9 @@ public class AuthBlockSigningService { @JsonProperty("appId") private String uniqueId; + @JsonProperty("piiTransactionId") + private String piiTransactionId; + } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasAttributeRegistry.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasAttributeRegistry.java index 98c4c2de..e73491ab 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasAttributeRegistry.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasAttributeRegistry.java @@ -35,13 +35,13 @@ import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.lang.NonNull; import org.springframework.stereotype.Service; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; -import edu.umd.cs.findbugs.annotations.NonNull; import eu.eidas.auth.commons.attribute.AttributeRegistries; import eu.eidas.auth.commons.attribute.AttributeRegistry; diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java index 69b993a4..1f5837d6 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java @@ -45,6 +45,7 @@ import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManagerFactory; +import javax.xml.XMLConstants; import javax.xml.bind.JAXBContext; import javax.xml.bind.Marshaller; import javax.xml.namespace.QName; @@ -58,8 +59,6 @@ import javax.xml.ws.BindingProvider; import javax.xml.ws.Dispatch; import javax.xml.ws.handler.Handler; -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.ObjectMapper; import org.apache.commons.lang3.StringUtils; import org.apache.cxf.configuration.jsse.TLSClientParameters; import org.apache.cxf.endpoint.Client; @@ -75,9 +74,14 @@ import org.springframework.stereotype.Service; import org.w3c.dom.Document; import org.w3c.dom.Element; +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; + import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.LoggingHandler; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.data.XmlNamespaceConstants; import at.gv.egiz.eaaf.core.api.idp.IConfiguration; import at.gv.egiz.eaaf.core.impl.utils.DomUtils; @@ -111,7 +115,8 @@ public class SzrClient { private static final String KEY_BC_BIND = "bcBindReq"; private static final String JOSE_HEADER_USERCERTPINNING_TYPE = "urn:at.gv.eid:bindtype"; private static final String JOSE_HEADER_USERCERTPINNING_EIDASBIND = "urn:at.gv.eid:eidasBind"; - + public static final String ATTR_NAME_MDS = "urn:eidgvat:mds"; + @Autowired private IConfiguration basicConfig; @@ -229,7 +234,7 @@ public class SzrClient { final String resp; try { - resp = this.szr.getStammzahlEncrypted(personInfo, false); + resp = this.szr.getStammzahlEncrypted(personInfo, true); } catch (SZRException_Exception e) { throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e); } @@ -242,36 +247,38 @@ public class SzrClient { } - /** - * Signs content. + * Sign an eidasBind data-structure that combines vsz with user's pubKey and E-ID status. * - * @param vsz ? TODO + * @param vsz encryped baseId * @param bindingPubKey binding PublikKey as PKCS1# (ASN.1) container * @param eidStatus Status of the E-ID + * @param eidData eID information that was used for ERnP registration * @return bPK for this person * @throws SzrCommunicationException In case of a SZR error */ - public String getBcBind(final String vsz, final String bindingPubKey, final String eidStatus) - throws SzrCommunicationException { - - final Map<String, Object> bcBindMap = new HashMap<>(); - bcBindMap.put(ATTR_NAME_VSZ, vsz); - bcBindMap.put(ATTR_NAME_STATUS, eidStatus); - bcBindMap.put(ATTR_NAME_PUBKEYS, Arrays.asList(bindingPubKey)); - + public String getEidsaBind(final String vsz, final String bindingPubKey, final String eidStatus, + ErnbEidData eidData)throws SzrCommunicationException { + + final Map<String, Object> eidsaBindMap = new HashMap<>(); + eidsaBindMap.put(ATTR_NAME_VSZ, vsz); + eidsaBindMap.put(ATTR_NAME_STATUS, eidStatus); + eidsaBindMap.put(ATTR_NAME_PUBKEYS, Arrays.asList(bindingPubKey)); + eidsaBindMap.put(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, eidData.getCitizenCountryCode()); + injectMdsIfAvailableAndActive(eidsaBindMap, eidData); + try { - final String serializedBcBind = mapper.writeValueAsString(bcBindMap); + final String serializedEidasBind = mapper.writeValueAsString(eidsaBindMap); final SignContent req = new SignContent(); - final SignContentEntry bcBindInfo = new SignContentEntry(); - bcBindInfo.setKey(KEY_BC_BIND); - bcBindInfo.setValue(serializedBcBind); - req.getIn().add(bcBindInfo); + final SignContentEntry eidasBindInfo = new SignContentEntry(); + eidasBindInfo.setKey(KEY_BC_BIND); + eidasBindInfo.setValue(serializedEidasBind); + req.getIn().add(eidasBindInfo); req.setAppendCert(false); - final JwsHeaderParam bcBindJoseHeader = new JwsHeaderParam(); - bcBindJoseHeader.setKey(JOSE_HEADER_USERCERTPINNING_TYPE); - bcBindJoseHeader.setValue(JOSE_HEADER_USERCERTPINNING_EIDASBIND); - req.getJWSHeaderParam().add(bcBindJoseHeader); + final JwsHeaderParam eidasBindJoseHeader = new JwsHeaderParam(); + eidasBindJoseHeader.setKey(JOSE_HEADER_USERCERTPINNING_TYPE); + eidasBindJoseHeader.setValue(JOSE_HEADER_USERCERTPINNING_EIDASBIND); + req.getJWSHeaderParam().add(eidasBindJoseHeader); log.trace("Requesting SZR to sign bcBind datastructure ... "); final SignContentResponseType resp = szr.signContent(req.isAppendCert(), req.getJWSHeaderParam(), req.getIn()); @@ -486,8 +493,22 @@ public class SzrClient { } + private void injectMdsIfAvailableAndActive(Map<String, Object> eidsaBindMap, ErnbEidData eidData) { + if (basicConfig.getBasicConfigurationBoolean( + Constants.CONIG_PROPS_EIDAS_SZRCLIENT_SET_MDS_TO_EIDASBIND, false)) { + log.info("Injecting MDS into eidasBind ... "); + final Map<String, Object> mds = new HashMap<>(); + mds.put(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, eidData.getFamilyName()); + mds.put(PvpAttributeDefinitions.GIVEN_NAME_NAME, eidData.getGivenName()); + mds.put(PvpAttributeDefinitions.BIRTHDATE_NAME, eidData.getFormatedDateOfBirth()); + eidsaBindMap.put(ATTR_NAME_MDS, mds); + + } + } + private byte[] sourceToByteArray(Source result) throws TransformerException { final TransformerFactory factory = TransformerFactory.newInstance(); + factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); final Transformer transformer = factory.newTransformer(); transformer.setOutputProperty("omit-xml-declaration", "yes"); transformer.setOutputProperty("method", "xml"); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java index f9142f8e..b519354c 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java @@ -150,38 +150,40 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { // get encrypted baseId String vsz = szrClient.getEncryptedStammzahl(personInfo); - + + //write revision-Log entry and extended infos personal-identifier mapping + revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_VSZ_RECEIVED); + writeExtendedRevisionLogEntry(simpleAttrMap, eidData); + + // get eIDAS bind - String signedEidasBind = szrClient.getBcBind(vsz, + String signedEidasBind = szrClient.getEidsaBind(vsz, authBlockSigner.getBase64EncodedPublicKey(), - EID_STATUS); - + EID_STATUS, eidData); + revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_EIDASBIND_RECEIVED); + authProcessData.setGenericDataToSession(Constants.EIDAS_BIND, signedEidasBind); + //get signed AuthBlock String jwsSignature = authBlockSigner.buildSignedAuthBlock(pendingReq); - - //inject personal-data into session + revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.TECH_AUCHBLOCK_CREATED); authProcessData.setGenericDataToSession(Constants.SZR_AUTHBLOCK, jwsSignature); - authProcessData.setGenericDataToSession(Constants.EIDAS_BIND, signedEidasBind); + + //inject personal-data into session + authProcessData.setEidProcess(true); } else { //request SZR SzrResultHolder idlResult = requestSzrForIdentityLink(personInfo); - // write ERnB input-data into revision-log - if (basicConfig.getBasicConfigurationBoolean( - Constants.CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_REVISIONLOGDATASTORE_ACTIVE, false)) { - revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_ERNB_EIDAS_RAW_ID, - (String) simpleAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER)); - revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_ERNB_EIDAS_ERNB_ID, eidData.getPseudonym()); - - } + //write revision-Log entry for personal-identifier mapping + writeExtendedRevisionLogEntry(simpleAttrMap, eidData); //check result-data and write revision-log based on current state checkStateAndWriteRevisionLog(idlResult); - //inject personal-data into session authProcessData.setIdentityLink(idlResult.getIdentityLink()); + authProcessData.setEidProcess(false); // set bPK and bPKType into auth session authProcessData.setGenericDataToSession(PvpAttributeDefinitions.BPK_NAME, extendBpkByPrefix( @@ -217,6 +219,17 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { } } + private void writeExtendedRevisionLogEntry(Map<String, Object> simpleAttrMap, ErnbEidData eidData) { + // write ERnB input-data into revision-log + if (basicConfig.getBasicConfigurationBoolean( + Constants.CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_REVISIONLOGDATASTORE_ACTIVE, false)) { + revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_ERNB_EIDAS_RAW_ID, + (String) simpleAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER)); + revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_ERNB_EIDAS_ERNB_ID, eidData.getPseudonym()); + + } + } + private PersonInfoType generateSzrRequest(ErnbEidData eidData) { log.debug("Starting connecting SZR Gateway"); final PersonInfoType personInfo = new PersonInfoType(); @@ -279,14 +292,18 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSzr).parseIdentityLink(); // get bPK from SZR - String bpk; + String bpk = null; if (basicConfig .getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USESRZFORBPKGENERATION, true)) { - bpk = szrClient + List<String> bpkList = szrClient .getBpk(personInfo, pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier(), basicConfig - .getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ, "no VKZ defined")) - .get(0); + .getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ, "no VKZ defined")); + if (!bpkList.isEmpty()) { + bpk = bpkList.get(0); + + } + } else { log.debug("Calculating bPK from baseId ... "); @@ -380,7 +397,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { } else { final List<String> natPersonIdObj = EidasResponseUtils - .translateStringListAttribute(el, attributeMap.get(el).asList()); + .translateStringListAttribute(el, attributeMap.get(el)); final String stringAttr = natPersonIdObj.get(0); if (StringUtils.isNotEmpty(stringAttr)) { result.put(el.getFriendlyName(), stringAttr); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java index 0b6e9ee8..92f58877 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java @@ -41,10 +41,8 @@ import at.asitplus.eidas.specific.connector.gui.StaticGuiBuilderConfiguration; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService; -import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.gui.ISpringMvcGuiFormBuilder; import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; @@ -87,9 +85,6 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask { throws TaskExecutionException { try { - // get service-provider configuration - final ISpConfiguration spConfig = pendingReq.getServiceProviderConfiguration(); - // get target, environment and validate citizen countryCode final String citizenCountryCode = (String) executionContext.get( MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY); @@ -110,6 +105,13 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask { final LightRequest.Builder authnRequestBuilder = LightRequest.builder(); authnRequestBuilder.id(UUID.randomUUID().toString()); + // set nameIDFormat + authnRequestBuilder.nameIdFormat(Constants.eIDAS_REQ_NAMEID_FORMAT); + + // set citizen country code for foreign uses + authnRequestBuilder.citizenCountryCode(citizenCountryCode); + + //set Issuer final String issur = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_ENTITYID); if (StringUtils.isEmpty(issur)) { log.error("Found NO 'eIDAS node issuer' in configuration. Authentication NOT possible!"); @@ -119,42 +121,7 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask { } authnRequestBuilder.issuer(issur); - // TODO: set matching mode if eIDAS ref. impl. support this method - - // TODO: update if eIDAS ref. impl. supports exact matching for non-notified LoA - // schemes - String loa = EaafConstants.EIDAS_LOA_HIGH; - if (spConfig.getRequiredLoA() != null) { - if (spConfig.getRequiredLoA().isEmpty()) { - log.info("No eIDAS LoA requested. Use LoA HIGH as default"); - } else { - if (spConfig.getRequiredLoA().size() > 1) { - log.info( - "Currently only ONE requested LoA is supported for service provider. Use first one ... "); - } - - loa = spConfig.getRequiredLoA().get(0); - - } - } - - log.debug("Request eIdAS node with LoA: " + loa); - authnRequestBuilder.levelOfAssurance(loa); - - // set nameIDFormat - authnRequestBuilder.nameIdFormat(Constants.eIDAS_REQ_NAMEID_FORMAT); - - // set citizen country code for foreign uses - authnRequestBuilder.citizenCountryCode(citizenCountryCode); - - // set relay state - /* - * TODO: SecureToken PendingRequestId generates a validation exception in - * eIDASNode because eIDASNode implements limit on size for RelayState - * (80characaters) - */ - // authnRequestBuilder.relayState(pendingReq.getPendingRequestId()); - + // Add country-specific informations into eIDAS request ccSpecificProcessing.preProcess(citizenCountryCode, pendingReq, authnRequestBuilder); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java index 34e258ca..9e5b4d67 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java @@ -296,7 +296,7 @@ public class InitialSearchTask extends AbstractAuthServletTask { } } else { final List<String> natPersonIdObj = EidasResponseUtils - .translateStringListAttribute(el, attributeMap.get(el).asList()); + .translateStringListAttribute(el, attributeMap.get(el)); final String stringAttr = natPersonIdObj.get(0); if (StringUtils.isNotEmpty(stringAttr)) { result.put(el.getFriendlyName(), stringAttr); @@ -309,4 +309,4 @@ public class InitialSearchTask extends AbstractAuthServletTask { log.debug("Receive #" + result.size() + " attributes with names: " + result.keySet().toString()); return result; } -} +}
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java index aafcd8b9..ef8822aa 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java @@ -19,7 +19,7 @@ * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. -*/ + */ package at.asitplus.eidas.specific.modules.auth.eidas.v2.utils; @@ -28,6 +28,7 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttribute import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType; import at.gv.egiz.eaaf.core.impl.data.Triple; import com.google.common.collect.ImmutableList; +import com.google.common.collect.ImmutableSet; import eu.eidas.auth.commons.attribute.AttributeDefinition; import eu.eidas.auth.commons.attribute.AttributeValue; import eu.eidas.auth.commons.attribute.AttributeValueMarshaller; @@ -57,7 +58,7 @@ public class EidasResponseUtils { * * @param uniqueID eIDAS attribute value of a unique identifier * @return true if the uniqueID matches to eIDAS to Unique Identifier - * specification, otherwise false + * specification, otherwise false */ public static boolean validateEidasPersonalIdentifier(String uniqueID) { final Pattern pattern = Pattern.compile(PERSONALIDENIFIER_VALIDATION_PATTERN); @@ -73,10 +74,10 @@ public class EidasResponseUtils { * * @param uniqueID eIDAS attribute value of a unique identifier * @return {@link Triple} that contains: <br> - * First : citizen country <br> - * Second: destination country <br> - * Third : unique identifier <br> - * or null if the attribute value has a wrong format + * First : citizen country <br> + * Second: destination country <br> + * Third : unique identifier <br> + * or null if the attribute value has a wrong format */ public static Triple<String, String, String> parseEidasPersonalIdentifier(String uniqueID) { if (!validateEidasPersonalIdentifier(uniqueID)) { @@ -93,58 +94,79 @@ public class EidasResponseUtils { * Get eIDAS attribute-values from eIDAS Node attributes. * * @param attributeDefinition eIDAS attribute definition - * @param attributeValues Attributes from eIDAS response - * @return Set of attribute values. If more then one value than the first value contains the 'Latin' value. + * @param attributeValues Attributes from eIDAS response + * @return Set of attribute values. If more then one value than the first value + * contains the 'Latin' value. */ // TODO: check possible problem with nonLatinCharacters public static List<String> translateStringListAttribute(AttributeDefinition<?> attributeDefinition, - ImmutableList<? extends AttributeValue<?>> attributeValues) { + @Nullable ImmutableSet<? extends AttributeValue<?>> attributeValues) { final List<String> stringListAttribute = new ArrayList<>(); - final AttributeValueMarshaller<?> attributeValueMarshaller = attributeDefinition - .getAttributeValueMarshaller(); - for (final AttributeValue<?> attributeValue : attributeValues) { - String valueString = null; - try { - valueString = attributeValueMarshaller.marshal((AttributeValue) attributeValue); - - log.trace("Find attr: {} with value: {} nonLatinFlag: {} needTransliteration: {}", - attributeDefinition.getFriendlyName(), attributeValue.toString(), - attributeValue.isNonLatinScriptAlternateVersion(), - AttributeValueTransliterator.needsTransliteration(valueString)); - - // if (attributeValue.isNonLatinScriptAlternateVersion()) { - if (!AttributeValueTransliterator.needsTransliteration(valueString)) { - stringListAttribute.add(0, valueString); - - } else { - log.trace("Find 'needsTransliteration' flag. Setting this value at last list element ... "); - stringListAttribute.add(valueString); + if (attributeValues == null) { + log.info("Can not extract infos from 'null' attribute value"); - } + } else { + final AttributeValueMarshaller<?> attributeValueMarshaller = + attributeDefinition.getAttributeValueMarshaller(); + for (final AttributeValue<?> attributeValue : attributeValues) { + String valueString = null; + try { + valueString = attributeValueMarshaller.marshal((AttributeValue) attributeValue); + + log.trace("Find attr: {} with value: {} nonLatinFlag: {} needTransliteration: {}", + attributeDefinition.getFriendlyName(), attributeValue.toString(), + attributeValue.isNonLatinScriptAlternateVersion(), + AttributeValueTransliterator.needsTransliteration(valueString)); + + // if (attributeValue.isNonLatinScriptAlternateVersion()) { + if (!AttributeValueTransliterator.needsTransliteration(valueString)) { + stringListAttribute.add(0, valueString); + + } else { + log.trace("Find 'needsTransliteration' flag. Setting this value at last list element ... "); + stringListAttribute.add(valueString); + + log.trace("Find attr: {} with value: {} nonLatinFlag: {} needTransliteration: {}", + attributeDefinition.getFriendlyName(), attributeValue.toString(), + attributeValue.isNonLatinScriptAlternateVersion(), + AttributeValueTransliterator.needsTransliteration(valueString)); + + // if (attributeValue.isNonLatinScriptAlternateVersion()) { + if (!AttributeValueTransliterator.needsTransliteration(valueString)) { + stringListAttribute.add(0, valueString); + + } else { + log.trace("Find 'needsTransliteration' flag. Setting this value at last list element ... "); + stringListAttribute.add(valueString); + + } + } + } catch (final AttributeValueMarshallingException e) { + throw new IllegalStateException(e); - } catch (final AttributeValueMarshallingException e) { - throw new IllegalStateException(e); + } } - } + log.trace("Extract values: {} for attr: {}", + StringUtils.join(stringListAttribute, ","), attributeDefinition.getFriendlyName()); - log.trace("Extract values: {} for attr: {}", - StringUtils.join(stringListAttribute, ","), attributeDefinition.getFriendlyName()); + } return stringListAttribute; } + /** * Convert eIDAS DateTime attribute to Java Object. * * @param attributeDefinition eIDAS attribute definition. - * @param attributeValues eIDAS attribute value + * @param attributeValues eIDAS attribute value * @return */ @Nullable public static DateTime translateDateAttribute(AttributeDefinition<?> attributeDefinition, - ImmutableList<? extends AttributeValue<?>> attributeValues) { + ImmutableList<? extends AttributeValue<?>> attributeValues) { if (attributeValues.size() != 0) { final AttributeValue<?> firstAttributeValue = attributeValues.get(0); return (DateTime) firstAttributeValue.getValue(); @@ -158,12 +180,12 @@ public class EidasResponseUtils { * Concert eIDAS Address attribute to Java object. * * @param attributeDefinition eIDAS attribute definition - * @param attributeValues eIDAS attribute value + * @param attributeValues eIDAS attribute value * @return */ @Nullable public static PostalAddress translateAddressAttribute(AttributeDefinition<?> attributeDefinition, - ImmutableList<? extends AttributeValue<?>> attributeValues) { + ImmutableList<? extends AttributeValue<?>> attributeValues) { final AttributeValue<?> firstAttributeValue = attributeValues.get(0); return (PostalAddress) firstAttributeValue.getValue(); } @@ -173,7 +195,7 @@ public class EidasResponseUtils { * * @param currentAddressObj eIDAS current address information * @return current address or null if no attribute is available - * @throws EidasAttributeException if eIDAS attribute is of a wrong type + * @throws EidasAttributeException if eIDAS attribute is of a wrong type */ public static PostalAddressType processAddress(Object currentAddressObj) throws EidasAttributeException { if (currentAddressObj != null) { @@ -198,7 +220,7 @@ public class EidasResponseUtils { * * @param birthNameObj eIDAS birthname information * @return birthName or null if no attribute is available - * @throws EidasAttributeException if eIDAS attribute is of a wrong type + * @throws EidasAttributeException if eIDAS attribute is of a wrong type */ public static String processBirthName(Object birthNameObj) throws EidasAttributeException { if (birthNameObj != null) { @@ -219,7 +241,7 @@ public class EidasResponseUtils { * * @param placeOfBirthObj eIDAS Place-of-Birth information * @return place of Birth or null if no attribute is available - * @throws EidasAttributeException if eIDAS attribute is of a wrong type + * @throws EidasAttributeException if eIDAS attribute is of a wrong type */ public static String processPlaceOfBirth(Object placeOfBirthObj) throws EidasAttributeException { if (placeOfBirthObj != null) { @@ -243,7 +265,7 @@ public class EidasResponseUtils { * * @param dateOfBirthObj eIDAS date-of-birth attribute information * @return formated user's date-of-birth - * @throws EidasAttributeException if NO attribute is available + * @throws EidasAttributeException if NO attribute is available */ public static DateTime processDateOfBirth(Object dateOfBirthObj) throws EidasAttributeException { if (!(dateOfBirthObj instanceof DateTime)) { @@ -257,7 +279,7 @@ public class EidasResponseUtils { * * @param dateOfBirthObj eIDAS date-of-birth attribute information * @return formated user's date-of-birth as string - * @throws EidasAttributeException if NO attribute is available + * @throws EidasAttributeException if NO attribute is available */ public static String processDateOfBirthToString(Object dateOfBirthObj) throws EidasAttributeException { if (!(dateOfBirthObj instanceof DateTime)) { @@ -271,7 +293,7 @@ public class EidasResponseUtils { * * @param givenNameObj eIDAS givenName attribute information * @return formated user's givenname - * @throws EidasAttributeException if NO attribute is available + * @throws EidasAttributeException if NO attribute is available */ public static String processGivenName(Object givenNameObj) throws EidasAttributeException { if (!(givenNameObj instanceof String)) { @@ -285,7 +307,7 @@ public class EidasResponseUtils { * * @param familyNameObj eIDAS familyName attribute information * @return formated user's familyname - * @throws EidasAttributeException if NO attribute is available + * @throws EidasAttributeException if NO attribute is available */ public static String processFamilyName(Object familyNameObj) throws EidasAttributeException { if (!(familyNameObj instanceof String)) { @@ -299,7 +321,7 @@ public class EidasResponseUtils { * * @param personalIdObj eIDAS PersonalIdentifierAttribute * @return Unique personal identifier without country-code information - * @throws EidasAttributeException if NO attribute is available + * @throws EidasAttributeException if NO attribute is available */ public static String processPseudonym(Object personalIdObj) throws EidasAttributeException { if (!(personalIdObj instanceof String)) { @@ -318,7 +340,7 @@ public class EidasResponseUtils { * * @param taxReferenceObj eIDAS TaxReference attribute information * @return formated user's TaxReference - * @throws EidasAttributeException if NO attribute is available + * @throws EidasAttributeException if NO attribute is available */ public static String processTaxReference(Object taxReferenceObj) throws EidasAttributeException { if (!(taxReferenceObj instanceof String)) { @@ -326,4 +348,4 @@ public class EidasResponseUtils { } return (String) taxReferenceObj; } -} +}
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/validator/EidasResponseValidator.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/validator/EidasResponseValidator.java index 1836e87b..9d9a0647 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/validator/EidasResponseValidator.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/validator/EidasResponseValidator.java @@ -29,7 +29,7 @@ import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import com.google.common.collect.ImmutableList; +import com.google.common.collect.ImmutableSet; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasValidationException; @@ -98,8 +98,8 @@ public class EidasResponseValidator { */ final AttributeDefinition<?> attrDefinition = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first(); - final ImmutableList<? extends AttributeValue<?>> attributeValues = eidasResponse.getAttributes() - .getAttributeMap().get(attrDefinition).asList(); + final ImmutableSet<? extends AttributeValue<?>> attributeValues = eidasResponse.getAttributes() + .getAttributeMap().get(attrDefinition); final List<String> personalIdObj = EidasResponseUtils.translateStringListAttribute(attrDefinition, attributeValues); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml index 32e3241c..fb1fa0f3 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml @@ -105,6 +105,7 @@ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.InitialSearchTask" scope="prototype" /> + <bean id="CreateNewErnpEntryTask" class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateNewErnpEntryTask" scope="prototype" /> diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java index c66d8ec0..088c835c 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java @@ -30,7 +30,9 @@ import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; @RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration("/SpringTest-context_tasks_test.xml") +@ContextConfiguration(locations = { + "/SpringTest-context_tasks_test.xml", + "/SpringTest-context_basic_mapConfig.xml"}) @DirtiesContext(classMode = ClassMode.BEFORE_CLASS) public class EidasAuthenticationModulImplTest { diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java new file mode 100644 index 00000000..62d5c556 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java @@ -0,0 +1,244 @@ +package at.asitplus.eidas.specific.modules.auth.eidas.v2.test; + +import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE; + +import java.io.IOException; +import java.net.URISyntaxException; +import java.util.Arrays; +import java.util.Base64; +import java.util.HashMap; +import java.util.Map; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; +import org.springframework.web.servlet.config.annotation.EnableWebMvc; + +import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap; +import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummySpConfiguration; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService; +import at.gv.egiz.eaaf.core.api.IRequestStorage; +import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyProtocolAuthService; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.utils.Random; +import eu.eidas.auth.commons.EidasParameterKeys; +import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse; +import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse.Builder; +import eu.eidas.auth.commons.tx.BinaryLightToken; +import eu.eidas.specificcommunication.exception.SpecificCommunicationException; + +@RunWith(SpringJUnit4ClassRunner.class) +@PrepareForTest(CreateIdentityLinkTask.class) +@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS) +@ContextConfiguration(locations = { + "/SpringTest-context_tasks_test.xml", + "/SpringTest-context_basic_mapConfig.xml"}) +@EnableWebMvc +public class EidasSignalServletTest { + + @Autowired private MsConnectorDummyConfigMap basicConfig; + @Autowired private EidasSignalServlet controller; + @Autowired private IRequestStorage storage; + @Autowired private ITransactionStorage transStore; + @Autowired private DummyProtocolAuthService protAuthService; + @Autowired private DummySpecificCommunicationService connector; + + + private MockHttpServletRequest httpReq; + private MockHttpServletResponse httpResp; + private TestRequestImpl pendingReq; + private MsConnectorDummySpConfiguration oaParam; + + + /** + * jUnit test set-up. + */ + @Before + public void setUp() throws EaafStorageException, URISyntaxException { + httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + final Map<String, String> spConfig = new HashMap<>(); + spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); + spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); + spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true"); + oaParam = new MsConnectorDummySpConfiguration(spConfig, basicConfig); + oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH)); + pendingReq = new TestRequestImpl(); + + pendingReq.setSpConfig(oaParam); + pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue()); + pendingReq.setAuthUrl("http://test.com/"); + pendingReq.setTransactionId("avaasbav"); + pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); + + connector.setiLightResponse(null); + + + } + + @Test + public void noResponsToken() throws IOException, EaafException { + //set-up + + //execute test + controller.restoreEidasAuthProcess(httpReq, httpResp); + + //validate state + Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); + Assert.assertNotNull("missing error", protAuthService.getException()); + Assert.assertEquals("Wrong errorId", "auth.26", + ((EaafException) protAuthService.getException()).getErrorId()); + + } + + @Test + public void unknownResponseToken() throws IOException, EaafException { + //set-up + httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), + RandomStringUtils.randomAlphanumeric(10)); + + //execute test + controller.restoreEidasAuthProcess(httpReq, httpResp); + + //validate state + Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); + Assert.assertNotNull("missing error", protAuthService.getException()); + Assert.assertEquals("Wrong errorId", "auth.26", + ((EaafException) protAuthService.getException()).getErrorId()); + + } + + @Test + public void withRelayState() throws IOException, EaafException, SpecificCommunicationException { + //set-up + String relayState = RandomStringUtils.randomAlphanumeric(10); + pendingReq.setPendingReqId(relayState); + storage.storePendingRequest(pendingReq); + + Builder iLightResponse = new AuthenticationResponse.Builder(); + iLightResponse.id("_".concat(Random.nextHexRandom16())) + .issuer(RandomStringUtils.randomAlphabetic(10)) + .subject(RandomStringUtils.randomAlphabetic(10)) + .statusCode(Constants.SUCCESS_URI) + .inResponseTo("_".concat(Random.nextHexRandom16())) + .subjectNameIdFormat("afaf") + .relayState(relayState); + + AuthenticationResponse eidasResp = iLightResponse.build(); + BinaryLightToken token = connector.putResponse(eidasResp); + httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), + Base64.getEncoder().encodeToString(token.getTokenBytes())); + + + //execute test + controller.restoreEidasAuthProcess(httpReq, httpResp); + + + //validate state + Assert.assertNotNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); + Assert.assertEquals("wrong eIDAS response", eidasResp, + httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); + + Assert.assertNotNull("missing error", protAuthService.getException()); + Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'", + ((EaafException) protAuthService.getException()).getErrorId()); + + } + + @Test + public void withOutRelayStateMissingPendingReq() throws IOException, EaafException, SpecificCommunicationException { + //set-up + String pendingReqId = RandomStringUtils.randomAlphanumeric(10); + pendingReq.setPendingReqId(pendingReqId); + storage.storePendingRequest(pendingReq); + + String inResponseTo = "_".concat(Random.nextHexRandom16()); + + Builder iLightResponse = new AuthenticationResponse.Builder(); + iLightResponse.id("_".concat(Random.nextHexRandom16())) + .issuer(RandomStringUtils.randomAlphabetic(10)) + .subject(RandomStringUtils.randomAlphabetic(10)) + .statusCode(Constants.SUCCESS_URI) + .inResponseTo(inResponseTo) + .subjectNameIdFormat("afaf"); + + AuthenticationResponse eidasResp = iLightResponse.build(); + BinaryLightToken token = connector.putResponse(eidasResp); + httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), + Base64.getEncoder().encodeToString(token.getTokenBytes())); + + + //execute test + controller.restoreEidasAuthProcess(httpReq, httpResp); + + + //validate state + Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); + Assert.assertNotNull("missing error", protAuthService.getException()); + Assert.assertEquals("Wrong errorId", "auth.26", + ((EaafException) protAuthService.getException()).getErrorId()); + + } + + @Test + public void withInResponseToElement() throws IOException, EaafException, SpecificCommunicationException { + //set-up + String pendingReqId = RandomStringUtils.randomAlphanumeric(10); + pendingReq.setPendingReqId(pendingReqId); + storage.storePendingRequest(pendingReq); + + String inResponseTo = "_".concat(Random.nextHexRandom16()); + transStore.put(inResponseTo, pendingReqId, -1); + + Builder iLightResponse = new AuthenticationResponse.Builder(); + iLightResponse.id("_".concat(Random.nextHexRandom16())) + .issuer(RandomStringUtils.randomAlphabetic(10)) + .subject(RandomStringUtils.randomAlphabetic(10)) + .statusCode(Constants.SUCCESS_URI) + .inResponseTo(inResponseTo) + .subjectNameIdFormat("afaf"); + + AuthenticationResponse eidasResp = iLightResponse.build(); + BinaryLightToken token = connector.putResponse(eidasResp); + httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), + Base64.getEncoder().encodeToString(token.getTokenBytes())); + + + //execute test + controller.restoreEidasAuthProcess(httpReq, httpResp); + + + //validate state + Assert.assertNotNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); + Assert.assertEquals("wrong eIDAS response", eidasResp, + httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); + + Assert.assertNotNull("missing error", protAuthService.getException()); + Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'", + ((EaafException) protAuthService.getException()).getErrorId()); + + } + +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java index 9709aeb9..cf4ed95c 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java @@ -31,7 +31,6 @@ import java.io.IOException; import java.security.InvalidKeyException; import java.security.MessageDigest; import java.security.NoSuchProviderException; -import java.util.Arrays; import java.util.List; import javax.xml.bind.JAXBContext; @@ -40,12 +39,14 @@ import javax.xml.bind.Unmarshaller; import javax.xml.parsers.ParserConfigurationException; import javax.xml.ws.soap.SOAPFaultException; +import org.apache.commons.io.IOUtils; import org.apache.commons.lang3.RandomStringUtils; import org.apache.commons.lang3.StringUtils; import org.apache.cxf.binding.soap.SoapFault; +import org.joda.time.DateTime; +import org.jose4j.lang.JoseException; import org.junit.Assert; import org.junit.Before; -import org.junit.BeforeClass; import org.junit.Ignore; import org.junit.Rule; import org.junit.Test; @@ -59,9 +60,14 @@ import org.springframework.util.Base64Utils; import org.w3c.dom.Element; import org.xml.sax.SAXException; +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.JsonMappingException; +import com.fasterxml.jackson.databind.ObjectMapper; import com.skjolberg.mockito.soap.SoapServiceRule; +import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient; @@ -69,7 +75,6 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType; import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType; import at.gv.egiz.eaaf.core.api.data.EaafConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; import at.gv.egiz.eaaf.core.exceptions.EaafParserException; import at.gv.egiz.eaaf.core.impl.data.Triple; @@ -88,15 +93,17 @@ import szrservices.SignContentResponseType; import szrservices.TravelDocumentType; @RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration("/SpringTest-context_tasks_test.xml") +@ContextConfiguration(locations = { + "/SpringTest-context_tasks_test.xml", + "/SpringTest-context_basic_mapConfig.xml"}) public class SzrClientTest { private static final Logger log = LoggerFactory.getLogger(SzrClientTest.class); - @Autowired - SzrClient szrClient; - @Autowired - IConfiguration basicConfig; + @Autowired SzrClient szrClient; + @Autowired MsConnectorDummyConfigMap basicConfig; + private static ObjectMapper mapper = new ObjectMapper(); + private static final String givenName = "Franz"; private static final String familyName = "Mustermann"; private static final String dateOfBirth = "1989-05-05"; @@ -104,24 +111,12 @@ public class SzrClientTest { private static final String DUMMY_TARGET = EaafConstants.URN_PREFIX_CDID + "ZP"; private SZR szrMock = null; - + ErnbEidData eidData = null; @Rule public SoapServiceRule soap = SoapServiceRule.newInstance(); /** - * jUnit class initializer. - * - * @throws IOException In case of an error - */ - @BeforeClass - public static void classInitializer() throws IOException { - final String current = new java.io.File(".").toURI().toString(); - System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties"); - - } - - /** * Initialize jUnit test. */ @Before @@ -130,6 +125,16 @@ public class SzrClientTest { szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr"); } + + eidData = new ErnbEidData(); + eidData.setFamilyName(familyName); + eidData.setGivenName(givenName); + eidData.setDateOfBirth(new DateTime()); + eidData.setCitizenCountryCode("IS"); + eidData.setPseudonym("1234sdgsdfg56789ABCDEF"); + + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject", "false"); + } @@ -158,7 +163,7 @@ public class SzrClientTest { } @Test - public void getBcBindValid() throws SZRException_Exception, SzrCommunicationException { + public void getEidasBindRealSzrResponse() throws SZRException_Exception, SzrCommunicationException, IOException { final SignContentResponse szrResponse = new SignContentResponse(); final SignContentEntry result1 = new SignContentEntry(); final SignContentResponseType content = new SignContentResponseType(); @@ -166,50 +171,116 @@ public class SzrClientTest { szrResponse.setSignContentResponse(content); result1.setKey("bcBindReq"); - result1.setValue(RandomStringUtils.randomAlphanumeric(100)); + result1.setValue(IOUtils.toString(SzrClient.class.getResourceAsStream("/data/szr/signed_eidasBind.jws"))); when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content); final String bcBind = szrClient - .getBcBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), - RandomStringUtils.randomAlphabetic(10)); + .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), + RandomStringUtils.randomAlphabetic(10), eidData); Assert.assertNotNull("bcBind is null", bcBind); Assert.assertEquals("bcBind not match", result1.getValue(), bcBind); + + } + @Test + public void eidasBindNull() throws SZRException_Exception { when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(null); - try { + + try { szrClient - .getBcBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), - RandomStringUtils.randomAlphabetic(10)); + .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), + RandomStringUtils.randomAlphabetic(10), eidData); } catch (SzrCommunicationException e) { Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01")); - } - + + } + } + + @Test + public void eidasBindInvalidResponse() throws SZRException_Exception { final SignContentEntry result2 = new SignContentEntry(); final SignContentResponseType content1 = new SignContentResponseType(); content1.getOut().add(result2); when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content1); + try { szrClient - .getBcBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), - RandomStringUtils.randomAlphabetic(10)); + .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), + RandomStringUtils.randomAlphabetic(10), eidData); } catch (SzrCommunicationException e) { Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01")); + } - + } + + public void eidasBindEmptyResponse() throws SZRException_Exception { + final SignContentEntry result2 = new SignContentEntry(); + final SignContentResponseType content1 = new SignContentResponseType(); + content1.getOut().add(result2); result2.setKey("bcBindReq"); result2.setValue(""); when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content1); + try { szrClient - .getBcBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), - RandomStringUtils.randomAlphabetic(10)); + .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), + RandomStringUtils.randomAlphabetic(10), eidData); } catch (SzrCommunicationException e) { Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01")); - } + + } } + + @Test + public void eidasBindValid() throws SZRException_Exception, SzrCommunicationException, JsonMappingException, + JsonProcessingException, JoseException { + final SignContentResponse szrResponse = new SignContentResponse(); + final SignContentEntry result1 = new SignContentEntry(); + final SignContentResponseType content = new SignContentResponseType(); + content.getOut().add(result1); + szrResponse.setSignContentResponse(content); + result1.setKey("bcBindReq"); + result1.setValue(RandomStringUtils.randomAlphanumeric(100)); + + when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content); + + final String bcBind = szrClient + .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), + RandomStringUtils.randomAlphabetic(10), eidData); + + Assert.assertNotNull("bcBind is null", bcBind); + Assert.assertEquals("bcBind not match", result1.getValue(), bcBind); + + } + + @Test + public void eidasBindValidWithMds() throws SZRException_Exception, SzrCommunicationException, JoseException, + JsonMappingException, JsonProcessingException { + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject", "true"); + + final SignContentResponse szrResponse = new SignContentResponse(); + final SignContentEntry result1 = new SignContentEntry(); + final SignContentResponseType content = new SignContentResponseType(); + content.getOut().add(result1); + szrResponse.setSignContentResponse(content); + + result1.setKey("bcBindReq"); + result1.setValue(RandomStringUtils.randomAlphanumeric(100)); + + when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content); + + final String bcBind = szrClient + .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), + RandomStringUtils.randomAlphabetic(10), eidData); + + Assert.assertNotNull("bcBind is null", bcBind); + Assert.assertEquals("bcBind not match", result1.getValue(), bcBind); + + } + @Test public void getIdentityLinkRawModeValidResponse() throws SZRException_Exception, EaafParserException, NoSuchProviderException, IOException, InvalidKeyException, diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java index 2f573f53..1e7ff369 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java @@ -29,19 +29,26 @@ import java.security.MessageDigest; import java.security.NoSuchProviderException; import java.util.List; +import org.apache.commons.lang3.RandomStringUtils; import org.apache.commons.lang3.StringUtils; +import org.bouncycastle.util.encoders.Base64; +import org.joda.time.DateTime; +import org.junit.Assert; import org.junit.Ignore; import org.junit.Test; import org.junit.runner.RunWith; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.annotation.IfProfileValue; import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.TestPropertySource; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.util.Base64Utils; import org.w3c.dom.Element; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient; @@ -59,9 +66,16 @@ import szrservices.PersonInfoType; import szrservices.SZRException_Exception; import szrservices.TravelDocumentType; -@Ignore + +@IfProfileValue(name = "spring.profiles.active", value = "devEnvironment") @RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration("/SpringTest-context_basic_test.xml") +@ContextConfiguration(locations = { + "/SpringTest-context_tasks_test.xml", + "/SpringTest-context_basic_realConfig.xml"}) +@TestPropertySource(locations = { + //"classpath:/application.properties", + "file:/home/tlenz/Projekte/config/ms_connector/default_config.properties", + }) public class SzrClientTestProduction { private static final Logger log = LoggerFactory.getLogger(SzrClientTestProduction.class); @@ -84,6 +98,33 @@ public class SzrClientTestProduction { } @Test + public void getVsz() throws SzrCommunicationException, EidasSAuthenticationException { + String vsz = szrClient.getEncryptedStammzahl(getPersonInfo()); + Assert.assertNotNull("vsz", vsz); + + } + + @Test + public void getEidasBind() throws SzrCommunicationException, EidasSAuthenticationException { + String vsz = RandomStringUtils.randomAlphanumeric(10); + String bindingPubKey = Base64.toBase64String(RandomStringUtils.random(20).getBytes()); + String eidStatus = "urn:eidgvat:eid.status.eidas"; + ErnbEidData eidData = new ErnbEidData(); + eidData.setFamilyName(familyName); + eidData.setGivenName(givenName); + eidData.setDateOfBirth(new DateTime()); + eidData.setCitizenCountryCode("IS"); + eidData.setPseudonym("1234sdgsdfg56789ABCDEF"); + + + String eidasBind = szrClient.getEidsaBind(vsz, bindingPubKey, eidStatus, eidData); + + Assert.assertNotNull("eidasBind", eidasBind); + + } + + + @Test public void getIdentityLinkRawMode() throws SZRException_Exception, EaafParserException, NoSuchProviderException, IOException, InvalidKeyException, EidasSAuthenticationException { log.debug("Starting connecting SZR Gateway"); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java index dd485ee6..2e6790c5 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java @@ -2,10 +2,10 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks; import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE; import static org.mockito.ArgumentMatchers.any; +import static org.mockito.Mockito.times; +import static org.mockito.Mockito.verify; import static org.powermock.api.mockito.PowerMockito.when; -import java.io.IOException; -import java.net.URI; import java.net.URISyntaxException; import java.security.KeyStore; import java.security.Provider; @@ -13,11 +13,10 @@ import java.security.cert.X509Certificate; import java.util.Arrays; import java.util.Collections; import java.util.HashMap; +import java.util.Iterator; import java.util.List; import java.util.Map; -import javax.xml.namespace.QName; - import org.apache.commons.lang3.RandomStringUtils; import org.jetbrains.annotations.NotNull; import org.jose4j.jwa.AlgorithmConstraints; @@ -25,10 +24,10 @@ import org.jose4j.jwa.AlgorithmConstraints.ConstraintType; import org.jose4j.jws.AlgorithmIdentifiers; import org.junit.Assert; import org.junit.Before; -import org.junit.BeforeClass; import org.junit.Rule; import org.junit.Test; import org.junit.runner.RunWith; +import org.mockito.ArgumentCaptor; import org.powermock.core.classloader.annotations.PrepareForTest; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.mock.web.MockHttpServletRequest; @@ -39,19 +38,23 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; +import com.fasterxml.jackson.databind.JsonNode; +import com.fasterxml.jackson.databind.ObjectMapper; import com.skjolberg.mockito.soap.SoapServiceRule; import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; +import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.AuthBlockSigningService; import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask; import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils; import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils.JwsResult; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.IRequestStorage; import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; import at.gv.egiz.eaaf.core.api.data.EaafConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; @@ -64,28 +67,31 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; +import at.gv.egiz.eaaf.core.impl.utils.Random; import eu.eidas.auth.commons.attribute.AttributeDefinition; import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; -import eu.eidas.auth.commons.attribute.PersonType; +import eu.eidas.auth.commons.attribute.ImmutableAttributeMap.Builder; import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse; import lombok.val; +import szrservices.JwsHeaderParam; +import szrservices.PersonInfoType; import szrservices.SZR; import szrservices.SignContentEntry; import szrservices.SignContentResponseType; @RunWith(SpringJUnit4ClassRunner.class) -//@RunWith(PowerMockRunner.class) -//@PowerMockRunnerDelegate(SpringJUnit4ClassRunner.class) @PrepareForTest(CreateIdentityLinkTask.class) @DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS) -@ContextConfiguration("/SpringTest-context_tasks_test.xml") +@ContextConfiguration(locations = { + "/SpringTest-context_tasks_test.xml", + "/SpringTest-context_basic_mapConfig.xml"}) public class CreateIdentityLinkTaskEidNewTest { @Autowired(required = true) private CreateIdentityLinkTask task; @Autowired(required = true) - private IConfiguration basicConfig; + private MsConnectorDummyConfigMap basicConfig; @Autowired protected EidasAttributeRegistry attrRegistry; @@ -93,7 +99,7 @@ public class CreateIdentityLinkTaskEidNewTest { EaafKeyStoreFactory keyStoreFactory; @Autowired - private AuthBlockSigningService authBlockSigner; + private IRequestStorage requestStorage; final ExecutionContext executionContext = new ExecutionContextImpl(); private MockHttpServletRequest httpReq; @@ -110,22 +116,14 @@ public class CreateIdentityLinkTaskEidNewTest { AlgorithmIdentifiers.ECDSA_USING_P521_CURVE_AND_SHA512, AlgorithmIdentifiers.RSA_PSS_USING_SHA256, AlgorithmIdentifiers.RSA_PSS_USING_SHA512)); + private static ObjectMapper mapper = new ObjectMapper(); + + private AuthenticationResponse response; + @Rule public final SoapServiceRule soap = SoapServiceRule.newInstance(); /** - * jUnit class initializer. - * - * @throws IOException In case of an error - */ - @BeforeClass - public static void classInitializer() throws IOException { - final String current = new java.io.File(".").toURI().toString(); - System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_3.properties"); - - } - - /** * jUnit test set-up. */ @Before @@ -135,7 +133,9 @@ public class CreateIdentityLinkTaskEidNewTest { httpResp = new MockHttpServletResponse(); RequestContextHolder.resetRequestAttributes(); RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); - + + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); + final Map<String, String> spConfig = new HashMap<>(); spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); @@ -143,15 +143,17 @@ public class CreateIdentityLinkTaskEidNewTest { oaParam = new DummySpConfiguration(spConfig, basicConfig); pendingReq = new TestRequestImpl(); - final AuthenticationResponse response = buildDummyAuthResponse(); - + response = buildDummyAuthResponse(false); pendingReq.getSessionData(AuthProcessDataWrapper.class) .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); + + pendingReq.setSpConfig(oaParam); pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue()); pendingReq.setAuthUrl("http://test.com/"); pendingReq.setTransactionId("avaasbav"); - + pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "XX"); executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true); @@ -159,38 +161,223 @@ public class CreateIdentityLinkTaskEidNewTest { } @Test - public void successfulProcess() throws Exception { + public void successfulProcessWithDeInfos() throws Exception { //initialize test - when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(RandomStringUtils.randomNumeric(10)); + response = buildDummyAuthResponse(true); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); + + String vsz = RandomStringUtils.randomNumeric(10); + when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz); val signContentResp = new SignContentResponseType(); final SignContentEntry signContentEntry = new SignContentEntry(); signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10)); signContentResp.getOut().add(signContentEntry); when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp); + String randomTestSp = RandomStringUtils.randomAlphabetic(10); + pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); + //perform test task.execute(pendingReq, executionContext); - //validate state - final AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class); + //validate state + // check if pendingRequest was stored + IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); + Assert.assertNotNull("pendingReq not stored", storedPendingReq); + + //check data in session + final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); Assert.assertNotNull("AuthProcessData", authProcessData); Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class)); String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class); Assert.assertNotNull("AuthBlock", authBlock); - - //check authblock signature + + Assert.assertTrue("EID process", authProcessData.isEidProcess()); + Assert.assertTrue("foreigner process", authProcessData.isForeigner()); + Assert.assertEquals("EID-ISSUING_NATION", "LU", + authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); + Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); + Assert.assertEquals("LoA", response.getLevelOfAssurance(), + authProcessData.getQaaLevel()); + + + // check authblock signature final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT, BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.toArray(new String[BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.size()])); Pair<KeyStore, Provider> keyStore = getKeyStore(); X509Certificate[] trustedCerts = EaafKeyStoreUtils .getPrivateKeyAndCertificates(keyStore.getFirst(), ALIAS, PW.toCharArray(), true, "junit").getSecond(); JwsResult result = JoseUtils.validateSignature(authBlock, Arrays.asList(trustedCerts), constraints); - Assert.assertTrue("AuthBlock not valid", result.isValid()); + Assert.assertTrue("AuthBlock not valid", result.isValid()); + JsonNode authBlockJson = mapper.readTree(result.getPayLoad()); + Assert.assertNotNull("deserialized AuthBlock", authBlockJson); + + Assert.assertNotNull("no piiTransactionId in pendingRequesdt", + storedPendingReq.getUniquePiiTransactionIdentifier()); + Assert.assertEquals("piiTransactionId", storedPendingReq.getUniquePiiTransactionIdentifier(), + authBlockJson.get("piiTransactionId").asText()); + Assert.assertEquals("appId", randomTestSp, authBlockJson.get("appId").asText()); + Assert.assertFalse("'challenge' is null", authBlockJson.get("challenge").asText().isEmpty()); + Assert.assertFalse("'timestamp' is null", authBlockJson.get("timestamp").asText().isEmpty()); + + + // check vsz request + ArgumentCaptor<PersonInfoType> argument4 = ArgumentCaptor.forClass(PersonInfoType.class); + ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class); + verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture()); + + Boolean param5 = argument5.getValue(); + Assert.assertTrue("insertERnP flag", param5); + PersonInfoType person = argument4.getValue(); + Assert.assertEquals("FamilyName", + response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue( + response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()), + person.getPerson().getName().getFamilyName()); + Assert.assertEquals("GivenName", + response.getAttributes().getAttributeValuesByFriendlyName("FirstName").getFirstValue( + response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()), + person.getPerson().getName().getGivenName()); + Assert.assertEquals("DateOfBirth", + response.getAttributes().getAttributeValuesByFriendlyName("DateOfBirth").getFirstValue( + response.getAttributes().getDefinitionsByFriendlyName("DateOfBirth").iterator().next()) + .toString().split("T")[0], + person.getPerson().getDateOfBirth()); + + Assert.assertEquals("PlaceOfBirth", + response.getAttributes().getAttributeValuesByFriendlyName("PlaceOfBirth").getFirstValue( + response.getAttributes().getDefinitionsByFriendlyName("PlaceOfBirth").iterator().next()), + person.getPerson().getPlaceOfBirth()); + Assert.assertEquals("BirthName", + response.getAttributes().getAttributeValuesByFriendlyName("BirthName").getFirstValue( + response.getAttributes().getDefinitionsByFriendlyName("BirthName").iterator().next()), + person.getPerson().getAlternativeName().getFamilyName()); + + Assert.assertEquals("CitizenCountry", "LU", person.getTravelDocument().getIssuingCountry()); + Assert.assertEquals("DocumentType", "ELEKTR_DOKUMENT", person.getTravelDocument().getDocumentType()); + + Assert.assertEquals("Identifier", + response.getAttributes().getAttributeValuesByFriendlyName("PersonIdentifier").getFirstValue( + response.getAttributes().getDefinitionsByFriendlyName("PersonIdentifier").iterator().next()) + .toString().split("/")[2], + person.getTravelDocument().getDocumentNumber()); + + // check bcBind singing request + ArgumentCaptor<Boolean> argument1 = ArgumentCaptor.forClass(Boolean.class); + ArgumentCaptor<List<JwsHeaderParam>> argument2 = ArgumentCaptor.forClass(List.class); + ArgumentCaptor<List<SignContentEntry>> argument3 = ArgumentCaptor.forClass(List.class); + verify(szrMock, times(1)).signContent(argument1.capture(), argument2.capture(), argument3.capture()); + Boolean param1 = argument1.getValue(); + Assert.assertFalse("addCert flag", param1); + + List<JwsHeaderParam> param2 = argument2.getValue(); + Assert.assertNotNull("JWS Headers", param2); + Assert.assertFalse("JWS Headers empty", param2.isEmpty()); + Assert.assertEquals("Wrong JWS header size", 1, param2.size()); + Assert.assertEquals("Missing JWS header key", "urn:at.gv.eid:bindtype", param2.get(0).getKey()); + Assert.assertEquals("Missing JWS header value", "urn:at.gv.eid:eidasBind", param2.get(0).getValue()); + + List<SignContentEntry> param3 = argument3.getValue(); + Assert.assertNotNull("sign Payload", param3); + Assert.assertEquals("wrong sign-payload size", 1, param3.size()); + Assert.assertNotNull("payload", param3.get(0).getValue().getBytes()); + JsonNode bcBind = mapper.readTree(param3.get(0).getValue().getBytes()); + Assert.assertNotNull("bcbind req", bcBind); + + Assert.assertEquals("vsz", vsz, bcBind.get("urn:eidgvat:attributes.vsz.value").asText()); + Assert.assertEquals("eid status", "urn:eidgvat:eid.status.eidas", + bcBind.get("urn:eidgvat:attributes.eid.status").asText()); + Assert.assertTrue("pubKeys", bcBind.has("urn:eidgvat:attributes.user.pubkeys")); + Assert.assertTrue("pubKeys", bcBind.get("urn:eidgvat:attributes.user.pubkeys").isArray()); + Iterator<JsonNode> pubKeys = bcBind.get("urn:eidgvat:attributes.user.pubkeys").elements(); + Assert.assertTrue("No PubKey", pubKeys.hasNext()); + Assert.assertEquals("Wrong pubKey", + "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxcB5jnrAwGn7xjgVFv1UBUv1pluwDRFQx7x5O6rSn7pblYfwaWeKa8y" + + "jS5BDDaZ00mhhnSlm2XByNrkg5yBGetTgBGtQVAxV5apfuAWN8TS3uSXgdZol7Khd6kraUITtnulvLe8tNaboom5P0zN6UxbJN" + + "NVLishVp80HiRXiDbplCTUk8b5cYtmivdb0+5JBTa7L5N/anRVnHHoJCXgNPTouO8daUHZbG1mPk0HgqD8rhZ+OBzE+APKH9No" + + "agedSrGRDLdIgZxkrg0mxmfsZQIi2wdJSi3y0PAjEps/s4j0nmw9bPRgCMNLBqqjxtN5JKC8E1yyLm7YefXv/nPaMwIDAQAB", + pubKeys.next().asText()); + Assert.assertFalse("More than one PubKey", pubKeys.hasNext()); } @Test + public void successfulProcessWithStandardInfos() throws Exception { + //initialize test + String vsz = RandomStringUtils.randomNumeric(10); + when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz); + val signContentResp = new SignContentResponseType(); + final SignContentEntry signContentEntry = new SignContentEntry(); + signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10)); + signContentResp.getOut().add(signContentEntry); + when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp); + + String randomTestSp = RandomStringUtils.randomAlphabetic(10); + pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); + + //perform test + task.execute(pendingReq, executionContext); + + //validate state + // check if pendingRequest was stored + IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); + Assert.assertNotNull("pendingReq not stored", storedPendingReq); + + //check data in session + final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); + Assert.assertNotNull("AuthProcessData", authProcessData); + Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class)); + + String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class); + Assert.assertNotNull("AuthBlock", authBlock); + + Assert.assertTrue("EID process", authProcessData.isEidProcess()); + Assert.assertTrue("foreigner process", authProcessData.isForeigner()); + Assert.assertEquals("EID-ISSUING_NATION", "LU", + authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); + Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); + Assert.assertEquals("LoA", response.getLevelOfAssurance(), + authProcessData.getQaaLevel()); + + // check vsz request + ArgumentCaptor<PersonInfoType> argument4 = ArgumentCaptor.forClass(PersonInfoType.class); + ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class); + verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture()); + + Boolean param5 = argument5.getValue(); + Assert.assertTrue("insertERnP flag", param5); + PersonInfoType person = argument4.getValue(); + Assert.assertEquals("FamilyName", + response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue( + response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()), + person.getPerson().getName().getFamilyName()); + Assert.assertEquals("GivenName", + response.getAttributes().getAttributeValuesByFriendlyName("FirstName").getFirstValue( + response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()), + person.getPerson().getName().getGivenName()); + Assert.assertEquals("DateOfBirth", + response.getAttributes().getAttributeValuesByFriendlyName("DateOfBirth").getFirstValue( + response.getAttributes().getDefinitionsByFriendlyName("DateOfBirth").iterator().next()) + .toString().split("T")[0], + person.getPerson().getDateOfBirth()); + + Assert.assertNull("PlaceOfBirth", person.getPerson().getPlaceOfBirth()); + Assert.assertNull("BirthName", person.getPerson().getAlternativeName()); + + Assert.assertEquals("CitizenCountry", "LU", person.getTravelDocument().getIssuingCountry()); + Assert.assertEquals("DocumentType", "ELEKTR_DOKUMENT", person.getTravelDocument().getDocumentType()); + + Assert.assertEquals("Identifier", + response.getAttributes().getAttributeValuesByFriendlyName("PersonIdentifier").getFirstValue( + response.getAttributes().getDefinitionsByFriendlyName("PersonIdentifier").iterator().next()) + .toString().split("/")[2], + person.getTravelDocument().getDocumentNumber()); + + + } + + @Test public void getStammzahlEncryptedExceptionTest() throws Exception { try { when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(null); @@ -242,31 +429,40 @@ public class CreateIdentityLinkTaskEidNewTest { } @NotNull - private AuthenticationResponse buildDummyAuthResponse() throws URISyntaxException { - final AttributeDefinition attributeDef = AttributeDefinition.builder() - .friendlyName(Constants.eIDAS_ATTR_PERSONALIDENTIFIER).nameUri(new URI("ad", "sd", "ff")) - .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", "af")) - .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller").build(); - final AttributeDefinition attributeDef2 = AttributeDefinition.builder() - .friendlyName(Constants.eIDAS_ATTR_CURRENTFAMILYNAME).nameUri(new URI("ad", "sd", "fff")) - .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", "aff")) - .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller").build(); - final AttributeDefinition attributeDef3 = AttributeDefinition.builder() - .friendlyName(Constants.eIDAS_ATTR_CURRENTGIVENNAME).nameUri(new URI("ad", "sd", "ffff")) - .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", "afff")) - .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller").build(); - final AttributeDefinition attributeDef4 = AttributeDefinition.builder() - .friendlyName(Constants.eIDAS_ATTR_DATEOFBIRTH).nameUri(new URI("ad", "sd", "fffff")) - .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", "affff")) - .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.DateTimeAttributeValueMarshaller").build(); - - final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder() - .put(attributeDef, "de/st/" + RandomStringUtils.randomNumeric(64)) - .put(attributeDef2, RandomStringUtils.randomAlphabetic(10)) - .put(attributeDef3, RandomStringUtils.randomAlphabetic(10)).put(attributeDef4, "2001-01-01").build(); + private AuthenticationResponse buildDummyAuthResponse(boolean withAll) throws URISyntaxException { + final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first(); + final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first(); + final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + Constants.eIDAS_ATTR_CURRENTGIVENNAME).first(); + final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + Constants.eIDAS_ATTR_DATEOFBIRTH).first(); + final AttributeDefinition attributeDef5 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + Constants.eIDAS_ATTR_PLACEOFBIRTH).first(); + final AttributeDefinition attributeDef6 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + Constants.eIDAS_ATTR_BIRTHNAME).first(); + + final Builder attributeMap = ImmutableAttributeMap.builder(); + attributeMap.put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64)); + attributeMap.put(attributeDef2, RandomStringUtils.randomAlphabetic(10)); + attributeMap.put(attributeDef3, RandomStringUtils.randomAlphabetic(10)); + attributeMap.put(attributeDef4, "2001-01-01"); + if (withAll) { + attributeMap.put(attributeDef5, RandomStringUtils.randomAlphabetic(10)); + attributeMap.put(attributeDef6, RandomStringUtils.randomAlphabetic(10)); + + } val b = new AuthenticationResponse.Builder(); - return b.id("aasdf").issuer("asd").subject("asf").statusCode("200").inResponseTo("asdf").subjectNameIdFormat("afaf") - .attributes(attributeMap).build(); + return b.id("_".concat(Random.nextHexRandom16())) + .issuer(RandomStringUtils.randomAlphabetic(10)) + .subject(RandomStringUtils.randomAlphabetic(10)) + .statusCode(Constants.SUCCESS_URI) + .inResponseTo("_".concat(Random.nextHexRandom16())) + .subjectNameIdFormat("afaf") + .levelOfAssurance(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5)) + .attributes(attributeMap.build()) + .build(); } } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java new file mode 100644 index 00000000..8c7558dd --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java @@ -0,0 +1,464 @@ +package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks; + +import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE; +import static org.mockito.ArgumentMatchers.any; + +import java.net.URISyntaxException; +import java.util.HashMap; +import java.util.Map; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Unmarshaller; + +import org.apache.commons.lang3.RandomStringUtils; +import org.jetbrains.annotations.NotNull; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Rule; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; + +import com.skjolberg.mockito.soap.SoapServiceRule; + +import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; +import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.IRequestStorage; +import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; +import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; +import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; +import at.gv.egiz.eaaf.core.impl.utils.Random; +import eu.eidas.auth.commons.attribute.AttributeDefinition; +import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; +import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse; +import lombok.val; +import szrservices.GetBPK; +import szrservices.GetBPKResponse; +import szrservices.GetIdentityLinkEidasResponse; +import szrservices.PersonInfoType; +import szrservices.SZR; +import szrservices.SZRException_Exception; + +@RunWith(SpringJUnit4ClassRunner.class) +@PrepareForTest(CreateIdentityLinkTask.class) +@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS) +@ContextConfiguration(locations = { + "/SpringTest-context_tasks_test.xml", + "/SpringTest-context_basic_mapConfig.xml"}) +public class CreateIdentityLinkTaskTest { + + @Autowired(required = true) + private CreateIdentityLinkTask task; + + @Autowired(required = true) + private MsConnectorDummyConfigMap basicConfig; + @Autowired + protected EidasAttributeRegistry attrRegistry; + + @Autowired + EaafKeyStoreFactory keyStoreFactory; + + @Autowired + private IRequestStorage requestStorage; + + final ExecutionContext executionContext = new ExecutionContextImpl(); + private MockHttpServletRequest httpReq; + private MockHttpServletResponse httpResp; + private TestRequestImpl pendingReq; + private DummySpConfiguration oaParam; + private SZR szrMock; + + private AuthenticationResponse response; + private Map<String, String> spConfig; + + @Rule + public final SoapServiceRule soap = SoapServiceRule.newInstance(); + + /** + * jUnit test set-up. + */ + @Before + public void setUp() throws EaafStorageException, URISyntaxException { + + httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "false"); + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "false"); + + spConfig = new HashMap<>(); + spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); + spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); + spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "false"); + oaParam = new DummySpConfiguration(spConfig, basicConfig); + pendingReq = new TestRequestImpl(); + + response = buildDummyAuthResponse(); + + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); + pendingReq.setSpConfig(oaParam); + pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue()); + pendingReq.setAuthUrl("http://test.com/"); + pendingReq.setTransactionId("avaasbav"); + pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); + + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "XX"); + executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true); + + szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr"); + } + + + @Test + public void buildIdentityLink() throws Exception { + //initialize test + setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml"); + + String randomTestSp = RandomStringUtils.randomAlphabetic(10); + pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); + + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); + + + //perform test + task.execute(pendingReq, executionContext); + + + //validate state + // check if pendingRequest was stored + IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); + Assert.assertNotNull("pendingReq not stored", storedPendingReq); + + //check data in session + final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); + Assert.assertNotNull("AuthProcessData", authProcessData); + Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class)); + + String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class); + Assert.assertNull("AuthBlock", authBlock); + + Assert.assertFalse("EID process", authProcessData.isEidProcess()); + Assert.assertTrue("foreigner process", authProcessData.isForeigner()); + Assert.assertEquals("EID-ISSUING_NATION", "LU", + authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); + Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); + Assert.assertEquals("LoA", response.getLevelOfAssurance(), + authProcessData.getQaaLevel()); + + Assert.assertNotNull("IDL", authProcessData.getIdentityLink()); + checkElement("Mustermann", authProcessData.getIdentityLink().getFamilyName()); + checkElement("Hans", authProcessData.getIdentityLink().getGivenName()); + checkElement("1989-05-05", authProcessData.getIdentityLink().getDateOfBirth()); + checkElement("urn:publicid:gv.at:baseid", authProcessData.getIdentityLink().getIdentificationType()); + checkElement("k+zDM1BVpN1WJO4x7ZQ3ng==", authProcessData.getIdentityLink().getIdentificationValue()); + Assert.assertNotNull(authProcessData.getIdentityLink().getSerializedSamlAssertion()); + Assert.assertNotNull(authProcessData.getIdentityLink().getSamlAssertion()); + + Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); + Assert.assertEquals("wrong bPK", "XX:FkXtOaSSeR3elyL9KLLvijIYDMU=", + authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); + + } + + @Test + public void buildIdentityLinkWithWbpk() throws Exception { + //initialize test + setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml"); + spConfig.put("target", EaafConstants.URN_PREFIX_WBPK + "FN+123456i"); + + String randomTestSp = RandomStringUtils.randomAlphabetic(10); + pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); + + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true"); + + //perform test + task.execute(pendingReq, executionContext); + + + //validate state + // check if pendingRequest was stored + IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); + Assert.assertNotNull("pendingReq not stored", storedPendingReq); + + //check data in session + final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); + Assert.assertNotNull("AuthProcessData", authProcessData); + Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class)); + + String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class); + Assert.assertNull("AuthBlock", authBlock); + + Assert.assertFalse("EID process", authProcessData.isEidProcess()); + Assert.assertTrue("foreigner process", authProcessData.isForeigner()); + Assert.assertEquals("EID-ISSUING_NATION", "LU", + authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); + Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); + Assert.assertEquals("LoA", response.getLevelOfAssurance(), + authProcessData.getQaaLevel()); + + Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); + Assert.assertEquals("wrong bPK", "FN+123456i:D26vJncPS2W790RH/LP04V+vNOQ=", + authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); + + } + + @Test + public void buildIdentityLinkWithEidasBpk() throws Exception { + //initialize test + setSzrResponseIdentityLink("/data/szr/szr_resp_valid_2.xml"); + spConfig.put("target", EaafConstants.URN_PREFIX_EIDAS + "AT+EU"); + + String randomTestSp = RandomStringUtils.randomAlphabetic(10); + pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); + + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true"); + + //perform test + task.execute(pendingReq, executionContext); + + + //validate state + // check if pendingRequest was stored + IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); + Assert.assertNotNull("pendingReq not stored", storedPendingReq); + + //check data in session + final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); + Assert.assertNotNull("AuthProcessData", authProcessData); + Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class)); + + String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class); + Assert.assertNull("AuthBlock", authBlock); + + Assert.assertFalse("EID process", authProcessData.isEidProcess()); + Assert.assertTrue("foreigner process", authProcessData.isForeigner()); + Assert.assertEquals("EID-ISSUING_NATION", "LU", + authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); + Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); + Assert.assertEquals("LoA", response.getLevelOfAssurance(), + authProcessData.getQaaLevel()); + + Assert.assertNotNull("IDL", authProcessData.getIdentityLink()); + checkElement("Musterfrau", authProcessData.getIdentityLink().getFamilyName()); + checkElement("Martina", authProcessData.getIdentityLink().getGivenName()); + checkElement("1991-04-15", authProcessData.getIdentityLink().getDateOfBirth()); + checkElement("urn:publicid:gv.at:baseid", authProcessData.getIdentityLink().getIdentificationType()); + checkElement("k+zDM1BV1312312332x7ZQ3ng==", authProcessData.getIdentityLink().getIdentificationValue()); + + Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); + Assert.assertEquals("wrong bPK", "AT+EU:AT/EU/1+wqDl059/02Ptny0g+LyuLDJV0=", + authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); + + } + + @Test + public void buildIdentityLinkWithUnknownBpk() throws Exception { + //initialize test + setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml"); + spConfig.put("target", "urn:notextis:1234"); + + String randomTestSp = RandomStringUtils.randomAlphabetic(10); + pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); + + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true"); + + try { + task.execute(pendingReq, executionContext); + Assert.fail("unknown bPKType not detected"); + + } catch (TaskExecutionException e) { + Assert.assertEquals("ErrorId", "builder.33", + ((EaafException) e.getOriginalException()).getErrorId()); + Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException()) + .getParams().length); + + } + } + + @Test + public void noBpkResult() throws Exception { + //initialize test + setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml"); + GetBPKResponse getBpkResp = new GetBPKResponse(); + org.mockito.Mockito.when(szrMock.getBPK(any(GetBPK.class))).thenReturn(getBpkResp ); + + spConfig.put("target", "urn:notextis:1234"); + + String randomTestSp = RandomStringUtils.randomAlphabetic(10); + pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); + + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true"); + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "true"); + + try { + task.execute(pendingReq, executionContext); + Assert.fail("unknown bPKType not detected"); + + } catch (TaskExecutionException e) { + Assert.assertEquals("ErrorId", "ernb.01", + ((EaafException) e.getOriginalException()).getErrorId()); + + } + } + + @Test + public void bPKFromSzr() throws Exception { + //initialize test + setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml"); + String bpk = RandomStringUtils.randomAlphanumeric(10); + GetBPKResponse getBpkResp = new GetBPKResponse(); + getBpkResp.getGetBPKReturn().add(bpk); + org.mockito.Mockito.when(szrMock.getBPK(any(GetBPK.class))).thenReturn(getBpkResp ); + + spConfig.put("target", "urn:notextis:1234"); + + String randomTestSp = RandomStringUtils.randomAlphabetic(10); + pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); + + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true"); + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "true"); + + //execute test + task.execute(pendingReq, executionContext); + + + //validate state + // check if pendingRequest was stored + IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); + Assert.assertNotNull("pendingReq not stored", storedPendingReq); + + //check data in session + final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); + Assert.assertNotNull("AuthProcessData", authProcessData); + Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class)); + + String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class); + Assert.assertNull("AuthBlock", authBlock); + + Assert.assertFalse("EID process", authProcessData.isEidProcess()); + Assert.assertTrue("foreigner process", authProcessData.isForeigner()); + Assert.assertEquals("EID-ISSUING_NATION", "LU", + authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); + Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); + Assert.assertEquals("LoA", response.getLevelOfAssurance(), + authProcessData.getQaaLevel()); + + Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); + Assert.assertEquals("wrong bPK", bpk, + authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); + } + + @Test + public void buildDummyIdl() throws Exception { + //initialize test + String randomTestSp = RandomStringUtils.randomAlphabetic(10); + pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); + + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "true"); + + + //perform test + task.execute(pendingReq, executionContext); + + + //validate state + // check if pendingRequest was stored + IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); + Assert.assertNotNull("pendingReq not stored", storedPendingReq); + + //check data in session + final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); + Assert.assertNotNull("AuthProcessData", authProcessData); + Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class)); + + String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class); + Assert.assertNull("AuthBlock", authBlock); + + Assert.assertFalse("EID process", authProcessData.isEidProcess()); + Assert.assertTrue("foreigner process", authProcessData.isForeigner()); + Assert.assertEquals("EID-ISSUING_NATION", "LU", + authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); + Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); + Assert.assertEquals("LoA", response.getLevelOfAssurance(), + authProcessData.getQaaLevel()); + + Assert.assertNotNull("IDL", authProcessData.getIdentityLink()); + + } + + private void setSzrResponseIdentityLink(String responseXmlPath) throws JAXBException, SZRException_Exception { + final JAXBContext jaxbContext = JAXBContext + .newInstance(szrservices.ObjectFactory.class, org.w3._2001._04.xmldsig_more.ObjectFactory.class, + org.w3._2000._09.xmldsig.ObjectFactory.class, + at.gv.e_government.reference.namespace.persondata._20020228.ObjectFactory.class); + final Unmarshaller jaxbUnmarshaller = jaxbContext.createUnmarshaller(); + final GetIdentityLinkEidasResponse szrResponse = (GetIdentityLinkEidasResponse) jaxbUnmarshaller + .unmarshal(this.getClass().getResourceAsStream(responseXmlPath)); + org.mockito.Mockito.when(szrMock.getIdentityLinkEidas(any(PersonInfoType.class))).thenReturn(szrResponse.getGetIdentityLinkReturn()); + + } + private void checkElement(String expected, String value) { + Assert.assertNotNull(value); + Assert.assertEquals(expected, value); + + } + + @NotNull + private AuthenticationResponse buildDummyAuthResponse() throws URISyntaxException { + final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first(); + final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first(); + final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + Constants.eIDAS_ATTR_CURRENTGIVENNAME).first(); + final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + Constants.eIDAS_ATTR_DATEOFBIRTH).first(); + + final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder() + .put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64)) + .put(attributeDef2, RandomStringUtils.randomAlphabetic(10)) + .put(attributeDef3, RandomStringUtils.randomAlphabetic(10)).put(attributeDef4, "2001-01-01").build(); + + val b = new AuthenticationResponse.Builder(); + return b.id("_".concat(Random.nextHexRandom16())) + .issuer(RandomStringUtils.randomAlphabetic(10)) + .subject(RandomStringUtils.randomAlphabetic(10)) + .statusCode("200") + .inResponseTo("_".concat(Random.nextHexRandom16())) + .subjectNameIdFormat("afaf") + .levelOfAssurance(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5)) + .attributes(attributeMap) + .build(); + } +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskFirstTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskFirstTest.java deleted file mode 100644 index e8fcdd3d..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskFirstTest.java +++ /dev/null @@ -1,122 +0,0 @@ -package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks; - -import java.io.IOException; -import java.util.HashMap; -import java.util.Map; - -import org.junit.Assert; -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.mock.web.MockHttpServletRequest; -import org.springframework.mock.web.MockHttpServletResponse; -import org.springframework.test.annotation.DirtiesContext; -import org.springframework.test.annotation.DirtiesContext.ClassMode; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import org.springframework.web.context.request.RequestContextHolder; -import org.springframework.web.context.request.ServletRequestAttributes; - -import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService; -import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; -import eu.eidas.auth.commons.light.ILightRequest; -import eu.eidas.specificcommunication.exception.SpecificCommunicationException; - -@RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration("/SpringTest-context_tasks_test.xml") -@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) -public class GenerateAuthnRequestTaskFirstTest { - - @Autowired(required = true) - private GenerateAuthnRequestTask task; - @Autowired(required = true) - private DummySpecificCommunicationService commService; - @Autowired(required = true) - private IConfiguration basicConfig; - - final ExecutionContext executionContext = new ExecutionContextImpl(); - private MockHttpServletRequest httpReq; - private MockHttpServletResponse httpResp; - private TestRequestImpl pendingReq; - private DummySpConfiguration oaParam; - - /** - * jUnit class initializer. - * - * @throws IOException In case of an error - */ - @BeforeClass - public static void classInitializer() throws IOException { - final String current = new java.io.File(".").toURI().toString(); - System.setProperty("eidas.ms.configuration", current - + "src/test/resources/config/junit_config_1.properties"); - - } - - /** - * jUnit test set-up. - * - */ - @Before - public void setUp() { - - httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); - httpResp = new MockHttpServletResponse(); - RequestContextHolder.resetRequestAttributes(); - RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); - - final Map<String, String> spConfig = new HashMap<>(); - spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); - spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); - oaParam = new DummySpConfiguration(spConfig, basicConfig); - - pendingReq = new TestRequestImpl(); - pendingReq.setSpConfig(oaParam); - pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue()); - pendingReq.setAuthUrl("http://test.com/"); - - } - - @Test - @DirtiesContext - public void withCustomStaticProviderNameForPublicSPs() throws TaskExecutionException, - SpecificCommunicationException { - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); - - try { - task.execute(pendingReq, executionContext); - - } catch (final TaskExecutionException e) { - // forward URL is not set in example config - org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(), - "Wrong exception"); - Assert.assertEquals("wrong errorCode", "config.08", ((EaafException) e.getOriginalException()) - .getErrorId()); - Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException()) - .getParams().length); - Assert.assertEquals("wrong errorMsg", Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL, ((EaafException) e - .getOriginalException()).getParams()[0]); - - } - - final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null); - - Assert.assertEquals("ProviderName is not Static", "myNode", eidasReq.getProviderName()); - Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType()); - Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance()); - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskSecondTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskSecondTest.java deleted file mode 100644 index 10896f48..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskSecondTest.java +++ /dev/null @@ -1,140 +0,0 @@ -package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks; - -import java.io.IOException; -import java.util.HashMap; -import java.util.Map; - -import org.junit.Assert; -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.mock.web.MockHttpServletRequest; -import org.springframework.mock.web.MockHttpServletResponse; -import org.springframework.test.annotation.DirtiesContext; -import org.springframework.test.annotation.DirtiesContext.ClassMode; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import org.springframework.web.context.request.RequestContextHolder; -import org.springframework.web.context.request.ServletRequestAttributes; - -import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService; -import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; -import eu.eidas.auth.commons.light.ILightRequest; -import eu.eidas.specificcommunication.exception.SpecificCommunicationException; - -@RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration("/SpringTest-context_tasks_test.xml") -@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) -public class GenerateAuthnRequestTaskSecondTest { - - @Autowired(required = true) - private GenerateAuthnRequestTask task; - @Autowired(required = true) - private DummySpecificCommunicationService commService; - @Autowired(required = true) - private IConfiguration basicConfig; - - final ExecutionContext executionContext = new ExecutionContextImpl(); - private MockHttpServletRequest httpReq; - private MockHttpServletResponse httpResp; - private TestRequestImpl pendingReq; - private DummySpConfiguration oaParam; - - /** - * jUnit class initializer. - * - * @throws IOException In case of an error - */ - @BeforeClass - public static void classInitializer() throws IOException { - final String current = new java.io.File(".").toURI().toString(); - System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties"); - - } - - /** - * jUnit test set-up. - * - */ - @Before - public void setUp() { - - httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); - httpResp = new MockHttpServletResponse(); - RequestContextHolder.resetRequestAttributes(); - RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); - - final Map<String, String> spConfig = new HashMap<>(); - spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); - spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); - oaParam = new DummySpConfiguration(spConfig, basicConfig); - - pendingReq = new TestRequestImpl(); - pendingReq.setSpConfig(oaParam); - pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue()); - pendingReq.setAuthUrl("http://test.com/"); - - } - - @Test - public void noCountryCode() { - try { - task.execute(pendingReq, executionContext); - Assert.fail("No countryCode not detected"); - - } catch (final TaskExecutionException e) { - Assert.assertEquals("wrong pendingReqId", pendingReq.getPendingRequestId(), e.getPendingRequestID()); - org.springframework.util.Assert.isInstanceOf(EidasSAuthenticationException.class, e - .getOriginalException(), "Wrong exception"); - Assert.assertEquals("wrong errorCode", "eidas.03", ((EaafException) e.getOriginalException()) - .getErrorId()); - - } - - } - - @Test - @DirtiesContext - public void withStaticProviderNameForPublicSPs() throws TaskExecutionException, - SpecificCommunicationException { - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); - - try { - task.execute(pendingReq, executionContext); - - } catch (final TaskExecutionException e) { - // forward URL is not set in example config - org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(), - "Wrong exception"); - Assert.assertEquals("wrong errorCode", "config.08", ((EaafException) e.getOriginalException()) - .getErrorId()); - Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException()) - .getParams().length); - Assert.assertEquals("wrong errorMsg", Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL, ((EaafException) e - .getOriginalException()).getParams()[0]); - - } - - final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null); - - Assert.assertEquals("ProviderName is not Static", - Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, eidasReq.getProviderName()); - Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType()); - Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance()); - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java new file mode 100644 index 00000000..c416b515 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java @@ -0,0 +1,486 @@ +package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks; + +import java.io.UnsupportedEncodingException; +import java.util.HashMap; +import java.util.Map; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; + +import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; +import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService; +import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; +import at.gv.egiz.eaaf.core.exceptions.GuiBuildException; +import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; +import eu.eidas.auth.commons.light.ILightRequest; +import eu.eidas.specificcommunication.exception.SpecificCommunicationException; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration(locations = { + "/SpringTest-context_tasks_test.xml", + "/SpringTest-context_basic_mapConfig.xml"}) +@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) +public class GenerateAuthnRequestTaskTest { + + @Autowired(required = true) + private GenerateAuthnRequestTask task; + @Autowired(required = true) + private DummySpecificCommunicationService commService; + @Autowired(required = true) + private MsConnectorDummyConfigMap basicConfig; + + final ExecutionContext executionContext = new ExecutionContextImpl(); + private MockHttpServletRequest httpReq; + private MockHttpServletResponse httpResp; + private TestRequestImpl pendingReq; + private DummySpConfiguration oaParam; + private Map<String, String> spConfig; + + + /** + * jUnit test set-up. + * + */ + @Before + public void setUp() { + + httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + spConfig = new HashMap<>(); + spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); + spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); + oaParam = new DummySpConfiguration(spConfig, basicConfig); + + pendingReq = new TestRequestImpl(); + pendingReq.setSpConfig(oaParam); + pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue()); + pendingReq.setAuthUrl("http://test.com/"); + + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.entityId", + RandomStringUtils.randomAlphabetic(10)); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", + "http://test/" + RandomStringUtils.randomAlphabetic(5)); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET"); + + } + + @Test + public void missingIssuer() { + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); + basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.entityId"); + + //execute test + try { + task.execute(pendingReq, executionContext); + Assert.fail("Missing Issuer not detected"); + + } catch (final TaskExecutionException e) { + // forward URL is not set in example config + org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(), + "Wrong exception"); + Assert.assertEquals("wrong errorCode", "config.27", ((EaafException) e.getOriginalException()) + .getErrorId()); + Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException()) + .getParams().length); + + } + } + + @Test + public void missingForwardUrl() { + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); + basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.forward.endpoint"); + + //execute test + try { + task.execute(pendingReq, executionContext); + Assert.fail("Missing Forward-URL not detected"); + + } catch (final TaskExecutionException e) { + // forward URL is not set in example config + org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(), + "Wrong exception"); + Assert.assertEquals("wrong errorCode", "config.08", ((EaafException) e.getOriginalException()) + .getErrorId()); + Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException()) + .getParams().length); + Assert.assertEquals("wrong errorMsg", Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL, ((EaafException) e + .getOriginalException()).getParams()[0]); + + } + } + + @Test + public void selectUnknownStage() { + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); + String stage = RandomStringUtils.randomAlphabetic(5); + executionContext.put("selectedEnvironment", stage); + + //execute test + try { + task.execute(pendingReq, executionContext); + Assert.fail("Missing Forward-URL not detected"); + + } catch (final TaskExecutionException e) { + // forward URL is not set in example config + org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(), + "Wrong exception"); + Assert.assertEquals("wrong errorCode", "config.08", ((EaafException) e.getOriginalException()) + .getErrorId()); + Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException()) + .getParams().length); + Assert.assertEquals("wrong errorMsg", Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL + "." + stage, ((EaafException) e + .getOriginalException()).getParams()[0]); + + } + } + + @Test + public void selectQsEndpoint() throws TaskExecutionException, + SpecificCommunicationException, EaafStorageException { + //set-up test + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); + executionContext.put("selectedEnvironment", "qs"); + + String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.forward.endpoint.qs", dynEndPoint); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET"); + + + //perform test + task.execute(pendingReq, executionContext); + + //validate state + Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus()); + Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location")); + Assert.assertTrue("Wrong redirect endpoint", + ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint)); + + } + + @Test + public void selectTestEndpoint() throws TaskExecutionException, + SpecificCommunicationException, EaafStorageException { + //set-up test + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); + executionContext.put("selectedEnvironment", "test"); + + String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.forward.endpoint.test", dynEndPoint); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET"); + + + //perform test + task.execute(pendingReq, executionContext); + + //validate state + Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus()); + Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location")); + Assert.assertTrue("Wrong redirect endpoint", + ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint)); + + } + + @Test + public void selectDevEndpoint() throws TaskExecutionException, + SpecificCommunicationException, EaafStorageException { + //set-up test + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); + executionContext.put("selectedEnvironment", "dev"); + + String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.forward.endpoint.dev", dynEndPoint); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET"); + + + //perform test + task.execute(pendingReq, executionContext); + + //validate state + Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus()); + Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location")); + Assert.assertTrue("Wrong redirect endpoint", + ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint)); + + } + + @Test + public void noCountryCode() { + try { + task.execute(pendingReq, executionContext); + Assert.fail("No countryCode not detected"); + + } catch (final TaskExecutionException e) { + Assert.assertEquals("wrong pendingReqId", pendingReq.getPendingRequestId(), e.getPendingRequestID()); + org.springframework.util.Assert.isInstanceOf(EidasSAuthenticationException.class, e + .getOriginalException(), "Wrong exception"); + Assert.assertEquals("wrong errorCode", "eidas.03", ((EaafException) e.getOriginalException()) + .getErrorId()); + + } + } + + @Test + public void withStaticProviderNameForPublicSPs() throws TaskExecutionException, + SpecificCommunicationException { + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); + + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.publicSectorTargets", ".*"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true"); + basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs"); + + + //execute test + task.execute(pendingReq, executionContext); + + //validate state + final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null); + + Assert.assertEquals("ProviderName is not Static", + Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, eidasReq.getProviderName()); + Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType()); + Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance()); + + } + + @Test + public void withCustomStaticProviderNameForPublicSPs() throws TaskExecutionException, + SpecificCommunicationException { + String cc = RandomStringUtils.randomAlphabetic(2); + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, cc); + + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.publicSectorTargets", ".*"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs", "myNode"); + + //execute test + task.execute(pendingReq, executionContext); + + //validate state + final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null); + + Assert.assertEquals("wrong issuer", + basicConfig.getBasicConfiguration("eidas.ms.auth.eIDAS.node_v2.entityId"), eidasReq.getIssuer()); + Assert.assertEquals("ProviderName is not Static", "myNode", eidasReq.getProviderName()); + Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType()); + Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance()); + Assert.assertEquals("wrong CC", cc, eidasReq.getCitizenCountryCode()); + Assert.assertEquals("NameIdFormat", Constants.eIDAS_REQ_NAMEID_FORMAT, eidasReq.getNameIdFormat()); + + + } + + @Test + public void withDynamicProviderNameForPublicSPs() throws TaskExecutionException, + SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException { + //set-up test + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); + executionContext.put("selectedEnvironment", "prod"); + + String providerName = RandomStringUtils.randomAlphanumeric(10); + pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName); + + basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false"); + + String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET"); + + //execute test + task.execute(pendingReq, executionContext); + + //validate state + Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus()); + Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location")); + Assert.assertTrue("Wrong redirect endpoint", + ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint)); + + + final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null); + + Assert.assertNotNull("ProviderName found", eidasReq.getProviderName()); + Assert.assertEquals("PrividerName", providerName, eidasReq.getProviderName()); + Assert.assertNull("RequesterId found", eidasReq.getRequesterId()); + Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType()); + Assert.assertEquals("wrong LoA", EaafConstants.EIDAS_LOA_HIGH, + eidasReq.getLevelOfAssurance()); + + Assert.assertEquals("Wrong req. attr. size", 4, eidasReq.getRequestedAttributes().size()); + + } + + @Test + public void withEidasNodePostReqNotValidTemplate() throws TaskExecutionException, + SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException { + //set-up test + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); + String providerName = RandomStringUtils.randomAlphanumeric(10); + pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName); + + basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false"); + + + String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.forward.method", "POST"); + + //execute test + try { + task.execute(pendingReq, executionContext); + Assert.fail("Missing template not detected"); + + } catch (TaskExecutionException e) { + Assert.assertEquals("ErrorCode", "Could not resolve view with name 'eidas_node_forward.html' ", + ((GuiBuildException) e.getOriginalException()).getMessage()); + + } + } + + @Test + public void withDynamicProviderNameForPrivateSPs() throws TaskExecutionException, + SpecificCommunicationException, EaafStorageException { + //set-up test + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); + spConfig.put("target", + EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+" + RandomStringUtils.randomNumeric(6)); + String providerName = RandomStringUtils.randomAlphanumeric(10); + pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName); + + basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false"); + + String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET"); + + + //perform test + task.execute(pendingReq, executionContext); + + //validate state + Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus()); + Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location")); + Assert.assertTrue("Wrong redirect endpoint", + ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint)); + + + final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null); + + Assert.assertEquals("PrividerName", providerName, eidasReq.getProviderName()); + Assert.assertEquals("RequesterId", providerName, eidasReq.getRequesterId()); + Assert.assertEquals("no PublicSP", "private", eidasReq.getSpType()); + Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance()); + + } + + @Test + public void withoutProviderNameForPublicSPs() throws TaskExecutionException, + SpecificCommunicationException, EaafStorageException { + //set-up test + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); + String providerName = RandomStringUtils.randomAlphanumeric(10); + pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName); + + basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "false"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "false"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false"); + + + String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET"); + + + //execute test + task.execute(pendingReq, executionContext); + + //validate state + Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus()); + + final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null); + + Assert.assertNull("ProviderName found", eidasReq.getProviderName()); + Assert.assertNull("RequesterId found", eidasReq.getRequesterId()); + Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType()); + Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance()); + + } + +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskThirdTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskThirdTest.java deleted file mode 100644 index f2e44ed1..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskThirdTest.java +++ /dev/null @@ -1,106 +0,0 @@ -package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks; - -import java.io.IOException; -import java.util.HashMap; -import java.util.Map; - -import org.junit.Assert; -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.mock.web.MockHttpServletRequest; -import org.springframework.mock.web.MockHttpServletResponse; -import org.springframework.test.annotation.DirtiesContext; -import org.springframework.test.annotation.DirtiesContext.ClassMode; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import org.springframework.web.context.request.RequestContextHolder; -import org.springframework.web.context.request.ServletRequestAttributes; - -import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService; -import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; -import eu.eidas.auth.commons.light.ILightRequest; -import eu.eidas.specificcommunication.exception.SpecificCommunicationException; - -@RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration("/SpringTest-context_tasks_test.xml") -@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) -public class GenerateAuthnRequestTaskThirdTest { - - @Autowired(required = true) - private GenerateAuthnRequestTask task; - @Autowired(required = true) - private DummySpecificCommunicationService commService; - @Autowired(required = true) - private IConfiguration basicConfig; - - final ExecutionContext executionContext = new ExecutionContextImpl(); - private MockHttpServletRequest httpReq; - private MockHttpServletResponse httpResp; - private TestRequestImpl pendingReq; - private DummySpConfiguration oaParam; - - /** - * jUnit class initializer. - * - * @throws IOException In case of an error - */ - @BeforeClass - public static void classInitializer() throws IOException { - final String current = new java.io.File(".").toURI().toString(); - System.setProperty("eidas.ms.configuration", current - + "src/test/resources/config/junit_config_2.properties"); - - } - - /** - * jUnit test set-up. - * - */ - @Before - public void setUp() { - - httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); - httpResp = new MockHttpServletResponse(); - RequestContextHolder.resetRequestAttributes(); - RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); - - final Map<String, String> spConfig = new HashMap<>(); - spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); - spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); - oaParam = new DummySpConfiguration(spConfig, basicConfig); - - pendingReq = new TestRequestImpl(); - pendingReq.setSpConfig(oaParam); - pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue()); - pendingReq.setAuthUrl("http://test.com/"); - - } - - @Test - @DirtiesContext - public void withDynamicProviderNameForPublicSPs() throws TaskExecutionException, - SpecificCommunicationException { - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); - - task.execute(pendingReq, executionContext); - Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus()); - - final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null); - - Assert.assertNull("ProviderName found", eidasReq.getProviderName()); - Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType()); - Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance()); - } - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskFirstTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskFirstTest.java index 62c00813..f2dc6d55 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskFirstTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskFirstTest.java @@ -72,7 +72,10 @@ import java.util.Random; import static org.junit.Assert.assertThrows; @RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration("/SpringTest-context_tasks_test.xml") +@ContextConfiguration(locations = { + "/SpringTest-context_tasks_test.xml", + "/SpringTest-context_basic_mapConfig.xml" +}) @DirtiesContext(classMode = ClassMode.BEFORE_CLASS) public class InitialSearchTaskFirstTest { @@ -96,17 +99,17 @@ public class InitialSearchTaskFirstTest { private final String randomBirthName = RandomStringUtils.randomAlphabetic(10); private final String randomDate = "2011-01-" + (10 + new Random().nextInt(18)); - /** - * jUnit class initializer. - * - * @throws IOException In case of an error - */ - @BeforeClass - public static void classInitializer() throws IOException { - final String current = new java.io.File(".").toURI().toString(); - System.setProperty("eidas.ms.configuration", current - + "src/test/resources/config/junit_config_1.properties"); - } +// /** +// * jUnit class initializer. +// * +// * @throws IOException In case of an error +// */ +// @BeforeClass +// public static void classInitializer() throws IOException { +// final String current = new java.io.File(".").toURI().toString(); +// System.setProperty("eidas.ms.configuration", current +// + "src/test/resources/config/junit_config_1.properties"); +// } /** * jUnit test set-up. diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java new file mode 100644 index 00000000..de9b2d3b --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java @@ -0,0 +1,193 @@ +package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks; + +import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE; + +import java.net.URISyntaxException; +import java.util.Arrays; +import java.util.HashMap; +import java.util.Map; + +import org.apache.commons.lang3.RandomStringUtils; +import org.jetbrains.annotations.NotNull; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; + +import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; +import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap; +import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummySpConfiguration; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveAuthnResponseTask; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.IRequestStorage; +import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; +import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException; +import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; +import at.gv.egiz.eaaf.core.impl.utils.Random; +import eu.eidas.auth.commons.attribute.AttributeDefinition; +import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; +import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse; +import lombok.val; + +@RunWith(SpringJUnit4ClassRunner.class) +@PrepareForTest(CreateIdentityLinkTask.class) +@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS) +@ContextConfiguration(locations = { + "/SpringTest-context_tasks_test.xml", + "/SpringTest-context_basic_mapConfig.xml"}) +public class ReceiveEidasResponseTaskTest { + + @Autowired(required = true) + private ReceiveAuthnResponseTask task; + + @Autowired(required = true) + private MsConnectorDummyConfigMap basicConfig; + @Autowired + protected EidasAttributeRegistry attrRegistry; + + @Autowired private IRequestStorage storage; + + final ExecutionContext executionContext = new ExecutionContextImpl(); + private MockHttpServletRequest httpReq; + private MockHttpServletResponse httpResp; + private TestRequestImpl pendingReq; + private MsConnectorDummySpConfiguration oaParam; + + /** + * jUnit test set-up. + */ + @Before + public void setUp() throws EaafStorageException, URISyntaxException { + + httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); + + final Map<String, String> spConfig = new HashMap<>(); + spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); + spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); + spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true"); + oaParam = new MsConnectorDummySpConfiguration(spConfig, basicConfig); + oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH)); + pendingReq = new TestRequestImpl(); + + pendingReq.setSpConfig(oaParam); + pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue()); + pendingReq.setAuthUrl("http://test.com/"); + pendingReq.setTransactionId("avaasbav"); + pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); + + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU"); + executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true); + + } + + @Test + public void missingEidasResponse() { + try { + task.execute(pendingReq, executionContext); + Assert.fail("No eIDAS response not detected"); + + } catch (TaskExecutionException e) { + Assert.assertEquals("ErrorId", "eidas.01", + ((EaafException) e.getOriginalException()).getErrorId()); + + } + } + + @Test + public void notSuccessEidasResponse() throws URISyntaxException { + String statusCode = RandomStringUtils.randomAlphabetic(10); + httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, + buildDummyAuthResponse(statusCode)); + + + try { + task.execute(pendingReq, executionContext); + Assert.fail("No eIDAS response not detected"); + + } catch (TaskExecutionException e) { + Assert.assertEquals("ErrorId", "eidas.02", + ((EaafException) e.getOriginalException()).getErrorId()); + Assert.assertEquals("wrong parameter size", 2, ((EaafException) e.getOriginalException()) + .getParams().length); + Assert.assertEquals("wrong errorMsg", statusCode, ((EaafException) e + .getOriginalException()).getParams()[0]); + + } + } + + @Test + public void success() throws URISyntaxException, TaskExecutionException, PendingReqIdValidationException { + @NotNull + AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI); + httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse); + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU"); + + //execute test + task.execute(pendingReq, executionContext); + + //validate state + IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId()); + Assert.assertNotNull("pendingReq not stored", storedReq); + + final AuthProcessDataWrapper authProcessData = storedReq.getSessionData(AuthProcessDataWrapper.class); + Assert.assertEquals("LoA", eidasResponse.getLevelOfAssurance(), authProcessData.getQaaLevel()); + Assert.assertNotNull("eIDAS response", + authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE)); + Assert.assertEquals("eIDAS response", eidasResponse, + authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE)); + + } + + @NotNull + private AuthenticationResponse buildDummyAuthResponse(String statusCode) throws URISyntaxException { + final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first(); + final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first(); + final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + Constants.eIDAS_ATTR_CURRENTGIVENNAME).first(); + final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + Constants.eIDAS_ATTR_DATEOFBIRTH).first(); + + final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder() + .put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64)) + .put(attributeDef2, RandomStringUtils.randomAlphabetic(10)) + .put(attributeDef3, RandomStringUtils.randomAlphabetic(10)).put(attributeDef4, "2001-01-01").build(); + + val b = new AuthenticationResponse.Builder(); + return b.id("_".concat(Random.nextHexRandom16())) + .issuer(RandomStringUtils.randomAlphabetic(10)) + .subject(RandomStringUtils.randomAlphabetic(10)) + .statusCode(statusCode) + .inResponseTo("_".concat(Random.nextHexRandom16())) + .subjectNameIdFormat("afaf") + .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) + .attributes(attributeMap) + .build(); + } + +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java new file mode 100644 index 00000000..ad38e371 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java @@ -0,0 +1,139 @@ +package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.utils; + +import java.io.IOException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.Provider; +import java.security.cert.X509Certificate; +import java.util.Arrays; +import java.util.Collections; +import java.util.List; + +import org.apache.commons.lang3.RandomStringUtils; +import org.jose4j.jwa.AlgorithmConstraints; +import org.jose4j.jwa.AlgorithmConstraints.ConstraintType; +import org.jose4j.jws.AlgorithmIdentifiers; +import org.jose4j.lang.JoseException; +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils.JwsResult; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory; +import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreUtils; +import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration; +import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType; +import at.gv.egiz.eaaf.core.impl.data.Pair; + +@RunWith(SpringJUnit4ClassRunner.class) +@PrepareForTest(CreateIdentityLinkTask.class) +@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS) +@ContextConfiguration(locations = { + "/SpringTest-context_tasks_test.xml", + "/SpringTest-context_basic_mapConfig.xml"}) +public class JoseUtilsTest { + + @Autowired private EaafKeyStoreFactory keyStoreFactory; + + private static final List<String> AUTH_ALGORITHM_WHITELIST_SIGNING = Collections.unmodifiableList( + Arrays.asList( + AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256, + AlgorithmIdentifiers.ECDSA_USING_P521_CURVE_AND_SHA512, + AlgorithmIdentifiers.RSA_PSS_USING_SHA256, + AlgorithmIdentifiers.RSA_PSS_USING_SHA512)); + + + @Test + public void missingKey() throws EaafException, JoseException, KeyStoreException, IOException { + + KeyStoreConfiguration config = new KeyStoreConfiguration(); + config.setFriendlyName("jUnittest"); + config.setKeyStoreType(KeyStoreType.JKS); + config.setSoftKeyStoreFilePath("../data/junit.jks"); + config.setSoftKeyStorePassword("password"); + + Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config); + String payLoad = RandomStringUtils.randomAlphanumeric(100); + + //check signing + try { + JoseUtils.createSignature(keyStore, "notExist", "password".toCharArray(), payLoad , true, "jUnitTest"); + Assert.fail("missing Key not detected"); + + } catch (EaafException e) { + Assert.assertEquals("ErrorId", "internal.keystore.09", e.getErrorId()); + + } + } + + @Test + public void createRsaSignature() throws EaafException, JoseException, KeyStoreException, IOException { + + KeyStoreConfiguration config = new KeyStoreConfiguration(); + config.setFriendlyName("jUnittest"); + config.setKeyStoreType(KeyStoreType.JKS); + config.setSoftKeyStoreFilePath("../data/junit.jks"); + config.setSoftKeyStorePassword("password"); + + Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config); + String payLoad = RandomStringUtils.randomAlphanumeric(100); + + //check signing + String result = JoseUtils.createSignature(keyStore, "meta", "password".toCharArray(), payLoad , true, "jUnitTest"); + + Assert.assertNotNull("signed message", result); + Assert.assertFalse("signed msg empty", result.isEmpty()); + + + //validate + List<X509Certificate> trustedCerts = EaafKeyStoreUtils.readCertsFromKeyStore(keyStore.getFirst()); + final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT, + AUTH_ALGORITHM_WHITELIST_SIGNING + .toArray(new String[AUTH_ALGORITHM_WHITELIST_SIGNING.size()])); + JwsResult verify = JoseUtils.validateSignature(result, trustedCerts, constraints); + + Assert.assertTrue("sig. verify", verify.isValid()); + Assert.assertEquals("payload", payLoad, verify.getPayLoad()); + + } + + @Test + public void createEccSignature() throws EaafException, JoseException, KeyStoreException, IOException { + + KeyStoreConfiguration config = new KeyStoreConfiguration(); + config.setFriendlyName("jUnittest"); + config.setKeyStoreType(KeyStoreType.JKS); + config.setSoftKeyStoreFilePath("../data/junit.jks"); + config.setSoftKeyStorePassword("password"); + + Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config); + String payLoad = RandomStringUtils.randomAlphanumeric(100); + + //check signing + String result = JoseUtils.createSignature(keyStore, "sig", "password".toCharArray(), payLoad , true, "jUnitTest"); + + Assert.assertNotNull("signed message", result); + Assert.assertFalse("signed msg empty", result.isEmpty()); + + + //validate + List<X509Certificate> trustedCerts = EaafKeyStoreUtils.readCertsFromKeyStore(keyStore.getFirst()); + final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT, + AUTH_ALGORITHM_WHITELIST_SIGNING + .toArray(new String[AUTH_ALGORITHM_WHITELIST_SIGNING.size()])); + JwsResult verify = JoseUtils.validateSignature(result, trustedCerts, constraints); + + Assert.assertTrue("sig. verify", verify.isValid()); + Assert.assertEquals("payload", payLoad, verify.getPayLoad()); + + } + +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAttributePostProcessingTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java index 55a3ce99..9bb51cd9 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAttributePostProcessingTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java @@ -21,7 +21,7 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ -package at.asitplus.eidas.specific.modules.auth.eidas.v2.test; +package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation; import static org.junit.Assert.fail; @@ -45,7 +45,9 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData; import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService; @RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration("/SpringTest-context_tasks_test.xml") +@ContextConfiguration(locations = { + "/SpringTest-context_tasks_test.xml", + "/SpringTest-context_basic_mapConfig.xml"}) @DirtiesContext(classMode = ClassMode.AFTER_CLASS) public class EidasAttributePostProcessingTest { diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasRequestPreProcessingFirstTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java index 880c32ae..d0ab50f4 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasRequestPreProcessingFirstTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java @@ -21,7 +21,7 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ -package at.asitplus.eidas.specific.modules.auth.eidas.v2.test; +package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation; import java.io.IOException; import java.util.HashMap; @@ -37,12 +37,14 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.test.annotation.DirtiesContext; import org.springframework.test.annotation.DirtiesContext.ClassMode; import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.TestPropertySource; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService; import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; @@ -50,7 +52,10 @@ import eu.eidas.auth.commons.light.impl.LightRequest; import eu.eidas.auth.commons.light.impl.LightRequest.Builder; @RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration("/SpringTest-context_tasks_test.xml") +@ContextConfiguration(locations = { + "/SpringTest-context_tasks_test.xml", + "/SpringTest-context_basic_realConfig.xml"}) +@TestPropertySource(locations = {"classpath:/config/junit_config_de_attributes.properties"}) @DirtiesContext(classMode = ClassMode.AFTER_CLASS) public class EidasRequestPreProcessingFirstTest { @@ -70,8 +75,9 @@ public class EidasRequestPreProcessingFirstTest { */ @BeforeClass public static void classInitializer() throws IOException { - final String current = new java.io.File(".").toURI().toString(); - System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties"); +// final String current = new java.io.File(".").toURI().toString(); +// System.setProperty("eidas.ms.configuration", +// current + "src/test/resources/config/junit_config_de_attributes.properties"); } @@ -95,6 +101,7 @@ public class EidasRequestPreProcessingFirstTest { authnRequestBuilder = LightRequest.builder(); authnRequestBuilder.id(UUID.randomUUID().toString()); authnRequestBuilder.issuer("Test"); + authnRequestBuilder.levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH); } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasRequestPreProcessingSecondTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java index e7bacded..23175a18 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasRequestPreProcessingSecondTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java @@ -21,16 +21,14 @@ * that you distribute must include a readable copy of the "NOTICE" text file. */ -package at.asitplus.eidas.specific.modules.auth.eidas.v2.test; +package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation; -import java.io.IOException; import java.util.HashMap; import java.util.Map; import java.util.UUID; import org.junit.Assert; import org.junit.Before; -import org.junit.BeforeClass; import org.junit.Test; import org.junit.runner.RunWith; import org.springframework.beans.factory.annotation.Autowired; @@ -39,22 +37,25 @@ import org.springframework.test.annotation.DirtiesContext.ClassMode; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService; import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; import eu.eidas.auth.commons.light.impl.LightRequest; import eu.eidas.auth.commons.light.impl.LightRequest.Builder; @RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration("/SpringTest-context_tasks_test.xml") +@ContextConfiguration(locations = { + "/SpringTest-context_tasks_test.xml", + "/SpringTest-context_basic_mapConfig.xml"}) @DirtiesContext(classMode = ClassMode.AFTER_CLASS) public class EidasRequestPreProcessingSecondTest { @Autowired - private IConfigurationWithSP basicConfig; + private MsConnectorDummyConfigMap basicConfig; @Autowired private CcSpecificEidProcessingService preProcessor; @@ -62,18 +63,6 @@ public class EidasRequestPreProcessingSecondTest { private DummySpConfiguration oaParam; private Builder authnRequestBuilder; - /** - * jUnit class initializer. - * - * @throws IOException In case of an error - */ - @BeforeClass - public static void classInitializer() throws IOException { - final String current = new java.io.File(".").toURI().toString(); - System.setProperty("eidas.ms.configuration", current - + "src/test/resources/config/junit_config_1.properties"); - - } /** * jUnit test set-up. @@ -95,12 +84,16 @@ public class EidasRequestPreProcessingSecondTest { authnRequestBuilder = LightRequest.builder(); authnRequestBuilder.id(UUID.randomUUID().toString()); authnRequestBuilder.issuer("Test"); + authnRequestBuilder.levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH); } @Test public void prePreProcessDeUnknownAttribute() throws EidPostProcessingException { - + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs", "myNode"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true"); + final String testCountry = "DE"; authnRequestBuilder.citizenCountryCode(testCountry); preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java new file mode 100644 index 00000000..e0f15c8c --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java @@ -0,0 +1,333 @@ +package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation; + +import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE; + +import java.net.URISyntaxException; +import java.util.Arrays; +import java.util.HashMap; +import java.util.Map; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import com.google.common.collect.ImmutableSet; + +import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap; +import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummySpConfiguration; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasValidationException; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.validator.EidasResponseValidator; +import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.utils.Random; +import eu.eidas.auth.commons.attribute.AttributeDefinition; +import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; +import eu.eidas.auth.commons.attribute.ImmutableAttributeMap.Builder; +import eu.eidas.auth.commons.attribute.impl.StringAttributeValue; +import eu.eidas.auth.commons.light.ILightResponse; +import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse; +import lombok.val; + +@RunWith(SpringJUnit4ClassRunner.class) +@PrepareForTest(CreateIdentityLinkTask.class) +@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS) +@ContextConfiguration(locations = { + "/SpringTest-context_tasks_test.xml", + "/SpringTest-context_basic_mapConfig.xml"}) +public class EidasResponseValidatorTest { + + @Autowired private MsConnectorDummyConfigMap basicConfig; + @Autowired protected EidasAttributeRegistry attrRegistry; + + private TestRequestImpl pendingReq; + private MsConnectorDummySpConfiguration oaParam; + + + /** + * jUnit test set-up. + */ + @Before + public void setUp() throws EaafStorageException, URISyntaxException { + + final Map<String, String> spConfig = new HashMap<>(); + spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); + spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); + spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true"); + oaParam = new MsConnectorDummySpConfiguration(spConfig, basicConfig); + oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH)); + pendingReq = new TestRequestImpl(); + + pendingReq.setSpConfig(oaParam); + pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue()); + pendingReq.setAuthUrl("http://test.com/"); + pendingReq.setTransactionId("avaasbav"); + pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); + + } + + + @Test + public void loaFromResponseToLow() throws URISyntaxException { + //set-up + ILightResponse eidasResponse = buildDummyAuthResponse( + "LU/AT/" + RandomStringUtils.randomNumeric(10), + EaafConstants.EIDAS_LOA_LOW, + false); + String spCountry = "AT"; + String citizenCountryCode = "XX"; + + //execute test + try { + EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry); + Assert.fail("Wrong eIDAS response not detected"); + + } catch (EidasValidationException e) { + Assert.assertEquals("ErrorId", "eidas.06", e.getErrorId()); + Assert.assertEquals("wrong parameter size", 1, e.getParams().length); + Assert.assertEquals("wrong errorMsg", "http://eidas.europa.eu/LoA/low", + e.getParams()[0]); + + } + } + + @Test + public void noEidasSpCountry() throws URISyntaxException { + //set-up + ILightResponse eidasResponse = buildDummyAuthResponse( + "LU/AT/" + RandomStringUtils.randomNumeric(10), + EaafConstants.EIDAS_LOA_SUBSTANTIAL, + false); + String spCountry = null; + String citizenCountryCode = "LU"; + + oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); + + + //execute test + try { + EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry); + Assert.fail("Wrong eIDAS response not detected"); + + } catch (EidasValidationException e) { + Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId()); + Assert.assertEquals("wrong parameter size", 2, e.getParams().length); + Assert.assertEquals("wrong errorMsg", "PersonIdentifier", + e.getParams()[0]); + Assert.assertEquals("wrong errorMsg", + "Destination country does not match to SP country", + e.getParams()[1]); + + } + } + + @Test + public void noEidasResponseCountry() throws URISyntaxException { + //set-up + ILightResponse eidasResponse = buildDummyAuthResponse( + "LU/AT/" + RandomStringUtils.randomNumeric(10), + EaafConstants.EIDAS_LOA_SUBSTANTIAL, + false); + String spCountry = "AT"; + String citizenCountryCode = null; + + oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); + + + //execute test + try { + EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry); + Assert.fail("Wrong eIDAS response not detected"); + + } catch (EidasValidationException e) { + Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId()); + Assert.assertEquals("wrong parameter size", 2, e.getParams().length); + Assert.assertEquals("wrong errorMsg", "PersonIdentifier", + e.getParams()[0]); + Assert.assertEquals("wrong errorMsg", + "Citizen country does not match to eIDAS-node country that generates the response", + e.getParams()[1]); + + } + } + + @Test + public void wrongEidasResponseCountry() throws URISyntaxException { + //set-up + ILightResponse eidasResponse = buildDummyAuthResponse( + "LU/AT/" + RandomStringUtils.randomNumeric(10), + EaafConstants.EIDAS_LOA_SUBSTANTIAL, + false); + String spCountry = "AT"; + String citizenCountryCode = "XX"; + + oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); + + + //execute test + try { + EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry); + Assert.fail("Wrong eIDAS response not detected"); + + } catch (EidasValidationException e) { + Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId()); + Assert.assertEquals("wrong parameter size", 2, e.getParams().length); + Assert.assertEquals("wrong errorMsg", "PersonIdentifier", + e.getParams()[0]); + Assert.assertEquals("wrong errorMsg", + "Citizen country does not match to eIDAS-node country that generates the response", + e.getParams()[1]); + + } + } + + @Test + public void missingPersonalIdentifier() throws URISyntaxException { + //set-up + ILightResponse eidasResponse = buildDummyAuthResponse( + null, + EaafConstants.EIDAS_LOA_SUBSTANTIAL, + false); + String spCountry = "AT"; + String citizenCountryCode = "LU"; + + oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); + + + //execute test + try { + EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry); + Assert.fail("Wrong eIDAS response not detected"); + + } catch (EidasValidationException e) { + Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId()); + Assert.assertEquals("wrong parameter size", 1, e.getParams().length); + Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte", + e.getParams()[0]); + + } + } + + @Test + public void moreThanOnePersonalIdentifier() throws URISyntaxException { + //set-up + ILightResponse eidasResponse = buildDummyAuthResponse( + null, + EaafConstants.EIDAS_LOA_SUBSTANTIAL, + true); + String spCountry = "AT"; + String citizenCountryCode = "LU"; + + oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); + + + //execute test + try { + EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry); + Assert.fail("Wrong eIDAS response not detected"); + + } catch (EidasValidationException e) { + Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId()); + Assert.assertEquals("wrong parameter size", 1, e.getParams().length); + Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte", + e.getParams()[0]); + + } + } + + @Test + public void emptyPersonalIdentifier() throws URISyntaxException { + //set-up + ILightResponse eidasResponse = buildDummyAuthResponse( + "", + EaafConstants.EIDAS_LOA_SUBSTANTIAL, + false); + String spCountry = "AT"; + String citizenCountryCode = "LU"; + + oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); + + + //execute test + try { + EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry); + Assert.fail("Wrong eIDAS response not detected"); + + } catch (EidasValidationException e) { + Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId()); + Assert.assertEquals("wrong parameter size", 2, e.getParams().length); + Assert.assertEquals("wrong errorMsg", "PersonIdentifier", + e.getParams()[0]); + Assert.assertEquals("wrong errorMsg", + "Wrong identifier format", + e.getParams()[1]); + + } + } + + @Test + public void validResponse() throws URISyntaxException, EidasValidationException { + //set-up + + String spCountry = RandomStringUtils.randomAlphabetic(2).toUpperCase(); + String cCountry = RandomStringUtils.randomAlphabetic(2).toUpperCase(); + + ILightResponse eidasResponse = buildDummyAuthResponse( + cCountry + "/" + spCountry + "/" + RandomStringUtils.randomAlphanumeric(20), + EaafConstants.EIDAS_LOA_SUBSTANTIAL, + false); + + oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); + + + //execute test + + EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, cCountry, attrRegistry); + + } + + + private AuthenticationResponse buildDummyAuthResponse(String personalId, String loa, boolean moreThanOnePersonalId) + throws URISyntaxException { + + + final AttributeDefinition personIdattributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first(); + + final Builder attributeMap = ImmutableAttributeMap.builder(); + if (personalId != null) { + if (moreThanOnePersonalId) { + ImmutableSet values = ImmutableSet.of(new StringAttributeValue(personalId), + new StringAttributeValue("XX/YY/" + RandomStringUtils.randomAlphanumeric(10))); + attributeMap.put(personIdattributeDef, values); + + } else { + attributeMap.put(personIdattributeDef, personalId); + + } + } + + val b = new AuthenticationResponse.Builder(); + return b.id("_".concat(Random.nextHexRandom16())) + .issuer(RandomStringUtils.randomAlphabetic(10)) + .subject(RandomStringUtils.randomAlphabetic(10)) + .statusCode(Constants.SUCCESS_URI) + .inResponseTo("_".concat(Random.nextHexRandom16())) + .subjectNameIdFormat("afaf") + .levelOfAssurance(loa) + .attributes(attributeMap.build()) + .build(); + } +} + diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_mapConfig.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_mapConfig.xml new file mode 100644 index 00000000..3a9214fb --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_mapConfig.xml @@ -0,0 +1,20 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <context:annotation-config /> + + <bean id="dummyMapBasedConfiguration" + class="at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap"> + <constructor-arg value="/config/junit_config_1.properties" /> + <property name="configRootDirSufix" value="src/test/resources/config" /> + </bean> + +</beans>
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_realConfig.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_realConfig.xml new file mode 100644 index 00000000..d4474056 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_realConfig.xml @@ -0,0 +1,25 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <context:annotation-config /> + + <!-- + <bean id="BasicMSSpecificNodeConfig" + class="at.asitplus.eidas.specific.connector.config.BasicConfigurationProvider"> + <constructor-arg + value="#{systemProperties['eidas.ms.configuration']}" /> + </bean> + --> + + <bean id="springBootBasicConfingProvider" + class="at.asitplus.eidas.specific.connector.config.SpringBootBasicConfigurationProvider" /> + +</beans>
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml index 0bb5d419..956cfcc9 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml @@ -11,6 +11,8 @@ <context:annotation-config /> + + <bean id="SZRClientForeIDAS" class="at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient" /> @@ -58,10 +60,4 @@ <property name="priority" value="0" /> </bean> - <bean id="BasicMSSpecificNodeConfig" - class="at.asitplus.eidas.specific.connector.config.BasicConfigurationProvider"> - <constructor-arg - value="#{systemProperties['eidas.ms.configuration']}" /> - </bean> - </beans>
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml index e362fd22..e479dc78 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml @@ -17,7 +17,7 @@ <import resource="SpringTest-context_authManager.xml" /> - <import resource="SpringTest-context_basic_test.xml" /> + <import resource="SpringTest-context_basic_test.xml" /> <bean id="mvcGUIBuilderImpl" class="at.asitplus.eidas.specific.connector.gui.SpringMvcGuiFormBuilderImpl" /> @@ -48,6 +48,9 @@ <bean id="authBlockSigningService" class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.AuthBlockSigningService" /> + <bean id="EidasSignalServlet" + class="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet" /> + <!-- Authentication Process Tasks --> <bean id="ConnecteIDASNodeTask" class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask" @@ -98,4 +101,5 @@ <bean id="ReceiveMobilePhoneSignatureResponseTask" class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveMobilePhoneSignatureResponseTask" scope="prototype" /> + </beans>
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties index 21ed51e7..a662379c 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties @@ -101,6 +101,7 @@ eidas.ms.pvp2.metadata.validity=24 eidas.ms.sp.0.uniqueID= eidas.ms.sp.0.pvp2.metadata.truststore= eidas.ms.sp.0.pvp2.metadata.truststore.password= +eidas.ms.sp.0.newEidMode=true #eidas.ms.sp.0.friendlyName= #eidas.ms.sp.0.pvp2.metadata.url= diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_2.properties b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_2.properties index dcdadce5..7c5e5a40 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_2.properties +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_2.properties @@ -28,7 +28,7 @@ eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector eidas.ms.auth.eIDAS.node_v2.forward.endpoint=http://test eidas.ms.auth.eIDAS.node_v2.forward.method=GET eidas.ms.auth.eIDAS.node_v2.countrycode=AT -eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.* +#eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.* eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=false diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_4.properties b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_4.properties new file mode 100644 index 00000000..01e72069 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_4.properties @@ -0,0 +1,114 @@ +## Basic service configuration +eidas.ms.context.url.prefix= +eidas.ms.context.url.request.validation=false + +eidas.ms.context.use.clustermode=true + +##Monitoring +eidas.ms.monitoring.eIDASNode.metadata.url= + + +##Specific logger configuration +eidas.ms.technicallog.write.MDS.into.techlog=true +eidas.ms.revisionlog.write.MDS.into.revisionlog=true +eidas.ms.revisionlog.logIPAddressOfUser=true + +##Directory for static Web content +eidas.ms.webcontent.static.directory=webcontent/ +eidas.ms.webcontent.templates=templates/ +eidas.ms.webcontent.properties=properties/messages + +## extended validation of pending-request Id's +eidas.ms.core.pendingrequestid.maxlifetime=300 +eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256 +eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret + +## eIDAS Ref. Implementation connector ### +eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector +eidas.ms.auth.eIDAS.node_v2.forward.endpoint=http://test +eidas.ms.auth.eIDAS.node_v2.forward.method=GET +eidas.ms.auth.eIDAS.node_v2.countrycode=AT +#eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.* +eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=false +eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true +eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=false + +eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high + +eidas.ms.auth.eIDAS.szrclient.useTestService=true +eidas.ms.auth.eIDAS.szrclient.endpoint.prod= +eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/..... +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password= +eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path= +eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password= +eidas.ms.auth.eIDAS.szrclient.timeout.connection=15 +eidas.ms.auth.eIDAS.szrclient.timeout.response=30 +eidas.ms.auth.eIDAS.szrclient.params.vkz= + +eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation=false + + +eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s +eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair +eidas.ms.auth.eIDAS.authblock.keystore.path=./../keystore/teststore.jks +eidas.ms.auth.eIDAS.authblock.keystore.type=jks +eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair +eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s + + +#Raw eIDAS Id data storage +eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true + +eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true +eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true + +eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true +eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=true + +##without mandates +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true + +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.4=PlaceOfBirth,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.5=BirthName,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.6=Gender,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.7=CurrentAddress,false + +##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT ----- +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.1=FamilyName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.2=FirstName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.3=DateOfBirth,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true + + +## PVP2 S-Profile end-point configuration +eidas.ms.pvp2.keystore.path=keys/..... +eidas.ms.pvp2.keystore.password= +eidas.ms.pvp2.key.metadata.alias= +eidas.ms.pvp2.key.metadata.password= +eidas.ms.pvp2.key.signing.alias= +eidas.ms.pvp2.key.signing.password= +eidas.ms.pvp2.metadata.validity=24 + +## Service Provider configuration +eidas.ms.sp.0.uniqueID= +eidas.ms.sp.0.pvp2.metadata.truststore= +eidas.ms.sp.0.pvp2.metadata.truststore.password= + +#eidas.ms.sp.0.friendlyName= +#eidas.ms.sp.0.pvp2.metadata.url= +#eidas.ms.sp.0.policy.allowed.requested.targets=.* +#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false + + +##only for advanced config +eidas.ms.configuration.sp.disableRegistrationRequirement= +eidas.ms.configuration.restrictions.baseID.spTransmission= +eidas.ms.configuration.auth.default.countrycode= +eidas.ms.configuration.pvp.scheme.validation= +eidas.ms.configuration.pvp.enable.entitycategories=
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_de_attributes.properties b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_de_attributes.properties new file mode 100644 index 00000000..6b235667 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_de_attributes.properties @@ -0,0 +1,116 @@ +## Basic service configuration +eidas.ms.context.url.prefix= +eidas.ms.context.url.request.validation=false +eidas.ms.core.configRootDir=file:./src/test/resources/config/ + + +eidas.ms.context.use.clustermode=true + +##Monitoring +eidas.ms.monitoring.eIDASNode.metadata.url= + + +##Specific logger configuration +eidas.ms.technicallog.write.MDS.into.techlog=true +eidas.ms.revisionlog.write.MDS.into.revisionlog=true +eidas.ms.revisionlog.logIPAddressOfUser=true + +##Directory for static Web content +eidas.ms.webcontent.static.directory=webcontent/ +eidas.ms.webcontent.templates=templates/ +eidas.ms.webcontent.properties=properties/messages + +## extended validation of pending-request Id's +eidas.ms.core.pendingrequestid.maxlifetime=300 +eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256 +eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret + +## eIDAS Ref. Implementation connector ### +eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector +eidas.ms.auth.eIDAS.node_v2.forward.endpoint=http://test +eidas.ms.auth.eIDAS.node_v2.forward.method=GET +eidas.ms.auth.eIDAS.node_v2.countrycode=AT +#eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.* +eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true +eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true +eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true + +eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high + +eidas.ms.auth.eIDAS.szrclient.useTestService=true +eidas.ms.auth.eIDAS.szrclient.endpoint.prod= +eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/..... +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password= +eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path= +eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password= +eidas.ms.auth.eIDAS.szrclient.timeout.connection=15 +eidas.ms.auth.eIDAS.szrclient.timeout.response=30 +eidas.ms.auth.eIDAS.szrclient.params.vkz= + +eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation=false + + +eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s +eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair +eidas.ms.auth.eIDAS.authblock.keystore.path=./../keystore/teststore.jks +eidas.ms.auth.eIDAS.authblock.keystore.type=jks +eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair +eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s + + +#Raw eIDAS Id data storage +eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true + +eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true +eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true + +eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true +eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=true + +##without mandates +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true + +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.4=PlaceOfBirth,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.5=BirthName,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.6=Gender,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.7=CurrentAddress,false + +##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT ----- +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.1=FamilyName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.2=FirstName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.3=DateOfBirth,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true + + +## PVP2 S-Profile end-point configuration +eidas.ms.pvp2.keystore.path=keys/..... +eidas.ms.pvp2.keystore.password= +eidas.ms.pvp2.key.metadata.alias= +eidas.ms.pvp2.key.metadata.password= +eidas.ms.pvp2.key.signing.alias= +eidas.ms.pvp2.key.signing.password= +eidas.ms.pvp2.metadata.validity=24 + +## Service Provider configuration +eidas.ms.sp.0.uniqueID= +eidas.ms.sp.0.pvp2.metadata.truststore= +eidas.ms.sp.0.pvp2.metadata.truststore.password= + +#eidas.ms.sp.0.friendlyName= +#eidas.ms.sp.0.pvp2.metadata.url= +#eidas.ms.sp.0.policy.allowed.requested.targets=.* +#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false + + +##only for advanced config +eidas.ms.configuration.sp.disableRegistrationRequirement= +eidas.ms.configuration.restrictions.baseID.spTransmission= +eidas.ms.configuration.auth.default.countrycode= +eidas.ms.configuration.pvp.scheme.validation= +eidas.ms.configuration.pvp.enable.entitycategories=
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/junit.jks b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/junit.jks Binary files differnew file mode 100644 index 00000000..a18df332 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/junit.jks diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/signed_eidasBind.jws b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/signed_eidasBind.jws new file mode 100644 index 00000000..f7c9a1c7 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/signed_eidasBind.jws @@ -0,0 +1 @@ +eyJ1cm46YXQuZ3YuZWlkOmJpbmR0eXBlIjoidXJuOmF0Lmd2LmVpZDplaWRhc0JpbmQiLCJhbGciOiJSUzUxMiIsIng1dCNTMjU2IjoiY3FtcXBHdWlnS0NRelVWX1doWURHU1EyNEx6Zkxtd0ZtUlNYQlNYR3o3byJ9.eyJ1cm46ZWlkZ3ZhdDphdHRyaWJ1dGVzLnZzei52YWx1ZSI6IjhEYWNBTUxVSFEiLCJ1cm46ZWlkZ3ZhdDphdHRyaWJ1dGVzLnVzZXIucHVia2V5cyI6WyI1NDZ5OEtXZ3R1V3F1dXVNdC9DUWhKem1pWXZ3bzR1QzhLZWxxdUtMc2VLbG1mQ2dtcnpscGFQd3A1K3Q2NjI4Il0sInVybjplaWRndmF0OmF0dHJpYnV0ZXMuZWlkLnN0YXR1cyI6InVybjplaWRndmF0OmVpZC5zdGF0dXMuZWlkYXMifQ.WiECS-E5RB-zQV3JW6-3B7op093QErqq3yS2S4YVFQq9XmYzTD8UKo63yaHa-2U2WFUbiwNI3OOkwNZIAedMZHHblZ0jzjGTb58zL4Yvm6sPSlq3TP5u0emiQdjIJNQmILE5ZYVOgSA-4MWLXAgRQEl2A1w8lHxptE6ya83GdhA0gP51-rY_536qvVuaZHrQ2Lpahl-lTIY1Zi6Knqj1yFdH-auqkLxB44l-XvMv9QryBZMAkkmiu8J598rzIJ2ifGyw4UqHDJZ53GKUpBbU_X23ZjsZ8B5ZapRTO9JGoEEW3rMDEO5_9cjWYOCn87-CA3bMNVbo1KN146UZGuZbyXuevLPznRkbCtXS--IE0SuuLBaowcktX2ggeeSzaq6UZW7hSmQnErVgxxfP16ijBu8yylo-PFbqgYFNT-Ca2rS8i1Cs0KdPTahYIRm4xLARahYLQbqA15medm7JSoz4tA468c_hcNzyG9aGoXYuw1F5kUrJkHl0IWdHkvSR8RWw
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_valid_2.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_valid_2.xml new file mode 100644 index 00000000..f07c67d6 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_valid_2.xml @@ -0,0 +1,50 @@ +<ns6:GetIdentityLinkEidasResponse xmlns="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:ns2="http://egov.gv.at/pvp1.xsd" xmlns:ns3="http://www.w3.org/2000/09/xmldsig#" xmlns:ns4="http://www.w3.org/2001/04/xmldsig-more#" xmlns:ns5="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:ns6="urn:SZRServices"><ns6:GetIdentityLinkReturn><ns6:PersonInfo><ns6:Person><Identification><Value>k+zDM1BVpN1WJO4x7ZQ3ng==</Value><Type>urn:publicid:gv.at:baseid</Type></Identification><Name><GivenName>Franz</GivenName><FamilyName>Mustermann</FamilyName></Name><Sex>unknown</Sex><DateOfBirth>1989-05-05</DateOfBirth></ns6:Person></ns6:PersonInfo><ns6:Assertion><saml:Assertion xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:si="http://www.w3.org/2001/XMLSchema-instance" AssertionID="szr.bmi.gv.at-AssertionID15650069652921" IssueInstant="2019-08-05T14:09:25+01:00" Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" MinorVersion="0"> + <saml:AttributeStatement> + <saml:Subject> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod> + <saml:SubjectConfirmationData> + <pr:Person si:type="pr:PhysicalPersonType"><pr:Identification><pr:Value>k+zDM1BV1312312332x7ZQ3ng==</pr:Value><pr:Type>urn:publicid:gv.at:baseid</pr:Type></pr:Identification><pr:Name><pr:GivenName>Martina</pr:GivenName><pr:FamilyName primary="undefined">Musterfrau</pr:FamilyName></pr:Name><pr:DateOfBirth>1991-04-15</pr:DateOfBirth></pr:Person> + </saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + </saml:AttributeStatement> + <dsig:Signature> + <dsig:SignedInfo> + <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <dsig:Reference URI=""> + <dsig:Transforms> + <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> + <dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath> + </dsig:Transform> + <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> + </dsig:Transforms> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>GZjlsEXIhUPBSbOR1R8P4dzRJHE=</dsig:DigestValue> + </dsig:Reference> + <dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest"> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>lCnWsFICFg0ogj0Ha7++Y9gyOQg=</dsig:DigestValue> + </dsig:Reference> + </dsig:SignedInfo> + <dsig:SignatureValue> + a6tPfkdriEzAyQh2jU3/4j48baaPnY/i510OHx0vwHRvXLz80UyZzffdmtaRuk3iHVxgUMd9 + Ld0DLsRt6tFJiPLyBCo0QCuqaOwgTcuUI3Ku/oySpqMjqug3AMdrhxW2j41yQlzvkjiZTT4j + zQ9GHFnZnnob0+bBflqIjZOl4xc= + </dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIICTzCCAbigAwIBAgIBADANBgkqhkiG9w0BAQUFADATMREwDwYDVQQDEwhTWlJQRVJTQjAeFw0wNTA3MDEwMDAwMDBaFw00MDEyMzEyMzU5NTlaMBMxETAPBgNVBAMTCFNaUlBFUlNCMIIBHzANBgkqhkiG9w0BAQEFAAOCAQwAMIIBBwKBgQDGNmo9LOohefioGreKU6j6R05jUwHuddziSOQPolmMSXQG6NnnlLQaITv7BEmFj+EBqaOc+891wgZCRvNA2h+fHdJ69QXi/xjCovJI5SHh9jA+ssqhZ68iXOZHPq4WeegtYiYyJaRxWF+iPLqSm+bknS/KuBUcZol9SM3r6CMf0wKBgHytGrIelzc9ZN97VYXLkOJxi4TNSSj3Q/1TIC0s+HSzjbD694Y6ufINpR+IQm5epLTdXx9Dxv19bYnsLEIt0niMd2Cnm1DxXe8iNaDzpWec7fbRT6vDBwtTnyQkGfu2GGF3nSvVZ5AUDbLdAfZLOlbwsZmPnWU1zktSkLgKnT2XozIwMDAuBglghkgBhvhCAQ0EIRMfQ3JlYXRlZCBieSB6L09TIElDU0YgLSBIQ1I3NzgwIDANBgkqhkiG9w0BAQUFAAOBgQBwPc3l/Qf4myH8rsAAM5HqdCR68bMegWgNVxlPNl5DNJEE2hbPhIJ/K6TF6cjROYKDVuQ/+drtsZcrEOaqhqD3qw7MXAiT9GurV99YM/qTBsMy13yjU3LqeFX25Om8JlccGF5G+iHrVjfNQEUocGnGxCAPMlBvGwia4JjJcIPx7Q==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo> + <dsig:Object> + <dsig:Manifest Id="manifest"> + <dsig:Reference URI=""> + <dsig:Transforms> + <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> + <dsig:XPath>not(ancestor-or-self::dsig:Signature)</dsig:XPath> + </dsig:Transform> + </dsig:Transforms> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>SbpaaSlLolEX5D9P7HyTPnImvns=</dsig:DigestValue> + </dsig:Reference> + </dsig:Manifest> + </dsig:Object> + </dsig:Signature> +</saml:Assertion></ns6:Assertion><ns6:AdditionalInfo>ERN</ns6:AdditionalInfo></ns6:GetIdentityLinkReturn></ns6:GetIdentityLinkEidasResponse>
\ No newline at end of file |