diff options
Diffstat (limited to 'eidas_modules')
7 files changed, 412 insertions, 439 deletions
diff --git a/eidas_modules/authmodule-eIDAS-v2/pom.xml b/eidas_modules/authmodule-eIDAS-v2/pom.xml index 561c4307..1e5d6864 100644 --- a/eidas_modules/authmodule-eIDAS-v2/pom.xml +++ b/eidas_modules/authmodule-eIDAS-v2/pom.xml @@ -177,18 +177,6 @@ <artifactId>mockito-soap-cxf</artifactId> <scope>test</scope> </dependency> - <dependency> - <groupId>org.powermock</groupId> - <artifactId>powermock-module-junit4</artifactId> - <version>2.0.7</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.powermock</groupId> - <artifactId>powermock-api-mockito2</artifactId> - <version>2.0.7</version> - <scope>test</scope> - </dependency> <dependency> <groupId>at.asitplus.eidas.ms_specific</groupId> diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java index f1987e33..f23d61db 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java @@ -14,7 +14,6 @@ import org.junit.Assert; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; -import org.powermock.core.classloader.annotations.PrepareForTest; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; @@ -47,7 +46,6 @@ import eu.eidas.auth.commons.tx.BinaryLightToken; import eu.eidas.specificcommunication.exception.SpecificCommunicationException; @RunWith(SpringJUnit4ClassRunner.class) -@PrepareForTest(CreateIdentityLinkTask.class) @DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS) @ContextConfiguration(locations = { "/SpringTest-context_tasks_test.xml", @@ -60,14 +58,14 @@ public class EidasSignalServletTest { @Autowired private ITransactionStorage transStore; @Autowired private DummyProtocolAuthService protAuthService; @Autowired private DummySpecificCommunicationService connector; - - + + private MockHttpServletRequest httpReq; private MockHttpServletResponse httpResp; private TestRequestImpl pendingReq; private MsConnectorDummySpConfiguration oaParam; - - + + /** * jUnit test set-up. */ @@ -77,7 +75,7 @@ public class EidasSignalServletTest { httpResp = new MockHttpServletResponse(); RequestContextHolder.resetRequestAttributes(); RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); - + final Map<String, String> spConfig = new HashMap<>(); spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); @@ -91,51 +89,51 @@ public class EidasSignalServletTest { pendingReq.setAuthUrl("http://test.com/"); pendingReq.setTransactionId("avaasbav"); pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); - + connector.setiLightResponse(null); - - + + } - + @Test public void noResponsToken() throws IOException, EaafException { //set-up - + //execute test controller.restoreEidasAuthProcess(httpReq, httpResp); - + //validate state Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); Assert.assertNotNull("missing error", protAuthService.getException()); - Assert.assertEquals("Wrong errorId", "auth.26", + Assert.assertEquals("Wrong errorId", "auth.26", ((EaafException) protAuthService.getException()).getErrorId()); - + } - + @Test public void unknownResponseToken() throws IOException, EaafException { //set-up - httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), + httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10)); - + //execute test controller.restoreEidasAuthProcess(httpReq, httpResp); - + //validate state Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); Assert.assertNotNull("missing error", protAuthService.getException()); - Assert.assertEquals("Wrong errorId", "auth.26", + Assert.assertEquals("Wrong errorId", "auth.26", ((EaafException) protAuthService.getException()).getErrorId()); - + } - + @Test public void withRelayState() throws IOException, EaafException, SpecificCommunicationException { - //set-up - String relayState = RandomStringUtils.randomAlphanumeric(10); + //set-up + String relayState = RandomStringUtils.randomAlphanumeric(10); pendingReq.setPendingReqId(relayState); storage.storePendingRequest(pendingReq); - + Builder iLightResponse = new AuthenticationResponse.Builder(); iLightResponse.id("_".concat(Random.nextHexRandom16())) .issuer(RandomStringUtils.randomAlphabetic(10)) @@ -144,37 +142,37 @@ public class EidasSignalServletTest { .inResponseTo("_".concat(Random.nextHexRandom16())) .subjectNameIdFormat("afaf") .relayState(relayState); - + AuthenticationResponse eidasResp = iLightResponse.build(); - BinaryLightToken token = connector.putResponse(eidasResp); - httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), + BinaryLightToken token = connector.putResponse(eidasResp); + httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), Base64.getEncoder().encodeToString(token.getTokenBytes())); - + //execute test controller.restoreEidasAuthProcess(httpReq, httpResp); - - + + //validate state Assert.assertNotNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); - Assert.assertEquals("wrong eIDAS response", eidasResp, + Assert.assertEquals("wrong eIDAS response", eidasResp, httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); - - Assert.assertNotNull("missing error", protAuthService.getException()); - Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'", + + Assert.assertNotNull("missing error", protAuthService.getException()); + Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'", ((EaafException) protAuthService.getException()).getErrorId()); - + } - + @Test public void withOutRelayStateMissingPendingReq() throws IOException, EaafException, SpecificCommunicationException { - //set-up - String pendingReqId = RandomStringUtils.randomAlphanumeric(10); + //set-up + String pendingReqId = RandomStringUtils.randomAlphanumeric(10); pendingReq.setPendingReqId(pendingReqId); storage.storePendingRequest(pendingReq); - + String inResponseTo = "_".concat(Random.nextHexRandom16()); - + Builder iLightResponse = new AuthenticationResponse.Builder(); iLightResponse.id("_".concat(Random.nextHexRandom16())) .issuer(RandomStringUtils.randomAlphabetic(10)) @@ -182,35 +180,35 @@ public class EidasSignalServletTest { .statusCode(Constants.SUCCESS_URI) .inResponseTo(inResponseTo) .subjectNameIdFormat("afaf"); - + AuthenticationResponse eidasResp = iLightResponse.build(); - BinaryLightToken token = connector.putResponse(eidasResp); - httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), + BinaryLightToken token = connector.putResponse(eidasResp); + httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), Base64.getEncoder().encodeToString(token.getTokenBytes())); - + //execute test controller.restoreEidasAuthProcess(httpReq, httpResp); - - + + //validate state Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); Assert.assertNotNull("missing error", protAuthService.getException()); - Assert.assertEquals("Wrong errorId", "auth.26", + Assert.assertEquals("Wrong errorId", "auth.26", ((EaafException) protAuthService.getException()).getErrorId()); - + } - + @Test public void withInResponseToElement() throws IOException, EaafException, SpecificCommunicationException { - //set-up - String pendingReqId = RandomStringUtils.randomAlphanumeric(10); + //set-up + String pendingReqId = RandomStringUtils.randomAlphanumeric(10); pendingReq.setPendingReqId(pendingReqId); storage.storePendingRequest(pendingReq); - + String inResponseTo = "_".concat(Random.nextHexRandom16()); transStore.put(inResponseTo, pendingReqId, -1); - + Builder iLightResponse = new AuthenticationResponse.Builder(); iLightResponse.id("_".concat(Random.nextHexRandom16())) .issuer(RandomStringUtils.randomAlphabetic(10)) @@ -218,26 +216,26 @@ public class EidasSignalServletTest { .statusCode(Constants.SUCCESS_URI) .inResponseTo(inResponseTo) .subjectNameIdFormat("afaf"); - + AuthenticationResponse eidasResp = iLightResponse.build(); - BinaryLightToken token = connector.putResponse(eidasResp); - httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), + BinaryLightToken token = connector.putResponse(eidasResp); + httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), Base64.getEncoder().encodeToString(token.getTokenBytes())); - + //execute test controller.restoreEidasAuthProcess(httpReq, httpResp); - - + + //validate state Assert.assertNotNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); - Assert.assertEquals("wrong eIDAS response", eidasResp, + Assert.assertEquals("wrong eIDAS response", eidasResp, httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE)); - - Assert.assertNotNull("missing error", protAuthService.getException()); - Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'", + + Assert.assertNotNull("missing error", protAuthService.getException()); + Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'", ((EaafException) protAuthService.getException()).getErrorId()); - + } - + } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java index 2e6790c5..c29c82c7 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java @@ -4,7 +4,7 @@ import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CON import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.times; import static org.mockito.Mockito.verify; -import static org.powermock.api.mockito.PowerMockito.when; +import static org.mockito.Mockito.when; import java.net.URISyntaxException; import java.security.KeyStore; @@ -28,7 +28,6 @@ import org.junit.Rule; import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.ArgumentCaptor; -import org.powermock.core.classloader.annotations.PrepareForTest; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; @@ -80,7 +79,6 @@ import szrservices.SignContentEntry; import szrservices.SignContentResponseType; @RunWith(SpringJUnit4ClassRunner.class) -@PrepareForTest(CreateIdentityLinkTask.class) @DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS) @ContextConfiguration(locations = { "/SpringTest-context_tasks_test.xml", @@ -117,9 +115,9 @@ public class CreateIdentityLinkTaskEidNewTest { AlgorithmIdentifiers.RSA_PSS_USING_SHA512)); private static ObjectMapper mapper = new ObjectMapper(); - + private AuthenticationResponse response; - + @Rule public final SoapServiceRule soap = SoapServiceRule.newInstance(); @@ -133,9 +131,9 @@ public class CreateIdentityLinkTaskEidNewTest { httpResp = new MockHttpServletResponse(); RequestContextHolder.resetRequestAttributes(); RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); - + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); - + final Map<String, String> spConfig = new HashMap<>(); spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); @@ -147,13 +145,13 @@ public class CreateIdentityLinkTaskEidNewTest { pendingReq.getSessionData(AuthProcessDataWrapper.class) .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); - + pendingReq.setSpConfig(oaParam); pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue()); pendingReq.setAuthUrl("http://test.com/"); pendingReq.setTransactionId("avaasbav"); pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); - + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "XX"); executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true); @@ -166,26 +164,26 @@ public class CreateIdentityLinkTaskEidNewTest { response = buildDummyAuthResponse(true); pendingReq.getSessionData(AuthProcessDataWrapper.class) .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); - + String vsz = RandomStringUtils.randomNumeric(10); - when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz); + when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(vsz); val signContentResp = new SignContentResponseType(); final SignContentEntry signContentEntry = new SignContentEntry(); signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10)); signContentResp.getOut().add(signContentEntry); - when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp); + when(szrMock.signContent(any(), any(), any())).thenReturn(signContentResp); String randomTestSp = RandomStringUtils.randomAlphabetic(10); pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); - + //perform test task.execute(pendingReq, executionContext); - //validate state + //validate state // check if pendingRequest was stored IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); Assert.assertNotNull("pendingReq not stored", storedPendingReq); - + //check data in session final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); Assert.assertNotNull("AuthProcessData", authProcessData); @@ -193,16 +191,16 @@ public class CreateIdentityLinkTaskEidNewTest { String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class); Assert.assertNotNull("AuthBlock", authBlock); - + Assert.assertTrue("EID process", authProcessData.isEidProcess()); Assert.assertTrue("foreigner process", authProcessData.isForeigner()); - Assert.assertEquals("EID-ISSUING_NATION", "LU", + Assert.assertEquals("EID-ISSUING_NATION", "LU", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); - Assert.assertEquals("LoA", response.getLevelOfAssurance(), + Assert.assertEquals("LoA", response.getLevelOfAssurance(), authProcessData.getQaaLevel()); - - + + // check authblock signature final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT, BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.toArray(new String[BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.size()])); @@ -210,59 +208,59 @@ public class CreateIdentityLinkTaskEidNewTest { X509Certificate[] trustedCerts = EaafKeyStoreUtils .getPrivateKeyAndCertificates(keyStore.getFirst(), ALIAS, PW.toCharArray(), true, "junit").getSecond(); JwsResult result = JoseUtils.validateSignature(authBlock, Arrays.asList(trustedCerts), constraints); - Assert.assertTrue("AuthBlock not valid", result.isValid()); - JsonNode authBlockJson = mapper.readTree(result.getPayLoad()); + Assert.assertTrue("AuthBlock not valid", result.isValid()); + JsonNode authBlockJson = mapper.readTree(result.getPayLoad()); Assert.assertNotNull("deserialized AuthBlock", authBlockJson); - - Assert.assertNotNull("no piiTransactionId in pendingRequesdt", + + Assert.assertNotNull("no piiTransactionId in pendingRequesdt", storedPendingReq.getUniquePiiTransactionIdentifier()); - Assert.assertEquals("piiTransactionId", storedPendingReq.getUniquePiiTransactionIdentifier(), + Assert.assertEquals("piiTransactionId", storedPendingReq.getUniquePiiTransactionIdentifier(), authBlockJson.get("piiTransactionId").asText()); - Assert.assertEquals("appId", randomTestSp, authBlockJson.get("appId").asText()); + Assert.assertEquals("appId", randomTestSp, authBlockJson.get("appId").asText()); Assert.assertFalse("'challenge' is null", authBlockJson.get("challenge").asText().isEmpty()); Assert.assertFalse("'timestamp' is null", authBlockJson.get("timestamp").asText().isEmpty()); - - + + // check vsz request ArgumentCaptor<PersonInfoType> argument4 = ArgumentCaptor.forClass(PersonInfoType.class); - ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class); + ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class); verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture()); - + Boolean param5 = argument5.getValue(); - Assert.assertTrue("insertERnP flag", param5); + Assert.assertTrue("insertERnP flag", param5); PersonInfoType person = argument4.getValue(); - Assert.assertEquals("FamilyName", + Assert.assertEquals("FamilyName", response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue( - response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()), + response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()), person.getPerson().getName().getFamilyName()); - Assert.assertEquals("GivenName", + Assert.assertEquals("GivenName", response.getAttributes().getAttributeValuesByFriendlyName("FirstName").getFirstValue( - response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()), + response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()), person.getPerson().getName().getGivenName()); - Assert.assertEquals("DateOfBirth", + Assert.assertEquals("DateOfBirth", response.getAttributes().getAttributeValuesByFriendlyName("DateOfBirth").getFirstValue( response.getAttributes().getDefinitionsByFriendlyName("DateOfBirth").iterator().next()) - .toString().split("T")[0], + .toString().split("T")[0], person.getPerson().getDateOfBirth()); - - Assert.assertEquals("PlaceOfBirth", + + Assert.assertEquals("PlaceOfBirth", response.getAttributes().getAttributeValuesByFriendlyName("PlaceOfBirth").getFirstValue( - response.getAttributes().getDefinitionsByFriendlyName("PlaceOfBirth").iterator().next()), - person.getPerson().getPlaceOfBirth()); - Assert.assertEquals("BirthName", + response.getAttributes().getDefinitionsByFriendlyName("PlaceOfBirth").iterator().next()), + person.getPerson().getPlaceOfBirth()); + Assert.assertEquals("BirthName", response.getAttributes().getAttributeValuesByFriendlyName("BirthName").getFirstValue( - response.getAttributes().getDefinitionsByFriendlyName("BirthName").iterator().next()), + response.getAttributes().getDefinitionsByFriendlyName("BirthName").iterator().next()), person.getPerson().getAlternativeName().getFamilyName()); - + Assert.assertEquals("CitizenCountry", "LU", person.getTravelDocument().getIssuingCountry()); Assert.assertEquals("DocumentType", "ELEKTR_DOKUMENT", person.getTravelDocument().getDocumentType()); - - Assert.assertEquals("Identifier", + + Assert.assertEquals("Identifier", response.getAttributes().getAttributeValuesByFriendlyName("PersonIdentifier").getFirstValue( response.getAttributes().getDefinitionsByFriendlyName("PersonIdentifier").iterator().next()) - .toString().split("/")[2], + .toString().split("/")[2], person.getTravelDocument().getDocumentNumber()); - + // check bcBind singing request ArgumentCaptor<Boolean> argument1 = ArgumentCaptor.forClass(Boolean.class); ArgumentCaptor<List<JwsHeaderParam>> argument2 = ArgumentCaptor.forClass(List.class); @@ -270,60 +268,60 @@ public class CreateIdentityLinkTaskEidNewTest { verify(szrMock, times(1)).signContent(argument1.capture(), argument2.capture(), argument3.capture()); Boolean param1 = argument1.getValue(); Assert.assertFalse("addCert flag", param1); - + List<JwsHeaderParam> param2 = argument2.getValue(); - Assert.assertNotNull("JWS Headers", param2); + Assert.assertNotNull("JWS Headers", param2); Assert.assertFalse("JWS Headers empty", param2.isEmpty()); Assert.assertEquals("Wrong JWS header size", 1, param2.size()); Assert.assertEquals("Missing JWS header key", "urn:at.gv.eid:bindtype", param2.get(0).getKey()); Assert.assertEquals("Missing JWS header value", "urn:at.gv.eid:eidasBind", param2.get(0).getValue()); - + List<SignContentEntry> param3 = argument3.getValue(); Assert.assertNotNull("sign Payload", param3); - Assert.assertEquals("wrong sign-payload size", 1, param3.size()); - Assert.assertNotNull("payload", param3.get(0).getValue().getBytes()); + Assert.assertEquals("wrong sign-payload size", 1, param3.size()); + Assert.assertNotNull("payload", param3.get(0).getValue().getBytes()); JsonNode bcBind = mapper.readTree(param3.get(0).getValue().getBytes()); Assert.assertNotNull("bcbind req", bcBind); - + Assert.assertEquals("vsz", vsz, bcBind.get("urn:eidgvat:attributes.vsz.value").asText()); - Assert.assertEquals("eid status", "urn:eidgvat:eid.status.eidas", + Assert.assertEquals("eid status", "urn:eidgvat:eid.status.eidas", bcBind.get("urn:eidgvat:attributes.eid.status").asText()); Assert.assertTrue("pubKeys", bcBind.has("urn:eidgvat:attributes.user.pubkeys")); - Assert.assertTrue("pubKeys", bcBind.get("urn:eidgvat:attributes.user.pubkeys").isArray()); + Assert.assertTrue("pubKeys", bcBind.get("urn:eidgvat:attributes.user.pubkeys").isArray()); Iterator<JsonNode> pubKeys = bcBind.get("urn:eidgvat:attributes.user.pubkeys").elements(); Assert.assertTrue("No PubKey", pubKeys.hasNext()); - Assert.assertEquals("Wrong pubKey", + Assert.assertEquals("Wrong pubKey", "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxcB5jnrAwGn7xjgVFv1UBUv1pluwDRFQx7x5O6rSn7pblYfwaWeKa8y" + "jS5BDDaZ00mhhnSlm2XByNrkg5yBGetTgBGtQVAxV5apfuAWN8TS3uSXgdZol7Khd6kraUITtnulvLe8tNaboom5P0zN6UxbJN" + "NVLishVp80HiRXiDbplCTUk8b5cYtmivdb0+5JBTa7L5N/anRVnHHoJCXgNPTouO8daUHZbG1mPk0HgqD8rhZ+OBzE+APKH9No" - + "agedSrGRDLdIgZxkrg0mxmfsZQIi2wdJSi3y0PAjEps/s4j0nmw9bPRgCMNLBqqjxtN5JKC8E1yyLm7YefXv/nPaMwIDAQAB", + + "agedSrGRDLdIgZxkrg0mxmfsZQIi2wdJSi3y0PAjEps/s4j0nmw9bPRgCMNLBqqjxtN5JKC8E1yyLm7YefXv/nPaMwIDAQAB", pubKeys.next().asText()); Assert.assertFalse("More than one PubKey", pubKeys.hasNext()); - + } @Test public void successfulProcessWithStandardInfos() throws Exception { - //initialize test + //initialize test String vsz = RandomStringUtils.randomNumeric(10); - when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz); + when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(vsz); val signContentResp = new SignContentResponseType(); final SignContentEntry signContentEntry = new SignContentEntry(); signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10)); signContentResp.getOut().add(signContentEntry); - when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp); + when(szrMock.signContent(any(), any(), any())).thenReturn(signContentResp); String randomTestSp = RandomStringUtils.randomAlphabetic(10); pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); - + //perform test task.execute(pendingReq, executionContext); - //validate state + //validate state // check if pendingRequest was stored IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); Assert.assertNotNull("pendingReq not stored", storedPendingReq); - + //check data in session final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); Assert.assertNotNull("AuthProcessData", authProcessData); @@ -331,56 +329,56 @@ public class CreateIdentityLinkTaskEidNewTest { String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class); Assert.assertNotNull("AuthBlock", authBlock); - + Assert.assertTrue("EID process", authProcessData.isEidProcess()); Assert.assertTrue("foreigner process", authProcessData.isForeigner()); - Assert.assertEquals("EID-ISSUING_NATION", "LU", + Assert.assertEquals("EID-ISSUING_NATION", "LU", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); - Assert.assertEquals("LoA", response.getLevelOfAssurance(), + Assert.assertEquals("LoA", response.getLevelOfAssurance(), authProcessData.getQaaLevel()); - + // check vsz request ArgumentCaptor<PersonInfoType> argument4 = ArgumentCaptor.forClass(PersonInfoType.class); - ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class); + ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class); verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture()); - + Boolean param5 = argument5.getValue(); - Assert.assertTrue("insertERnP flag", param5); + Assert.assertTrue("insertERnP flag", param5); PersonInfoType person = argument4.getValue(); - Assert.assertEquals("FamilyName", + Assert.assertEquals("FamilyName", response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue( - response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()), + response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()), person.getPerson().getName().getFamilyName()); - Assert.assertEquals("GivenName", + Assert.assertEquals("GivenName", response.getAttributes().getAttributeValuesByFriendlyName("FirstName").getFirstValue( - response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()), + response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()), person.getPerson().getName().getGivenName()); - Assert.assertEquals("DateOfBirth", + Assert.assertEquals("DateOfBirth", response.getAttributes().getAttributeValuesByFriendlyName("DateOfBirth").getFirstValue( response.getAttributes().getDefinitionsByFriendlyName("DateOfBirth").iterator().next()) - .toString().split("T")[0], + .toString().split("T")[0], person.getPerson().getDateOfBirth()); - - Assert.assertNull("PlaceOfBirth", person.getPerson().getPlaceOfBirth()); + + Assert.assertNull("PlaceOfBirth", person.getPerson().getPlaceOfBirth()); Assert.assertNull("BirthName", person.getPerson().getAlternativeName()); - + Assert.assertEquals("CitizenCountry", "LU", person.getTravelDocument().getIssuingCountry()); Assert.assertEquals("DocumentType", "ELEKTR_DOKUMENT", person.getTravelDocument().getDocumentType()); - - Assert.assertEquals("Identifier", + + Assert.assertEquals("Identifier", response.getAttributes().getAttributeValuesByFriendlyName("PersonIdentifier").getFirstValue( response.getAttributes().getDefinitionsByFriendlyName("PersonIdentifier").iterator().next()) - .toString().split("/")[2], + .toString().split("/")[2], person.getTravelDocument().getDocumentNumber()); - - + + } - + @Test public void getStammzahlEncryptedExceptionTest() throws Exception { try { - when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(null); + when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(null); task.execute(pendingReq, executionContext); } catch (TaskExecutionException e) { Assert.assertEquals("Incorrect exception thrown", e.getMessage(), @@ -394,8 +392,8 @@ public class CreateIdentityLinkTaskEidNewTest { @Test public void signContentExceptionTest() throws Exception { try { - when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(RandomStringUtils.randomNumeric(10)); - when(szrMock, "signContent", any(), any(), any()).thenReturn(null); + when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(RandomStringUtils.randomNumeric(10)); + when(szrMock.signContent(any(), any(), any())).thenReturn(null); task.execute(pendingReq, executionContext); } catch (TaskExecutionException e) { Assert.assertEquals("Incorrect exception thrown", e.getMessage(), @@ -442,7 +440,7 @@ public class CreateIdentityLinkTaskEidNewTest { Constants.eIDAS_ATTR_PLACEOFBIRTH).first(); final AttributeDefinition attributeDef6 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( Constants.eIDAS_ATTR_BIRTHNAME).first(); - + final Builder attributeMap = ImmutableAttributeMap.builder(); attributeMap.put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64)); attributeMap.put(attributeDef2, RandomStringUtils.randomAlphabetic(10)); @@ -451,7 +449,7 @@ public class CreateIdentityLinkTaskEidNewTest { if (withAll) { attributeMap.put(attributeDef5, RandomStringUtils.randomAlphabetic(10)); attributeMap.put(attributeDef6, RandomStringUtils.randomAlphabetic(10)); - + } val b = new AuthenticationResponse.Builder(); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java index 8c7558dd..4d52566d 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java @@ -18,7 +18,6 @@ import org.junit.Before; import org.junit.Rule; import org.junit.Test; import org.junit.runner.RunWith; -import org.powermock.core.classloader.annotations.PrepareForTest; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; @@ -62,7 +61,6 @@ import szrservices.SZR; import szrservices.SZRException_Exception; @RunWith(SpringJUnit4ClassRunner.class) -@PrepareForTest(CreateIdentityLinkTask.class) @DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS) @ContextConfiguration(locations = { "/SpringTest-context_tasks_test.xml", @@ -89,10 +87,10 @@ public class CreateIdentityLinkTaskTest { private TestRequestImpl pendingReq; private DummySpConfiguration oaParam; private SZR szrMock; - + private AuthenticationResponse response; private Map<String, String> spConfig; - + @Rule public final SoapServiceRule soap = SoapServiceRule.newInstance(); @@ -110,7 +108,7 @@ public class CreateIdentityLinkTaskTest { basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "false"); basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "false"); - + spConfig = new HashMap<>(); spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); @@ -127,34 +125,34 @@ public class CreateIdentityLinkTaskTest { pendingReq.setAuthUrl("http://test.com/"); pendingReq.setTransactionId("avaasbav"); pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); - + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "XX"); executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true); szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr"); } - + @Test public void buildIdentityLink() throws Exception { - //initialize test + //initialize test setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml"); - + String randomTestSp = RandomStringUtils.randomAlphabetic(10); pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); - + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); - - + + //perform test task.execute(pendingReq, executionContext); - - //validate state + + //validate state // check if pendingRequest was stored IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); Assert.assertNotNull("pendingReq not stored", storedPendingReq); - + //check data in session final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); Assert.assertNotNull("AuthProcessData", authProcessData); @@ -162,15 +160,15 @@ public class CreateIdentityLinkTaskTest { String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class); Assert.assertNull("AuthBlock", authBlock); - + Assert.assertFalse("EID process", authProcessData.isEidProcess()); Assert.assertTrue("foreigner process", authProcessData.isForeigner()); - Assert.assertEquals("EID-ISSUING_NATION", "LU", + Assert.assertEquals("EID-ISSUING_NATION", "LU", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); - Assert.assertEquals("LoA", response.getLevelOfAssurance(), + Assert.assertEquals("LoA", response.getLevelOfAssurance(), authProcessData.getQaaLevel()); - + Assert.assertNotNull("IDL", authProcessData.getIdentityLink()); checkElement("Mustermann", authProcessData.getIdentityLink().getFamilyName()); checkElement("Hans", authProcessData.getIdentityLink().getGivenName()); @@ -178,35 +176,35 @@ public class CreateIdentityLinkTaskTest { checkElement("urn:publicid:gv.at:baseid", authProcessData.getIdentityLink().getIdentificationType()); checkElement("k+zDM1BVpN1WJO4x7ZQ3ng==", authProcessData.getIdentityLink().getIdentificationValue()); Assert.assertNotNull(authProcessData.getIdentityLink().getSerializedSamlAssertion()); - Assert.assertNotNull(authProcessData.getIdentityLink().getSamlAssertion()); - + Assert.assertNotNull(authProcessData.getIdentityLink().getSamlAssertion()); + Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); - Assert.assertEquals("wrong bPK", "XX:FkXtOaSSeR3elyL9KLLvijIYDMU=", + Assert.assertEquals("wrong bPK", "XX:FkXtOaSSeR3elyL9KLLvijIYDMU=", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); - + } - + @Test public void buildIdentityLinkWithWbpk() throws Exception { //initialize test setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml"); spConfig.put("target", EaafConstants.URN_PREFIX_WBPK + "FN+123456i"); - + String randomTestSp = RandomStringUtils.randomAlphabetic(10); pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); - + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true"); - + //perform test task.execute(pendingReq, executionContext); - - //validate state + + //validate state // check if pendingRequest was stored IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); Assert.assertNotNull("pendingReq not stored", storedPendingReq); - + //check data in session final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); Assert.assertNotNull("AuthProcessData", authProcessData); @@ -214,42 +212,42 @@ public class CreateIdentityLinkTaskTest { String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class); Assert.assertNull("AuthBlock", authBlock); - + Assert.assertFalse("EID process", authProcessData.isEidProcess()); Assert.assertTrue("foreigner process", authProcessData.isForeigner()); - Assert.assertEquals("EID-ISSUING_NATION", "LU", + Assert.assertEquals("EID-ISSUING_NATION", "LU", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); - Assert.assertEquals("LoA", response.getLevelOfAssurance(), + Assert.assertEquals("LoA", response.getLevelOfAssurance(), authProcessData.getQaaLevel()); - + Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); - Assert.assertEquals("wrong bPK", "FN+123456i:D26vJncPS2W790RH/LP04V+vNOQ=", + Assert.assertEquals("wrong bPK", "FN+123456i:D26vJncPS2W790RH/LP04V+vNOQ=", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); - + } - + @Test public void buildIdentityLinkWithEidasBpk() throws Exception { //initialize test setSzrResponseIdentityLink("/data/szr/szr_resp_valid_2.xml"); spConfig.put("target", EaafConstants.URN_PREFIX_EIDAS + "AT+EU"); - + String randomTestSp = RandomStringUtils.randomAlphabetic(10); pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); - + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true"); - + //perform test task.execute(pendingReq, executionContext); - - //validate state + + //validate state // check if pendingRequest was stored IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); Assert.assertNotNull("pendingReq not stored", storedPendingReq); - + //check data in session final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); Assert.assertNotNull("AuthProcessData", authProcessData); @@ -257,80 +255,80 @@ public class CreateIdentityLinkTaskTest { String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class); Assert.assertNull("AuthBlock", authBlock); - + Assert.assertFalse("EID process", authProcessData.isEidProcess()); Assert.assertTrue("foreigner process", authProcessData.isForeigner()); - Assert.assertEquals("EID-ISSUING_NATION", "LU", + Assert.assertEquals("EID-ISSUING_NATION", "LU", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); - Assert.assertEquals("LoA", response.getLevelOfAssurance(), + Assert.assertEquals("LoA", response.getLevelOfAssurance(), authProcessData.getQaaLevel()); - + Assert.assertNotNull("IDL", authProcessData.getIdentityLink()); checkElement("Musterfrau", authProcessData.getIdentityLink().getFamilyName()); checkElement("Martina", authProcessData.getIdentityLink().getGivenName()); checkElement("1991-04-15", authProcessData.getIdentityLink().getDateOfBirth()); checkElement("urn:publicid:gv.at:baseid", authProcessData.getIdentityLink().getIdentificationType()); checkElement("k+zDM1BV1312312332x7ZQ3ng==", authProcessData.getIdentityLink().getIdentificationValue()); - + Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); - Assert.assertEquals("wrong bPK", "AT+EU:AT/EU/1+wqDl059/02Ptny0g+LyuLDJV0=", + Assert.assertEquals("wrong bPK", "AT+EU:AT/EU/1+wqDl059/02Ptny0g+LyuLDJV0=", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); - + } - + @Test public void buildIdentityLinkWithUnknownBpk() throws Exception { //initialize test setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml"); spConfig.put("target", "urn:notextis:1234"); - + String randomTestSp = RandomStringUtils.randomAlphabetic(10); pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); - + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true"); - + try { task.execute(pendingReq, executionContext); Assert.fail("unknown bPKType not detected"); - + } catch (TaskExecutionException e) { - Assert.assertEquals("ErrorId", "builder.33", + Assert.assertEquals("ErrorId", "builder.33", ((EaafException) e.getOriginalException()).getErrorId()); Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException()) .getParams().length); - } + } } - + @Test public void noBpkResult() throws Exception { //initialize test setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml"); GetBPKResponse getBpkResp = new GetBPKResponse(); org.mockito.Mockito.when(szrMock.getBPK(any(GetBPK.class))).thenReturn(getBpkResp ); - + spConfig.put("target", "urn:notextis:1234"); - + String randomTestSp = RandomStringUtils.randomAlphabetic(10); pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); - + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true"); basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "true"); - + try { task.execute(pendingReq, executionContext); Assert.fail("unknown bPKType not detected"); - + } catch (TaskExecutionException e) { - Assert.assertEquals("ErrorId", "ernb.01", + Assert.assertEquals("ErrorId", "ernb.01", ((EaafException) e.getOriginalException()).getErrorId()); - - } + + } } - + @Test public void bPKFromSzr() throws Exception { //initialize test @@ -339,25 +337,25 @@ public class CreateIdentityLinkTaskTest { GetBPKResponse getBpkResp = new GetBPKResponse(); getBpkResp.getGetBPKReturn().add(bpk); org.mockito.Mockito.when(szrMock.getBPK(any(GetBPK.class))).thenReturn(getBpkResp ); - + spConfig.put("target", "urn:notextis:1234"); - + String randomTestSp = RandomStringUtils.randomAlphabetic(10); pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); - + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true"); basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "true"); - + //execute test task.execute(pendingReq, executionContext); - - - //validate state + + + //validate state // check if pendingRequest was stored IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); Assert.assertNotNull("pendingReq not stored", storedPendingReq); - + //check data in session final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); Assert.assertNotNull("AuthProcessData", authProcessData); @@ -365,38 +363,38 @@ public class CreateIdentityLinkTaskTest { String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class); Assert.assertNull("AuthBlock", authBlock); - + Assert.assertFalse("EID process", authProcessData.isEidProcess()); Assert.assertTrue("foreigner process", authProcessData.isForeigner()); - Assert.assertEquals("EID-ISSUING_NATION", "LU", + Assert.assertEquals("EID-ISSUING_NATION", "LU", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); - Assert.assertEquals("LoA", response.getLevelOfAssurance(), + Assert.assertEquals("LoA", response.getLevelOfAssurance(), authProcessData.getQaaLevel()); - + Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); - Assert.assertEquals("wrong bPK", bpk, + Assert.assertEquals("wrong bPK", bpk, authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME)); } - + @Test public void buildDummyIdl() throws Exception { //initialize test String randomTestSp = RandomStringUtils.randomAlphabetic(10); pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); - + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "true"); - - + + //perform test task.execute(pendingReq, executionContext); - - //validate state + + //validate state // check if pendingRequest was stored IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); Assert.assertNotNull("pendingReq not stored", storedPendingReq); - + //check data in session final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); Assert.assertNotNull("AuthProcessData", authProcessData); @@ -404,17 +402,17 @@ public class CreateIdentityLinkTaskTest { String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class); Assert.assertNull("AuthBlock", authBlock); - + Assert.assertFalse("EID process", authProcessData.isEidProcess()); Assert.assertTrue("foreigner process", authProcessData.isForeigner()); - Assert.assertEquals("EID-ISSUING_NATION", "LU", + Assert.assertEquals("EID-ISSUING_NATION", "LU", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); - Assert.assertEquals("LoA", response.getLevelOfAssurance(), + Assert.assertEquals("LoA", response.getLevelOfAssurance(), authProcessData.getQaaLevel()); - + Assert.assertNotNull("IDL", authProcessData.getIdentityLink()); - + } private void setSzrResponseIdentityLink(String responseXmlPath) throws JAXBException, SZRException_Exception { @@ -433,7 +431,7 @@ public class CreateIdentityLinkTaskTest { Assert.assertEquals(expected, value); } - + @NotNull private AuthenticationResponse buildDummyAuthResponse() throws URISyntaxException { final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( @@ -444,7 +442,7 @@ public class CreateIdentityLinkTaskTest { Constants.eIDAS_ATTR_CURRENTGIVENNAME).first(); final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( Constants.eIDAS_ATTR_DATEOFBIRTH).first(); - + final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder() .put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64)) .put(attributeDef2, RandomStringUtils.randomAlphabetic(10)) diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java index de9b2d3b..ae3a79b8 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java @@ -13,7 +13,6 @@ import org.junit.Assert; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; -import org.powermock.core.classloader.annotations.PrepareForTest; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; @@ -28,7 +27,6 @@ import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyCo import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummySpConfiguration; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask; import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveAuthnResponseTask; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.IRequestStorage; @@ -49,7 +47,6 @@ import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse; import lombok.val; @RunWith(SpringJUnit4ClassRunner.class) -@PrepareForTest(CreateIdentityLinkTask.class) @DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS) @ContextConfiguration(locations = { "/SpringTest-context_tasks_test.xml", @@ -63,15 +60,15 @@ public class ReceiveEidasResponseTaskTest { private MsConnectorDummyConfigMap basicConfig; @Autowired protected EidasAttributeRegistry attrRegistry; - + @Autowired private IRequestStorage storage; - + final ExecutionContext executionContext = new ExecutionContextImpl(); private MockHttpServletRequest httpReq; private MockHttpServletResponse httpResp; private TestRequestImpl pendingReq; private MsConnectorDummySpConfiguration oaParam; - + /** * jUnit test set-up. */ @@ -84,7 +81,7 @@ public class ReceiveEidasResponseTaskTest { RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); - + final Map<String, String> spConfig = new HashMap<>(); spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); @@ -98,70 +95,70 @@ public class ReceiveEidasResponseTaskTest { pendingReq.setAuthUrl("http://test.com/"); pendingReq.setTransactionId("avaasbav"); pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); - + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU"); executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true); } - + @Test - public void missingEidasResponse() { + public void missingEidasResponse() { try { task.execute(pendingReq, executionContext); Assert.fail("No eIDAS response not detected"); - + } catch (TaskExecutionException e) { - Assert.assertEquals("ErrorId", "eidas.01", + Assert.assertEquals("ErrorId", "eidas.01", ((EaafException) e.getOriginalException()).getErrorId()); - - } + + } } - + @Test - public void notSuccessEidasResponse() throws URISyntaxException { + public void notSuccessEidasResponse() throws URISyntaxException { String statusCode = RandomStringUtils.randomAlphabetic(10); - httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, + httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, buildDummyAuthResponse(statusCode)); - - + + try { task.execute(pendingReq, executionContext); Assert.fail("No eIDAS response not detected"); - + } catch (TaskExecutionException e) { - Assert.assertEquals("ErrorId", "eidas.02", + Assert.assertEquals("ErrorId", "eidas.02", ((EaafException) e.getOriginalException()).getErrorId()); Assert.assertEquals("wrong parameter size", 2, ((EaafException) e.getOriginalException()) .getParams().length); Assert.assertEquals("wrong errorMsg", statusCode, ((EaafException) e .getOriginalException()).getParams()[0]); - } + } } - + @Test - public void success() throws URISyntaxException, TaskExecutionException, PendingReqIdValidationException { + public void success() throws URISyntaxException, TaskExecutionException, PendingReqIdValidationException { @NotNull AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI); httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse); - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU"); - + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU"); + //execute test task.execute(pendingReq, executionContext); - + //validate state IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId()); Assert.assertNotNull("pendingReq not stored", storedReq); - + final AuthProcessDataWrapper authProcessData = storedReq.getSessionData(AuthProcessDataWrapper.class); Assert.assertEquals("LoA", eidasResponse.getLevelOfAssurance(), authProcessData.getQaaLevel()); - Assert.assertNotNull("eIDAS response", + Assert.assertNotNull("eIDAS response", authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE)); - Assert.assertEquals("eIDAS response", eidasResponse, + Assert.assertEquals("eIDAS response", eidasResponse, authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE)); - + } - + @NotNull private AuthenticationResponse buildDummyAuthResponse(String statusCode) throws URISyntaxException { final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( @@ -172,7 +169,7 @@ public class ReceiveEidasResponseTaskTest { Constants.eIDAS_ATTR_CURRENTGIVENNAME).first(); final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( Constants.eIDAS_ATTR_DATEOFBIRTH).first(); - + final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder() .put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64)) .put(attributeDef2, RandomStringUtils.randomAlphabetic(10)) @@ -189,5 +186,5 @@ public class ReceiveEidasResponseTaskTest { .attributes(attributeMap) .build(); } - + } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java index ad38e371..4da03622 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java @@ -17,13 +17,11 @@ import org.jose4j.lang.JoseException; import org.junit.Assert; import org.junit.Test; import org.junit.runner.RunWith; -import org.powermock.core.classloader.annotations.PrepareForTest; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.test.annotation.DirtiesContext; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask; import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils; import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils.JwsResult; import at.gv.egiz.eaaf.core.exceptions.EaafException; @@ -34,15 +32,14 @@ import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType; import at.gv.egiz.eaaf.core.impl.data.Pair; @RunWith(SpringJUnit4ClassRunner.class) -@PrepareForTest(CreateIdentityLinkTask.class) @DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS) @ContextConfiguration(locations = { "/SpringTest-context_tasks_test.xml", "/SpringTest-context_basic_mapConfig.xml"}) public class JoseUtilsTest { - + @Autowired private EaafKeyStoreFactory keyStoreFactory; - + private static final List<String> AUTH_ALGORITHM_WHITELIST_SIGNING = Collections.unmodifiableList( Arrays.asList( AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256, @@ -50,48 +47,48 @@ public class JoseUtilsTest { AlgorithmIdentifiers.RSA_PSS_USING_SHA256, AlgorithmIdentifiers.RSA_PSS_USING_SHA512)); - + @Test public void missingKey() throws EaafException, JoseException, KeyStoreException, IOException { - + KeyStoreConfiguration config = new KeyStoreConfiguration(); config.setFriendlyName("jUnittest"); config.setKeyStoreType(KeyStoreType.JKS); config.setSoftKeyStoreFilePath("../data/junit.jks"); config.setSoftKeyStorePassword("password"); - + Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config); String payLoad = RandomStringUtils.randomAlphanumeric(100); - + //check signing try { JoseUtils.createSignature(keyStore, "notExist", "password".toCharArray(), payLoad , true, "jUnitTest"); Assert.fail("missing Key not detected"); - - } catch (EaafException e) { + + } catch (EaafException e) { Assert.assertEquals("ErrorId", "internal.keystore.09", e.getErrorId()); - + } } - + @Test public void createRsaSignature() throws EaafException, JoseException, KeyStoreException, IOException { - + KeyStoreConfiguration config = new KeyStoreConfiguration(); config.setFriendlyName("jUnittest"); config.setKeyStoreType(KeyStoreType.JKS); config.setSoftKeyStoreFilePath("../data/junit.jks"); config.setSoftKeyStorePassword("password"); - + Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config); String payLoad = RandomStringUtils.randomAlphanumeric(100); - + //check signing String result = JoseUtils.createSignature(keyStore, "meta", "password".toCharArray(), payLoad , true, "jUnitTest"); - + Assert.assertNotNull("signed message", result); Assert.assertFalse("signed msg empty", result.isEmpty()); - + //validate List<X509Certificate> trustedCerts = EaafKeyStoreUtils.readCertsFromKeyStore(keyStore.getFirst()); @@ -99,30 +96,30 @@ public class JoseUtilsTest { AUTH_ALGORITHM_WHITELIST_SIGNING .toArray(new String[AUTH_ALGORITHM_WHITELIST_SIGNING.size()])); JwsResult verify = JoseUtils.validateSignature(result, trustedCerts, constraints); - + Assert.assertTrue("sig. verify", verify.isValid()); Assert.assertEquals("payload", payLoad, verify.getPayLoad()); - + } - + @Test public void createEccSignature() throws EaafException, JoseException, KeyStoreException, IOException { - + KeyStoreConfiguration config = new KeyStoreConfiguration(); config.setFriendlyName("jUnittest"); config.setKeyStoreType(KeyStoreType.JKS); config.setSoftKeyStoreFilePath("../data/junit.jks"); config.setSoftKeyStorePassword("password"); - + Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config); String payLoad = RandomStringUtils.randomAlphanumeric(100); - + //check signing String result = JoseUtils.createSignature(keyStore, "sig", "password".toCharArray(), payLoad , true, "jUnitTest"); - + Assert.assertNotNull("signed message", result); Assert.assertFalse("signed msg empty", result.isEmpty()); - + //validate List<X509Certificate> trustedCerts = EaafKeyStoreUtils.readCertsFromKeyStore(keyStore.getFirst()); @@ -130,10 +127,10 @@ public class JoseUtilsTest { AUTH_ALGORITHM_WHITELIST_SIGNING .toArray(new String[AUTH_ALGORITHM_WHITELIST_SIGNING.size()])); JwsResult verify = JoseUtils.validateSignature(result, trustedCerts, constraints); - + Assert.assertTrue("sig. verify", verify.isValid()); Assert.assertEquals("payload", payLoad, verify.getPayLoad()); - + } - + } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java index e0f15c8c..0b18815b 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java @@ -12,7 +12,6 @@ import org.junit.Assert; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; -import org.powermock.core.classloader.annotations.PrepareForTest; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.test.annotation.DirtiesContext; import org.springframework.test.context.ContextConfiguration; @@ -25,7 +24,6 @@ import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummySp import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasValidationException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask; import at.asitplus.eidas.specific.modules.auth.eidas.v2.validator.EidasResponseValidator; import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; import at.gv.egiz.eaaf.core.api.data.EaafConstants; @@ -41,7 +39,6 @@ import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse; import lombok.val; @RunWith(SpringJUnit4ClassRunner.class) -@PrepareForTest(CreateIdentityLinkTask.class) @DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS) @ContextConfiguration(locations = { "/SpringTest-context_tasks_test.xml", @@ -50,17 +47,17 @@ public class EidasResponseValidatorTest { @Autowired private MsConnectorDummyConfigMap basicConfig; @Autowired protected EidasAttributeRegistry attrRegistry; - + private TestRequestImpl pendingReq; private MsConnectorDummySpConfiguration oaParam; - - + + /** * jUnit test set-up. */ @Before public void setUp() throws EaafStorageException, URISyntaxException { - + final Map<String, String> spConfig = new HashMap<>(); spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); @@ -74,250 +71,250 @@ public class EidasResponseValidatorTest { pendingReq.setAuthUrl("http://test.com/"); pendingReq.setTransactionId("avaasbav"); pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); - + } - - + + @Test public void loaFromResponseToLow() throws URISyntaxException { //set-up - ILightResponse eidasResponse = buildDummyAuthResponse( - "LU/AT/" + RandomStringUtils.randomNumeric(10), + ILightResponse eidasResponse = buildDummyAuthResponse( + "LU/AT/" + RandomStringUtils.randomNumeric(10), EaafConstants.EIDAS_LOA_LOW, false); String spCountry = "AT"; String citizenCountryCode = "XX"; - + //execute test try { EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry); Assert.fail("Wrong eIDAS response not detected"); - + } catch (EidasValidationException e) { - Assert.assertEquals("ErrorId", "eidas.06", e.getErrorId()); + Assert.assertEquals("ErrorId", "eidas.06", e.getErrorId()); Assert.assertEquals("wrong parameter size", 1, e.getParams().length); - Assert.assertEquals("wrong errorMsg", "http://eidas.europa.eu/LoA/low", + Assert.assertEquals("wrong errorMsg", "http://eidas.europa.eu/LoA/low", e.getParams()[0]); - - } + + } } - + @Test public void noEidasSpCountry() throws URISyntaxException { //set-up - ILightResponse eidasResponse = buildDummyAuthResponse( - "LU/AT/" + RandomStringUtils.randomNumeric(10), + ILightResponse eidasResponse = buildDummyAuthResponse( + "LU/AT/" + RandomStringUtils.randomNumeric(10), EaafConstants.EIDAS_LOA_SUBSTANTIAL, false); String spCountry = null; String citizenCountryCode = "LU"; - + oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); - - + + //execute test try { EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry); Assert.fail("Wrong eIDAS response not detected"); - + } catch (EidasValidationException e) { - Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId()); + Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId()); Assert.assertEquals("wrong parameter size", 2, e.getParams().length); - Assert.assertEquals("wrong errorMsg", "PersonIdentifier", + Assert.assertEquals("wrong errorMsg", "PersonIdentifier", e.getParams()[0]); - Assert.assertEquals("wrong errorMsg", - "Destination country does not match to SP country", + Assert.assertEquals("wrong errorMsg", + "Destination country does not match to SP country", e.getParams()[1]); - - } + + } } - + @Test public void noEidasResponseCountry() throws URISyntaxException { //set-up - ILightResponse eidasResponse = buildDummyAuthResponse( - "LU/AT/" + RandomStringUtils.randomNumeric(10), + ILightResponse eidasResponse = buildDummyAuthResponse( + "LU/AT/" + RandomStringUtils.randomNumeric(10), EaafConstants.EIDAS_LOA_SUBSTANTIAL, false); String spCountry = "AT"; String citizenCountryCode = null; - + oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); - - + + //execute test try { EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry); Assert.fail("Wrong eIDAS response not detected"); - + } catch (EidasValidationException e) { - Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId()); + Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId()); Assert.assertEquals("wrong parameter size", 2, e.getParams().length); - Assert.assertEquals("wrong errorMsg", "PersonIdentifier", + Assert.assertEquals("wrong errorMsg", "PersonIdentifier", e.getParams()[0]); - Assert.assertEquals("wrong errorMsg", - "Citizen country does not match to eIDAS-node country that generates the response", + Assert.assertEquals("wrong errorMsg", + "Citizen country does not match to eIDAS-node country that generates the response", e.getParams()[1]); - - } + + } } - + @Test public void wrongEidasResponseCountry() throws URISyntaxException { //set-up - ILightResponse eidasResponse = buildDummyAuthResponse( - "LU/AT/" + RandomStringUtils.randomNumeric(10), + ILightResponse eidasResponse = buildDummyAuthResponse( + "LU/AT/" + RandomStringUtils.randomNumeric(10), EaafConstants.EIDAS_LOA_SUBSTANTIAL, false); String spCountry = "AT"; String citizenCountryCode = "XX"; - + oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); - - + + //execute test try { EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry); Assert.fail("Wrong eIDAS response not detected"); - + } catch (EidasValidationException e) { - Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId()); + Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId()); Assert.assertEquals("wrong parameter size", 2, e.getParams().length); - Assert.assertEquals("wrong errorMsg", "PersonIdentifier", + Assert.assertEquals("wrong errorMsg", "PersonIdentifier", e.getParams()[0]); - Assert.assertEquals("wrong errorMsg", - "Citizen country does not match to eIDAS-node country that generates the response", + Assert.assertEquals("wrong errorMsg", + "Citizen country does not match to eIDAS-node country that generates the response", e.getParams()[1]); - - } + + } } - + @Test public void missingPersonalIdentifier() throws URISyntaxException { //set-up - ILightResponse eidasResponse = buildDummyAuthResponse( - null, + ILightResponse eidasResponse = buildDummyAuthResponse( + null, EaafConstants.EIDAS_LOA_SUBSTANTIAL, false); String spCountry = "AT"; String citizenCountryCode = "LU"; - + oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); - - + + //execute test try { EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry); Assert.fail("Wrong eIDAS response not detected"); - + } catch (EidasValidationException e) { - Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId()); + Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId()); Assert.assertEquals("wrong parameter size", 1, e.getParams().length); - Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte", + Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte", e.getParams()[0]); - - } + + } } - + @Test public void moreThanOnePersonalIdentifier() throws URISyntaxException { //set-up - ILightResponse eidasResponse = buildDummyAuthResponse( - null, + ILightResponse eidasResponse = buildDummyAuthResponse( + null, EaafConstants.EIDAS_LOA_SUBSTANTIAL, true); String spCountry = "AT"; String citizenCountryCode = "LU"; - + oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); - - + + //execute test try { EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry); Assert.fail("Wrong eIDAS response not detected"); - + } catch (EidasValidationException e) { - Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId()); + Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId()); Assert.assertEquals("wrong parameter size", 1, e.getParams().length); - Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte", + Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte", e.getParams()[0]); - - } + + } } - + @Test public void emptyPersonalIdentifier() throws URISyntaxException { //set-up - ILightResponse eidasResponse = buildDummyAuthResponse( - "", + ILightResponse eidasResponse = buildDummyAuthResponse( + "", EaafConstants.EIDAS_LOA_SUBSTANTIAL, false); String spCountry = "AT"; String citizenCountryCode = "LU"; - + oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); - - + + //execute test try { EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry); Assert.fail("Wrong eIDAS response not detected"); - + } catch (EidasValidationException e) { - Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId()); + Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId()); Assert.assertEquals("wrong parameter size", 2, e.getParams().length); - Assert.assertEquals("wrong errorMsg", "PersonIdentifier", + Assert.assertEquals("wrong errorMsg", "PersonIdentifier", e.getParams()[0]); - Assert.assertEquals("wrong errorMsg", - "Wrong identifier format", + Assert.assertEquals("wrong errorMsg", + "Wrong identifier format", e.getParams()[1]); - - } + + } } - + @Test public void validResponse() throws URISyntaxException, EidasValidationException { //set-up - + String spCountry = RandomStringUtils.randomAlphabetic(2).toUpperCase(); String cCountry = RandomStringUtils.randomAlphabetic(2).toUpperCase(); - - ILightResponse eidasResponse = buildDummyAuthResponse( - cCountry + "/" + spCountry + "/" + RandomStringUtils.randomAlphanumeric(20), + + ILightResponse eidasResponse = buildDummyAuthResponse( + cCountry + "/" + spCountry + "/" + RandomStringUtils.randomAlphanumeric(20), EaafConstants.EIDAS_LOA_SUBSTANTIAL, false); - + oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL)); - - + + //execute test EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, cCountry, attrRegistry); - + } - - - private AuthenticationResponse buildDummyAuthResponse(String personalId, String loa, boolean moreThanOnePersonalId) + + + private AuthenticationResponse buildDummyAuthResponse(String personalId, String loa, boolean moreThanOnePersonalId) throws URISyntaxException { - - + + final AttributeDefinition personIdattributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first(); final Builder attributeMap = ImmutableAttributeMap.builder(); if (personalId != null) { if (moreThanOnePersonalId) { - ImmutableSet values = ImmutableSet.of(new StringAttributeValue(personalId), + ImmutableSet values = ImmutableSet.of(new StringAttributeValue(personalId), new StringAttributeValue("XX/YY/" + RandomStringUtils.randomAlphanumeric(10))); - attributeMap.put(personIdattributeDef, values); - + attributeMap.put(personIdattributeDef, values); + } else { attributeMap.put(personIdattributeDef, personalId); - - } + + } } - + val b = new AuthenticationResponse.Builder(); return b.id("_".concat(Random.nextHexRandom16())) .issuer(RandomStringUtils.randomAlphabetic(10)) |